Event ID - 32791

Port No32791
Service NameBackdoor.Acropolis
RFC Doc0
ProtocolTCP
DescriptionThis Trojan horse permits a remote operator to control an infected system. The name of the Trojan horse is Acropolis 1.0, and it is detected as Backdoor.Acropolis.
Reference LinkPort Number: 32791Service Name:Backdoor.Acropolis Port:TCP
AttackAccording to Symantec

Resolution:
To remove this Trojan horse, you need to delete the registry entries it created, restart the computer, and then run a full system scan. Follow these steps to do this:
CAUTION: We strongly recommend that you back up the system registry before making any changes. Incorrect changes to the registry could result in permanent data loss or corrupted files. Please make sure you modify only the keys specified. Please see the document How to back up the Windows registry before proceeding.
1.Click Start, and click Run. The Run dialog box appears.
2.Type regedit and then click OK. The Registry Editor opens.
3.Navigate to the following subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\RunServices
4.In the right pane, delete the following value:
Winport.com
5.Navigate to and delete the following subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\UDP Ports
6.Close the Registry Editor.
7.Restart the computer.
8.Run LiveUpdate to make sure that you have the most recent virus definitions.
9.Start Norton AntiVirus (NAV), and run a full system scan, making sure that NAV is set to scan all files.
10.Delete any files that are detected as Backdoor.Acropolis.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.