VBS.Bootconf.B

VBS.Bootconf.B is a Trojan horse that modifies Internet Explorer settings, redirects Web sites such as Google, Yahoo and MSN to a different search page, and may pop up browser windows to a pornographic Web site.



VBS.Bootconf.B may be installed by another script, which downloads a page containing VBS.Bootconf.B, and saves it as a file named win.hta in the Fonts directory (e.g. %Windir%\Fonts). Symantec antivirus products detect the downloader page as Downloader.Trojan.

Protection

• Initial Rapid Release version February 11, 2004
• Latest Rapid Release version July 12, 2008 revision 018
• Initial Daily Certified version February 11, 2004
• Latest Daily Certified version July 12, 2008 revision 019
• Initial Weekly Certified release date February 11, 2004

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Low
• Number of Infections: 0 - 49
• Number of Sites: 0 - 2
• Geographical Distribution: Low
• Threat Containment: Easy
• Removal: Moderate

Damage

• Damage Level: Low

Distribution

• Distribution Level: Low