Virus.DOS.OneHalf
Вставка
- Опубліковано 22 вер 2013
- So here's how the encryption breaks down:
The virus gains control at bootup and creates a random encryption key, which it stores in the master boot record (MBR). It then enumerates the size of the hard drive and selects the last two unencrypted cylinders on the disk, and encrypts them using the aforementioned key. It continues encrypting the last two unencrypted cylinders until it finally reaches the middle of the disk, when it outputs "Dis is one half." to the screen.
Now, the virus basically owns your hard drive. When data that resides in the encrypted cylinders is accessed, OneHalf takes control and decrypts it and then displays it to the user. However, if the virus is removed improperly (as shown in the video), the encryption key is lost and all data is permanently damaged beyond repair and must be recovered from backups.
/ rogueamp for more modern malware. - Розваги
![[柴犬ASMR]曼玉Manyu&小白Bai 毛发护理Spa asmr](http://i.ytimg.com/vi/0TsXQ7z2Dh4/mqdefault.jpg)
Old Viruses: *Let's be creative!*
New Viruses: *GIVE US YOUR MONEY OR DIE!*
Sadly, yes.
Imagine a virus where it would randomize which programs opened from what with exceptions to key programs like explorer.exe
You could open paint by trying to shut down
+Drekyl 1 danooct made a video on a very similar virus, its called meltingscreen
Cmon, let's be creative!
+The Odd Critic
Old UA-cam comments: let's be creative!
New UA-cam comments: LET'S MAKE THE SAME COMMENT THAT IS MADE IN EVERY SINGLE VIDEO IN THIS CHANNEL!
Fernie Canto I rarely ever see a comment that is similar to mine on this channel.
_PACKARD BELL =_
America grew up listening to our computers boot. It still does.
PACKARD BELL
I made a UA-cam channel mainly for TTS. It still is.
***** That has to be true.
***** DELL
We grew up making horrible computers. We still are.
Expert Troller From A Present Linking to the Exploding DELLs video.
+Expert Troller From A Present LJN = The AVGN rants about us. He still does.
There's something I love about this virus. It's like a race against time. Can you save your PC before it succumbs to complete destruction!?
*dis is one half....*
Where's the rest of the comment the New?
i didnt press any ky juast turnt off the computer
your pfp is from a game called tempo, for the 32x
I love the sound of the Packard Bell while booting!
GGGRRRRR GGRRRRnnnnnmmmmmm (GGGRRRmmm) BEEP
I betcha it's eletronic madness inside the machine while it's booting creating those sounds.
GGRRRR GGGRRR nmnmnmn BEEP BEEP
The funniest thing is the combinations are infinite (various bad boot sounds)
Me too XD
I love the parasitic nature of this one. It is the illness but also holds the only cure (the private key), so the host will leave it be even if it's vulnerable and conspicuous. You're totally right, nowadays these complex, delicate symbiotic relationships have died out with the primordial viruses and crappy adware has become the dominant species.
I really like it when you use cameras to record screens from old computers man, it gives your videos about old strange viruses a really cool atmosphere, makes the viruses seem more sinister and old school somehow.
Of course I enjoy your Virtual Machine videos too, but I find these type of recorded screen videos much more...atmospheric if that makes sense
Its cool to hear the hard drive
Agree. Love the keyboard too.
Newer Malware Sucks. It's all about money and stealing your information instead of trolling the user.
Nava Shield.
But yes, most new malware just steals your money and personal info.
@@avi8aviate it was made in 2010. that was 9 years ago
@@PaytonK999 Meh, it's much newer than DOS viruses.
@@avi8aviate Agreed.
And deleting your data. And that's the only thing that all viruses share, causing damage to your data.
the boot sound...... "GRRT GRRRT CH GRRT GRRT.........BLELELEEEEP -click-"
Seektest on floppy drives then POST beep then idk what that click is
+TwiLunar Gaming
the spin-up sound on one of the hard disks sounded almost as amazing. It's in a few videos.
