|reply to Jrb2 |
Re: Beware of Combofix - contains infected file
Thread at BleepingComputer forum:
No official responce yet there.
Sure would be nice if they posted a hash of the infected version.
And better yet if they also posted hashes for their prior, known good versions.
(So like is my 1-28 version good or bad, or have I lucked out by a few hours?)
If mine is good, then maybe I could use Combofix to fix Combofix .
Waiting on this information from the developer. At the same time, if you scan your current version and it shows clean in virustotal then you are good to go.
|reply to therube |
SHA256 Hashes of known affected versions are:
Added hashes of the known affected version to first post. Hashes can be found below as well:
(Now we need an SHA256 to MD5 converter
So presumably what I had gotten earlier, 1 day prior, is OK.
(It came from Softpedia, though I notified them of this issue so don't know if they're still hosting or not?)
The file, which I scanned earlier at VT, was the one with checksums:
I did post those checksums in my previous post in this thread, along with the results at VT at that moment, and with the alert by NOD32.
I wasn't at that moment the first one who had scanned it there.