Last night we saw this one: a file called Michael-www.google.com.exe. This file was distributed through a site called photos-google.com and possibly also through photo-msn.org, facebook-photo.net and orkut-images.com. Do not visit these sites.
When executed, Michael-www.google.com.exe drops files called reptile.exe and winudp.exe. These are IRC bots with backdoor capability. The file also shows this fake error message: We detect the dropper and the backdoors as Trojan.Win32.Buzus.bjyo.
From : F-Secure