I was wondering... I retrieved an ISO file from a known (in this forum) source by the name of Code: SW_DVD5_WIN_ENT_10_1607_64BIT_English_MLF_X21-07102.ISO While checking exe and DLL files (digital signature check) I wondered why a few files no longer appear signed, while they originally were (e.g. bthmigplugin.dll and a few other somewhat networking-related DLL files). 1) Was that by design (=Microsoft), or did I stumple upon an elegantly manipulated rootkit'ed ISO of the newest Windows 10? 2) Is there any other way to verify the contents of such an iso file? (Ideally scripted... I'm not a fan of checking a few hundred or more files manually.) Sadly, there aren't any official signatures for this ISO file... Thanks! PS: I did a simple Code: Get-ChildItem -Recurse *.dll | % {Get-AuthenticodeSignature $_} | where {$_.status -ne "Valid"} and the same for .exe files to check which files were either not signed or (which thankfully didn't happen) had an invalid signature.
1) by design (=Microsoft) 2) Wait for MSDN ISOs, Enterprise should be the same, Pro/Edu = compare files