Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Pirated Windows 7 Builds Botnet with Trojan

13 May 2009   #11
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64
 
 

People are anxious to look for leaks once 7 reaches the RTMs to no avail. That's precisely where hackers would have a field day! At this point there's no further point to rush any leak to begin with. Simply go direct to MS and download a nice fresh copy of 7 totally 100% guaranteed to be free of any "hacker's delight"!


My System SpecsSystem Spec
.
13 May 2009   #12
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Hi all

Why don't people EVER give PROPER info for this stuff

1) If MS knows that these are "Infected" - give the hashes for the "Infected" builds -- we've all got the hashes for the Official builds so it's easy to check.

2) Say WHAT BUILDS are infected. Microsoft has been burying its head like an Osterich in the sand even refusing to ACKNOWLEGE any builds other than the BETA 7000 and the official 7100 EVEN EXIST.

3) If this stuff has a botnet / trojan in it publish a method of detection -- some people will ALWAYS use stuff from "dubious" sources -- and in doing so can transmit stuff to software obtained Legitimately.
By just saying certain downloads might contain a Botnet etc without publishing methods of detection etc is just being PLAIN IRRESPONSIBLE.

Information such as saying "XXXX" might contain a virus / malware etc doesn't actually help ANYBODY and merely re-inforces the perception that they are just scaremongering.

If your build matches the Official one it WON'T contain anything it shouldn't.

Of course with the Official RC being easily (and quickly) available it really doesn't make any sense to download it from a torrent -- but that is a TOTALLY different issue.

Cheers
jimbo
My System SpecsSystem Spec
13 May 2009   #13
barney

Wndows 7
 
 

Jimbo ditto, the chatter is crazy, no solutions, no symptoms, no victims just noise!

best

barney
My System SpecsSystem Spec
.

13 May 2009   #14
Uber Philf

W7 RTM Ultimate x64
 
 

Uhmm, this might be a dumb question, but will stop me from being freaked ive got a "bot version", but if all the hash's from my copy (torrent) match exactly to the ones from microsoft, am i safe to say that my copy is 100% trojan free?

Enzo.
My System SpecsSystem Spec
13 May 2009   #15
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64
 
 

One reason no one can specify just what any malware does is first identifying the function it was written to do. Botnets are simply one form of bug there. With certain tools hackers can custom design malwares for various purposes.

Do you know how many there are? Even MS has lost count! That's why they provided an option recently for reporting contaminated sites to improve the antiphising filters in IE another area all together. With IE security tools being more common apparently they are looking at the interest seen in 7 as another means there.
My System SpecsSystem Spec
13 May 2009   #16
kpo6969

 
 

Quote   Quote: Originally Posted by Night Hawk View Post
Well it was I tried to point out before and got a lot of back talk about people matching up hashes there are ways around things in order to slip bugs into the various leaks. Earlier you saw the MS official warning about downloading from torrent sites. Now you see a strong one here about the RCs being polluted.

And the 4/24 date sounds awful familiar doesn't it? Airbot

Another sentence to add here is the start of the following paragraph in the article seen at the link there. "Targeting users through pirated software is nothing new for hackers." It makes far more sense to stay with the genuine article coming direct from Microsoft rather then thinking you are getting something still good elsewhere and to run into something like that.

I just got pointed to another article on this seen at Pirated Windows 7 software part of criminal botnet
Quote   Quote: Originally Posted by jimbo45 View Post
Hi all

Why don't people EVER give PROPER info for this stuff

1) If MS knows that these are "Infected" - give the hashes for the "Infected" builds -- we've all got the hashes for the Official builds so it's easy to check.

2) Say WHAT BUILDS are infected. Microsoft has been burying its head like an Osterich in the sand even refusing to ACKNOWLEGE any builds other than the BETA 7000 and the official 7100 EVEN EXIST.

3) If this stuff has a botnet / trojan in it publish a method of detection -- some people will ALWAYS use stuff from "dubious" sources -- and in doing so can transmit stuff to software obtained Legitimately.
By just saying certain downloads might contain a Botnet etc without publishing methods of detection etc is just being PLAIN IRRESPONSIBLE.

Information such as saying "XXXX" might contain a virus / malware etc doesn't actually help ANYBODY and merely re-inforces the perception that they are just scaremongering.

If your build matches the Official one it WON'T contain anything it shouldn't.

Of course with the Official RC being easily (and quickly) available it really doesn't make any sense to download it from a torrent -- but that is a TOTALLY different issue.

