Event ID - 1025

Port No1025
Service NameBackdoor.Muska
RFC Doc0
ProtocolTCP
DescriptionThis backdoor malware enables remote users to access compromised machines. It works on the Client-Server principle.

Its server component installs on the target machine, where it listens to a port and waits for a connection from its client counterpart. When a connection is established, the client can send remote commands to the server, which executes these commands on the compromised machine.
Reference LinkBackdoor.Muska
AttackSolutions:

Removing autostart entries from the registry prevents the malware from executing during startup.
Open Registry Editor. To do this, click Start>Run, type REGEDIT, then press Enter.
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>RunServices
In the right panel, locate and delete the entry:
Program Manager
Close Registry Editor.
If you have a third-party process viewer, terminate the process, CRACK.EXE. Otherwise, restart your computer.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.