PACKARD BELL=
America grew up listening to this noise of earrape. it still does
No boot sector on hard disk
BEEP BEEP BEEP
This is one of my favourites. I would totally keep that virus on my PC, it's like a pet virus, I would've been the most popular kid of my school back in the days.
I find it very interesting going back to the past and seeing how old malware/viruses worked, unlike now were they are no fun anymore they are just pure "Hey let's go fuck your shit up and then leave without any trace" At lest old viruses had the common manners to make themselves known and have a little fun with the user.
sloan boyce TECHNO!
Doge625 * Don't touch the keyboard. *
*Touches Keyboard*
Doge625 *still goes* TECHNO TECHNO TECHNO....
*Still Touches Keyboard*
No, This is patrick.
Is this the Krusty Krab?
NO, this is PATRICK!!
NOOO! THIS IS PATRICK!!!!!!! **slams phone** I am not a krusty krab.
is dis hell
Is dis one half?
No, dis is patrick.
GRRRRRNTT GRRRRRRRCHHH
BEEEEEP
Good old DOS...
Makes me remember dial up connection...
BURRR BEEEP BURR BEEEP BEDERP BEDERP BEDERP BUUUURRRRRRRRP
Bee woop! Bee woop!
more like GRRRRRR GRRRR GRRR GRRR BIBIBIBEEP DIS IS ONE HALF
Are we just making noise now?
Dis is one half. Sounds cool when you say it.
Derp is one half
This is one half
lol
But where is the other half? Dead :)
Dump of energy drinks XD
*GRRRNNN GRRRRnnnnn (MMM MMMmmrrr)*
_BEEEEEEP_
osht
I thinks it's more like "DRRR DRRR drrr drrr mmmmm belelepCLICK"
+Joey
Bet you'll especially like this one, because it has a TON of reboots.
***** Virus.DOS.Espacio.
'America grew up listening to our computers boot. It still does.' - Packard Bell 1989
Encrypting Viruses?
Hmmmm... I got this...
Call of Viruses: Encrypting Ransomware
Objective of the game: Go through the levels as fast as you can and defeat the boss(es) at the final level. Every 10-30 Minutes (Depending on difficulty of the level that is being encrypted) 1 level will be encrypted (In order). If a level is encrypted while you are in it, you'll have 10 more minutes to complete it, otherwise you'll die, and also if it get's encrypted, you'll be really confused of what's what, and you'll barely even know of what's the ground and what isn't the ground. When you have 2.5 minutes left (before level is encrypted and before you die), the timer will start flashing and give you a warning. You can no longer play on encrypted levels and to decrypt them, you'll have to beat the final boss(es). If you fail on a level, you'll respawn, but if it gets encrypted and you die, you'll have the option to continue (decrypt the level and try again with added 5 minutes, 10 minutes..; which depends on how many times you fail (you'll get 10 continues at the start of the game)) or restart the game. You can only save when you quit the game and also your save gets deleted at the start of a level so you can't cheat and come back...
I need more ideas...
And if you lose the game you will be forced to play Pac-Man while forcing you to pay "bitcoins" (10,000 points) to get back into the game and start over.
ahniandfriends123 Lol
if you dont pay the ransom then the game encrypts your nudes and itself then deletes itself.
and wipes ur hard drive xd.
And if you lose, your PC will reboot and the only thing it'll be able to do is display bestgore images
also make a extreme mode thats like a tower defence game if a virus reaches a file (the files importantance grows as it goes on) it actually deletes it theres stuff like avast,*protogent*,malwarebytes to protect protogent costs alot more then the others
Old virus authors: I wonder what can I do with virus coding?
New virus authors: *LETS MAKE MONEY*
Imagine the first thing the virus encrypted was itself.
Then you deleted it.
Would that fix the problem?
Nope; not unless you deleted it before the first reboot; if it encrypted itself it wouldn't have the key it uses to encrypt your DOS disk. ; if anything it would make the 'payload' of permanent encryption ; as the virus wont decrypt anything seeing as it broke itself
+Shade Leet uuhhhh... okaaay...?
No, its infected the MBR and you would still lose some files. Also, the average user would not know till the payload shows.
