gen-hackman

hello just to say it's still detected like before Regards

thank you very much ! like we say in French : "Au plaisir" the expression does mean : pleasure to see you again in the near Future bye

ok thank you very much Regards PS : in fact it's not so important but if i need to make use it again after Malwarebytes scan and deletion, the user will have to download it again and it makes manipulations for nothing scripting my tool , there's a lot of possibility of switches (a little bit like Combofix ) and you can do every what you want in the PC. thx again

I've just updated now for an hour here's the analysys from virus-total https://www.virustotal.com/file/602c89568bbe8dd0fc355e021cabd23437d4375df175ca8545a02d23fb10c7bd/analysis/1340150491/ permanent links to download : http://gen-hackman.forum-pro.fr/t65-canned-speech-pre_san i know the Md5 is the same for them three , only the name changes

yes but when i update the md5 changes obligatory

ok there's still one link in my 1st post ( not important for me if it rests ) read you later , thx

oups....

ok i've another idea here is a zip containing 3 samples of the last versions regards

can we attach 6/7 Mo here ?

How often is your file updated? it depends... the more often i updated my tool .... 6 times on a day ( seeing that , you can't use the MD5 to whitelist it) if it can serve to you : Version = 2.6.1.9 (changes very often , 6 = month , 19 = day) LegalCopyright = g3n-h@ckm@n FileDescription = g3n-h@ckm@n DefaultLangCodepage = 040C04B0 i don't which repair you can take .... it's generaly in downloads folder or desktop at the begginning , and after it's on the desktop cause the program makes a copy of himself here at the end on the scan/kill to be scripted at the launch back without having to search it...try it and you'll see in fact it has 3 names : Pre_Scan.exe Winlogon.exe (you understand why ^^) Pre_Scan.pif (i think you understand why too ) regards

hello i find a funny thing about Malwarebytes take the installer of any program ( for example VLC installer ) copy it in your desktop , rename it winlogon.exe. make a scan with malwarebytes and he finds that's a Reserved.world.exploit ^^ isn't it funny ? i see that everyday with my tool Pre_Scan renamed winlogon to kill the rogues when i make use MBAM at the end of the disinfection http://forums-fec.be/gen-hackman/Pre_Scan.exe Regards

hello ok thanks i wrote in the program to delete the file at the end of installation , launching "Search" option , like this , there'll be no more problems with this file

if I understood what you wanted to say , here's the file with the detection's report in a .zip file http://sd-4.archive-host.com/membres/up/82...ols/Desktop.zip

ok i'll try to thx ,& bye

excuse me but I saw it on a topic on Commentcamarche.net where I'm helping

Hello to all I come back to you for that False positive : C:\Program Files\List_Kill'em\shcut.exe (Trojan.Downloader) -> Quarantined and deleted successfully. it's to make a shortcut on the desktop to call List_Kill'em.exe in the program Thanks to look at this Gen-hackman

ok i didn't think to use that in this way ^^ but if it's ok i 'll not make me longer here sorry for my english but it comes from the school ^^

ok I don't understand how 'catchme' could be effective in a malware would you like to tell me ? could it be used in a command line to destroy or make some damage in the system ?

ok thanks cause in france since mbam says that , some of people take that for a Virus...lol ^^

if you want more informations : http://www.commentcamarche.net

hello to all persons there's a false positive detected in List_Kill'em program ans others , saying that "catchme" component is Trojan.Agent : C:\Program Files\List_Kill'em\catchme.exe (Trojan.Agent) -> Quarantined and deleted successfully. if you want to study that ,I give you a link of my tool to download this (but catchme tool comes directly from gMer site). List_Kill'em