%%File: VIRS0488.TXT
%%Name/Aliases: Joshi, Happy Birthday Joshi, Yoshi?
%%Platform: PC/MS-DOS
%%Type: Boot sector., 
%%Disk Location: Hard disk partition table., Floppy disk boot sector.
%%Features: 
%%Damage: Infects Master BooT record
%%Size: 
%%See Also: 
%%Notes: A new variant seems to be able to intercept BIOS calls.  
Will infect a second physical hard drive if it is present.  FDISK/MBR 
will only clean up the first physical hard drive. 
on Jan 5 will ask you to type "happy birthday joshi" and only after you 
type it you can continue  maybe came from India
Virus exists in the partition table on HD, on Floppies it resides in the 
boot sector and on an additionally formatted tract (number 40 or 80, 
depending on diskette size)       

the next 3 paragraphs are from virus-l, v6-105:

"Before attempting any Joshi virus removal (or even detection!), you 
must make sure that there is no virus present in memory. For that 
purpose, you must COLD boot from an uninfected, write-protected system 
diskette. If you fail to do that, the virus can remain active in memory, 
and either stealth the fact that it is present on the disk, or re-infect 
the disk right after it has been disinfected, or both. 

Note  the word "cold" in the paragraph above. This means that you have 
to turn your computer off and then switch it on again - or press the 
Reset button, if your computer has one. Just pressing Alt-Ctrl-Del might 
not be sufficient with some viruses - and it isn't sufficient with 
Joshi.

The reason is that Joshi intercepts those keys and fakes a reboot, while 
in practice remaining active in memory. An experienced user will 
undoubtedly notice that on most kinds of computers (because the boot 
simulation is not perfect - it just cannot be), but many users will be 
fooled to believe that they have really rebooted their machine."