Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!thunder.mcrcim.mcgill.edu!snorkelwacker.mit.edu!apple!julius.cs.uiuc.edu!zaphod.mps.ohio-state.edu!ub!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: CHESS@YKTVMV.BITNET (David.M.Chess)
Newsgroups: comp.virus
Subject: re: Johsi / Stoned2 (PC)
Message-ID: <0006.9101161910.AA06668@ubu.cert.sei.cmu.edu>
Date: 15 Jan 91 15:08:02 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 15
Approved: krvw@sei.cmu.edu

Jeffrey <3501P@NAVPGS.BITNET>:
> The virus was apparently picked up from someone who
> accessed a bulletin board and executed some code they had down-loaded.

That's not really very likely (unless what was downloaded was a
disk-image that the person then booted from); the Stoned and Joshi
viruses are both boot-sector infectors only.  You can only become
infected by either of them by booting from an infected diskette (or,
in theory, by running a program that "injects" them onto your disk; no
such program has ever been reported, though).  You might (f you
haven't already) scan all diskettes in the neighborhood that the
machine might have accidentally been booted from (even "non-system"
diskettes can be infected); you might find the source more accurately
that way (or you might not; source-tracing succeeds depressingly
rarely).  DC