fixing MTX virus infected computers

Les Schaffer godzilla at SPAMnetmeg.net
Tue Oct 31 17:58:01 MST 2000


So far several people have had their computers infected by this MTX
virus. They all were running Microsoft Outlook [Express] as far as i
know. Marxism list should now be immune to these bugs which spread via
propagation of email attachments.


Virus Information:
------------------

to repeat, this site will give you the details on the virus:

  http://www.viruslist.com/eng/viruslist.asp?id=4063&key=00001000130000100034

here you will find some instructions for cleaning your registry (for
pros) but you still need virus cleanup software as key system
components have been transmuted.

XDNet coverage on virus:

  http://www.zdnet.com/zdhelp/stories/main/0,5594,2630479-3,00.html


Virus Characteristcs:
---------------------

The virus has two significant characteristics for our purposes:

1.)  it causes an email follow-up to be sent automatically to anyone
you have already just emailed to -- in effect it sends twice, one your
message, and one the virus.

2.) it blocks your access to certain web sites which supply anti-virus
software programs. It does this via blocking specific names in a url,
like 'afee', which blocks you from McAfee's site, etc...

There are several other ways the virus affects your system. See the
topmost URL for details.



Virus Fixes:
------------

here is a site supposedly immune from the viral blocking of select IP
addresses, you can download trial software:

http://www.nod32.com/download_free.htm

[ for all i know these people wrote the damn virus and created its
unqiue characteristics so as to drive people towards their site, but
thats simply idle speculation ]

here are some directions for use:

  Nod32 is capable of removing the MTX worm and is not blocked by
  MTX's affects on your machine.  You should reboot to DOS mode and
  use the DOS version to remove the windows virus part, then you must
  use the windows version of nod32 to remove the backdoor part of this
  virus.  The banner below will take you there:

     [ http://www.nod32.com ]

you can, however, gain access to your prefered ant-virus suppliers
site if you enter in the dotted quad [numeric] version of the IP
address.

here is a link to a trial version of "AVP Platinum" software:

    ftp://216.122.120.248/pub/setupplt.exe

note the numbers for address, which prevent the URL from being
blocked. after you install, apprently you need to register the
software here:

    http://216.122.8.245/register.html

again the numeric URL prevents blocking.

directions for use:

   Below is a direct download link to AVP Platinum trial version on
   AVP's ftp site. Download this file, then register for an unlocking
   key, and run the setupplt.exe program to install AVP - it is fully
   capable of removing MTX from your system.

   ftp://216.122.120.248/pub/setupplt.exe

   This is the AVP website to register to use the trial software.
   Ensure that you provide an accurate email address, so that the
   unlocking key will be delivered to you by email.

   http://216.122.8.245/register.html


from ZDNet:

   http://www.zdnet.com/zdhelp/stories/main/0,5594,2644979,00.html


   October 25, 2000

   MTX is a complex and difficult virus to remove. MTX alters system
   files and on some systems these files cannot be repaired.  In some
   cases, after attempting to repair MTX, you will not be able to
   start Windows until you restore the needed system files from the
   original Windows installation CD.

   This document assumes that you are familiar with basic Windows and
   DOS procedures. If you are not, we suggest that you obtain the
   services of a qualified computer consultant.

   [snip]

For even more information, search www.google.com with keywords:

     MTX virus

for example:

     http://www.fireantivirus.com/MTX.htm

I have not used, nor will i ever use:
-------------------------------------

I have no experience with either of these anti-viral (AV) software
packages. if you can gain access somehow to some other AV site, give
it a try if you prefer and let me know what works.

les schaffer





More information about the Marxism mailing list