Event ID - 48512

Port No48512
Service NameARTIC
RFC Doc0
ProtocolTCP
DescriptionThis backdoor program allows remote users access to an infected computer. It is composed of a server component and a client component. It uses the server component on a target system and uses the client component to connect, access, and control an infected system. It compromises network security.
Reference LinkARTIC
AttackSolution:

Reboot in MSDOS mode.
Delete the RUNDLL16.EXE file in the Windows folder.
Reboot in Windows.
Click Start > Run, type REGEDIT.EXE and press the Enter key.
In the left panel, follow the path of the following:
HKEY_LOCAL_MACHINE\Software\ Microsoft\Windows\
CurrentVersion\Run
In the right panel, delete the below entry:
“Rundll16.exe”
Exit the registry.
Scan your system with Trend antivirus and delete all files detected as BKDR_ARTIC.A.CLI or BKDR_ARTIC.A.SVR. To do this, Trend customers must download the latest pattern file and latest scan engine file and scan their system. Other email users may use Trend HouseCall, a free online virus scanner

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.