Do you know of any guides to set up Hyper-V for this type of purpose? I want it to be as secure as can be: “disable any type of sharing with the host, no copy paste, no sharing disks, etc.”

If it detects that it is in a VM and doesn’t activate the malware, then I’m perfectly okay just using the software inside the VM.

thank you for the in depth responses. Do you know if it is follish to keep internet on my host when I have the VM have no network connections, or is it highly recommended to kill the internet for both host and VM?

Thank you. Just to confirm, do I make an ISO from a .7z file?

Thank you for the info, and for the encouragement. Yeah I am definitely going to try using a VM to diagnose the files more closely. To confirm, is a VM, (such as Hyper-V) similar to Windows Sandbox, where it effectively resets itself (new slate) each time you open it? Or can I install the torrented files in the VM and still access it if I close and reopen the VM in the future?

Also, which VM would you suggest? I apologize for appending so many questions to my original post.

If I use the VM with no network connections, is there any way for me to manually find malware hidden in the files? I’m not really sure what to look for specifically. I definitely want to try using a VM to more closely inspect the files

Thank you for the detailed response. Just to confirm, is Hyper-V your sandbox VM? I used ESET to scan the files I torrented, but they look very suspicious from virustotal, but I don’t really know how to parse the info - knowing if it is a false positive/etc.

Hey thank you for the info. Which VM do you use? How do you disable the various types of sharing with the host? Also, how do you validate? Sorry for all the questions, but that seems like it may be my only option

I mean yeah that makes sense, but I don’t know enough about torrenting (nor tech in general) to know if something is safe/trustworthy sadly… I feel like I’m probably better off spending several hundreds on a subscription, than more likely than not be hacked/get advanced spyware. I doubt they wouldn’t prey on dumb people like me if it is easy. If I was more knowledgeable it would probably be possible to manually remove infected bits of a torrented file to make it work, but idk.

I ran my antivirus on the plugins.zip folder and it didn’t detect anything. Then I ran it on the master collection folder, and it also didn’t detect anything, but it suspiciously finished almost immediately although it does only contain the iso (37.5GB), .info file (2.46KB), .sha (85B), .md5 (77B), so I’m not sure. Also, I just posted the virustotal results in this thread.

How would I know if there was hidden spyware/malware if I ran it in a VM? (if they are smart they try to be undetected)

This was the result: https://imgur.com/a/5rEpIga I’m not sure if that means that it is safe/unsafe, but it seems extremely suspicious.

Wouldn’t it be different since non-official versions are cracked? I’m also not really sure how I would even do so for that plugin since it is a subscription, nor how to do so for the master collection, because it technically does not exist officially.

I mean, is it safe to assume that the torrent from megathread > monkrus > uztracker is safe? I’ve read that you either go genp or monkrus for less chance of malware.

Alternatively, do you think splitting the 37.5GB file into 650MB pieces and then scanning with virustotal would do much good?

Thank you for the advice. Get them separate just because of how few I am looking to get? I feel like there might be more setup required if I get them separately.

I also don’t know if getting them separate would cause me to get redundant installers/managers/rules+patches each trying to apply the same patches.

There we go! I had to enable port forwarding (didn’t know that was required). Thank you.

you can tell the VPN what you want to include/exclude:

Exclude mode: Selected apps and IP addresses are excluded from VPN connection, Include mode: Only selected apps and IP addresses connect via VPN, all other traffic is unprotected.

I had to enable port fowarding, thank you.

What do you mean? Is that not correct? Is it where I have to choose between one or the other?

I meant that if I was unable to figure out a solution, at least I would be able to transfer it to a VM (which apparently Windows Sandbox isnt really)