My Dell Mini Forum
Blog Guides Forum Register Members List Search Today's Posts Mark Forums Read @MyDellMini RSS
Go Back   MyDellMini > Operating Systems > Windows Forums > Windows 7
Reload this Page BotNet on Win7 (Torrent downloaders beware!)
Connect with Facebook
Reply
 
LinkBack Thread Tools Display Modes
  (#1) Old
Senior Member
 
Posts: 113
Join Date: Nov 2008
Exclamation BotNet on Win7 (Torrent downloaders beware!) - 05-20-2009, 07:06 AM
Cybercriminals Launch Tainted Windows 7 RC| Malware Blog | Trend Micro
"A file being hosted in popular torrent sites posing as a copy of the Windows 7 RC was found to be a Trojan by security researchers. The file which arrives with the file name setup.exe is detected as TROJ_DROPPER.SPX. TROJ_DROPPER.SPX drops TROJ_AGENT.NICE. Both files are detected by the Smart Protection Network."

Just thought I'd tell everyone here, looking about how to find out how you can tell if the download was corrupt. Please note this is only torrent downloads! Microsoft downloads are ok.

Mini 9, 16GB SSD, 2GB RAM, Win7100, Bluetooth, 1.3MP, 8GB SDHC, German, No built in WWAN
Reply With Quote
  (#2) Old
Expert Member
 
strider_mt2k's Avatar
 
Posts: 695
Join Date: Oct 2008
Location: Southern New Jersey, USA
Default 05-20-2009, 12:49 PM
Oh well.
Looks like that's the chance you take when you don't go through the regular channels for stuff like this.

Crazy me, I just signed up for the Beta program and the company sends me download links and keys and everything!

MY MINI 9: Onyx, BT, 3.1MP Webcam, Windows 7 Pro, 2GB G.Skill RAM, 32GB RunCore SSD, 16GB A-DATA SDHC,
Internal USB Connector Modification currently hosting: nothing!

Go Team Venture!
Last edited by strider_mt2k; 05-20-2009 at 12:52 PM. Reason: not enough sarcasm for my liking
Reply With Quote
  (#3) Old
Super Moderator
 
WolfKeeper's Avatar
 
Posts: 1,480
Join Date: Oct 2008
Location: Mount Prospect, IL, US
Default 05-20-2009, 01:15 PM
Quote:
Originally Posted by Dreizehn View Post
Just thought I'd tell everyone here, looking about how to find out how you can tell if the download was corrupt. Please note this is only torrent downloads! Microsoft downloads are ok.
Get the hash or MD5 for the ISO you downloaded. You'll need a utility or shell extension to compute the figures. HashTab... is the coolest thing ever! is a shell extension that adds a tab to file properties for computing hashes. Match the hash with the version you downloaded with the one listed below:

32-bit:
Filename:7100.0.090421-1700_x86fre_client_en-us_Retail_Ultimate-GRC1CULFRER_EN_DVD.iso
Size: 2.35GB
MD5: 8867C13330F56A93944BCD46DCD73590
SHA-1: 7D1F486CA569EFFFFB719CFB48355BB7BF499712
CRC32: E8A1C394
7100 RC

64-bit:
Filename:7100.0.090421-1700_x64fre_client_en-us_Retail_Ultimate-GRC1CULXFRER_EN_DVD.iso
Size: 3.04GB
MD5: 98341af35655137966e382c4feaa282d
SHA-1: fc867fe1ab2e0a9796f9e4d155b44ea6998f4874
CRC32: 58fb2be0

Mini 9 2GB RAM /8GB STEC/Ubuntu 9.10 :: Mini 10v 2GB/500GB HDD/Win 7 Pro & Snow Leopard
Reply With Quote
  (#4) Old
Super Moderator
 
MoInSTL's Avatar
 
Posts: 583
Join Date: Jan 2009
Location: St. Louis, Missouri
Send a message via AIM to MoInSTL Send a message via MSN to MoInSTL Send a message via Yahoo to MoInSTL
Thumbs up 05-20-2009, 01:41 PM
Another vote for Hash Tab

Black Mini 9 |2GB RAM|16GB SSD|16GB SDHC|Win 7
Reply With Quote
  (#5) Old
Junior Member
 
RyanTheTragic13's Avatar
 
Posts: 29
Join Date: May 2009
Location: Fargo, ND
Send a message via MSN to RyanTheTragic13 Send a message via Yahoo to RyanTheTragic13
Default 05-20-2009, 03:40 PM
What about for Build 7127? Anyone have a way to make sure the torrent downloaded is clean? Is it a different hash number?
Reply With Quote
  (#6) Old
Super Moderator
 
WolfKeeper's Avatar
 
Posts: 1,480
Join Date: Oct 2008
Location: Mount Prospect, IL, US
Default 05-20-2009, 03:43 PM
The hashes are different for each build, since it's a mathematical computation based on the contents of the ISO.

64-bit:
7127.0.090507-1820_x64fre_client_en-us_Retail_Ultimate-GRMCULXFRER_EN_DVD.iso
CRC32: 460FAD4E
MD5: F805A6595DDC6D12956588BB0F1B9B83
SHA1: 9BEB69BE3C2D113ECEB944145951A2123FBBBBF8


32-bit:
7127.0.090507-1820_x86fre_client_en-us_Retail_Ultimate-GRMCULFRER_EN_DVD.iso
CRC32: F691687F
MD5: 4045CB2A8E50B65ED9E1C2B8D6026B2F
SHA-1: F2D615E674B64053D299CFA5E80B777269F0DFF2

Mini 9 2GB RAM /8GB STEC/Ubuntu 9.10 :: Mini 10v 2GB/500GB HDD/Win 7 Pro & Snow Leopard
Reply With Quote
  (#7) Old
Senior Member
 
Posts: 108
Join Date: Apr 2009
Default 05-20-2009, 08:31 PM
If the version 7127 contains malware and was release by hackers. The they would have the right tool to generated the "correct" CRC/SHA values to fool you.

Quote:
32-bit:
7127.0.090507-1820_x86fre_client_en-us_Retail_Ultimate-GRMCULFRER_EN_DVD.iso
CRC32: F691687F
MD5: 4045CB2A8E50B65ED9E1C2B8D6026B2F
SHA-1: F2D615E674B64053D299CFA5E80B777269F0DFF2
Just out of interest, did you get the CRC/SHA values from the official MS web site?

 MINI 9 | 2GB RAM | BIOS A05 | BT | 16GB STEC SSD | OSX 10.5.8 (NBI 0.8.2)
Last edited by dchao; 05-20-2009 at 08:34 PM.
Reply With Quote
  (#8) Old
Super Moderator
 
WolfKeeper's Avatar
 
Posts: 1,480
Join Date: Oct 2008
Location: Mount Prospect, IL, US
Default 05-20-2009, 09:13 PM
I've seen enough info from reliable sources that 7127 is a genuine build.

Mini 9 2GB RAM /8GB STEC/Ubuntu 9.10 :: Mini 10v 2GB/500GB HDD/Win 7 Pro & Snow Leopard
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

UMPC Topsites
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.3.2
Copyright © 2008-2010 MyDellMini.com. Hosted on a CatN vCluster.

Contact Us - MyDellMini Home - Top