We got a few responses. Some were honest and said they clicked on one of those online "win a prize" or "go here because you are a winner". Others said they received a "wierd" e-mail and clicked on the link (which makes the most sense to me). Others lied and said that they didn't do anything.

So far we have seen several variations of this. Some point to NS1.AOL.COM and crash IE when you try to run media player within IE. This one is removed easily with SpyBot but there are a few other variations that point to other name servers and also add host file entries, etc.

Whatever this is, it is quite nasty. The virus link I posted, while not "hot off the press" seems to be at very least related to the new variations we have seen over the past few days.