How do you validate that what you torrented is clean/no malware/spyware? Specifically, I torrented two things:

  • Astute Graphics Plug-ins Elite Bundle 3.9.1.7z from teamos. *It is 678MB so I can’t upload to Virustotal
  • Master Collection 2025 from uztracker (which is listed on monkrus’s website’s list of trackers). It is 37.5GB so I can’t upload to Virustotal.

I’m not sure what I should to do to be honest.

Edit: Would splitting the 37.5GB file into 650MB pieces and then scanning with virustotal help? Not sure if downloaded files need to be whole for it to work properly.

This is the results from virustotal (I could only scan 4 files in the master collection without running the iso)

Thank you.

  • 🖖USS-Ethernet@startrek.websiteEnglish
    0·
    9 days ago

    I use Hyper-V because I run server 2022 and it’s free. Hyper-V allows you to disable any host resource sharing in the VM settings.

    On my sandbox VM I’ll scan the files then install and scan, then run the software and scan. I use both defender and I think malwarebytes. It’s a lot of extra work for no gain, but I’d rather be too careful than risk installing malware.

    • Yourname942@lemmy.dbzer0.comOPEnglish
      0·
      9 days ago

      Thank you for the detailed response. Just to confirm, is Hyper-V your sandbox VM? I used ESET to scan the files I torrented, but they look very suspicious from virustotal, but I don’t really know how to parse the info - knowing if it is a false positive/etc.

      • 🖖USS-Ethernet@startrek.websiteEnglish
        0·
        9 days ago

        Hyper-V is the hypervisor that the VM runs on. Yeah I don’t really know which malware scanners are the go to ones anymore. Just figure if I can get it to pass through 2 different ones ok then it’s probably ok. I’m sure there’s some other good ones out there. I’ve heard of ESET and virustotal, but I’m not familiar.

        • Yourname942@lemmy.dbzer0.comOPEnglish
          0·
          8 days ago

          Do you know of any guides to set up Hyper-V for this type of purpose? I want it to be as secure as can be: “disable any type of sharing with the host, no copy paste, no sharing disks, etc.”

    • Kissaki@lemmy.dbzer0.comEnglish
      0·
      8 days ago

      Note that sophisticated malware [attempts to] identify whether it is running in a VM / testbed / analysis scenario and may behave and look different between that runtime scenario and “normal use”.

      Analysis in a VM may not be sufficient to determine whether it is safe outside of it.