Airbot � -> Download

Page 4 of 4

01/06/2007 12:14 t0b#46

Its protected by Xtreme-Protector v1.05, ASprotect v1.2, PE Pack v1.0, NeoLite v2.00 and coded in c++...sounds fake to me...

edit, lol, it is glider, just a exe that unpack launchpad to a temp folder, its a scam.

01/06/2007 12:15 X-Matrix#47

it�s packed with a UD trojand packer and windwos iexplore packer don�t download it

01/06/2007 14:58 graka#48

Trojan detected on depack \o/

2 files , scan ur pc ( kaspersky found them )

Logmen.exe > %system32
Hard to remove , remove the registry key after ( search logmen.exe in ur registry) , reboot , remove the logmen.exe in %system32

Thx for this dude and ban this holy crappy guy

01/06/2007 23:00 tttommeke#49

Logmen.exe, works with explorer.exe
To remove i used unlocker and right click on logmen. He will ask to shutdown explorer.exe, say yes, go pack to c:\windows\system32\ and then you can delete logmen.exe and logmen without any error from the program is in use. Also check this 2 items in regedit (start => execute => type in regedit) and look for this :
HKEY_LOCAL_MACHINE\Software\Microsoft&#0 92;Active Setup\Installed Components

HKEY_CURRENT_USER\Software\Microsoft&#09 2;Active Setup\Installed Components

if you see a variable with this : {32E79AE2-96C6-7A4B-0407-050408030200}
then delete it.

Also change your pasword from your wow account.

01/07/2007 06:15 Tilley911#50

Should my norton anti virus remove this?

01/07/2007 10:49 X-Matrix#51

yes it schould

01/07/2007 11:38 Crissiejjj#52

o.O Well.. If i Unpacked it.. If have Teh scam?

01/07/2007 11:42 X-Matrix#53

then you have a trojan and he can totaly control your pc
your webcam
all of your passwords
you have a keylogger /it means he know everytime what youre writing
can upload viruses to you
destroy your system
and so on

11/01/2007 12:15 logix00#54

Datei Airbot.exe empfangen 2007.11.01 12:09:05 (CET)
Status: Beendet
Ergebnis: 1/32 (3.13%)

Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2007.11.1.1 2007.11.01 -
AntiVir 7.6.0.30 2007.11.01 -
Authentium 4.93.8 2007.10.31 -
Avast 4.7.1074.0 2007.10.31 -
AVG 7.5.0.503 2007.11.01 -
BitDefender 7.2 2007.11.01 -
CAT-QuickHeal 9.00 2007.10.31 -
ClamAV 0.91.2 2007.11.01 PUA.Packed.Themida
DrWeb 4.44.0.09170 2007.11.01 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5259 2007.11.01 -
Ewido 4.0 2007.10.31 -
FileAdvisor 1 2007.11.01 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.31 -
F-Secure 6.70.13030.0 2007.11.01 -
Ikarus T3.1.1.12 2007.11.01 -
Kaspersky 7.0.0.125 2007.11.01 -
McAfee 5153 2007.10.31 -
Microsoft 1.2908 2007.11.01 -
NOD32v2 2631 2007.11.01 -
Norman 5.80.02 2007.10.31 -
Panda 9.0.0.4 2007.11.01 -
Prevx1 V2 2007.11.01 -
Rising 20.16.31.00 2007.11.01 -
Sophos 4.23.0 2007.11.01 -
Sunbelt 2.2.907.0 2007.10.31 -
Symantec 10 2007.11.01 -
TheHacker 6.2.9.110 2007.10.27 -
VBA32 3.12.2.4 2007.10.31 -
VirusBuster 4.3.26:9 2007.11.01 -
Webwasher-Gateway 6.6.1 2007.11.01 -

11/01/2007 12:23 Cirax#55

Quote:

Originally Posted by logix00

Datei Airbot.exe empfangen 2007.11.01 12:09:05 (CET)
Status: Beendet
Ergebnis: 1/32 (3.13%)

Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2007.11.1.1 2007.11.01 -
AntiVir 7.6.0.30 2007.11.01 -
Authentium 4.93.8 2007.10.31 -
Avast 4.7.1074.0 2007.10.31 -
AVG 7.5.0.503 2007.11.01 -
BitDefender 7.2 2007.11.01 -
CAT-QuickHeal 9.00 2007.10.31 -
ClamAV 0.91.2 2007.11.01 PUA.Packed.Themida
DrWeb 4.44.0.09170 2007.11.01 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5259 2007.11.01 -
Ewido 4.0 2007.10.31 -
FileAdvisor 1 2007.11.01 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.31 -
F-Secure 6.70.13030.0 2007.11.01 -
Ikarus T3.1.1.12 2007.11.01 -
Kaspersky 7.0.0.125 2007.11.01 -
McAfee 5153 2007.10.31 -
Microsoft 1.2908 2007.11.01 -
NOD32v2 2631 2007.11.01 -
Norman 5.80.02 2007.10.31 -
Panda 9.0.0.4 2007.11.01 -
Prevx1 V2 2007.11.01 -
Rising 20.16.31.00 2007.11.01 -
Sophos 4.23.0 2007.11.01 -
Sunbelt 2.2.907.0 2007.10.31 -
Symantec 10 2007.11.01 -
TheHacker 6.2.9.110 2007.10.27 -
VBA32 3.12.2.4 2007.10.31 -
VirusBuster 4.3.26:9 2007.11.01 -
Webwasher-Gateway 6.6.1 2007.11.01 -

completely useless -.-

11/01/2007 12:33 supersry#56

bant mal einer den spasti hier.. deswegen schreibt er auch nix mehr weil er selber wei� das er da nen troja reingepackt hat

11/01/2007 13:29 sirru#57

Den Thread gabs vor nem Jahr schonmal hier, auch das Bild mit dem Secure Server kenn ich schon.

11/01/2007 13:36 dRon#58

closed, da meine scanner nichts gefunden haben erstmal kein bann aber link gel�scht

Page 4 of 4

« First