Home > General > Trojan.JS.Offensive

Trojan.JS.Offensive

When the Trojan horse is executed, it proceeds to make a series of system-level changes to the configuration of the infected PC, greatly limiting user access to the system. These variants differ only in the way they are activated: The first variant displays one button that contains the text "Start" and it is activated when you click the button. Writeup By: Atli Gudmundsson Summary| Technical Details| Removal Search Threats Search by nameExample: [email protected] INFORMATION FOR: Enterprise Small Business Consumer (Norton) Partners OUR OFFERINGS: Products Products A-Z Services Solutions CONNECT WITH If the Trojan has been activated, you should either contact a computer professional for assistance or consider reinstalling Windows. check over here

La Máquina Virtual Java, es el componente que permite la ejecución de aplicaciones Java, y a la vez, los controla, para impedir que ejecuten acciones no deseadas. The Trend tool if there has been a delay. Unlike a worm, which will often use an e-mail application to resend itself to other potential victims, Trojan.Offensive isn't likely to be able to spread itself because it locks systems up Peligroso troyano en páginas HTML 13/dic/00 - Cómo ejecutar F-PROT en un disquete (actualizado) Fuente: Symantec AntiVirus Research Center (SARC) (c) Video Soft - http://www.videosoft.net.uy Copyright 1996-2001 Video Soft BBS

JS/Offensive is a trojan that uses malicious JavaScript code inside HTML files. The combination of an attack tool, called an exploit, and a Trojan horse is likely to become more common, as will the combination of exploits and worms, of which Code Red Advertisement Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Home Forums Forums Quick Links Search Forums Recent Posts Members Members Quick Links Microsoft publicó hace un tiempo (octubre de 2000) un parche para acabar con dicha vulnerabilidad, que afecta a todos los usuarios de Windows 95, 98, 98 Segunda Edición, Me, NT y

Technical Details When executed, the trojan creates the following registry keys: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ RestrictRun NoChangeStartMenu NoClose NoDrives NoDriveTypeAutoRun NoFavoritesMenu NoFileMenu NoFind NoFolderOptions NoInternetIcon NoRecentDocsMenu NoLogOff NoRun NoSetActiveDesktop NoSetFolders NoSetTaskbar NoWindowsUpdate Nodesktop NoViewContextMenu Join over 733,556 other people just like you! La acción del Offensive, dejará inutilizada la computadora, debiéndose reinstalar Windows. By Sam Costello (IDG) -- A new script that can severely limit user access to infected systems is spreading slowly worldwide, anti-virus companies said Friday.

menu (simply because this is a strong indication that trojan did not drop its payload). Tech Support Guy is completely free -- paid for by advertisers and donations. If this is not an option in your environment, the default extension list should be used. Log in or Sign up Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Computer problem?

También tener a mano la última versión de un antivirus de DOS, como F-PROT, es algo a considerar. Software used to break into user system and grant access to the user data or perform malicious actions. If a PC is infected by Trojan.Offensive, typical users should contact technical support staff immediately, Cupertino, Calif.-based Symantec said. TECHNOLOGY TOP STORIES: •Report: SUVs pose danger to cars •New telemarketer tool trumps TeleZapper •Terra Lycos logs $2.2B loss •AOL to offer song downloads •Microsoft seeks fiscal fountain of youth (More)

Definitions dated prior to August 22, 2001 detect this trojan as Trojan.Offensive Antivirus Protection Dates Initial Rapid Release version August 20, 2001 Latest Rapid Release version August 20, 2001 Initial Daily NETGATEInternet SecurityAntiSpyware & Firewall Suite. Main Menu Home Company Products Download Purchase Screenshots Usage Videos Privacy Policy Links Press Releases News Faq Site Map Contact Us Search Logos Partner Program You mentioned: "you should either contact a computer professional for assistance or consider reinstalling Windows" It looks very bad, but it's not as bad as it looks. Short URL to this thread: https://techguy.org/51684 Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account?

