20 WORM_TROJ_POLY_#THE EVIL'Z WAY

I would like talk you about a new virus : THE EVIL'Z WAY
It's a polymorph worm - trojan.

It intredious inside all executable or files lready infected
and can by the trojan_client sent like a web page or a
downloading file.

1st PART OF THE VIRUS (THE SETUP)

So, it's composed by an java applet wich install the worm and
trojan inside web and it run itself by the 80 port.
If the worm is into a web page.
but the worm can put inside another files like a .vbe .exe
or else. And can run by the user or a files wich used to.

2nd PART OF THE VIRUS (THE WORM)

It's a worm programmed with the source of PolyPedoWorm,
I Love You and SIRCAM !!!!
( it make working the third part -> the trojan
and other if the programmer wanted it )
The worm part can infect a LAN or a WAN since a very short
time. The second packet send contain the virus.
It composed by a files wich change every 15min
(it ask the computer for a lot of memory and slow )
the first file is an .js and the second an .vbs .

3rd PART OF THE VIRUS (THE TROJAN SERVER)

It's a regular trojan server. It can make a bridge or a link
with the attacker by the port wanted by the virus user.
( 80, 3080, 6588...)
The trojan has made with the source of Back Orifice 2000
and the source of Subseven 7.2.
It contain a auto-destruction function wich make run
a pentium hole which make over 100% of using the processor
and the disks ( it make them fire )
The auto-destruction can be programed just like the final
point. The intention of the virus user can be destroyed his victim.

PHANTOM 2K
watch the packet flow !


p.S : any antivirus exist against it , because it was made
by the source of a lot of virus already knew and
because it's a polymorph virus.
BUT FORTUNATLY - VIGUARD MIGHT BE CAN CLEAN IT ?