Just between you and me, I’ve heard that one could obtain copies of Windows 7, including builds newer than the public betas, from some not-so-sanctioned sources. Of course I would know very little about how this works, but I understand that there is a process of verifying the integrity of files to ensure files are as described and have not been tampered with, however not everyone does this.
Leading up to the inevitable leak of the Windows 7 RTM build like a bottle of champagne shaken once too many times, I wanted to make this process of verifying file hashes even simpler by making it easy and convenient to generate and compare the hashes. With the help of Sven Groot, we came up with this little applet for your Windows 7 ISO verifying pleasure.
It couldn’t be any easier to use. Simple drag and drop an .ISO file onto this EXE, or double click on it and navigate to the file, then sit back and relax whilst it crunches the numbers. Once it generates a hash, it’ll compare it with a list of known and trustworthy hashes of ISOs to tell you exactly which build version and architecture it is known to be. This list will be updated live over the web so you won’t have to redownload the app.
Download the Windows 7 ISO Verifier (EXE, 253KB)
Disclaimer: Like most entrepreneurs, I take no responsibility for the consequence of using this application. The information is provided only as a guide and cannot be used as evidence in an internet argument.
Update: As a few users have noted, this only works for English versions of Windows 7 ISOs so far.
Update 2: Added support for official retail US English RTM ISOs.
Update 3: With the wider public release of Windows 7, this tool is no longer kept up to date with the many and numerous versions of Windows 7 SKUs and languages. It is recommended you take personal care when using any ISOs.
That’s cool.
SWEET!
Thanks
Now that’s what I’m talking about. Does it read MD5?
@Manmohanjit: It relies on MD5 hashes, yes.
Does it support Windows Server 2008 R2 ISO?
@Manmohanjit: I didn’t think of Server 2008 R2, but I just added 2 hashes for Server 2008 R2 RC, not really the target audience though.
Really helpful application. I already made a post about it, all credits go to you and Sven Groot. Cheers
Some versions before Windows 7 Build 7264 are .vhd format, and not .iso file. Does this application support them?
@Kevin CHEN: It only supports ISO files since I don’t think VHDs are practical for most people. If you’re downloading VHDs and converting them, hashing would be the least of your concerns I think
I guess “http://www.istartedsomething.com/win7isoverifier/” webpage will come out soon, expected!
MD5 may not be a great choice of algorithm these days: http://en.wikipedia.org/wiki/Md5#Vulnerability
It might be more difficult to “fake” an MD5 hash with files as big as an iso (rainbow tables will certainly be useless for data that big but I don’t know how the common prefix stuff works exactly), and it seems unlikely anyone would bother to fake the MD5 when most people won’t check the hash at all, but if it’s just as easy to use a better algorithm then you might as well.
@Leo Davidson: Yeah very valid point, however I think for file hashing, MD5 is a pretty good compromise between ubiquity and uniqueness.
It doesn’t recognize French ISO of Windows 7 RC build 7100 :
fr_windows_7_ultimate_rc_x86_dvd_349019.iso
Why not just call it ‘Windows ISO Identifier’ to make it more or less future-proof (Windows 8, Windows Server, etc). Couple it with a simple database and let it roll. And as already suggested, a some sort of page would be nifty as well, just to browse the hashes (some might find it useful I guess).
Good idea because some “scene” sites will try to put malware in some “releases”. Hope you’ll keep it updated for Windows 7 with SP1/..SPx ISO.
MD5 for checksum… fail.
http://www.win.tue.nl/hashclash/SoftIntCodeSign/
@Andre – I completely agree! I would certainly use such utility quite regularly. I often find that I can’t recognize what image “this” is and it becomes quite a hassle. It would be so easy to do as well. If you were to pursue doing this, I would be more than willing to help with the database.
where is download link buddy
If it’s just a matter of adding hashes, you may as well support other windows disc. At least XP and Vista since they are still used.
An MD5 will be good enough for the time being, because if someone is willing to fake one on a file that size, you have bigger problems with the file you have leaked.
