How to validate a large torrented file is clean? (lemmy.dbzer0.com)

submitted 1 day ago* (last edited 21 hours ago) by Yourname942@lemmy.dbzer0.com to c/piracy@lemmy.dbzer0.com

36 comments fedilink hide all child comments

How do you validate that what you torrented is clean/no malware/spyware? Specifically, I torrented two things:

Astute Graphics Plug-ins Elite Bundle 3.9.1.7z from teamos. *It is 678MB so I can't upload to Virustotal
Master Collection 2025 from uztracker (which is listed on monkrus's website's list of trackers). It is 37.5GB so I can't upload to Virustotal.

I'm not sure what I should to do to be honest.

Edit: Would splitting the 37.5GB file into 650MB pieces and then scanning with virustotal help? Not sure if downloaded files need to be whole for it to work properly.

This is the results from virustotal (I could only scan 4 files in the master collection without running the iso)

Thank you.

you are viewing a single comment's thread
view the rest of the comments

[-] Yourname942@lemmy.dbzer0.com 1 points 21 hours ago* (last edited 21 hours ago)

I ran my antivirus on the plugins.zip folder and it didn't detect anything. Then I ran it on the master collection folder, and it also didn't detect anything, but it suspiciously finished almost immediately although it does only contain the iso (37.5GB), .info file (2.46KB), .sha (85B), .md5 (77B), so I'm not sure. Also, I just posted the virustotal results in this thread.

[-] Cevilia@lemmy.blahaj.zone 3 points 21 hours ago

You may have to mount the iso first before a virus scanner would scan it. Which I would advise against doing on a machine you care about. And even then, it might not scan the suspect files anyway, a lot of scanners will only check files with certain extensions.

Otherwise you could just run it in a virtual machine with no network connections and see if anything sus happens. But it might not happen right away, or it might detect the VM and not trigger any malware.

These are ways you can gather information to make an informed decision, but ultimately you may just have to decide whether you trust the source enough to roll the dice. Only you can make that decision.

[-] Yourname942@lemmy.dbzer0.com 1 points 18 hours ago

If I use the VM with no network connections, is there any way for me to manually find malware hidden in the files? I'm not really sure what to look for specifically. I definitely want to try using a VM to more closely inspect the files

[-] Cevilia@lemmy.blahaj.zone 2 points 13 hours ago

This is way outside of my expertise. I'm not sure you'd find anything VirusTotal's behaviour checks didn't find, anyway. Usually, if I'm at all unsure, I just won't run it.