A pirated version of Windows 7 Release Candidate infected with a Trojan horse has created a botnet with tens of thousands of bots under its control, according to researchers at security firm Damballa.

The software, which first appeared on April 24, spread as quickly as several hundred new bots per hour, and controlled roughly 27,000 bots by the time Damballa took over the network's command and control server on May 10, the firm said Tuesday.

The pirated software was spread via popular piracy sites and online forums, Damballa said.

The software is primarily designed to download and install other malicious packages under a "pay-per-install" scheme, under which the botmasters are paid based on the number of other pieces of malware they cause to be installed, Damballa said.

Infected installations are continuing to appear at a rapid rate, according to the company.

"We continue to see new installs happening at a rate of about 1,600 per day with broad geographic distribution," Tripp Cox, Damballa's vice president of engineering, said in a statement. "Since our takedown (of the command and control server), any new installs of this pirated distribution of Windows 7 RC are inaccessible by the botmaster."

However, the botmaster still controls the existing installations, Damballa said. The infected systems are mainly concentrated in the U.S., with 10 percent, and the Netherlands and Italy, with 7 percent each.

Windows 7 RC has been used as a lure by other malware distributors since its launch on May 5, according to security experts. On Monday, Trend Micro said it found the Trojan horse TROJ_DROPPER.SPX masquerading as a copy of the release candidate.

Botnets are one of the most serious threats on the Internet, according to security experts, and are typically used to carry out denial-of-service attacks or phishing schemes or to send junk mail. Last month, SecureWorks researcher Joe Stewart suggested that technology was not enough to stop botnets, arguing that the IT industry should look to new law-enforcement measures.

The legitimate version of Windows 7 RC is available from Microsoft's Web site.

Marissa Mayer, vice president of search products and experience, led a parade of the company's product managers on stage at Searchology 2009 to demonstrate the new features, known as Google Search Options, Google Squared, and Rich Snippets. Search Options will be rolling out gradually on Tuesday, giving searchers ways to filter their results based on factors like timeliness, result type such as image or videos, or a desire to see search results in visual form.

The announcements "center around how can you find more, and what can you do with it," Mayer said. Google last held a Searchology event in 2007, when it introduced Universal Search, blending regular search results with images, video, and news results.

Building on Universal Search, Mayer and Nundu Janakiram, an associate product manager, showed how Search Options allows users searching for information on the Hubble Telescope, for example, to filter their results with a "Show Options" link at the very top of the search results page. Clicking on that link brings up a new page with a list of options on the side, somewhat akin to the current Google News user interface.

By opting for the most recent information on the space telescope, the subject of a current NASA mission, users will be given a mix of news and blog results. If they prefer, they can click a filter that will sort those stories with images pulled from those stories.

Other options include new ways to visualize search results, such as the News Timeline introduced last month, as well as something called Wonder Wheel that visually represents data as rays of a star spreading out from the center of a search result.

Google Squared is the newest addition to Google Labs. This project allows searchers to create a spreadsheet based on Web results. Users can filter the data accessed through the Google Squared search, request additional categories to create a custom spreadsheet with the results that matter the most to them, and even fact-check the results by accessing the source of the data as well as alternate sources.

The other enhancement discussed Tuesday is called Rich Snippets, which is a partnership between Google and certain publishers, including CNET, to display information from Web pages within the box that encompasses a search result. Google is backing open standards called RDFa markup and Microformats markup that allow Web publishers to highlight aspects of their Web page to show in the search results.

Rich Snippets is a partnership between Google and certain publishers, including CNET, to display information from Web pages within the box that encompasses a search result.

The CNET example used in the presentation displayed the number of stars assigned by a CNET reviewer to a GPS device in the search results for a particular product. Likewise, Yelp's user-generated restaurant ratings will show up in the search result for a certain restaurant.

The feature is closely related to Yahoo's SearchMonkey, which the Google rival released a year ago. SearchMonkey allows outside developers to create their own SearchMonkey extensions to spotlight content, but to try to encourage use by more publishers, Yahoo has been working to make SearchMonkey easier to use.