Full sh….
What for is it ?
It’s not for russian
Our iso’s it still not recognize, while they greatly work.
Who tell me this verifier is legit after all ? Why not just check the hashes with programs like Hashtab and compare them with the OFFICIAL ones on MSDN/Technet ?
@Yert: What bigger problems would you have with the file if a stronger hash meant you avoided using it at all?
(I’m not saying there’s a definite/serious threat of anyone bothering to fake the MD5 hash of a leaked Windows ISO; just wondering what you meant.)
@Alex: I guess it’s for leaked intermediate builds which aren’t on MSDN/Technet, and to make the check a bit easier as a bonus. (So maybe this tool will be more useful for Windows 8 since Windows 7 is about to RTM.)
Presumably the idea is that a hash of those builds is provided by some trusted person, or at least someone you’d trust more than a file on a random download site.
(Personally, I’d still avoid installing leaked builds on anything but a test VM, but maybe I’m more paranoid than other people. Well, that and who knows what is broken or experimental in a leaked build that didn’t go through any “public release” QA. Same as I’d never run a “nightly” web-browser build, really.)
Awesome work Long cheers.
Just an FYI, I use a handy app called HashTab which adds a tab to the properties dialog in windows explorer, which does all the hash checks including MD5. It does not have a handy built in list of Win7 iso crc’s though.
http://www.beeblebrox.org/hashtab/
Good stuff Long. This is a useful utility.
Why use proprietary software when you can just distribute a .sfv file (or a .md5 file or .sha1 file) with a list of the file names and their hashes, and then people can use their favorite hash verification utility to verify them? HashCheck is free, open-source, lightweight (smaller than this ISO Verifier), and it can verify using .sfv, .md5, or .sha1. And there’s QuickSFV, which can do .sfv and .md5. And if the user is using Linux to download, he can use sha1sum -c and or md5sum -c. It’s all about following simple, established standards since the .sfv, md5, and .sha1 formats are human readable and have been around for ages and are supported by a bunch of different apps. So just make a .md5 file with all of the hashes, distribute that, and let people download that list and use whatever their favorite utility is!
Keep adding hashes.. Vista x86/x64 versions would be nice too..
Thats kind of clever, so I can find out if the RTM-branch is a valid copy!
I’m just trying this applet out I’ve had problems with the installation of Win 7, where there is just a black screen during the process of completion andhe build number is in the bottom right hand corner. I downloaded it from my Microsoft, any ideas?????
I forgot to say the build is 7100
just ran the verifier appears to be no problems with ISO images, I’ve tried both 32 and 64 bit any advice will be appreciated
Thanks long and Sven for the utility
Does it support lnguage pack isos?
thanks
@teK: you can also use HashCheck: http://code.kliu.org/hashcheck/
Holy crap DataMan47, chill out! This is a tool for the masses, not for those that feel there is only one right way to do something… you are free to go ahead and do as you suggested and provide info that to others yourself on your website. This is their offering and they’ll do it their way; not have you dictate to them how it should be done, lol!
This ISO Verifier can Be Use In Windows XP????
Pls. Reply Me In My Yahoo Mail norven_castro@yahoo.com
Just so you know, it doesn’t seem to include the MD5 hash of build 6519 (an old build but should be included for posterity’s sake).
MD5: e5bac6b4b89f0e3f09075c0a07d82f6a (verified from source)
SHA1: 25e542530b57682a1c835e387f36762ffc496d2a
Using http://www.nirsoft.net/utils/hash_my_files.html (Hash My Files)
The ISO of build 7232 x64 custom by SoLoR is identified as 32-bit instead of 64-bit.
Hmmm… my RTM download of 7600.16384.090710-1945_x64fre_client_en-us_Retail_Ultimate-GRMCULXFRER _EN_DVD has failed.
very few hashes in that little xml file
1UK3:
Try and download the verifier again. It seems like they have updated the program. Mine failed yesterday but today it tells me that i have a VALID image
Still have no clue as to what to believe in terms of this really being RTM
@Snowi
Thanks for the heads up – all working now but as you say, can’t be sure that the build will be the actual RTM that is released in the future. I believe that Vista had about 4 different builds starting with 6000. before being released officially – I could be wrong about that though.
