Troj Nanar
A new Trojan, called Troj/Narnar, has been reported by Sophos to be active in the wild.
This backdoor Trojan allegedly installs itself in the Windows system folder with the filename tskmngr.exe, and changes the registry in such a way that the Trojan is run every time Windows is restarted.
The Trojan contains a simplified IRC client which, on every subsequent restart of Windows, uses the computer's internet connection to announce itself on a specific IRC channel on irc.dal.net. This allows other people with theclient software to access infected users' computers.