Jump to content

gen-hackman

Honorary Members
  • Posts

    71
  • Joined

  • Last visited

Posts posted by gen-hackman

  1. ok thank you very much :D

    Regards

    PS : in fact it's not so important but if i need to make use it again after Malwarebytes scan and deletion, the user will have to download it again and it makes manipulations for nothing :)

    scripting my tool , there's a lot of possibility of switches (a little bit like Combofix ) and you can do every what you want in the PC.

    thx again

  2. How often is your file updated?

    it depends... the more often i updated my tool .... 6 times on a day ( seeing that , you can't use the MD5 to whitelist it)

    if it can serve to you :

    Version = 2.6.1.9 (changes very often , 6 = month , 19 = day)

    LegalCopyright = g3n-h@ckm@n

    FileDescription = g3n-h@ckm@n

    DefaultLangCodepage = 040C04B0

    i don't which repair you can take ....

    it's generaly in downloads folder or desktop at the begginning , and after it's on the desktop cause the program makes a copy of himself here at the end on the scan/kill to be scripted at the launch back without having to search it...try it and you'll see

    in fact it has 3 names :

    Pre_Scan.exe

    Winlogon.exe (you understand why ^^)

    Pre_Scan.pif (i think you understand why too :D )

    regards

  3. hello

    i find a funny thing about Malwarebytes

    take the installer of any program ( for example VLC installer ) copy it in your desktop , rename it winlogon.exe.

    make a scan with malwarebytes and he finds that's a Reserved.world.exploit ^^

    isn't it funny ?

    i see that everyday with my tool Pre_Scan renamed winlogon to kill the rogues when i make use MBAM at the end of the disinfection :)

    http://forums-fec.be/gen-hackman/Pre_Scan.exe

    Regards

  4. Hello to all

    I come back to you for that False positive :

    C:\Program Files\List_Kill'em\shcut.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

    it's to make a shortcut on the desktop to call List_Kill'em.exe in the program

    Thanks to look at this

    Gen-hackman

  5. hello to all persons

    there's a false positive detected in List_Kill'em program ans others , saying that "catchme" component is Trojan.Agent :

    C:\Program Files\List_Kill'em\catchme.exe (Trojan.Agent) -> Quarantined and deleted successfully.

    if you want to study that ,I give you a link of my tool to download this (but catchme tool comes directly from gMer site).

    List_Kill'em

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.