Event ID - 23321

Port No23321
Service NameKONIK
RFC Doc0
ProtocolTCP
DescriptionThis backdoor malware uses its default TCP port, 23321, for its client-server connections. It has a server-editor component that allows its author to configure or customize its server component.

The client component of a backdoor malware allows its user to access and control the computer running its server component. Depending on the extent of what the user of the client component on the target system, this malware usually compromises network security.
Reference LinkKONIK
AttackSolution:
For Windows 9X/ME Systems:

Removing Registry Entries: Open Registry Editor. Click Start>Run, type REGEDIT then hit the enter key.
In the left panel, double click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>
CurrentVersion>RunServices
In the right panel, locate and delete this registry entry:
MonitorDLL
In the left panel, double click the following:
HKEY_CURRENT_USER>Software>Microsoft>Windows>
CurrentVersion>Run
In the right panel, locate and delete this registry entry:
MonitorDLL
Close REGEDIT
Restart your system.
For Windows NT/2000/XP Systems:

Scan your system with Trend Micro antivirus and NOTE all files detected as BKDR_KONIK.60. To do this Trend Micro customers must download the latest pattern file and scan their system. Other Internet users may use HouseCall, Trend Micro's free online virus scanner.
Open Windows Task Manager, press the CTRL+SHIFT+ESC keys.
Click the Processes Tab. In the list of running programs, locate the malware file or files detected earlier.
Select one of the detected files, and then press either the End Task or the End Process button, depending on the version of Windows on your system.
Do the same for all detected malware files in the list of running processes. To verify if the malware process has been terminated, press F5 to refresh Task Manager then review the process list.
Close Task Manager.
Removing Registry Entries

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.