To vader1 and anyone eles who experiences the black screen at completion of installation: turn on your second monitor
I would love it if the 7600 is in fact the RTM but I’m gonna wait to install until I’m sure. The RC still works great.
hi this is not working. im going to say that i downloaded windows 7 RC from Microsoft website and tried to verified using ISO verifier. but it shows that its a invalid ISO. i cant believe. i directly download from microsoft site. shall i know which is fake. ISO verifier or downloading microsoft website.
7600.16385.090713-1255_x86fre_client_en-us_Retail_Ultimate-GRMCULFRER_ EN_DVD.iso is also not recognized and i’ve got it from trusted source.
James Cage, you may have received this from a trusted source. But that trusted source might have been smart enough not to give away the true iso as MS might be able to track the owner. I do not doubt the contents of what you got are legit, but they may have been repackaged into an iso.
derausgewanderte: you right! thanks
fcuk u russian
Does this support the RTM?
Build 7600.16385.090713-1255
How would we go about finding what versions you have in the database?
BTW, awesome program.
I’ve recently checked my ISO Build 7600.16385.090713-1255 x64 and it was all OK. I’m so glad !!!
Fcuk you ngentot
I can also verify that the x86 English Win7 RTM ISO is not correctly identified. I have hashed it against the RTM hashes and it verifies CRC32, MD5, and SHA1, but the tool does not recognize it as a valid ISO.
@cluberti: I just added the hash recently. It should work now.
Very nice, thank you. I’m fairly certain my ISOs are legit, but I’m glad there’s a tool for everyone to use. Nice work, btw.
Windows (E) version x64 shows as not verified also.
7600.16385.090713-1255_x64fre_cliente_en-us_Retail_UltimateE-GRMCEULXF RER_EN_DVD
It passes CRC32, MD5, and SHA1 in Hashtab.
Not being funny, but who are you that anyone should trust this process…??
Unless I have seen the actual checksums on the microsoft site, they could be anything!!!! There seems tobe loads of variations of checksums kicking about, and ive nto seen any on a 100% trustowrthy source….
not detecting OEM win 7, but of course cannot guarantee these are genuine unless seen on a micro$ost site
MICROSOFT.WINDOWS.7.ULTIMATE.RTM.X86.OEM.ENGLISH.DVD-MSFT
7600.16385.090713-1255_x86fre_client_en-us_OEM_Ultimate-GRMCULFREO_EN_ DVD.iso
SIZE: 2,501,894,144 bytes
SHA1: 9018D76CD7EB1098257F8474D9D7D40AF948E143
MD5: 28ECC57D83286BC15E7CF7A80CB940F3
CRC: FDFFFF5A
NOTE: this original M$ image.
MICROSOFT.WINDOWS.7.ULTIMATE.RTM.X64.OEM.ENGLISH.DVD-MSFT
7600.16385.090713-1255_x64fre_client_en-us_OEM_Ultimate-GRMCULXFREO_EN _DVD.iso
SIZE: 3,224,686,592 bytes
SHA1: 82C8C36423A1511516E54DC7E54B96603AA88F01
MD5: DAD9F7A0B4D5D928A6A67BA6CD896350
CRC: 2211FE19
NOTE: this original M$ image.
This detected Win7 Ultimate OEM x64 fine for me, thanks!!!
Perhaps you could also include MD5 identification of the proper ‘adjustment’ program to use with each version. Or simply just allow for the proper and verified identification of each crk. What is the MD5 of YOUR program so that we know your work will not be modified by someone working for an evil corporation?
Seems to work for ‘Ultimate,’ but I’m getting negative results with other editions (Pro, Home Premium, etc.)
