Event ID - 44444

Port No44444
Service NameProsiak
RFC Doc0
ProtocolTCP
DescriptionProsiak is a Trojan that provides an unauthorized user with some remote control over your system. The user may capture your usernames and passwords for online accounts by using Prosiak to monitor and record keystrokes that you make. Prosiak may also obtain your basic user and computer information, close your server, install files onto your system, and more
Reference LinkMore Information
AttackName:Prosiak

Prosiak is a Trojan that provides an unauthorized user with some remote control over your system. The user may capture your usernames and passwords for online accounts by using Prosiak to monitor and record keystrokes that you make. Prosiak may also obtain your basic user and computer information, close your server, install files onto your system, and more.

How To Remove:
1. Remove Prosiak processes:
pro_cli.exe
pro_cli.exe
pro_cli.exe
client.exe
config.exe
prosiak.exe
prosiak.exe
prosiak.exe
windll32.exe

2. Remove Prosiak registry values:
SOFTWAREMicrosoftWindowsCurrentVersionRunServiceskonfig
SOFTWAREMicrosoftWindowsCurrentVersionRunServicesprosiak.exe
SOFTWAREMicrosoftWindowsCurrentVersionRunServiceswindll32.exe
SOFTWAREMicrosoftWindowsCurrentVersionRunServiceskonfig
SOFTWAREMicrosoftWindowsCurrentVersionRunServicesprosiak.exe
SOFTWAREMicrosoftWindowsCurrentVersionRunServiceswindll32.exe
SOFTWAREMicrosoftWindowsCurrentVersionRunServiceskonfig
SOFTWAREMicrosoftWindowsCurrentVersionRunServicesprosiak.exe
SOFTWAREMicrosoftWindowsCurrentVersionRunServiceswindll32.exe

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.