From: Eric Wilson <serw30@laf.cioe.com>
To: “Aaron Burnett” <Burnett@vmi.edu>
Message Hash: b4333e49e7633fac183010bcd7e4829742f89257c6199f7a60e440a397e76146
Message ID: <1.5.4.32.19961211135334.008962e0@gibson.cioe.com>
Reply To: N/A
UTC Datetime: 1996-12-11 13:56:37 UTC
Raw Date: Wed, 11 Dec 1996 05:56:37 -0800 (PST)
From: Eric Wilson <serw30@laf.cioe.com>
Date: Wed, 11 Dec 1996 05:56:37 -0800 (PST)
To: "Aaron Burnett" <Burnett@vmi.edu>
Subject: Re: Virus?
Message-ID: <1.5.4.32.19961211135334.008962e0@gibson.cioe.com>
MIME-Version: 1.0
Content-Type: text/plain
At 09:10 PM 12/10/96 EST, you wrote:
>Has anybody heard of the Monkey_B virus? If so what does it do exactly?
>Also does anybody know where I could find a downloadable Win95 upgrade
>upgrading Windows 3.x to Win95?
>
>
The Monkey virus ( I'm not sure what the "B" variant has altered ) is a
memory resident, stealth, boot infector that writes ( and encrypts!) the
partition table to side 0, cyl 0, sector 3 of your hard disk. It then
modifies your MBR to point to this location. When the virus is resident it
infects any floppy ( not write protected )that is accessed by the system. If
you need help with cleaning the Monkey from your system, try asking the
geniuses at alt.comp.virus for some help. Keep in mind they argue with each
other more than cypherpunks do! Here's a hint on cleanup, booting clean and
running Fdisk/mbr will remove the virus from your hard disk, but it WILL NOT
restore your partition table!
Eric
Return to December 1996
Return to “Eric Wilson <serw30@laf.cioe.com>”
1996-12-11 (Wed, 11 Dec 1996 05:56:37 -0800 (PST)) - Re: Virus? - Eric Wilson <serw30@laf.cioe.com>