I have posted this blog in order to outline a recent Q&A session that provides more information about my previous blog regarding a new virus affecting the AMD64 platform.
Q. How does the virus function occur (infection, propagation, etc.)?
When an infected file is executed it functions normally; however, when the application wants to terminate (e.g., the user closes it), the virus code is then called. At that time, the virus will seek other files in the directory that contain the currently infected file and all subdirectories below it. Any Windows executable file, regardless of the file extension (i.e., not just .exe files), will be infected if it passes a strict set of criteria that the virus carries.
Q. Is it easily detected and, for that matter, avoided?
No, the detection is not...