Jump to content


Honorary Members
  • Posts

  • Joined

  • Last visited

Everything posted by gen-hackman

  1. Hello Still blocked since.............
  2. I know the numeric signature is not recognized by trustprovider but it's the only way I found to sign py tools without pay lol ^^
  3. Hello Malware community Malwarebytes detects my tool as malware https://www.cjoint.com/c/JDBnTPJPDdj numeric signature is not ercognized by Trust Provider but it's the only free solutioon I found to sign my tools ^^ (Symantec timestamp) Is something possible to do to bypass it ? Best Regards g3n-h@ckm@n QuickDiag.7z
  4. Hello, Malwarebytes extension for firefox blocks this link : moz-extension://bfdafadf-fba6-464d-89c6-d751b12d3c68/app/eventpages/block.html?referrer=www.aht.li&url=https%3A//www.aht.li/3213847/AdsFix.exe&host=www.aht.li&type=scam&subtype=suspiciousDownload&tabId=35&filename=AdsFix.exe&rules=specific it's OVH cloud for my tools real link : https://www.aht.li/3213847/AdsFix.exe Eplanations : https://translate.google.fr/translate?sl=fr&tl=en&u=https://genhackmantools.wordpress.com/adsfix/ Thank you to do the best Best Regards g3n-h@ckm@n
  5. hello tu supprimes et recrées la clé via script : [-HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains] [HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains] ""=""
  6. okay I'll do that so I don't understand why It scans winsxs folder , it takes some time and I have never saw some infections in this folder in 10 years desinfecting ^^
  7. Ok I 'll delete some lines in the log that I do not want to show
  8. sorry I uninstalled Malwarebytes , I'm gonna reinstall, do a new complete scan and give you the log when it'll be ended the datas , as I remember aren't displayed in the log, only keys and values
  9. If forgot to says it's detects my Program ProcessClose like a malware too it's in download in 10 sites or more ( sosvirus , toolslib, majorgeeks, etc..... ) https://www.google.fr/search?ei=196IW8SmKMyalwSymaHICA&q=ProcessClose+g3n-h%40ckm%40n&oq=ProcessClose+g3n-h%40ckm%40n&gs_l=psy-ab.3...11896.20665.0.21317. I attach the file. ProcessClose.zip
  10. Hello Malwarebytes detects HFS.exe like a malware analysing my Computer in it's last version, but it's 100% legit , it comes from Rejetto Http File Transfer ( Allows to transfer a file giving a link in http from PC to PC without Server, I use it for a long time.(perhaps it's cause we have to open a port in the box to make it work it's detected like this.....) http://www.rejetto.com/hfs/ In Virustotal analysis, Malwarebytes says it's Clean..... (zip containing the file attached) ====== it detects too as a Dns.unlocker but these IPs are "Free" OPEN DNS and local IP connection to my box [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]~[DhcpNameServer] : [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{82eba569-60eb-4390-9f4d-45fec09da1b1}]~[DhcpNameServer] : [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b51955e3-93cb-4826-ac4f-741fec48fcd4}]~[DhcpNameServer] : The value "NameServer" was detected too like a dns.unlocker but I looked in the registry at this place and there's nothing written in this value , no data. ISP: Free SAS Organization: Free SAS AS Number: AS12322 Free SAS => Local ===== And like said My friend rubised in the other topic, detects cjoint.com like Fraud, but here's some examples to show you that's a really a false positive https://quttera.com/detailed_report/www.cjoint.com https://sitecheck.sucuri.net/results/www.cjoint.com And from the Kaspersky VirusDesk : Le lien https://www.cjoint.com est sain Ce lien est sain conformément aux données de réputation de Kaspersky VirusDesk. does mean in english : The link https://www.cjoint.com is healthy This link is healthy according to Kaspersky VirusDesk reputation data. ===== a Last thing : while analyzing my computer, malwarebytes takes very much percents of my processor , I cannot do anything other, it makes my computer going very slow almost static, the browsers pages cannot refresh correctly cause all the processor is taken by Mbam here's an example (png attached) , and sometimes it goes over 80% of the processor hfs.zip
  11. Hello my tool is taken for a ransomware like you can see on these pictures : If you want to do some tests it's downloadable here : https://toolslib.net/downloads/viewdownload/20-adsfix/ Thanks to do what you can Best Regards, g3n-h@ckm@n
  12. hello MBAE doesn't support TOR .... it's normal ?
  13. hello does MBAE Auto-updates ? here's a screen confirming that it works correctly https://dl.dropboxusercontent.com/u/22950063/MBAE.PNG
  14. here it is ! http://cjoint.com/?CFgwtc3YqZi inside the zip , there are the file detected and the log of real time protection
  15. where can i find the log for the detection in real time ?
  16. you sent me where we can't post == the detection is made in the real time protection , not in the scan
  17. hello I come back to you to say that Malwarebytes puts in quarantine C:\Program Files\AutoIt\AutoIt3.exe detected like a trojan.Inject
  18. ok sorry mbam was not updated thanks
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.