The Magistr.B virus arrives as an e-mail message and is contained in an executable file titled "readme.exe." Although it does not appear to have spread as widely as its predecessor, virus watchers say it could cause more damage to those who are infected.
The original Magistr.A worm remains active, with British e-mail screening service MessageLabs detecting 93,000 cases since March 14.
Security companies say there is no reason the United States should not see Magistr.B infections, raising the possibility that an outbreak could still occur there.
"I can't understand why (Magistr.B) is not going to the U.S. We can never tell where such a virus is going to go, as the world has no boundaries with an e-mail-borne worm," said Peter Cooper, U.K. support manager at antivirus software company Sophos.
Magistr.B spreads via e-mail. It generates random subject lines and body texts, and attaches itself as a random file with a .bat, .bif, .exe, .pif or.com extension. Unlike the typical mass-mailing virus, the new variant can pull addresses from the files of several e-mail programs, including Outlook, Outlook Express, Eudora, Netscape Messenger and some Web-based e-mail programs.
The trend in e-mail viruses is growing steadily due to the ease with which modified versions of existing worms can be created. "People who receive one may decide to tweak it for their own deviance and call it their own," Cooper said.
Virus experts suspect that Magistr.B was not created by the same author as the original Magistr. Cooper speculated that the sequel may have originated from the United States but was sent to Europe as a diversion tactic.
Like the original worm, Magistr.B overwrites hard drives and erases system information stored by the BIOS (basic input/output system) chip, rendering the computer unusable. It adds the ability to infect Eudora address books and to disable ZoneAlarm personal firewall software before connecting to the Internet.
Staff writer Wendy McAuliffe reported from London.