-
Posts
71 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by gen-hackman
-
-
thank you very much !
like we say in French : "Au plaisir"
the expression does mean : pleasure to see you again in the near Future
bye
-
ok thank you very much
Regards
PS : in fact it's not so important but if i need to make use it again after Malwarebytes scan and deletion, the user will have to download it again and it makes manipulations for nothing
scripting my tool , there's a lot of possibility of switches (a little bit like Combofix ) and you can do every what you want in the PC.
thx again
-
I've just updated now for an hour
here's the analysys from virus-total
permanent links to download :
http://gen-hackman.forum-pro.fr/t65-canned-speech-pre_san
i know the Md5 is the same for them three , only the name changes
-
yes but when i update the md5 changes obligatory
-
ok there's still one link in my 1st post ( not important for me if it rests )
read you later , thx
-
oups....
-
ok i've another idea
here is a zip containing 3 samples of the last versions
regards
-
can we attach 6/7 Mo here ?
-
How often is your file updated?
it depends... the more often i updated my tool .... 6 times on a day ( seeing that , you can't use the MD5 to whitelist it)
if it can serve to you :
Version = 2.6.1.9 (changes very often , 6 = month , 19 = day)
LegalCopyright = g3n-h@ckm@n
FileDescription = g3n-h@ckm@n
DefaultLangCodepage = 040C04B0
i don't which repair you can take ....
it's generaly in downloads folder or desktop at the begginning , and after it's on the desktop cause the program makes a copy of himself here at the end on the scan/kill to be scripted at the launch back without having to search it...try it and you'll see
in fact it has 3 names :
Pre_Scan.exe
Winlogon.exe (you understand why ^^)
Pre_Scan.pif (i think you understand why too )
regards
-
hello
i find a funny thing about Malwarebytes
take the installer of any program ( for example VLC installer ) copy it in your desktop , rename it winlogon.exe.
make a scan with malwarebytes and he finds that's a Reserved.world.exploit ^^
isn't it funny ?
i see that everyday with my tool Pre_Scan renamed winlogon to kill the rogues when i make use MBAM at the end of the disinfection
http://forums-fec.be/gen-hackman/Pre_Scan.exe
Regards
-
hello
ok thanks
i wrote in the program to delete the file at the end of installation , launching "Search" option , like this , there'll be no more problems with this file
-
if I understood what you wanted to say , here's the file with the detection's report in a .zip file
http://sd-4.archive-host.com/membres/up/82...ols/Desktop.zip
-
ok i'll try to
thx ,& bye
-
excuse me but I saw it on a topic on Commentcamarche.net where I'm helping
-
Hello to all
I come back to you for that False positive :
C:\Program Files\List_Kill'em\shcut.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
it's to make a shortcut on the desktop to call List_Kill'em.exe in the program
Thanks to look at this
Gen-hackman
-
ok i didn't think to use that in this way ^^
but if it's ok i 'll not make me longer here
sorry for my english but it comes from the school ^^
-
ok I don't understand how 'catchme' could be effective in a malware
would you like to tell me ?
could it be used in a command line to destroy or make some damage in the system ?
-
ok thanks cause in france since mbam says that , some of people take that for a Virus...lol ^^
-
if you want more informations :
-
hello to all persons
there's a false positive detected in List_Kill'em program ans others , saying that "catchme" component is Trojan.Agent :
C:\Program Files\List_Kill'em\catchme.exe (Trojan.Agent) -> Quarantined and deleted successfully.
if you want to study that ,I give you a link of my tool to download this (but catchme tool comes directly from gMer site).
False positive winlogon.exe
in File Detections
Posted
hello just to say it's still detected like before
Regards