- ProRat
ProRat is a Microsoft Windows based backdoor trojan horse, more commonly known as a RAT (Remote Administration Tool). As with other trojan horses it uses a client and server. ProRat opens a port on the computer which allows the client to perform numerous operations on the server (the machine being controlled). ProRat is available in a free version, and a paid version. In the free version, ProRat cannot connect to users over wide area networks (WANs), only over LANs (Local Area Networks). ProRat is known for its server to be almost impossible to remove without up-to-date
antivirus software.Features
ProRat allows many malicious actions on the victim's machine. Some of its abilities include:
* Logging keystrokes
* Stealing passwords
* Full control over files
* Drive formatting
* Open/close CD tray
* Hide taskbar, desktop, and start button
* Take screenshots
* View system information
* View webcam
* Download and run filesInfection Method
ProRat has a server creator with features that allow it to be undetected by antivirus and firewall software, and also allow it to stealthily run in the background. The software only runs completely (including rootkit) in Windows XP/2000. Such features include killing security software, removing and disabling
system restore points, and displaying a fake error message to mislead the victim.External links
* [http://www.prorat.net/ Official Prorat website]
* [http://www.symantec.com/avcenter/venc/data/backdoor.prorat.html Symantec Security Response]
* [http://www.addaxsoft.com/soft/anti_prorat.php Remove Prorat - Anti Prorat]
* [http://anti-prorat.blogspot.com/ How-to Remove Prorat using the free tool Anti Prorat]ee also
Wikimedia Foundation. 2010.