Trojan Found in Setup.exe on Build 16385 x86 ISO Image!

Does not look like a good hash.
According to our russian friends this is the good hash:

SIZE: 2,501,892,096 byte
SHA1: 4fb88ed0e763a0cd82d388e7fdaabd10fc0846d1
MD5: c7102805815abb3b6b4796a8cc3fb008

these are mine from wzor can anyone confirm these are good ?SHA1: 29d32ad89b7eb05033974c99f8fc41d06f36a58c
MD5: 4171999e05724d309a62104d83485d69

If someone knows if this is clean I'll appreciate it
CRC32: 61AD5BB2
MD5: 351712FB063012113D86AB061DCA1E5B
SHA-1: 32DA9836D1C2BD48553AADCDBD4CD4EB19AC860B

Edit:Just Scanned them this one is clean.

dan7777 said:

these are mine from wzor can anyone confirm these are good ?SHA1: 29d32ad89b7eb05033974c99f8fc41d06f36a58c
MD5: 4171999e05724d309a62104d83485d69

Dan lol yours are good but for x64! :)

He is talking about x86!

Zidane24 said:

Hm...well this might not matter much anymore...Windows 7 has been Officially announced RTM

NO WAY! Where??

Well, now when I run MSE from within a VM that was installed via this ISO I get no hits - unless I scan the ISO itself, in which case setup.exe is again flagged. Looks like whatever payload it carries, it doesn't impact the ultimate contents of the main WIM file. However, it could infect any system attempting to run it directly as part of an attempted upgrade, etc.

Regardless, I'm nuking this contaminated version and grabbing the real deal as soon as the just announced RTM images leak...

RCK

Well, thanks for posting this. I have been concerned about this type of thing since day 1 and I always catch grief from people saying this sort of stuff doesn't happen and that I have bought into the MS FUD.....well it does happen.....even to the good people who take the necessary steps, precautions and "usually" get their stuff from a reputable source.