It is a malicious HTML file that contains a script detected as VBS/Inor.AK.

Windows 2003/XP/2000/NT/ME/98/95

Phel.J is a malicious HTML file (web page) that contains a Visual Basic script that exploits the fact that the size of one of the parameters passed to the location function of the href tag is unchecked in order to create another file in the computer. That script is detected as VBS/Inor.AK.

Phel.J does not spread automatically by itself. It has been massively sent in an email message that deals with a supposed suicide attempt by Michael Jackson, which includes a link to the web page that contains Phel.J.

Phel.J is easy to recognize once it has affected the computer, as it displays the following messages on screen:

• When the user clicks on the link included in the email message, it opens a web page with the text:
  
  Sorry, the server is busy
  
• It causes an error in Internet Explorer:
  
  
  
• In order to trick users into thinking that an error has occurred in the connection to the Internet, it opens the Windows Help: