1. Greediest Trojan targeting banks. Last month the winner of this title was Trojan.Win32.Qhost.sx, which targeted the customers of 42 banks.
   
2. Greediest Trojan targeting payment systems. Trojan-Spy.Win32.Banker.bdn has its sights set on three payment systems at once.
   
3. Greediest Trojan targeting payment cards.The winner of this category in December was Trojan-Spy.Win32.Banbra.vf.
   
4. Stealthiest malicious program. Backdoor.Win32.Hupigon.rc is packed with 11 different packers, earning the title of December's stealthiest program.
   
5. Smallest malicious program. Trojan.BAT.KillFiles.gm took the lead in this category in the first month of winter - weighing in at all of just 12 bytes, it can nevertheless wipe the C: drive clean.
   
6. Largest malicious program. The largest malicious program in December wasn’t so large after all - Backdoor.Win32.Bifrose.adr weighs in at just 85MB, which is noticeably smaller than previous winners of this category.
   
7. Most malicious program. December’s most malicious program, Backdoor.Win32.Hupigon.vqe, deletes security software from memory, the hard drive and the registry.
   
8. Most common malicious program in mail traffic. Once again, old-timer Email-Worm.Win32.Netsky.q wins this category, making up a hefty 20.03% of all malicious code in mail traffic in December.
   
9. Most common Trojan family. Backdoor.Win32.Rbot took this title last month with 673 modifications.
   
10. Most common virus/worm family. Another repeat offender, Email-Worm.Win32.Zhelatin has made its way back to the top, winning this title in December with 69 new modifications.

Yesterday I looked into a case where somebody had gotten a nice Christmas present - a new MP3 player. However this MP3 player contained a bit more than the person asked for. The device was infected with Worm.Win32.Fujack.aa. All the evidence clearly indicates the device was infected before the user opened the gift.

This is unpleasant, but infected removable storage media is nothing new. There was the case of infected Maxtor drives and Aleks recently blogged about his purchase of an infected Kingston flash card.

Of course, we've contacted the company concerned. They told us they were aware that a few months ago there was a partially infected batch of these MP3 players, and that they'd taken steps to fix the problem. It was only this particular model – the Victory LT-200 that was affected.

I've noticed there seems to be a lack of clarity about how Windows behaves with USB media, so this seems like a good opportunity to clear up a few points.