| Port No | 33333 |
| Service Name | Prosiak |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Backdoor Prosiak 0.47 is a Trojan that opens up a backdoor program that, once installed on a system, permits unauthorized users to remotely perform a variety of operations, such as changing the registry, executing commands, starting services, listing files, and uploading or downloading files. Prosiak typically runs from the server file "C:\WINDOWS\SYSTEM\WINDLL32.EXE" over ports 33333 and 22222 via TCP. |
| Reference Link | More Information |
| Attack | Name:Prosiak Prosiak is a Trojan that provides an unauthorized user with some remote control over your system. The user may capture your usernames and passwords for online accounts by using Prosiak to monitor and record keystrokes that you make. Prosiak may also obtain your basic user and computer information, close your server, install files onto your system, and more. How To Remove: 1. Remove Prosiak processes: pro_cli.exe pro_cli.exe pro_cli.exe client.exe config.exe prosiak.exe prosiak.exe prosiak.exe windll32.exe 2. Remove Prosiak registry values: SOFTWAREMicrosoftWindowsCurrentVersionRunServiceskonfig SOFTWAREMicrosoftWindowsCurrentVersionRunServicesprosiak.exe SOFTWAREMicrosoftWindowsCurrentVersionRunServiceswindll32.exe SOFTWAREMicrosoftWindowsCurrentVersionRunServiceskonfig SOFTWAREMicrosoftWindowsCurrentVersionRunServicesprosiak.exe SOFTWAREMicrosoftWindowsCurrentVersionRunServiceswindll32.exe SOFTWAREMicrosoftWindowsCurrentVersionRunServiceskonfig SOFTWAREMicrosoftWindowsCurrentVersionRunServicesprosiak.exe SOFTWAREMicrosoftWindowsCurrentVersionRunServiceswindll32.exe |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.