GEN:SID 1:720
Message Virus - SnowWhite Trojan Incoming
Summary This event is generated when email is received from a Post Office Protocol (POP) server that may contain an attachment with the Snow White worm.
Impact Possible system compromise.  The worm can alter system files and registry key settings.
Detailed Information The Snow White worm, also known as Hybris, may contain text with a unique misspelling of "Suddlently".  This worm attempts to write to the wsock32.dll library.  It may also attempt to alter registry key settings.
Affected Systems Microsoft Win32 systems.
Attack Scenarios The worm is spread by e-mail and attempts to infect other hosts when a user opens the e-mail attachment.
Ease of Attack Simple
Corrective Action Make sure that the suspected infected host has the most current anti-virus software.  

Run a virus scan on the suspected infected host.
Additional References F-Secure:
http://www.f-secure.com/v-descs/hybris.shtml