SPREADS USING E-MAIL ATTACHMENTS
Virus Name : Win32/MTX
Alias : I-Worm/MTX,
W32.MTX@mm, TROJ_MTX, PE_MTX
Virus type : Internet
worm, File Infector
level : Medium
is a complex encrypted worm spreads via email and
carries a virus to infect local machine files. It
is discovered in September 2000 and frequently
reported in the wild. When executed, the worm
patches WSOCK32.DLL to email automatically. When it detects an
Internet connection, it attempts to connect to a
web site hosted by a virus authoring group, and
if successful, it downloads additional components
to the host PC.
The system registry is
modified to load this at system startup
SystemBackup=%WinDir%\MTX_.EXE". The virus infects .EXE
and .DLL files in the current directory and temp
directory. Win32/MTX virus component uses EPO
( Entry Point Obscuring ) technology
to infect files. It makes the virus
disinfection procedures more complex. We
have incorporated perfect solution to Win32/MTX
virus in our Solo Anti-virus Kit.
MTX worm attachment name will be one of the
message body and subject line of the e-mail will
be empty. When the attachment is opened MTX worm
patches the WSOCK32.DLL and forced to use this
file on next startup using WININIT.INI. MTX
worm blocks access to several anti-virus sites
and also disables e-mails messages of several
anti-virus related domains.
worm code contains the following text strings
provide by [MATRiX] VX team:
Ultras, Mort, Nbk, LOrd DArk, Del_Armg0, Anaktos
All VX guy on #virus channel and Vecna
Visit us: www.coderz.net/matrix"
How can I protect my
Solo has incorporated Win32/MTX in its
signature file to protect users from this virus
attack. Solo antivirus registered users are
already protected from this virus. Make sure that
you have installed registered version of Solo
Antivirus to protect your system from all virus
to remove Win32/MTX virus?
can check the system manually. This worm creates
the file "IE_PACK.EXE",
"MTX_.EXE" in the windows folder. If
the files are present, your PC is infected with
you are already infected with this virus, you can
remove it from your computer using Solo Antivirus
software. Solo antivirus can detect and
remove Win32/MTX safely.
Use the following link to Download 30 day
trial version of Solo antivirus
remove viruses from your computer.
the virus, Solo recovers patched WSOCK32.DLL file
also. So Solo users need not search for
pure copy of WSOCK32.DLL file.
Solo anti-virus not only
scans for all viruses, it contains a unique System
Integrity Checker to protect you from
New Internet Worms, Backdoors and
malicious VB, Java Scripts. It also
effectively removes all existing Internet Worms,
File viruses, malicious VB, Java scripts,
Trojans, Backdoors, boot sector, partition table
and macro viruses.
purchase Solo antivirus using the link