Jump to content


Honorary Members
  • Posts

  • Joined

  • Last visited

Everything posted by gen-hackman

  1. hello just to say it's still detected like before Regards
  2. thank you very much ! like we say in French : "Au plaisir" the expression does mean : pleasure to see you again in the near Future bye
  3. ok thank you very much Regards PS : in fact it's not so important but if i need to make use it again after Malwarebytes scan and deletion, the user will have to download it again and it makes manipulations for nothing scripting my tool , there's a lot of possibility of switches (a little bit like Combofix ) and you can do every what you want in the PC. thx again
  4. I've just updated now for an hour here's the analysys from virus-total https://www.virustotal.com/file/602c89568bbe8dd0fc355e021cabd23437d4375df175ca8545a02d23fb10c7bd/analysis/1340150491/ permanent links to download : http://gen-hackman.forum-pro.fr/t65-canned-speech-pre_san i know the Md5 is the same for them three , only the name changes
  5. yes but when i update the md5 changes obligatory
  6. ok there's still one link in my 1st post ( not important for me if it rests ) read you later , thx
  7. ok i've another idea here is a zip containing 3 samples of the last versions regards
  8. How often is your file updated? it depends... the more often i updated my tool .... 6 times on a day ( seeing that , you can't use the MD5 to whitelist it) if it can serve to you : Version = (changes very often , 6 = month , 19 = day) LegalCopyright = g3n-h@ckm@n FileDescription = g3n-h@ckm@n DefaultLangCodepage = 040C04B0 i don't which repair you can take .... it's generaly in downloads folder or desktop at the begginning , and after it's on the desktop cause the program makes a copy of himself here at the end on the scan/kill to be scripted at the launch back without having to search it...try it and you'll see in fact it has 3 names : Pre_Scan.exe Winlogon.exe (you understand why ^^) Pre_Scan.pif (i think you understand why too ) regards
  9. hello i find a funny thing about Malwarebytes take the installer of any program ( for example VLC installer ) copy it in your desktop , rename it winlogon.exe. make a scan with malwarebytes and he finds that's a Reserved.world.exploit ^^ isn't it funny ? i see that everyday with my tool Pre_Scan renamed winlogon to kill the rogues when i make use MBAM at the end of the disinfection http://forums-fec.be/gen-hackman/Pre_Scan.exe Regards
  10. hello ok thanks i wrote in the program to delete the file at the end of installation , launching "Search" option , like this , there'll be no more problems with this file
  11. if I understood what you wanted to say , here's the file with the detection's report in a .zip file http://sd-4.archive-host.com/membres/up/82...ols/Desktop.zip
  12. excuse me but I saw it on a topic on Commentcamarche.net where I'm helping
  13. Hello to all I come back to you for that False positive : C:\Program Files\List_Kill'em\shcut.exe (Trojan.Downloader) -> Quarantined and deleted successfully. it's to make a shortcut on the desktop to call List_Kill'em.exe in the program Thanks to look at this Gen-hackman
  14. ok i didn't think to use that in this way ^^ but if it's ok i 'll not make me longer here sorry for my english but it comes from the school ^^
  15. ok I don't understand how 'catchme' could be effective in a malware would you like to tell me ? could it be used in a command line to destroy or make some damage in the system ?
  16. ok thanks cause in france since mbam says that , some of people take that for a Virus...lol ^^
  17. if you want more informations : http://www.commentcamarche.net
  18. hello to all persons there's a false positive detected in List_Kill'em program ans others , saying that "catchme" component is Trojan.Agent : C:\Program Files\List_Kill'em\catchme.exe (Trojan.Agent) -> Quarantined and deleted successfully. if you want to study that ,I give you a link of my tool to download this (but catchme tool comes directly from gMer site). List_Kill'em
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.