Time for my monthly re-watch
Cool Scouts rewatch danoocts videos every month.
Great one, I find your videos absolutely mesmerizing. It might be your mastery of all the operating systems, or basically the sentiment for old MS-DOS and Windows 95, but I enjoy every vid of yours. Keep it up!
I remember you first showing off this DOS virus, it has always actually intrigued me in a way as too how the encryption goes down. Glad to see you put it in the description.
I LOVE watching your videos. You are the only person on UA-cam that I trust when it comes to showing us a computer virus. Plus, this is why my dad and I will strictly use Linux if possibke. Unfortunately he has to use Windows 7 for his job though, but once he gets a new job he will be back to Linux man!!!! There are about 30 Linux viruses though, so, I guess you never know! Still a HUGE fan!!!
I like how the automatic captions actually said "dis is 1/2"
Lol
5:29.5 is the best part.
It says "Dis is one half," when the first half of the video ends.
I really liked this video. Sure, it wasn't as visually stimulating as some DOS viruses, but it was still interesting and destructive. You did a great job explaining the encryption payload and showing what would happen if OneHalf is removed incorrectly. Thanks for the video!
This is actually one of my favorites. This is the video that made me sub to you back whenever and get interested in DOS viruses and viruses in general.
My favourite was the Implant virus. Really complex, as this one.
This is madness!
No...dis...is...ONEHALF!
Press any key to continue...
+Ry 00001 WASD
waterlubber *Seinfeld plays*
Dis is Sparta!
(kick out of HDD)
Crap, my sister saw the Dis is one half once on her PC.
I feel bad
F
You know a danooct1 video is gonna be lit when it lasts 10+ minutes🔥🔥🔥💯🔥
Very Nice, one of the most interesting videos you have done, loved the technical aspect.
Dis is one half...
of the 2 part video.
(laugh track)
Created By
Daniel White
+MidiMaze178 two years later...
_seinfeld theme plays_
ba dum tss
**navashield laugh**
So OneHalf is basically saying..
"If I go down, I'm taking all of you with me!"
Было дело, давно.
У меня 386 был в каком то году, поймал этот вирус, тогда всякое покупали в Митино на дискетках.
Интернета не было, был BBS , точно не помню год.
Потом побежал в Диалог-Науку купил на дискете антивирус: Drweb, Aidstets, Adinf, Adinf cure modul.
Да, были времена, народ был проще, деревья выше, небо голубее...
эх.
I enjoyed this video immensely! I prefer the more technical videos because I find the explanations interesting. I hope you make more videos similar to these!
"modern malware doesnt really get into your face". I disagree with only two words for a counter argument; Nava Shield.
I no longer class Nava Shield as a type of malware, it is more of a nightmare.
Lol, i remember making little malware scripts with batch and notepad, i got like 3 of my teachers computers infected (Don't do it, you will get suspended) Moral of the story, viruses are easier than most people think to make.
*****
*****
I was attempting to get your attention to my last post, before i tagged you
Lol, i don't make scripts for profit i just do it to piss people off. *****
I love the noise after the Packard Bell logo disappears
The command interpreter usually doesn't hang the system. In fact, it kinda actually lets DOS run.
At least this one is OneHalf, your most favorite DOS Virus that might happen.
Now what's left is someone to make a floppy disk seek test remix...
How were viruses even spread before the internet? Did virus writers just leave infected floppys in public places, or was there some other method to it?
Friends give floppies to friends.
They give the floppies to their friends.
Basically,DOS viruses are AIDS.
***** So basicly, DOS FTV: Floppily Transmitted Virus.
Jakob Hoisington Fucking kek
Vote For Doge
top kek m80
They used floppys, it infects more floppys, and so on and so fourth but now with a tool i like to call the internet it makes it alot easier to spread, also peoples lack of information about computers and how malware works also helps them get around.
Love the sound of the Packard Bell when booting.
According to 'The Virus Encyclopedia' the payload message is also displayed on the "...4th, 8th, 10th, 14th, 18th, 20th, 24th, 28th and 30th of any month...". It also contains the string "Did you leave the room?".
