Port No | 30103 |
Service Name | NetSphere |
RFC Doc | 0 |
Protocol | TCP |
Description | This server side backdoor Trojan enables a remote user access to its infected computer. It does not have a destructive payload. |
Reference Link | NetSphere Trojan |
Attack | SOLUTION : 1.Manually delete the dropped file, EPP32.EXE, from the Windows System folder. 2.Click Start>Run, type Regedit then hit the Enter key. 3.DoubleClick the following: HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows >CurrentVersion>Run 4.Delete the following in the right panel: “ExecPowerProfile” “C:\Windows\System\epp32.exe” 5.Close the Registry. 6.Scan your system with Trend Micro antivirus and delete all files detected as TROJ_NETSPHERE.A. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro’s free online virus scanner. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.