I have verefied the iso x64 bits it`s a valid iso Windows 7
7600.16385.090713-1255
Hi guys, any download links for 7600.16385.090713-1255_x64fre_client_en-us_OEM_Ultimate-GRMCULXFREO_EN _DVD.iso? Thanks
@Long Zheng
how do you know the hashes you have are good ? did you get them from microsoft or calculate from ISOs by yourself ?
Microsoft’s download manager applet for the RC had an MD5 checksum built into it, according to a source… it didn’t either display it or notify you if it was valid, it simply would fail a bad download from microsoft if it didnt match. I doubt that many people received a bad download from µSoft but it is possible. the source then said what the MD5 was.. later I read somewhere else what the MD5 checksum was supposed to be for the ISO..
yes, you get them ( the MD5, and also the ISO) from a source, whether that source is directly from µSoft or someone else. Then you calculate, generate, or produce in some manner the MD5 of the file you have on your computer using any MD5 calculator. I’ll post a link to my favorite one here.. it can calc two at once, and if you wish you can paste the Published MD5 in the textbox and once you browse and select the ISO file it tells you if it matches. If you do NOT paste an MD5 into the textbox and then browse and select the ISO file, it simply tells you what the MD5 is of the file…. NOTE: this can do TWO MD5 files at once. I dont recommend doing this because it will not be any faster, in fact it will be slower if the two files are on the same physical hard drive, due to the head seeking behaviour..
http://www.markgillespie.co.uk/MD5Check.zip
oops markgillespie.co.uk is under reconstruction as of mid sept 2009.
try this instead, until mark’s site is reconstructed, his program is better I think. He also has other useful apps.
A Very talented person.
http://www.freewarefiles.com/Checksum_program_18624.html
not that this other program wasnt made by someone talented, i just dont know them as well.
When it is all said and done, you have no way of knowing whether something is genuine or not, until you read it from the horses mouth… many supposed RTM iso’s are chimeric like WZOR’s which has parts of it from an earlier release and the rest from the new.
If you want the real thing and cannot trust when a large group of people are saying it is, and then using a program like this to verify what they are all saying, It’s time for you to stop bothering us with your fussing, and simply wait for it to be on sale in a store like the rest of the masses. If you feel like going on an adventure sooner than your neighbors, please continue reading.
****************************************
http://news.softpedia.com/news/Windows-7-RTM-Build-7600-16385-DVD-ISO- SHA-1-and-MD5-Information-
117535.shtml
(pasted below)
*****************************************
On July 22 Microsoft released Windows 7 to manufacturing and started shipping images of the operating system to original equipment manufacturers. Next in line to get the gold bits of Windows 7 will be ISVs (Independent software vendors) and IHVs (Independent hardware vendors) as well as MSDN and TechNet subscribers on August 6th. At the same time, it is highly probable that Windows 7 RTM will be leaked and made available in the wild. In the meantime, Daniel Melanchthon, technical evangelist for Security and Messaging in the Developer & Platform Strategy Group at Microsoft Germany, made public the official SHA-1 and MD5 Checksum Hash information for what appear to be the original MSDN/TechNet DVD ISO Images of Windows 7 RTM Build 7600.16385.
The information published by Melanchthon will allow users to compare the MD5 and SHA-1 hash checksum values of any Windows 7 ISO images with the official SHA1, MD5 and CRC hash checksum values. If the values coincide then users have a guarantee that the downloads they checked are in fact the original ISO images of Windows 7 provided by Microsoft and that the files have not been tampered with in any way.
In this regard, Microsoft is offering the File Checksum Integrity Verifier utility. “The File Checksum Integrity Verifier (FCIV) is a command-prompt utility that computes and verifies cryptographic hash values of files. FCIV can compute MD5 or SHA-1 cryptographic hash values. These values can be displayed on the screen or saved in an XML file database for later use and verification,” the company informed.
I have included below the Windows 7 RTM Build 7600.16385 DVD ISO SHA-1 information provided by Melanchthon, along with additional MD5 Checksum Hash values I came across in the wild.
