MTX virus
Server name: MTX virus
Version: NA
Different versions: NA
Tested: Yes, on Windows 95 and Windows NT
Server size: 18K
Server files: Depends
Server icon: Depends
Infects: Windows 95/98/ME/NT/2000
Autoloads: Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Key: SystemBackup
Default port: NA
Can port be changed: No

Server Features

  • Download and run file
  • Infect windows executable files
  • Spread via email

 
Comments 
MTX virus has 3 separate programs: the virus, a worm, and a trojan. The virus installs the worm and the trojan. Then the virus infects Win 32 exe files in the directory in which it is ran, the windows temporary directory, and the windows directory. When infected you can not visit or email many anti virus web sites. The worm part of the MTX virus attempts to send duplicate copies of any email sent with the MTX virus as a attachment. The trojan part of the MTX virus auto loads through the registry. The trojan downloads a file and then runs it. This can result in further virus/trojan infections. Do note there is no manual removal and windows must be reinstalled after uninfecting. Here is a list of common names MTX virus uses:
README.TXT.pif
I_wanna_see_YOU.TXT.pif
MATRiX_Screen_Saver.SCR
LOVE_LETTER_FOR_YOU.TXT.pif
NEW_playboy_Screen_saver.SCR
BILL_GATES_PIECE.JPG.pif
TIAZINHA.JPG.pif
FEITICEIRA_NUA.JPG.pif
Geocities_Free_sites.TXT.pif
NEW_NAPSTER_site.TXT.pif
METALLICA_SONG.MP3.pif
ANTI_CIH.EXE
INTERNET_SECURITY_FORUM.DOC.pif
ALANIS_Screen_Saver.SCR
READER_DIGEST_LETTER.TXT.pif
WIN_$100_NOW.DOC.pif
IS_LINUX_GOOD_ENOUGH!.TXT.pif
QI_TEST.EXE
AVP_Updates.EXE
SEICHO-NO-IE.EXE
YOU_are_FAT!.TXT.pif
FREE_xxx_sites.TXT.pif
I_am_sorry.DOC.pif
Me_nude.AVI.pif
Sorry_about_yesterday.DOC.pif
Protect_your_credit.HTML.pif
JIMI_HMNDRIX.MP3.pif
HANSON.SCR
FUCKING_WITH_DOGS.SCR
MATRiX_2_is_OUT.SCR
zipped_files.EXE
BLINK_182.MP3.pif 

How To Remove 
Quick fix: clnmatrix.exe (self extracting exe) or here
Manual removal: none

 
Related 
Article: General removal info
Section: Test your knowledge, take our Trojan Quiz
Service: Trojan removal
Service: Tell a friend about this trojan
Service: Print this page
 
 
Copyright © 2000 and 2001, Dark Eclipse Software. All rights reserved. 
This page may not be redistributed or reproduced in any manner without specific written permission from Dark Eclipse Software. If permission to use this page is desired then contact Dark Eclipse Software. While we consider the content of this page to be accurate, we cannot guarantee either the accuracy or the appropriateness of any portion of the page, including our analysis and manual removal. 
Any actions taken by a reader in response to this or any other Dark Eclipse Software page are completely and solely their responsibility.