The "Win32.Agent.wj" worm has become more prominent over the last two weeks, says content security company MicroWorld.
The virus infects machines through USB devices, such as removable storage drives and MP3 players.
The bug creates an "autorun.inf" configuration file in the root folder of an infected device, which runs the virus code as soon as a device is connected to a computer, MicroWorld explains.
Also known as W32/USBToy-A, it creates a copy of itself in the systemnt.exe and mslogon.exe start-up folders on a computer. The worm hides by using the Windows "SetFileAttributes", the company says.
The executable Toy.exe is run each time an infected computer is started and typically displays Chinese text on the desktop, MicroWorld states.
Related stories:
Six detained for panda virus
MS warns of security flaws
Battle of the worms
Share