Virus Infected copy of Win7 OEM

Discussion in 'Windows 7' started by Threat, Apr 12, 2014.

  1. Threat

    Threat Lord of the Files

    Feb 23, 2014
    1,239
    1,405
    60
    #1 Threat, Apr 12, 2014
    Last edited by a moderator: Apr 20, 2017
    In sorting out all the ISO's I aquired ... I found 2 copies of Windows 7 OEM doing the rounds

    Code:
    7600.16385.090713-1255_x64fre_client_en-us_OEM_Ultimate-GRMCULXFREO_EN_DVD.iso 2586bce75eef8e13e8b35347b01d03c340565d27
    7600.16385.090713-1255_x64fre_client_en-us_OEM_Ultimate-GRMCULXFREO_EN_DVD.iso 82C8C36423A1511516E54DC7E54B96603AA88F01
    I downloaded both to see ... and the one with a hash of 2586bce75eef8e13e8b35347b01d03c340565d27 was modified by UltraISO. Been curious as to why somebody would modify the image I decided to look closer. The SETUP.EXE file in the root of the DVD image was 198332 bytes, whilst it should be 106760 bytes. I tried to extract the file from the ISO to look closer, but my Anti-Virus was set off... Injector.ABU Trojan

    So if you have an ISO with the above hash, or your burned disc contains the above setup.exe - bin it.

    I've searched on the hash of 25.... and I find references to it on the internet but no mention that it's a virus infected copy.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. bassfisher6522

    bassfisher6522 MDL Novice

    Oct 27, 2012
    22
    3
    0
    Nice catch!

    This is why one should download Windows 7 ISO's from Digital River only!
     
  3. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    5,562
    12,989
    180
    Hey!!! Don't forget this fabulous place guys, MDL!!!:D
     
  4. Threat

    Threat Lord of the Files

    Feb 23, 2014
    1,239
    1,405
    60
    Which highlights the importance of hash's in collectors list ...

    P.S. Hello WinDev - get your arse in gear :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    5,562
    12,989
    180
    Agreed and the most important of hashes is SHA-1 for its current security and reliability.
     
  6. EFA11

    EFA11 Avatar Guru

    Oct 7, 2010
    8,796
    6,742
    270
    #6 EFA11, Apr 12, 2014
    Last edited by a moderator: Apr 20, 2017
  7. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    5,562
    12,989
    180
    #7 Mr.X, Apr 12, 2014
    Last edited by a moderator: Apr 20, 2017
  8. EFA11

    EFA11 Avatar Guru

    Oct 7, 2010
    8,796
    6,742
    270
    I get roughly 6 seconds SHA1 and 11 seconds SHA256 with a 2.11 GB file on an external HDD USB3. HDD speed will of course change the time for everyone but the few extra seconds really are not terrible.
     
  9. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    5,562
    12,989
    180
    Exactly and for the sake of security it simply don't matter those extra seconds.