| Port No | 4444 |
| Service Name | Prosiak |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Prosiak 0.70 beta 5 is a Polish trojan. Prosiak has a edit server program, which allows the "hacker" to configure the trojan server. This fake install shield can be for any program and can be made to stop at any percentage (It can load all the way to 99% and then say there is an error). |
| Reference Link | Prosiak |
| Attack | It Autoloads: Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\ Key: Trojan horse Features: Clipboard manager Close, show, hide, minimize, maximize windows Control child windows File manager Flash monitor Get screen shot Get windows info Hide/Show start button, task bar, or icons Http server Lock desktop Logoff, reboot, shutdown or poweroff server Monitor on/off Play wav Proxy server Read, clear or store text in clipboard Run file Send email Send message Send to web page Show jpg Telnet server Various effects to open windows Fix: Remove the Trojan horse key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices Which can be done with regedit or any other registry editing program. Reboot the computer or close prosiak_trojan.exe. Delete the trojan file prosiak_trojan.exe in the windows system directory. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.