From: Eric Wilson <serw30@laf.cioe.com>
Date: Wed, 11 Dec 1996 05:56:37 -0800 (PST)
To: "Aaron Burnett" <Burnett@vmi.edu>
Subject: Re: Virus?
Message-ID: <1.5.4.32.19961211135334.008962e0@gibson.cioe.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:10 PM 12/10/96 EST, you wrote:
>Has anybody heard of the Monkey_B virus?  If so what does it do exactly?  
>Also does anybody know where I could find a downloadable Win95 upgrade 
>upgrading Windows 3.x to Win95?
>
>

The Monkey virus ( I'm not sure what the "B" variant has altered ) is a
memory resident, stealth, boot infector that writes ( and encrypts!) the
partition table to side 0, cyl 0, sector 3 of your hard disk. It then
modifies your MBR to point to this location. When the virus is resident it
infects any floppy ( not write protected )that is accessed by the system. If
you need help with cleaning the Monkey from your system, try asking the
geniuses at alt.comp.virus for some help. Keep in mind they argue with each
other more than cypherpunks do! Here's a hint on cleanup, booting clean and
running Fdisk/mbr will remove the virus from your hard disk, but it WILL NOT
restore your partition table!

Eric