The file is actually a new virus called Virus.Win32.Grum.A, and security experts were still analyzing it Friday to see what it does. Sophos PLC said it can spread by e-mailing itself to contacts in a user's address book. The virus tampers with registry files to ensure it gets installed, and it tries to download additional files from the Internet, said Graham Cluley, a senior technology consultant for Sophos.
As late as this morning, there are still some A/V suites that do not pick up on this virus, so be cautious if you rely on them to do all your patrolling for you. The actual servers hosting the infected file are spread out around the world, making it trickier to track the server owners down and get them to clean up their machines. Non-Windows machines are not affected.