Named W95 Babylonia, the virus downloads its components from the Internet, in fact, it waits for the connection, once the virus is executed. Once connected, it downloads several files from an infamous but unknown virus-hosting web server based in Japan. This essentially means that the core of its trouble-making capability lies elsewhere and can be centrally controlled, updated and propagated.

In itself the virus does not do too much damage compared to a Melissa or such other viruses but the fact that it is 'updatable' means that the damage level could be very high and still unknown. The virus is apparently authored by a member of the '29A' virus writing group.

Its medium of propagation is mIRC, the application used for relay chat over the Internet.

When an infected user logs on to mIRC, it will automatically send the virus to everyone in the same chat room. The virus is sent as a Y2K bug fix and, when executed, the file infects other 32-bit '.exe' program files (mostly those that work directly on Windows 9x operating systems) and Windows help files.

Besides, the virus also modifies an infected system to display this message when booted:

Without your realising it, the virus also sends a mail to babylona_counter@hotmail.com to help it track infected computers. Complaints at Symantec's Antivirus Research Centre (SARC) indicate that it has been spreading fast. SARC has rated the risk factor of this virus as medium/high. Symantec has posted the virus definitions for this virus on its site, which can be downloaded manually or automatically downloaded through Norton Antivirus Live Update.

Of the four parts of the virus mentioned earlier, each has a specific function -- the first is the 'travelling infector'; the second modifies the virus to display a message on boot-up; the third turns the virus into a worm, and spreads over IRC, or Internet relay chat; and the fourth sends e-mail to babylonia_counter@hotmail.com.

Such division of labour among the parts makes it 'smart' and deadly. The first part, being small, can be easily transmitted while the others can be modified at the whims of the programmer -- even bypassing the anti-virus solutions put out.