How to check inside install.esd/.wim if thers anything suspicious (virus) ?

Discussion in 'Windows 10' started by xhemal1325, Oct 22, 2018.

  1. xhemal1325

    xhemal1325 MDL Junior Member

    May 24, 2014
    65
    5
    0
    Hi ,

    I found a Lite Windows 10 online, but im not sure if its safe to use it, i scanned it with antivirus , malewarebytes but it does not scan inside the install.esd, so i might need help for this ? :)
    or meaby answer is that by putting something inside install.esd windows wont boot ??
     
  2. whitestar_999

    whitestar_999 MDL Senior Member

    Dec 9, 2011
    363
    141
    10
    Put it simply,you can't unless you are a security expert & even then there is no 100% guarantee.

    It is better to stick to original iso & then learn to modify it.It sure is longer but much safer method.There are a lots of guides here to do this.
     
  3. LiteOS

    LiteOS MDL Expert

    Mar 7, 2014
    1,545
    654
    60
    If u gonna extract the files to vhd u wont be able to check the reg hives for virus so the best is to use hyper-v or vmware
    and check it online but its just about trust at the end
    cos viruses are changing rapidly
     
  4. xhemal1325

    xhemal1325 MDL Junior Member

    May 24, 2014
    65
    5
    0
    VMware ? to install windows and then to scan system for infected files ?
     
  5. LiteOS

    LiteOS MDL Expert

    Mar 7, 2014
    1,545
    654
    60
    in virtual machine yea
     
  6. xhemal1325

    xhemal1325 MDL Junior Member

    May 24, 2014
    65
    5
    0
    any recommended AV to check it ?
     
  7. LiteOS

    LiteOS MDL Expert

    Mar 7, 2014
    1,545
    654
    60
    #7 LiteOS, Oct 22, 2018
    Last edited: Oct 22, 2018
    and superantispyware

    and with sfc to check the integrity of the os files ( need to check the logs to see which files has been changed like theme related files should be ok )
     
  8. slayer9450

    slayer9450 MDL Member

    Aug 3, 2015
    174
    70
    10
    To add to what others have said here 7Zip can open .wim and .esd files so you can explore the file without having to install it to a VM.
     
  9. xhemal1325

    xhemal1325 MDL Junior Member

    May 24, 2014
    65
    5
    0
    well, i did a a virus scan : hers what i got

    Kaspersky Internet Security --- clean
    AVG --- CLEAN
    Malewarebytes - -- found 3 low risk file types
    superantispyware -- fouund 1 tracking cookie .

    So ?
     
  10. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    3,916
    4,285
    120
    ^^
    Guy is not much easier you get your official ISO's here than catch homebrew out there and then stay looking for virus...;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. xhemal1325

    xhemal1325 MDL Junior Member

    May 24, 2014
    65
    5
    0
    the version i found is extremely lite, and stable, offical ISO is s**t, and even debloaded with Toolkit still dont do the job :/
     
  12. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    3,916
    4,285
    120
    Hi brother just out of curiosity, you can send me the link where you discovered this ISO via PM thanks :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. LiteOS

    LiteOS MDL Expert

    Mar 7, 2014
    1,545
    654
    60
    what job ?
     
  14. xhemal1325

    xhemal1325 MDL Junior Member

    May 24, 2014
    65
    5
    0
    to work smoth as windows 7 on my laptop
     
  15. urie

    urie Moderator
    Staff Member

    May 21, 2007
    8,753
    3,113
    300
    I would say official iso is ok its hardware that is the problem.
     
  16. slayer9450

    slayer9450 MDL Member

    Aug 3, 2015
    174
    70
    10
    Would you please PM me the link to the ISO? I'd like to check it out as well.
     
  17. RideTheLightning

    RideTheLightning MDL Member

    Sep 20, 2018
    162
    164
    10
    Unofficial home brew ISO and you are basically on your own on this one.

    There is no formal obligation to give you help on this matter, if you think the official ISO's is too bloated and it can't be fixed with solutions already presented here at the forums then it's not our problem what you do next.

    I wouldn't trust anyone with their shady home brew ISO's even if my life depended on it.

    The fact that people is desperate enough for these kind of ISO's is horrifying on it's own, you do realize you put other people on jeopardy with those infected nasties?
     
  18. LiteOS

    LiteOS MDL Expert

    Mar 7, 2014
    1,545
    654
    60
    And the gov and the companies are pure people?
     
  19. redxii

    redxii MDL Novice

    Aug 7, 2016
    27
    8
    0
    #20 redxii, Oct 23, 2018
    Last edited: Oct 23, 2018
    A virus scan will only find known threats. A homebrew ISO may have a homebrew virus/keylogger that isn't detected.

    They may simply have been doing a service to those too lazy to slim it down themselves, but you can't tell that for sure unless you are willing to go through million of files individually and have a personal contact in Microsoft to make sure each file hash matches theirs, and a complete list of files that should or shouldn't be there for a given build of Windows. It's not worth it.

    I personally despise the whole concept of Store/Modern Apps/Edge/Cortana on a desktop OS and that is the extent of what I remove, it's more of a "I know better than you" middle finger annoyances from Microsoft and I don't do it for hardware performance.

    It's a phase.. you'll get through it. If your laptop came with Windows 7 then keep Windows 7.