What is a Trojan?

Question

ok first-- you guys are great every problem i have had you helped. so now i am praying you will help me with this one.

i have msn i now believe i have the new virus backdoor.ducy. it has come up on the search and destroy. i have deleted files that way but apparently not completely. besides that, we can be online for a few minutes before the msn message would pop up stating there is an MSN ERROR REPORTING MSN HAS EXPIERENCED AN INTERNAL ERROR AND WILL HAVE TO RESTART-do you want to report it to msn or "don't tell." if we click on report it runs the error then kicks us off then starts the sign in procedure. i do not understand the technical terms that all the other sites use. please make the instrutions easy enough for a person to understand

thank you so much

Answer

This question was answered on October 28, 2004. Much of the information contained herein may have changed since posting.

Thank You i'm glad that we were able to help you First off let me tell you that Backdoor.Ducy is a backdoor Trojan horse that uses MSN Messenger to give an attacker access to your computer I believe that you don't want to know the specifics but hey it doesn't hurt to know a little, right? This is what this virus does; it creates a file called %Widir%\Mn.exe This file adds the value "control"="%Widir%\mn.exe" to the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run This is so that the Trojan runs when you start Windows It opens a backdoor on the infected system allowing an attacker to connect to the system using your MSN Messenger I recommend that you

turn off and remove unneeded services Services that are not critical, such as an FTP server, telnet, and a Web server These services are avenues of attack Remember to always keep your patch levels up-to-date Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files To remove the problem disable System Restore (Windows Me/XP) Update the virus definitions Restart the computer in Safe mode or VGA mode Run a full system scan and delete all the files detected as Backdoor.Ducy and last but not least reverse the changes made to the registry Well read on and i hope that this will help you with your troubles.

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Michael of Katharine Gibbs School - New York on October 28, 2004