| Port No | 45673 |
| Service Name | Acropolis |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | When launched, the Trojan horse opens a network connection on ports 32791 and 45673. This gives a remote operator the capability to use your computer to send messages using mIRC. These messages may contain attached files. It is possible, but not confirmed, that the Trojan horse could also be used to control email programs. |
| Reference Link | More Information |
| Attack | Name:Acropolis How To Remove: CAUTION: We strongly recommend that you back up the system registry before making any changes. Incorrect changes to the registry could result in permanent data loss or corrupted files. Please make sure you modify only the keys specified. Please see the document How to back up the Windows registry before proceeding. 1. Click Start, and click Run. The Run dialog box appears. 2. Type regedit and then click OK. The Registry Editor opens. Navigate to the following subkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\RunServices 3. In the right pane, delete the following value: Winport.com Navigate to and delete the following subkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\UDP Ports 4. Close the Registry Editor. Restart the computer. 5. Run LiveUpdate to make sure that you have the most recent virus definitions. 6. Start Norton AntiVirus (NAV), and run a full system scan, making sure that NAV is set to scan all files. 7. Delete any files that are detected as Backdoor.Acropolis. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.