ProBot
ProBot is a powerful and effective computer monitoring solution. Primary task of this feature-packed surveillance system is user activity event interception and logging. ProBot software maintains the detailed event log that is stored securely in binary
files. Special tools provided within the package are used to restore computer usage history and generate detailed reports for administration. It provides Severe risk threats to the PC. Such threats are typically installed without user interaction
through security exploits, and may allow an attacker to remotely control the infected machine. Such threats may allow the attacker to install additional malware and use the compromised machine to participate in denial of service attacks, spamming,
and bot nets, or to transmit sensitive data to a remote server.0
General information:
| Malware Name: |
ProBot |
| Malware Type: |
Key Logger |
| Company Name: |
NetHunter |
| Company URL: |
http://nethunter.cc/
|
| Threat Level: |
|
| Operating System: |
|
| Installation Type: |
|
| Operation: |
|
Company Description:
NetHunter Group is the Estonian software development company. NetHunter Group was founded in December 1999 and it is located in the ancient and beautiful capital of Estonia - Tallinn - right on the southern coast of The Gulf of Finland in the northern
part of The Baltic Sea. It provides the following products for security of PC ProBot, HotLAN and ProBot SE
Spyware Description:
ProBot is a powerful and effective computer monitoring solution. Primary task of this feature-packed surveillance system is user activity event interception and logging. ProBot software maintains the detailed event log that is stored securely in binary
files. Special tools provided within the package are used to restore computer usage history and generate detailed reports for administration. It provides Severe risk threats to the PC. Such threats are typically installed without user interaction
through security exploits, and may allow an attacker to remotely control the infected machine. Such threats may allow the attacker to install additional malware and use the compromised machine to participate in denial of service attacks, spamming,
and bot nets, or to transmit sensitive data to a remote server.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
pbcpl.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\Administrator\Start Menu\Programs\NetHunter ProBot\Tools\Export Wizard.lnk |
585 |
Shortcut |
| C:\Documents and Settings\Administrator\Start Menu\Programs\NetHunter ProBot\Tools\Log Search Wizard.lnk |
583 |
Shortcut |
| C:\Program Files\ProBot\Config\convtext.ini |
877 |
Configuration Settings |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\ProBot |
| C:\Program Files\ProBot\Archive |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
SOFTWARENetHunter GroupProBot |
dwLogURLs |
| HKEY_LOCAL_MACHINE |
SOFTWARENetHunter GroupProBot |
dwLogWindows |
| HKEY_LOCAL_MACHINE |
SOFTWARENetHunter GroupProBot |
dwMaxLogSize |
