Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Windows XP users Phelled by new Trojan

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » DU Groups » Computers & Internet » Computer Help and Support Group Donate to DU
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-31-04 12:26 PM
Original message
Windows XP users Phelled by new Trojan
A new Trojan horse - named Phel - that punishes users of Microsoft Windows XP operating system is in the wild.

Security software firm Symantec has issued a bulletin warning Windows XP users to be on the look out for the program, which is distributed as an .html file. The malicious code can attack systems running XP Service Pack 2. The vuln was first found in October, and Microsoft is busy trying to catch up to it.

Register
Printer Friendly | Permalink |  | Top
Berserker Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-31-04 12:58 PM
Response to Original message
1. Another reason not to use IE
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1037337,00.html

The HTML help control exploit hat uses a number of different vulnerabilities to bypass Internet Explorer's local zone protections in order to run scripts on the host. This is the one exploited by Trojan.Phel-A.
"While waiting for a patch, we recommend upgrading to Windows XP SP2 and using a browser no one else is using," he added.
Printer Friendly | Permalink |  | Top
 
qnr Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-31-04 09:13 PM
Response to Reply #1
2. I'm curious, in one post it says it attacks SP2, and in another
it says to switch to SP2.

Just an idle thought, since I don't use Windows.
Printer Friendly | Permalink |  | Top
 
Eurobabe Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-31-04 10:24 PM
Response to Reply #1
4. phuck IE, I only use FF
Can't wait to switch to Linux and run VMWare in January, get rid of WinDoze OS.
Printer Friendly | Permalink |  | Top
 
Princess Turandot Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-31-04 09:46 PM
Response to Original message
3. Symantec has already updated their database for this..
if you use IE and are worried, use the Search function and search your C drive for *My.hta
Include the asterisk in the search.

Or if you like fiddling with the registry, look for:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

And see if

"uwyrl" = "%System%\uwyrl.exe"

is in the right pane. Delete it if it is.

Symantec says the distribution of the trojan is low and that all it appears to do is degrade your computer's performance.Here's their link:

http://securityresponse.symantec.com/avcenter/venc/data/trojan.phel.a.html
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view this author's profile Click to add this author to your buddy list Click to add this author to your Ignore list Thu Apr 18th 2024, 01:06 PM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » DU Groups » Computers & Internet » Computer Help and Support Group Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC