Windows 7 RC build 7100 Download: Warning


Recommended Posts

Just a warning for anyone downloading the new RC builds of windows 7. Quiet a lot of the downloads have a trojan inbedded in the setup EXE. This should not be an issue if you booted from the DVD and installed, but if you upgraded it may have infected you.

How to get rid:

Extract contents of disk to hard disk then:

The Setup EXE is actually a container, it appears to be a self-extracting EXE. There are 2 files inside, Setup.exe and codec.exe

Codec.exe is the trojan. Extract setup.exe, and then delete the original. The setup.exe inside the container is actually the real install EXE, and I have verified it is clean, and that there are no other infected files on the disk. Then put the real setup.exe into the root of the folder, and build a bootable ISO with vLite.

I cannot guarantee that this Virus is present in every leak, but it appears to be present in a lot of them

win7virus.jpg

Edited by warwagon
ahh well that just sucks !

some people just live to be assclowns

Yep and the hysteria over 7 makes it an wasy target.

The MD5 of the infected image is 838F96D945C9554835A96CF41DEC9453

Hi Frank

What is the size of your setup file and has it a digital signatures?

Here's a screenshot of the properties page

post-286512-1240873271_thumb.jpg

Details of Windows 7 RC Build 7100 x64

Build String: 7100.0.winmain_win7rc.090421-1700

File Name: 7100.0.090421-1700_x64fre_client_en-us_Retail_Ultimate-GRC1CULFRER_EN_DVD.iso

Size: 3.04GB

MD5 Hash: 8867C13330F56A93944BCD46DCD73590

Torrent Hash: CA767EC8 D2D07ED9 ADDBAE37 89C45CC3 5761E4C5

Details of Windows 7 RC Build 7100 x86

Build String: 7100.0.winmain_win7rc.090421-1700

File Name: 7100.0.090421-1700_x86fre_client_en-us_Retail_Ultimate-GRC1CULFRER_EN_DVD.iso

Size: 2.35GB

MD5 Hash: 8867C13330F56A93944BCD46DCD73590 (x86 only)

CRC32: E8A1C394

SHA-1: 7D1F486CA569EFFFFB719CFB48355BB7BF499712

Torrent Hash: C738F422D 6C36C36A 655BEFB3 21E51E4A 2C84B7EE // A4835C20 4C7FC504 704C9376 73A8762A B9F2E761

Details of Windows 7 RC Build 7100 x64

Build String: 7100.0.winmain_win7rc.090421-1700

File Name: 7100.0.090421-1700_x64fre_client_en-us_Retail_Ultimate-GRC1CULFRER_EN_DVD.iso

Size: 3.04GB

MD5 Hash: 8867C13330F56A93944BCD46DCD73590

Torrent Hash: CA767EC8 D2D07ED9 ADDBAE37 89C45CC3 5761E4C5

Yep, the MD5 of my ISO is different.

ahh well that just sucks !

some people just live to be assclowns

Unfortunately that's true.

Below the specs of the original isos: if the check sums match those of your isos you've got the real stuff - unaltered.

Windows 7 RC 1 Build 7100 Compiled

The build is correct. The rumor is incorrect. The RC build 7100 was leaked and it is the real thing. Here are the CRC32 and SHA1 for the authentic ISO images.

7100.0.090421-1700_x86fre_client_en-us_Retail_Ultimate-GRC1CULFRER_EN_DVD.iso Size: 2.35GB MD5: 8867C13330F56A93944BCD46DCD73590 SHA-1: 7D1F486CA569EFFFFB719CFB48355BB7BF499712 CRC32: E8A1C394

7100.0.090421-1700_x64fre_client_en-us_Retail_Ultimate-GRC1CULXFRER_EN_DVD.iso Size: 3.04GB MD5: 98341af35655137966e382c4feaa282d SHA-1: fc867fe1ab2e0a9796f9e4d155b44ea6998f4874 CRC32: 58fb2be0

PS: You cannot upgrade from any WIN7 Beta release to the RC1 (unless you manipulate some registry keys) and there is a good reason to that. Some new features are not compatible with the beta releases.

Unfortunately that's true.

Below the specs of the original isos: if the check sums match those of your isos you've got the real stuff - unaltered.

PS: You cannot upgrade from any WIN7 Beta release to the RC1 (unless you manipulate some registry keys) and there is a good reason to that. Some new features are not compatible with the beta releases.

You can just edit cversion.ini and it will upgrade fine. No registry key editing. The windows blog had information why this was done.

How can we check our MD5 hash keys?

This thread has me worried now and im sure there might be a few more people who are going to ask how to check as well...

I have attatched an application to this post for you. Put kukubau's MD5 appliccable to your ISO (X86 or X64) into the top box, and then locate your ISO, it will compare the hashes and tell you if there is a mismatch. Note, I still haven't checked the X86 but there are definately a few narked X64 ISO's floating about. However, having scanned the rest of the files, as long as you haven't installed the build by launching setup.exe I believe you should be safe

MD5.zip

Stuff like this tarnishes torrents' reputation of efficiently distributing large disc images. Obvious solution is to get the torrent header file from a trusted source (for instance, Canonical's servers if you were to get a copy of Ubuntu), but that won't hold with large corporations like MS.

I did run across this same problem in an earlier leaked build. Lesson learned: check to make sure setup.exe has a digital signature intact before burning or copying to a USB drive.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.