Windows 7 Retail Ultimate E English (x86)
Name: 7600.16385.090713-1255_x86fre_cliente_en-us_Retail_UltimateE-GRMCEULFR ER_EN_DVD.iso
CRC: 0×953EFBCC
SHA-1: 0xBC10F09B86DCBAF35B31B0E6FBA7D006ACAAD28D
Windows 7 Retail Ultimate E English (x64)
Name: 7600.16385.090713-1255_x64fre_cliente_en-us_Retail_UltimateE-GRMCEULXF RER_EN_DVD.iso
CRC: 0×77BE890E
SHA-1: 0×029DCCEDD7691206010F84CE58343405A4DA92C9
Windows 7 Retail Ultimate English (x86)
Name: 7600.16385.090713-1255_x86fre_client_en-us_Retail_Ultimate-GRMCULFRER_ EN_DVD.iso
CRC: 0xC1C20F76
MD5: D0B8B407E8A3D4B75EE9C10147266B89
SHA-1: 0×5395DC4B38F7BDB1E005FF414DEEDFDB16DBF610
Windows 7 Retail Ultimate English (x64)
Name: 7600.16385.090713-1255_x64fre_client_en-us_Retail_Ultimate-GRMCULXFRER _EN_DVD.iso
CRC: 0×1F1257CA
MD5: F43D22E4FB07BF617D573ACD8785C028
SHA-1: 0×326327CC2FF9F05379F5058C41BE6BC5E004BAA7
Windows 7 Ultimate Retail Simplified Chinese (x86)
Name: 7600.16385.090713-1255_x86fre_client_zh-cn_Retail_Ultimate-GRMCULFRER_ CN_DVD.iso
SHA1: B589336602E3B7E134E222ED47FC94938B04354F
Windows 7 Ultimate Retail Simplified Chinese (x64)
Name: 7600.16385.090713-1255_x64fre_client_zh-cn_Retail_Ultimate-GRMCULXFRER _CN_DVD.iso
SHA1: 4A98A2F1ED794425674D04A37B70B9763522B0D4
Windows Server 2008 R2 Volume License (VL) English
Name: 7600.16385.090713-1255_x64fre_server_en-us_VL-GRMSXVOL_EN_DVD.iso
SHA1: AD855EA913AAEC3F1D0E1833C1AEF7A0DE326B0A
********************************************************************** ***
note:
the D0B8… etc etc (32 bit)
and the F43D… etc etc (64 bit)
are valid in my opinion as well as some guy who works at µSoft, and the writer of this applet. and most of the people who are running W7..
but you never know, they might change something at the last minute. No one has mentioned any trojans or viruses in these ISO’s. (because there aren’t any)
—————————————————————————————————————————————————-
Save the planet, burn ONE dvd of this, instead of a 32 and a 64, this is BOTH. only 3.47 GB (3,735,056,384 bytes) note the download torrent is slightly larger due to to small text files. the md5 stated is for the ISO itself.
Windows_7_Ultimate_Activated_AIO (32 AND 64 bit versions, you pick when installing)
MD5: 60e5a382e6dc932165b1aaa60b991c98
from a search on piratebay it’s Windows_7_Ultimate_AIO_Activated
(spaces inserted for legibility, and to protect n00bs from themselves)
—————————————————————————————————————————————————–
I’m just curious, if your checker is accurate, how is this ( http://imgur.com/rbdbP.png ) happening. Looks like a hacked copy to me, and yet your verifier verifies it :-/
It is NOT a hacked copy, it is the OTHER still valid but lesser known RTM ISO’s that were available almost exactly at the same time. WZOR received the win 7 RTM WIM or VHD file, which is a sort of zip or cabinet file containing the files to install. His WIM or VHD file is exactly the same as any other RTM wim, with the exception of an AIO file ( all in one, where they stick 32 and 64 bit files in the same iso so the installer gets to choose which one).