Cheers
jimbo
Excellent post and agree 100%
The one's that got a clean, untampered with leak know who they are and knew what it was they were downloading.
Time to move on and stop whining..
My System SpecsSystem Spec
13 May 2009   #17
Plantje

Windows 7 32 bit both Ultimate and Home Premium
 
 

No worries...
Quote:

Well, if you do install the RC from torrents, check this:

If you do install an official RC build then you should confirm that the MD5 checksum on the ISO is the same as a known safe MD5. Known safe MD5s are:

Windows 7 RC Build 7100 x86 is 8867C13330F56A93944BCD46DCD73590

Windows 7 RC Build 7100 x64 is 98341af35655137966e382c4feaa282
And:
Quote:
Apparently someone released an ISO distribution with a trojan attached to the setup.exe

MD5/SHA1 etc they are check sum control numbers, and it is used to identify whether two files are the same / different. Basically if two files have eeven a single byte different, their checksums will be way different.

Hash Calculator to Get, Compute and Calculate MD5 and SHA1 File Checksum or Hash Value » My Digital Life

Also sometimes downloaded files may be corrupted during download due to various causes, bad data coming from the routers, bugs in the download programs etc, checking your downloaded file checksum against what the provider numbers ensures the file integrity, in this case the .ISO image.
I got this from:
Dan Dar3: Windows 7 beta build 7057 on ASUS R2H
My System SpecsSystem Spec
13 May 2009   #18
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64
 
 

Quote   Quote: Originally Posted by ENZO View Post
Uhmm, this might be a dumb question, but will stop me from being freaked ive got a "bot version", but if all the hash's from my copy (torrent) match exactly to the ones from microsoft, am i safe to say that my copy is 100% trojan free?

Enzo.
When in doubt toss it out! Simple solution! I posted a few screens on one that did have something "ususual" found and simply wiped the drive later.

Quote   Quote: Originally Posted by kpo6969 View Post
Excellent post and agree 100%
The one's that got a clean, untampered with leak know who they are and knew what it was they were downloading.
Time to move on and stop whining..
You know that! I know that! But some are still insistant.
My System SpecsSystem Spec
13 May 2009   #19
Meyithi

Win 7 7201 x64
 
 

Quote:
Apparently someone released an ISO distribution with a trojan attached to the setup.exe

MD5/SHA1 etc they are check sum control numbers, and it is used to identify whether two files are the same / different. Basically if two files have eeven a single byte different, their checksums will be way different.

Hash Calculator to Get, Compute and Calculate MD5 and SHA1 File Checksum or Hash Value » My Digital Life

Also sometimes downloaded files may be corrupted during download due to various causes, bad data coming from the routers, bugs in the download programs etc, checking your downloaded file checksum against what the provider numbers ensures the file integrity, in this case the .ISO image.
That is correct, it's the padded setup.exe that is more than likely responsible. Also, affected will be people who upgraded from their previous OS as if booted from the ISO, the setup.exe would not run or be accessed in any capacity.

So if you ran an upgrade from an earlier Beta or previous OS using the leaked torrent, you are more than likely "botting"
My System SpecsSystem Spec
13 May 2009   #20
brusse01

Windows 7
 
 

Quote   Quote: Originally Posted by Lordbob75 View Post
LOL. Why?

The RC is free..... Why are people so stupid?

~Lordbob

I second that.... downlaoding from a Torrent is like somebody slipping you a mickey and the next morning you're sitting in your undies wondering what happened....
My System SpecsSystem Spec
Reply

 Pirated Windows 7 Builds Botnet with Trojan




Thread Tools




Similar help and support threads
Thread Forum
Getting rid of a pirated copy of windows 7
Hi, I have recently been stupid enough to let someone install a ''genuine'' copy of windows 7 home premium on my computer and now it has all gone wrong, recognising that my copy is not genuine and insisting that I activate the account. Unfortuanetly the system restore does not work and I have...
Installation & Setup
Windows 7 Pirated version to Legit Win 7 Pro
I have a computer with a Win 7 Ultimate 64 bit operatiing system. I have taken hours setting it up only to find out that the win 7 product key was already used on another computer in my office. I have an unused Win Professional 7 64-bit I want to use. I tried simply using the new product key but of...
Installation & Setup
How to know if your windows 7 is pirated/illegal copy?
not that i have an illegal copy but just wondering how can you tell from the original/legal copy and the pirated/bootleg one?
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 18:27.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App