I just got this one and hadn't seen it before. The JS/Zerolin virus came out on 8/11/04 and is distributed by the spammers. With this little guy, you get 3 for the price of one (or should I say expense of one?).


Here's what McAfee says on this one: "This detection covers encoded JavaScript that was spammed out to hundreds of thousands of email recipients.

The message spammed is designed to display a banner ad for hotsweetsingles.com. This malicious email includes an encoded script that loads an IFRAME with the content from a remote site. The remote page contains code to exploit an Object Data tag vulnerability in Internet Explorer (see: http://www.microsoft.com/technet/security/bulletin/MS03-040.mspx ). That exploit loads another page containing an encoded VBScript (detected as VBS/Inor ), which installs the BackDoor-CGT trojan (ss.exe) and the Proxy-Hino.dldr trojan (x.exe )."

If you get this puppy, your computer has been turned into a Zombie merely waiting to be awaken to use by the HardCore spammers. Computers infected with this nasty combination can be used to hide spammers (the victims will think it's you that are the spammer) or be used as a spammer machine. Basically, you've given the spammer the keys to your car and said "Go ahead and drive it!" . However, your insurance company (the ISP) will not insure you if there's an accident. Can you say "Where can I get a new ISP?"

If you're using IE (without current updates), you don't have a firewall program, or and updated anti-virus program, you are a sitting duck for this one!