The confusing part is WHY isnt his ISO the same as the full RTM? well, it installs the same file, although he used the rest of the files ( everything but the Wim or Vhd, essentially), from a previous version. These files are essentially just the boot and the installer and are not going to be part of the installed version of windows. It was a clever way to use the RTM VHD package he got and made an ISO which installed the real RTM on your computer. The package on both Wzor and the other RTM are the same.
The makers of this ISO verifying program knew about this when they included the MD5 checksum for these ISO’s when they made it. It IS a valid RTM, and although neither is a very useful AIO version, it is a valid one.
if you MUST be paranoid, I recommend buying Win7, and paying full retail price
OR
You can do an installation of both the technet or other RTM and also Wzor into separate partitions,
and then without running them further, ( so you wont make various and sundry temporary files and web cookies and such), do a file comparison with CDCheck, which is a fast folder or drive comparing program (ignores dates and attributes, only compares file Data) Please also dont try to activate anything before you do the check, and keep them both disconnected from the internet, too, until you decide to use them. Doing so would make one different from the other, possibly, due to random keys or such, based on the activator.
IF any file is different, please let us know, I’ll eat one of my socks for each file different and post it on channel 4 news. or 4 channel b, whichever is more convenient.
WZOR’s RTM release happened to be one Ive used for a while, and only have abandoned ANY thing truly checkable by this iso verifyer because I am involved in using AIO’s.
AIO versions are superior, based on the ability to install either version of Win7, the 32 or 64 bit on installation. Also there is the possibility of installing a version such as starter, on a slower computer with slightly below the minimal resources available, so you can essentially have a single DVD ( two layer with tools added) to install any Windows 7 version you need to on any computer capable of running Some version of it. The Language packs are all available from Windows Update and other than from paranoia or convenience are people making or downloading ISO’s or custom ISO’s to include an other language.
We are now in the state where we have to decide between having a KNOWN common AIO ISO with english as standard and add language packs later which will let us all KNOW for certain that we have the real deal,
OR
Everyone and their babelfish trying to make ISO’s from updates, combining them so your cousin and his blonde wife can have a dvd of win7 with JUST Farsi And Norwegian (Bokmal AND Nyorsk) preinstalled languages …which will fuck up everyone’s attempts at getting something for nothing by making SO many different ISO versions available that people will give up.
It is Quite possible that Microsoft itself is contributing to this mess and everyone and their dog are getting help from them and making custom installation DVD’s using Microsoft’s OWN WAIK.
Windows Automated Installation KIT is a tool that Microsoft has graciously made a version compatible with Windows 7. It is typically used by network or systems administrators to make modified versions of Windows to install, including the options to install over networks, and options to ADD to or REMOVE from windows itself. Scripted automatic installation, with NO user options, or select options, with the keys to the software included and also modifying settings of the computer.
I recommend you do NOT try to do this, unless you have had experience doing this on previous versions of windows, we do NOT need to see your messy ISO here causing troubles for people.
WZOR is not some lame person who is trying to ruin your day.
The Win7 RTM by WZOR is vaild.
End of story.
use this:
Windows_7_Ultimate_Activated_AIO (its 32 AND 64 bit versions, you pick when installing)
MD5: 60e5a382e6dc932165b1aaa60b991c98
that way you wont have problems with picking the latest activator.
@ “ed from brighton”
So is this (MD5: 60e5a382e6dc932165b1aaa60b991c98) the best RTM to download??? Please reply.
Pls send me link download windows 7
im confused
7600.16385.090713-1255_x86fre_client_en-us_Retail_Ultimate-GRMCULFRER_ EN_DVD.iso
what goes infront of this link?
Hi,
Just downloaded W7 Enterprise directly from Microsoft and your tool says that it is not a recognized one …
7600.16385.090713-1255_x64fre_enterprise_en-us_EVAL_Eval_Enterprise-GR MCENXEVAL_EN_DVD.iso
1d0d239a252cb53e466d39e752b17c28
Regards, Oscar.
This one is working for me. Mine is original too. ha2. Thank You. This is very helpful.
It hasn’t recognized SLOVAK RTM version.
SPANISH: Por favor pongan la compatibilidad con el idioma español.