A new Downloader.Tibs variant is spreading today thanks to massive spamming. Infected emails contains about 130-140kB long attachment, usually with name happy2008.exe, which is trojan horse itself. There are also emails with links directing users to a malicious web pages. The files are already detected as Downloader.Tibs.

In last few days we`ve registered a larger amount of PE files infected by this virus. Win32/Mabezat is polymorphic file infector which infects PE files. More information could be found in our Virus Encyclopedia.

A new Trojan Downloader was spammed today. Trojan is attached in zip archive to emails in HTML format with subject "Hot game" and body text that claims some Angelina Jolie or Lara Croft undressing game. xgame.zip attachment contains xgame.exe (20992B) which drops executes and deletes kernel driver C:\WINDOWS\System32\drivers\runtime.sys and downloads another downloader smartdrv.exe. runtime.sys runs injects and hides Iexplore.exe process and downloads another components. xgame.exe is detected as Trojan Downloader.Agent.UZM, smartdrv.exe is detected as Trojan Downloader.Agent.UZN, runtime.sys is detected as Trojan Downloader.Agent.THW and other downloaded components are detected as several variants of Trojan Backdoor.Ntrootkit.

Next Stration downloader variant spreads by email in messages with randomly generated subject and body with two attachments. PDF attachment is harmless but EXE attachment which is 18708B long is downloader itself and AVG detects it as I-Worm/Stration. More information about Stration worm familly can be found in the Virus Encyclopedia.

Latest Stration downloader spreads by email in messages with randomly generated subject and body with one EXE and one PDF file attached. EXE file is 20992B in size and it`s downloader itself which is detected by AVG as I-Worm/Stration.FJA. The file downloader tryes to download is already detected as I-Worm/Stration. More information about Stration worm familly can be found in the Virus Encyclopedia.

A new Stration downloader was seeded during todays morning using mail messages where subject and body are variable and which contains two attachments, one with pdf extension and second with exe extension which is 4096B in size and it`s downloader itself. AVG detect this threat as Trojan horse Downloader.Generic6.PFM. Downloader tryes to download and install Stration to affect system, but Stration download link is no longer active. More information about Stration worm familly can be found in the Virus Encyclopedia.

There were several new variants of Virut parasitic infector discovered in last days. We've added detection routines for this threat in last program update 7.5.484 so please update your AVG. Win32/Virut is polymorphic file infector which infects PE files with .exe extension. More information could be found in our Virus Encyclopedia.

This worm spreads by e-mail as an attachment or as a hyperlink in ICQ message. On the infected computer virus harvests e-mail addresses or ICQ contacts to which it sends its copies. Virus can download and install other unwanted programs from the Internet. More information can be found in the Virus Encyclopedia.

There is a new breed of threat against a vulnerability known for over a year in Cursor and Icon Format Handling described in MS05-002. Microsoft fixed this vulnerability already but the fix wasn`t complete. Affected systems are Windows NT, 2000, XP, 2003 and Vista. AVG detects all known variants of this exploit as Exploit.ANI.

Trojan horses BackDoor.Generic3.GBB and BackDoor.Generic3.GBC are almost similar. Both of them exploiting MS Windows Server Service vulnerability described in Microsoft Security Bulletin MS06-040 for it`s spreading. More information can be found in the Virus Encyclopedia.