14 DAY TRIAL // We've heard about dangerous viruses which attempt to copy malicious files on removable drives and infect other computers once they are connected to them. But today's report might be something new able to cause serious headaches. According to security company Trend Micro, PE_MABEZAT.A-O is a new virus which attempts to copy itself on every new burned CD and obviously infect clean computers once inserted into the CD-Roms. The security vendor called the threat a "file infector" and added that it affects only Windows 98, ME, NT, 2000, XP and Server 2003. But what's more important is that PE_MABEZAT.A-O has a medium damage potential and a medium distribution potential.
"This file infector may be dropped by other malware or downloaded unknowingly by a user when visiting malicious Web sites. It searches for target files in specific folders and excrypts them. It then infects by prepending its code to the target host files," Trend Micro mentioned in the notification.
"It creates an AUTORUN.INF file in a specific folder on the affected system. As a result, CDs burned from the affected system are infected as well and will automatically infect other systems when the CD is inserted."
It seems like the threat can be easily identified by Salo.exe, an executable file which attempts to install into the system registry and run every time the computer is started. This way, the file infector can be sure that it detects every new burned CD and infect the data copied on it.
"It also drops a the file 1.TXT in the root directory. The said file contains information of what the file infector has done on the affected system such as the list of files that it has infected," Trend Micro continued.
Just like usual, it's recommended to keep your antivirus protection enabled and update the virus definitions to the latest release. If you want to install a new security application, choose one from the tools listed on Softpedia.