Discovered: February 16, 2001
Updated: February 13, 2007 11:35:17 AM
Type: Trojan Horse
To remove this Trojan horse, you need to delete the registry entries it created, restart the computer, and then run a full system scan. Follow these steps to do this:
CAUTION: We strongly recommend that you back up the system registry before making any changes. Incorrect changes to the registry could result in permanent data loss or corrupted files. Please make sure you modify only the keys specified. Please see the document
How to back up the Windows registry before proceeding.
- Click Start, and click Run. The Run dialog box appears.
- Type regedit and then click OK. The Registry Editor opens.
- Navigate to the following subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\RunServices
- In the right pane, delete the following value:
Winport.com <Trojan file name and path>
- Navigate to and delete the following subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\UDP Ports
- Close the Registry Editor.
- Restart the computer.
- Run LiveUpdate to make sure that you have the most recent virus definitions.
- Start Norton AntiVirus (NAV), and run a full system scan, making sure that NAV is set to scan all files.
- Delete any files that are detected as Backdoor.Acropolis.
Writeup By: Dmitry Reyder
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine