Howdy ! This is my first virus for windows. 
 
 Insane v.0.12

 Features:
- My first Win32 virus :) !
- Polymorphic.
- Antiheuristics and EPO. Also works as good antidebugging feature against
	beginners (means lammers).
- Double encrypted. First decryptor resides in first section of victim.
	Second one,before virus code.
- Selfpacking. Depends on victim, but sometimes compression could give
	3.5 to 1 result (LZSS scheme).
- Per-process residency
- Dosn't infect antiviruses (russian AVP'n'DrWeb only - filemask).
- Contains TCP backdoor
	Backdoor features
	1. System info.
		Return system version,username,number of disks,etc...
	2. Upload'n'Execute
		Upload and execute file. After execution file is deleted.
	3. Mass Download
		For example c:\windows\*.pwl
	4. Dir
		Directory listing
	5. Backdoor shutdown (till next infected file run).

	6. Ability to upload plugins.

- Infection not depends from attributes.
- Windows directory infection.
- Tested on Win95 OSR2,WinNT 4.0,Win2000,Win98 - completely workable.
- Two infection methods
	1. Standard "add section".
	2. Reloc residency (because it not used in PE Exe's. Possible it is not
		correct, but 100% works)
- Some ready plugins applied.
	- MessageBox	- remote message box.
	- Shutdowm	- remote shutdown
	- Gateway	- redirection of TCP connections.

Greetz:
Meza		-	For help in Win32. Big Thanks !
Hard Wisdom	-	For excelent PE file description.
u_dev		-	For rather working kernel'a search technique :)
Yanusz		-	For moral support :)
Duke		-	Hi !
SMT		-	For good examples
MandragoreFS	-	For rather good TCP/IP description. (good 4 dummies)
BumbleBee	-	For WinSock include file.
Imageneer	-	How are you ?
Z0MBiE		-	:P
ULTRAS		-	What about CD-ROM infector on asm ? :)

Deviator//HAZARD.

Virus very big ... You will find source code in "Binaries" folder.