W95.MTX Fix Tool

This tool repairs damage done by the W95.MTX virus. Due to the nature of this virus, some files will not be repairable. The unrepairable files will need to be restored from clean backup copies, or from the original distribution disks. Please click here for further instructions after running the tool.

How to obtain and use the W95.MTX Fix Tool

To use the tool, we recommend you download the fixmtx.exe file and save it in a new folder on the Windows Desktop (SARC suggests you name the folder fixmtx). After the file finishes downloading:

1. Close all programs, including your Web Browser.
2. Click Start, point to Programs, and then click MS-DOS Prompt. An MS-DOS window will open.
3. Change to the following location where you saved the fixmtx.exe tool by typing the following and pressing Enter:
   
   cd \windows\desktop\fixmtx
   
   
4. At the C:\windows\desktop\fixmtx> prompt, type the following and press Enter to scan ALL FILES ON THE INFECTED SYSTEM
   
   fixmtx c:\

What the tool does

After running W95.MTX Fix Tool, all Web sites previously blocked will be accessible.

The tool scans for and repairs (where possible) infected files. If an infected file cannot be repaired (because it has been corrupted), then a message will appear which says that. You will need to restore the damaged files from backup or from the original distribution disks. The worm files are deleted if they are found.

The tool repairs wsock32.dll by removing the virus code. If wsock32.dll is in use at that time, then a copy is made of wsock32.dll and this copy is repaired. Then a wininit.ini will be created and a request to reboot will be printed after scanning is complete. When the machine is rebooted, the wsock32.dll will be replaced with the clean copy.

To verify the digital signature of fixmtx.exe

To verify the digital signature of fixmtx.exe using chktrust.exe:

1. Download chktrust into the same directory where fixmtx.exe is located:
   
   chktrust.exe
   
   
2. Launch the MS-DOS prompt via the Start/Programs/MS DOS prompt menu.
3. Change to the directory where fixmtx.exe and chktrust.exe are stored. If the files were saved to the desktop folder the command to enter in the MS DOS prompt is:

   cd \windows\desktop
   

4. Type the following command to check the digital signature of fixmtx.exe:
   
   

   chktrust -i fixmtx.exe
   

5. If the digital signature is valid you will see a dialog asking the following question:
   
   "Do you want to install and run "FixMTX" signed on 10/17/2000 5:04PM and distributed by Symantec Corporation."
   
   
6. The date and time that are displayed in this dialog will be adjusted to your timezone if your computer is not set to the Pacific time zone. For example, if you live in the Eastern time zone the date and time you will see will be 10/17/2000 8:04PM.
7. You might also see the text message "Result:0" displayed following the command line. If you do, then the test is positive and the file is confirmed as being from Symantec.
8. If this dialog or text message do not appear or the date and time are not properly adjusted for your timezone do not use your copy of fixmtx.exe. It is not from Symantec.
9. If this dialog appears and the text is correct for your timezone this copy of fixmtx.exe is from Symantec.
10. Click the "Yes" button to dismiss the chktrust dialog.
11. Type exit and then press the enter key. This will terminate the MS DOS session.

Updated: October 23, 2000