How do you validate that what you torrented is clean/no malware/spyware? Specifically, I torrented two things:
- Astute Graphics Plug-ins Elite Bundle 3.9.1.7z from teamos. *It is 678MB so I can’t upload to Virustotal
- Master Collection 2025 from uztracker (which is listed on monkrus’s website’s list of trackers). It is 37.5GB so I can’t upload to Virustotal.
I’m not sure what I should to do to be honest.
Edit: Would splitting the 37.5GB file into 650MB pieces and then scanning with virustotal help? Not sure if downloaded files need to be whole for it to work properly.
This is the results from virustotal (I could only scan 4 files in the master collection without running the iso)
Thank you.
Lick it.
You again? GET OUT OF MY CAR!
Honestly, the safest move is to keep these files totally separate from your personal stuff. Running them in a VM or dedicated hardware is really the only way to avoid getting hacked.
Just run the file against clamav, and you should be able to tell whether or not it’s got issues. That’s generally what’s done in commercial spaces.
Thank you for the advice. Is clamav just another antivirus software?
Yes, it’s open source antivirus software.
The entire internet practically runs on what these guys do.
It has a tool that you can use to scan whatever binary you want and it’ll tell you whether or not it’s a virus which fits what you need to do
Oh okay, thanks. I don’t know how it compares with Eset for example. My antivirus said the files were clean, but the virustotal results are really sketchy.
It’s not like traditional antivirus software, it just includes a tool that you can use to manually scan files to see if it has a virus signature, which is all Eset and most virus scanners are doing on the backend. They’re also doing what’s called heuristics, which is where they’re using predictive modeling to try and identify if a program has what they call an attack signature. This does result in false positives, just so you’re aware.
All virus total is doing is running a bunch of virus engines like eset and clamav on the back end to see if it triggers anything.
If both your virus software and clamav comes back clean, then I’d trust it.
Would you trust it if the detection is 0, but there are network connections? (contacted domains and contacted IP addresses)
A lot of the time these apps will have heuristics that will reach back out and so you will see network connections occasionally.
Without knowing more about this application, I don’t have the right context to evaluate whether or not I would trust something like that, so it’s gonna be up to your comfort level. But, if clamav came back clean and so did your other virus software, I would assume it’s not malicious traffic.
What about installing some antivirus than can scan on demand?
I don’t know how’s the “market” right now, but a few years ago Malwarebytes was good for Windows, and ClamAV in Linux
I ran my antivirus on the plugins.zip folder and it didn’t detect anything. Then I ran it on the master collection folder, and it also didn’t detect anything, but it suspiciously finished almost immediately although it does only contain the iso (37.5GB), .info file (2.46KB), .sha (85B), .md5 (77B), so I’m not sure. Also, I just posted the virustotal results in this thread.
