Offensive Trojan horse trashes PCs

A Trojan horse dubbed "Offensive" does much more damage than just leaving lewd messages in the Windows registry, and can arrive as an innocent-looking Web page link
Written by Robert Vamosi, Contributor

A Trojan horse that uses ActiveX is lurking on the Internet. Trojan horse Offensive, so named because it makes offensive references within the Windows registry, could arrive via email as a link to a Web page ending in .html.

When opened, the Web page will display a button that says "Start". If pressed, Offensive will severely damage your Windows operating system: no icons will be visible on the desktop, no programs will execute, you will not be able to shut down Windows, and you will not be able to work around these effects in the Safe Mode either.

According to Symantec, if you have been affected by Offensive, you should contact a computer professional.

According to Symantec AntiVirus Research Center (SARC), changes are made to the Windows system registry when Offensive is executed.

In order to restore the registry settings changed by Trojan.Offensive, you must edit the registry from a command line at a DOS prompt (which is not advised), restore the registry from a backup, or reload Windows.

At the time of writing, only a few antivirus companies have updated their signature files to include Offensive. You can limit your chances of exposure to Offensive by disabling or selectively accepting ActiveX components when visiting untrusted Web sites.

See the Net Crime News Section for the latest on hacking, fraud, viruses and related issues.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.

Editorial standards