W95.MTX by Mayur Kamat SignUp
Boloji.com

Channels

In Focus

 
Analysis
Cartoons
Education
Environment
Opinion
Photo Essays
 
 

Columns

 
A Bystander's Diary
Business
Random Thoughts
 
 

Our Heritage

 
Architecture
Astrology
Ayurveda
Buddhism
Cinema
Culture
Festivals
Hinduism
History
People
Places
Sikhism
Spirituality
 
 

Society & Lifestyle

 
Health
Parenting
Perspective
Recipes
Society
Teens
Women
 
 

Creative Writings

 
Book Reviews
Computing
Ghalib's Corner
Humor
Individuality
Literary Shelf
Love Letters
Memoirs
Quotes
Stories
Travelogues
Workshop
 
 
Computing Share This Page
W95.MTX
by Mayur Kamat Bookmark and Share


I was infected by a virus that made my life Hell for few days. Now you may laugh saying that you advise us on steps to protect ourselves against viruses and how in the world can you commit such a blunder. I again make a point, no one's perfect. And man always does and should learn from his own mistakes. And I do.

All said and done, lets move our focus to the virus. One of the best species you will ever come across (at least for the time being). What the name MTX means, I got no idea, but according to me it should be Most Terrifying Xtremity. I call it due to the shear versatility of the creature. It is not fair to call it a virus. Because it has three components: A worm, a virus and a backdoor. The virus is the component that infects all system files (exe and dll) on your hard disk. The worm helps the virus facilitate its spread. The backdoor contacts the virus website and downloads plug-ins and updates so as to avoid detection. Comprehensive, isn't it?

I am including the list of file names that you can receive as the infected file. This have been obtained from a reliable Anti-virus site. Sorry for the foul language.

README.TXT.pif
I_wanna_see_YOU.TXT.pif
MATRiX_Screen_Saver.SCR
LOVE_LETTER_FOR_YOU.TXT.pif
NEW_playboy_Screen_saver.SCR
BILL_GATES_PIECE.JPG.pif
TIAZINHA.JPG.pif
FEITICEIRA_NUA.JPG.pif
Geocities_Free_sites.TXT.pif
NEW_NAPSTER_site.TXT.pif
METALLICA_SONG.MP3.pif
ANTI_CIH.EXE
INTERNET_SECURITY_FORUM.DOC.pif
ALANIS_Screen_Saver.SCR
READER_DIGEST_LETTER.TXT.pif
WIN_$100_NOW.DOC.pif
IS_LINUX_GOOD_ENOUGH!.TXT.pif
QI_TEST.EXE
AVP_Updates.EXE
SEICHO-NO-IE.EXE
YOU_are_FAT!.TXT.pif
FREE_xxx_sites.TXT.pif
I_am_sorry.DOC.pif
Me_nude.AVI.pif
Sorry_about_yesterday.DOC.pif
Protect_your_credit.HTML.pif
JIMI_HMNDRIX.MP3.pif
HANSON.SCR
FUCKING_WITH_DOGS.SCR
MATRiX_2_is_OUT.SCR
zipped_files.EXE
BLINK_182.MP3.pif

Remember, these are not the only names. The virus is quite intelligent to create subject oriented names so as to fool many (I was, ha ha). Let me now list the virus components

  • Mtx_.exe: The Worm
  • Win32.dll: The Backdoor
  • IE_pack.exe: The  Virus

The virus component searches the computer for specific antivirus programs running. If the virus finds one, then the virus does not run. If the virus continues to run, it decompresses the worm component, drops a copy of it into the user's Windows folder, (typically C:Windows), and runs it.

What is special about the virus is the fact that it prevents the infected PC from accessing almost any antivirus site. So if you go to www.symantec.com, your browser will hang and will be closed down. This is what makes the virus very difficult to detect and repair because you don't know what to do.

There are still many aspects to this virus. Why I am writing about this virus and any other to follow because Bella Online won't be on the list of these viruses. So even on an infected PC, help is not far away. What is the solution, you may ask. Symantec has given step-by-step solution but that is not advisable. Reason is that it involves replacing core window files like kernel32.dll, explorer.exe, wsock32.dll, rundll32.dll, etc. After replacing, there is no guarantee that the system will work. Trust me, the best solution is hard disk format. Backup all important data onto another partition and format C: and re-install windows. May seem like hell of a job, but truly worth it. You may surely notice the increased performance of your PC and also that you have said a final bye to W95.MTX.   


Share This:
29-Jul-2001
More by :  Mayur Kamat
 
Views: 1901      Comments: 1

Comments on this Article

Comment Hi,
Nice one really intresting, but one question is that after restoring windows without scanning the data will the virus will affect the Pc any more.

Sufiyan Shaikh
12/14/2010 00:38 AM




Name *
Email ID
 (will not be published)
Comment
Characters
Verification Code*
Can't read? Reload
Please fill the above code for verification.
 
Top | Computing



 
 
 
 
 
 
 
2018 All Rights Reserved
 
No part of this Internet site may be reproduced without prior written permission of the copyright holder
.