JS/Offiz trojan

:-*

Hi everyone.

I’ve had a little trouble with this one (JS/Offiz Trojan), although not because it deploys a destructive payload (because it doesn’t).
I thought it was quite funny when I looked at it and emailed the link to all my friends (It creates an explorer which dances around the screen and states ‘You are an idiot’ which can only be stopped by ending the task through Ctrl Alt Del). Avast! home edtion 4.1.319 (with the latest AV dat) didn’t identify it as a Trojan (or suspicious at all) but quite a few of my friends AV scanners did, and now they are not happy at me sending them a link which effectively downloaded a Trojan onto their computer!

My question is :

Why did Avast! Home edition 4.1 not pick this up as a virus. As far as I can make out, it is quite an old one. Here is McAfee’s description of it :

http://vil.nai.com/vil/content/v_99905.htm

Any ideas people?

Thanks.

:-*

The file type (like .exe .txt etc) may not be scanned because its not on the default extension list.
Also if you still need to clean your computer you can do so herehttp://housecall.trendmicro.com
trend may have a diffrent name than JS/offiz

:-*
Hiya MacLover2000

Thanks for the speedy reply. The Trojan downloads and executes Javascript on the recipients comp to work. Surely this would be scanned automatically wouldn’t it? as it would be an obvious way to dump a Trojan on a comp.
Fortunately the Trojan does not download a damaging payload but i’ll give your link a go anyway.

Thanks again.

I think javascript is on the list. Here is an idea get the link that downloads the trojan and send it to ALWIL so they can update their .DAT files to detect it

Will do. Thanks.

;D