Sharing Security Developments, and Best Practices for corporate and home users
Please be careful with all EXE files in email or other sources. So far this new PE based virus is low-risk.
Snow.A - File infector virus impacts *.EXE files
http://vil.nai.com/vil/content/v_138727.htm
This detection is for a Win32 parasitic virus variant that infects Windows portable executable (PE) files.
W32/Snow.a bears the following characteristics:
1. infects PE executable files
2. infected files grow in length by about 243 kilobytes
3. drops and install WinPcap network drivers
4. drops and auto-starts a copy of itself
5. when an infected file is run, the virus searches for other files to infect on both local and network drives
6. flood network with spoofed arp packets (arp poisoning)