We dont often post re trojans, script injections, viruses etc but there is a particularly nasty one about at the mo.

It is called: HEUR:Trojan-Downloader.Script.Generic

All you need to do to become infected is visit a web site with the infected code - chances are you will not know when you land on a site that has it, or that it is doing something in the background on your now infected PC.

The first thing you will notice is that your PC is running slowly.

Here's what happens:

- As you load an infected web page your browser is instructed to download a trojan from a site in Russia (Windows does not warn you of this).
- The trojan then reads config files for all FTP accounts where you have stored usernames and passwords
- The trojan then connects to each FTP in turn, and searches for all index.* files (.htm, .html, .php, .asp etc) and also .js files
- Using FTP it inserts the same infection code into all the above files and saves them back to the server, so they can now infect visitors to your website.

AVG does NOT currently detect this threat. The most reliable way to be notified that we have found is by using Kaspersky antivirus.

To find out if you have this trojan now you can download a free 30 day trial of Kaspersky from:

http://esd.element5.com/product.html?productid=300325141&nolselection=1

Once installed you should run the update wizard and scan your PC. Only after you have taken these steps, hould you stumble upon an infected web page Kaspersky will notify you and stop the threat.

To double check you are not infected we also suggest you browse your web sites for which you have stored FTP accounts on your machine. If you can successfully view the home pages then you are more than likely clean.