.: ProAgent 2.1.9 PE :.
Released 17 years, 1 month ago. Aug 2005By ATmaCA
- From: Turkey
- Coded by: ATmaCA
- Version: ProAgent 2.1.9 PE
- Released date: Aug 2005, 17 years, 1 month ago.
- Coded in: C++
- Family: ProAgent
- Category: Information Stealer
Server: dropped files: c:\WINDOWS\system32\drivers\KeenSense.sys Size: 16 bytes c:\WINDOWS\system32\drivers\ksdevice.sys Size: 16 bytes added to registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "qservices" Type: REG_SZ Data: C:\WINDOWS\qservice.exe tested on Windows XP August 06, 2007
[+] All the files made undetected against antiviruses. [+] Virtual Keyboard Logging support added to Special Editions. [+] MultiLanguage support added. [+] Server extensions menu added. [+] Advanved settings menu added. [+] Shell icons support added into icons menu. [+] Three characters limit for the extension of binded file improved. Any extensions with the any length will be accepted. [+] 10 MB limit for the binded file improved. Any file with any size will be accepted. [+] Grabbing more game-program serials support added. [+] Anti-rootkit bypass methods improved. [+] Grabbing FtpNow Passwords support added. [+] Grabbing DeluxeFtp Passwords support added. [+] Grabbing DeluxeFtp Pro Passwords support added. [+] Grabbing Morpheus Passwords support added. [+] Grabbing BitComet Passwords support added. [+] Grabbing FireFly Passwords support added. [+] Injection to Default browser method improved. [+] Injection to Default E-Mail Client feature added. [+] No-Injection feature added. [+] Automatic Server Uninstall on specified date feature added. [+] Delay Execution feature added in two options (after first restart or after a specified date). [+] Server for once time only support added (If you select this option, server will send you reports only once than it will remove itself). [+] Regularity of server logs improved. [+] E-Mail report sending module made more stable. [+] Added bypassing features for McAfee and Norton antivirus mail scan modules. [+] And lots of improvements...
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at firstname.lastname@example.org, thank you in advance.