Has anyone encountered the W95.MTX virus?
I've seen 2 machines with the virus over the past week!
Printable View
Has anyone encountered the W95.MTX virus?
I've seen 2 machines with the virus over the past week!
I've seen it a few times - mostly late last year. You can grab the fix here
http://www.symantec.com/avcenter/ven....fix.tool.html
This was the most popular virus in my store last fall and still have the occasional machine come in infected with ot still. I have fixed at least 3 or 4 dozen systems with it. One system had over 1000 infected files and another took 29 hours for NAV2001 to repair all infected files. I would suggest that even after running the mtxfix tool you install Nav2000 or 2001 the update and do a fullscan in DOS. Usually a minumum of three files have to be replaced from your windows disks. Good idea to get the manual removal instructions from Symantec and print out a copy for future reference.
Got one in the workshop at the moment. After scanning and repairing all files with Norton AV 2001 there were 4 files that couldn't be repaired. I deleted these and restored the Windows files from the Win98 CD-ROM. But still when booting the system, I get Explorer caused an invalid page fault in module explorer.exe. I tried deleted explorer.exe and extracting again from the Win98 CD, but still the same thing.
I was wondering, does it make any difference if I extract the file from Win98SE or Win98 1st edition?
This has been our most popular virus over the last 3-4 months. Several customers had 500+ files infected.
As well as running the AV you will need to restore wsock32.dll from your windows CD.
CyberTech,
In your case, back up User Data & perform a "restore", or clean install of the Op Sys & all Apps. At a certain point, you're doing the customer a favor to give them a clean start.
I love this virus, it's always good for a 3-hour labor charge( $45 * 3). We see it at least 1-2 every month
yeah, the W95.MTX, W95.Bymer, and W95.Hybris are the best viruses ever this past 8 months. They're great, we get them all the time, all with their own neat little tricks.
Like the hybris virus goes to alt.viruses (something like that) sends all the (those who have been infected) their email addresses to this newsgroup, and downloads latest updates for itself. I think that virus is excellent, definately supreme thinking all that guys part (real pain in the a$$ to get rid of though, at least a 7 hour job sometimes..)
The bymer virus on the other hand, is a real pain in the butt too, sends itself through networks (and emails ... GOD BLESS OUTLOOK)... basically sends it self to any shared drive that has a drive letter, and like all great viruses, infects dlls..
and the worm w95.mtx virus... thats a real pain like the past 2... pretty much the same thing, just destroys winsock and half the dlls in windows... god i love viruses...
Everyone who is a techie and deal with 3 of these types of machines a week. GOD BLESS MICROSOFT (OUTLOOK) for keep us techies in business.
Just had one in yesterday! It really screwed up the system! Even after removal and restoring the damaged/missing files the machine still had problems. We finally had to do a system restore.
GLSmith
We just had a Gateway in here yesterday with this virus. We went through the removal steps from Symantec's site, restored the damaged files, fixed content advisor, repaired ie 5.5 and voila. System done, works, out of here :)
MTX is the most popular virus in my area. Hybris is #2.
I had trouble installing a lady's firewire for her video camera, and decided to do a virus check.... 750 files infected with MTX!!!!!
The best way to clean it is to boot to a Startup Disk run a virus scanner from DOS. I like F-Prot.
On the 14th or 15th I had three customers call with this virus in the first 2 hrs of work, after talking to other tecs in building several had had calls on it, I was watching for alert for it, someone must have sent out a version that timed out or something on that day
We get mtx infected machines every week. The worst I saw was a computer that had 7 different viruses on it including mtx.
The most needed to get the system running is usually a surface install and/or registry repair after the virus scan/clean.
Well, I finally fixed the one I mentioned earlier. After cleaning or removing all infected files, and replacing them from the cab files, I was getting "Explorer caused an invalid page fault in module explorer.exe" on every boot.
According to the MS Knowledge Base Q175930 this problem can be cause by having the wrong version of shdocvw.dll. Each version of Internet Explorer requires a different version of this dll.
Anyway, I ended up installing Win98SE over the top of the existing Win98 (1st ed.). And this fixed the problem! :cool:
Well, I help admin a small exchange server, and sees the MTX at least once a week!
hybris seems to be the most popular around here, with mtx in 2nd.
Yep...seen it lots...easy to remove...
MTX and xtc not nice to have
OH MY 3 HOURS...MAN we just charge 45.00 Canadian for that fixQuote:
Originally posted by TechStar:
I love this virus, it's always good for a 3-hour labor charge( $45 * 3). We see it at least 1-2 every month