Updated: February 13, 2007 11:58:23 AM
Also Known As: Paradise.Trojan
Type: Trojan Horse
Windows 9x systems with Norton AntiVirus installed
Restart the computer with a clean DOS or Windows startup floppy disk. Go to the \Windows\System directory on the drive where Windows is installed. Delete the file Norton AntiVirus detected as MasterParadise (2). Remove the floppy disk and restart the system. Edit the Windows registry using Regedit.exe to remove any entries referring to the file detected as MasterParadise (2).
Restart the machine again, look at the registry, and make sure that the Trojan horse did not reinstall itself.
Windows NT systems with Norton AntiVirus installed
Note the file Norton AntiVirus detected as MasterParadise (2). Edit the Windows registry using Regedit.exe to remove any entries referring to the file detected as MasterParadise (2).
Then, restart the system. Once Windows has started, go into the Command prompt in the Start/Programs menu and delete the file Norton AntiVirus detected as MasterParadise (2). Check the registry again to make sure the Trojan horse did not reinstall itself.
Windows 9x systems without Norton AntiVirus installed
If you do not have an antivirus product that detects this Trojan horse, restart the system with a clean DOS or Windows startup floppy disk. Go to the \Windows\System directory on the drive where Windows is installed. Delete the infected file.
Remove the floppy disk and restart the system. Edit the Windows registry using Regedit.exe to remove any entries referring to the infected file. Restart the computer again, look at the registry, and make sure that the Trojan horse did not reinstall itself.
Windows NT systems without Norton AntiVirus installed
If you do not have an antivirus product that detects this Trojan horse, you must delete the files manually. Edit the Windows registry using Regedit.exe to remove any entries referring to the infected file.
Restart the computer again, look at the registry, and make sure that the Trojan horse did not reinstall itself. Once Windows has started, go into the Command prompt in the Start/Programs menu, and delete infected file inside \Winnt\System32 directory.
Writeup By: Douglas Knowles
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine