Re: Strange file I received

[Tomo Radovanovic <tomo () SOROS ORG BA>]

Aliases: W32/MTX

Infects: EXE files, Windows virus
Memory resident: Yes

This virus waits until the user sends an email message. It then sends a
second message to the same recipient with a copy of the virus attached. The
email has no subject or message text and the attachment can have one of 31
different names. It also monitors network traffic and will attempt to stop
any access to websites of anti-virus vendors and major ISPs and outgoing
email to those companies.

First reported in August 2000.

Recovery:

Perform a secure bootstrap from a clean system disk with the same version
of the operating system as the one installed on the hard disk.

At 11:20 AM 10/22/2000 -0400, Vince Vielhaber wrote:

> I received the attached file from someone immediately after receiving a
> note from them.  The only difference is I gzipped it so hopefully noone's
> mailer takes off and runs whatever it is.  Just looking at the text of it
> it looks to be another virus/trojan.  I don't recall seeing this filename
> on any of the lists either and this one came withoout a subject.
>
> Vince.
> --
> ==========================================================================
> Vince Vielhaber -- KA8CSH    email: vev () michvhf com    http://www.pop4.net
>  128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking
>         Online Campground Directory    http://www.camping-usa.com
>        Online Giftshop Superstore    http://www.cloudninegifts.com
> ==========================================================================