Thu, 28 Sep 2000 

                                            Matrix. 

This  worm is extremely prolific and spreads fast, which is why we issue  this message.

  Matrix consists of three components: A Win32 infector, an e-mail 
  worm, and a backdoor. An infection starts when attempting to open
  an attachment to e-mail, having one of the names listed below: 

  README.TXT.pif
  I_wanna_see_YOU.TXT.pif
  MATRiX_Screen_Saver.SCR
  LOVE_LETTER_FOR_YOU.TXT.pif
  NEW_playboy_Screen_saver.SCR
  BILL_GATES_PIECE.JPG.pif
  TIAZINHA.JPG.pif
  FEITICEIRA_NUA.JPG.pif
  Geocities_Free_sites.TXT.pif
  NEW_NAPSTER_site.TXT.pif
  METALLICA_SONG.MP3.pif
  ANTI_CIH.EXE
  INTERNET_SECURITY_FORUM.DOC.pif
  ALANIS_Screen_Saver.SCR
  READER_DIGEST_LETTER.TXT.pif
  WIN_$100_NOW.DOC.pif
  IS_LINUX_GOOD_ENOUGH!.TXT.pif
  QI_TEST.EXE
  AVP_Updates.EXE
  SEICHO-NO-IE.EXE
  YOU_are_FAT!.TXT.pif
  FREE_xxx_sites.TXT.pif
  I_am_sorry.DOC.pif
  Me_nude.AVI.pif
  Sorry_about_yesterday.DOC.pif
  Protect_your_credit.HTML.pif
  JIMI_HMNDRIX.MP3.pif
  HANSON.SCR
  FUCKING_WITH_DOGS.SCR
  MATRiX_2_is_OUT.SCR
  zipped_files.EXE
  BLINK_182.MP3.pif

  Normally, the PIF extension won't show, and the user could be misled
  by the apparently "innocent" file extension, and open the attachment.
  Which will start the infection, and installation of the worm and 
  backdoor.

  Matrix has no deliberate destructive payload. Yet its virus 
  component is highly prolific and difficult to remove, once it got 
  installed. Moreover, the backdoor that Matrix installs can be used 
  in rather dangerous ways. InVircible users, all builds since the 
  introduction of the Startup Apps Monitor, get warned of the 
  installation of Matrix. Unfortunately, this doesn't suffice to 
  prevent the virus component from infecting programs.