But they need to make clear that you are not going to be able to go to Start>Shutdown>Restart in MS-DOS Mode if you are infected. check my blog Stay logged in Sign up now! The Trojan horse, written in Javascript, presents a button that reads "Start" which, when clicked, activates the script. As the registry changes are extensive and most tools to revert these changes are disabled by the trojan, the simplest method to repair a crippled machine is to restore the registry

Indication of Infection Changes to registry entries, system errors, changes to IE start page, missing Icon links. CAUTION: If Norton AntiVirus detects a file as being infected with Trojan.JS.Offensive, you should delete it immediately. Get Expert Help McAfeeVirus Removal Service Connect to one of our Security Experts by phone. http://songstersoftware.com/general/trojan-trojan-kolweb-a.html Here are the instructions how to enable JavaScript in your web browser.

Share the knowledge on our free discussion forum. FortKnoxPersonal FirewallProtects PC from Hackers. The second variant does not display a button, and it will be activated as soon as you open the .html file.

Yes, my password is: Forgot your password?

JS/Offensive also makes a lot of registry entries with insulting words to Japanese people. Have your PC fixed remotely - while you watch! $89.95 Free Security Newsletter Sign Up for Security News and Special Offers: Indications of Infection: Risk Assessment: If you're not already familiar with forums, watch our Welcome Guide to get started. En ese caso, puede intentar ejecutar desde MS-DOS el F-PROT desde un par de disquetes (reiniciando su PC con disquetes creados previamente y protegidos contra escritura).

Two variants of this Trojan have been received by Symantec. You may also refer to the Knowledge Base on the F-Secure Community site for more information. The security vulnerability used by the trojan is known. http://songstersoftware.com/general/trojan-vundo-trojan-bho.html Unlike viruses, trojans do not self-replicate.

If the Trojan has been activated, you should either contact a computer professional for assistance or consider reinstalling Windows. A fix and further information is available from Microsoft: https://www.microsoft.com/technet/security/bulletin/MS00-075.asp Technical Details: Sami Rautiainen, F-Secure Corporation; August 2001 SUBMIT A SAMPLE Suspect a file or URL was wrongly detected? Are you looking for the solution to your computer problem? This site is completely free -- paid for by advertisers and donations.

The JavaScript code uses the Windows Script Host Shell Object ActiveX component and makes use of a Microsoft virtual machine vulnerability. You must get to the command prompt through the Boot Menu. Submit a sample to our Labs for analysis Submit Sample Give And Get Advice Give advice. Aliases Trojan.Offensive (NAV) Back to Top View Virus Characteristics Virus Characteristics Customizing the program file extension list using VirusScan 4.5 (and higher) may result in a lack of protection

etaf replied Mar 7, 2017 at 11:36 PM Playing guitar ekim68 replied Mar 7, 2017 at 11:32 PM Loading... La única posibilidad de reparar el registro, es hacerlo desde modo MS-DOS, cosa que resultaría muy engorrosa y consumiría mucho tiempo. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc. Do not open it.

Rollin' Rog, Aug 25, 2001 #5 Sponsor This thread has been Locked and is not open to further replies. Peligroso troyano en páginas HTML), se activa al pinchar sobre un botón con la leyenda START. Systems which have had the patch Microsoft released applied are not vulnerable, he said. Luckily for users, Symantec doesn't see wide distribution yet.

IDG.net INFOCENTER InfoWorld Main Page InfoWorld Test Center Subscribe to InfoWorld Newsletters Infoworld Opinions and Spotlights Related IDG.net Stories UK man charged with creating W32-Leave.wormCode Red II includes dangerous 'backdoor' Trojan'Offensive' http://www.symantec.com/avcenter/venc/data/trojan.js.offensive.html brianF, Aug 25, 2001 #1 Sponsor Bryan Joined: Jul 3, 1999 Messages: 11,943 Trend Micro has a registry fix that can be downloaded and run on the infected Removal Automatic action Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action. For Home For Business For Partners Labs Home News News From the Labs Incidents Calendar Tools & Beta Tools & Beta Flashback Removal Database Updates Rescue CD Router Checker iOS Check

Es usted nuestro visitante número desde el 12 de agosto de 1996 Trojan.JS.Offensive. Se ejecuta con solo ver una página VSantivirus No. 412 - Año 5 - Viernes 24 de agosto de 2001 Nombre: Trojan.JS.Offensive Alias: Trojan.Offensive Fecha: 20/ago/01 Una variante del Trojan.Offensive The site has since been taken offline, he said.