Discovery Date: 12/05/2003
Origin: Unknown
Length: 2,360 Bytes
Type: Trojan
SubType: VbScript
This threat is detected as VBS/BootConf. When the trojan script is executed, it will overwrite the existing HOSTS file in the windows directory and in the \drivers\etc\hosts directory found in the windows SYSTEM32 directory. The new information will redirect the following URLS, to a bogus IP address:
auto.search.msn.com
search.msn.com
msn.com
www.msn.com
http://vil.nai.com/vil/content/v_100865.htm

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic