Analysis of a possible ISO?

Solved
letmoi Posted messages 958 Registration date   Status Member Last intervention   -  
letmoi Posted messages 958 Registration date   Status Member Last intervention   -

Hello,

Is it possible to check the contents of an ISO file to see if it contains any viruses?

The ISO file is very large, so I can't analyze it with Total Virus, and it's for automotive software.

Thank you.



7 answers

  1. brucine Posted messages 24807 Registration date   Status Member Last intervention   4 168
     

    Hello,

    Any antivirus, including Windows Defender, scans by right-clicking on it, analyze, and knowing of course that as long as an ISO is not mounted, it is harmless.

    I don't see why "car software" would be dangerous, except for example for the hacks of electronic toolboxes that circulate on the Internet, and on which we will therefore not issue any other type of precaution.

    0
    1. fabul Posted messages 42125 Registration date   Status Moderator Last intervention   6 061
       

      Hello,

      Even if it's mounted, it’s harmless, unless you click on what's inside.
      Or have an old system with Autorun enabled.

      We can extract the content with 7-Zip and scan it with an antivirus.

      0
  2. letmoi Posted messages 958 Registration date   Status Member Last intervention   33
     

    Hello,

    Indeed, I should have scanned with my antivirus after 7 zip or mbam.

    Because I got this.

    https://nsm09.casimages.com/img/2023/07/26//23072608564515259318219684.jpg


    0
    1. brucine Posted messages 24807 Registration date   Status Member Last intervention   4 168
       

      What do you want us to say?

      Avast sees viruses everywhere, it "encourages" you to acquire the paid versions because of this behavior, but it might actually be right for once.

      Wise thingy is documented as potentially suspicious, and to go back to square one, there’s a good chance that this so-called "software" you haven't told us how you obtained, especially if it’s an electronic suitcase that fell off a truck (Dialogys Renault?), is indeed loaded with malware.

      0
  3. letmoi Posted messages 958 Registration date   Status Member Last intervention   33
     

    It's indeed Dialogys, reposted on a car forum. That said, there is a paid version for 6 euros on eBay and nothing certain either regarding viruses. Renault doesn't sell its software and if it did, it would be overpriced.

    What needs to be done is to remove the viruses from the software before installation.


    0
    1. brucine Posted messages 24807 Registration date   Status Member Last intervention   4 168
       

      Just have to do it:

      You're saying it yourself, these are expensive software designed for professionals.

      As with any proprietary software, when you pirate it, either there are malware packed as a gift, or the fact that the software has been decompiled or tampered with to work without license verification means that the executables used for this purpose are necessarily recognized as malware.

      Even if it is "only" the second case, we don't necessarily know the adverse effects that may have been associated with these executables and, if we delete them, we won't be able to use it without paying (or even in your case if it were possible to pay, since the license does not allow use by individuals).

      Not to mention that, in this context, even if I knew I would keep to myself how to bypass it if it is possible at all, you cannot have your cake and eat it too: when you pirate, you must accept the malware embedded for this purpose.

      0
  4. letmoi Posted messages 958 Registration date   Status Member Last intervention   33
     

    Hacked, I don’t know. I say this because when I was working at Renault, I had the option to take one without any problem since I was in that sector. I didn’t do it stupidly because I was far from suspecting that for my old Renault, I would need it. All this to say that when you take software from a forum dedicated to Renault, you might think you’re getting a version that has no problems. If Avast is exaggerating, I’m sure of it.


    0
  5. letmoi Posted messages 958 Registration date   Status Member Last intervention   33
     
    0
    1. brucine Posted messages 24807 Registration date   Status Member Last intervention   4 168
       

      We're back to the initial question: if Windows Defender alerts you about potential executables intended to bypass license validation and you trust them, you exclude them; I see no other alternative.

      0
  6. letmoi Posted messages 958 Registration date   Status Member Last intervention   33
     

    I don't have Windows Defender but Avast. I'm on Win 8.1, but I assume it's the same thing. See you later.


    0
    1. brucine Posted messages 24807 Registration date   Status Member Last intervention   4 168
       

      Absolutely, the question is to exclude executables that we do not want to see intercepted, regardless of the protection software used and the OS version.

      1
  7. letmoi Posted messages 958 Registration date   Status Member Last intervention   33
     

    Hello,

    I think I have everything I need.

    Thank you

    Issue resolved.


    0