About “Backdoor:Win32/Prorat.T” infection

The Backdoor:Win32/Prorat.T is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor:Win32/Prorat.T virus can do?

Authenticode signature is invalid

How to determine Backdoor:Win32/Prorat.T?


File Info:
name: 2DE3222AEA920435A3FB.mlw
path: /opt/CAPEv2/storage/binaries/fc7dcb33eec997da2659280e0deb2a85bcdba44a13ce4703da40bc90d47554c7
crc32: 68FE2CCB
md5: 2de3222aea920435a3fb6d9fabea4f1e
sha1: 23408cc192a86b121051ab253fd9fcb8b46919de
sha256: fc7dcb33eec997da2659280e0deb2a85bcdba44a13ce4703da40bc90d47554c7
sha512: 6d0b56348c6db002d1e17146f0c56807657648375a879c0fd1d376bb9a9e38d4147ca3c146e9ba197ba2482f002bbc596fbc1a22d0b1f7f002f427722d5e538b
ssdeep: 768:zwlGw93xCJV4ax/ZJmSPuVFfwcbI1yc9tnljblBMDcDv7P/dWCx0XDS0iDz:8Ex4ZFfwcOrPnlPMDcz7PltWX2j
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14B23C456A109D16BD02832F67F4A7796F3FDDBB43A3888869A24990C72F36D5CE01347
sha3_384: aab2ae185e804ccb43697097192f60b410834478a66fa0d07f631427d52a992cec0f33a0eabddd67b14f804785cb09db
ep_bytes: eb1066623a432b2b484f4f4b90e9f8a3
timestamp: 2004-11-19 12:19:18

Version Info:
0: [No Data]

Backdoor:Win32/Prorat.T also known as:

Bkav	W32.AIDetect.malware1
Lionic	Trojan.Win32.Prorat.kYMr
MicroWorld-eScan	Trojan.GenericKD.38125758
FireEye	Trojan.GenericKD.38125758
McAfee	Artemis!2DE3222AEA92
K7AntiVirus	Backdoor ( 000237271 )
BitDefender	Trojan.GenericKD.38125758
K7GW	Backdoor ( 000237271 )
Cybereason	malicious.aea920
Cyren	W32/ProratP.C
Symantec	Backdoor.Prorat
APEX	Malicious
Kaspersky	Backdoor.Win32.Prorat.kcm
Tencent	Trojan.Win32.BitCoinMiner.la
Ad-Aware	Trojan.GenericKD.38125758
DrWeb	BackDoor.ProRat
TrendMicro	TROJ_GEN.R002C0DKQ21
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Trojan.GenericKD.38125758 (B)
Ikarus	Backdoor.Win32.Prorat
Jiangmin	Backdoor/Prorat.or
MAX	malware (ai score=81)
Antiy-AVL	Trojan/Generic.ASBOL.5B7
Microsoft	Backdoor:Win32/Prorat.T
GData	Trojan.GenericKD.38125758
VBA32	suspected of Backdoor.Prorat.14
ALYac	Trojan.GenericKD.38125758
Malwarebytes	Backdoor.Prorat
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002C0DKQ21
Fortinet	W32/PossibleThreat
AVG	Win32:Prorat-DN [Trj]
Avast	Win32:Prorat-DN [Trj]

How to remove Backdoor:Win32/Prorat.T?

Backdoor:Win32/Prorat.T removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X