It’s an interesting idea, it’s like ransomware, encrypting the whole drive. But instead of demanding money, it forces the malware to always be running on the system, which could allow things like adware, spyware, and botnets to be very difficult to remove
I am getting a kick out of watching this. I was obsessed with malware in college for some reason, particularly studying available info on the older '90's malware, though I have never seen it run in a live environment; I was only four in '93, so if my parents ever got any of these viruses, I doubt they'd have mentioned it to me that young. How you were able to obtain these sorts of stuff in this day and age, though, I'd love to know. Amazing finds.
I love retro virus, om one who is glad you dont do new stuff.
Did you notice at 9:06 it looks like that corrupted "command" says "EVil"?
CeeVil
Oh yes lol
But i think thats randomized
*opens config.sys*
WHOA... I don't think that's... a... valid command...
I wonder how many people actually got the OneHalf virus when it was isolated back in '94, and how long it lasted on devices afterwards, because chances are great that the virus probably survived on a lot of devices, particularly if people were unaware of the tools created to take care of it from venders like FSecure, as @danooct1 demonstrates in another video.
I love your videos, wish you could make more of them these days
6:57 ****Elgar's Nimrod plays as Dan expounds the virtues of old viruses.****
i'll make a followup video on this soon.
danooct1 first
nice man
I remember after a few times my PC got infected with OneHalf, I found out by looking at my HDD light if it flashes two times right before DOS boots it means you got OneHalf and if it flashes once it means it's OK.
Good old days
I find it fascinating that the evolution of viruses matches how our society has changed. Before people could afford to express themselves so they did it just for the technical thrill; now it's all about making as much money as possible.
6:21 I was laughing when I heard that sound of the floppy drive!
these where some of my fav viruses to work with feels good to see these beauty on display in a time were viruses ect were art
the father of cryptolocker
I like ur google chrome pic!
Windows 98 sure did have alot of deadly viruses.
Does it keep going after it reaches one half? Or does it stop there?
Also awesome video, as always. :)
Call of Viruses: Transmitter
Plot: A scientist working for a hacker has created a transmitter that turns viruses into real viruses and transmits them into the body, it can cause Virus.DOS.Hypnotize to Virus.DOS.Espacio
MrFunjeremy oh god
i have been watching ur videos since i was 13, thats 4 years ago
and today rewatching or watch some that i havent done
and i still wondering, what keyboard are u using is that? Is that mechanical or something?
Viruses in the 1980s-2000s:I’m going to &#€@ up your disk!
Viruses today:Say goodbye to your money!
I like older malware for that precise reason.
I do enjoy these more clever viruses. Of course everyone loves the graphical craziness but learning how these things were programmed back in the less-secure old days is fascinating. It's the viruses that are simple and just print text that aren't worth spending time over.
It's not doing anything though, why wouldn't you just leave it on the system? :)
I was thinking the same thing. I guess the reason is, as oddly Edward Snowden put in an interview with John Oliver,
[The Virus] “[has] a gun pointed at your head, but [it’s] not going to pull the trigger.”
Even if OneHalf never pulls the trigger, it’s a bad idea to make yourself vulnerable like that regardless.
your explanation clicked w me instantly fantastic job bro
I guess OneHalf could be a sort of ransomware, where it keeps your files as long as you don't delete OneHalf.
Yes, it would be kinda similar to a ransomware, in that, especially to Petya.
I have one question, is the scrambled string of characters the encryption key? It's run/displayed when the MSDOS boots up so I think that it might be the random key generated when the virus infects the system.
the part that i laughed at was when the MS-DOS disk made racket then you said that the MS-DOS disk was upset with you so i defindently liked the vid!!!!!!!!!!!!!!!!!!!!!!!!!!!!!:-)
Dis was one half - and this was awesome :) Thanks!
yeah absolutely... i enjoyed... the same with all's.. thank you very much !!!
Ahhh, gosh, I love the boot sound...
Me too
Bitlocker/Filevault/Encrypted LVM of MS-DOS days ;)
not a os first timer eh?
*BZZZ!*
"I guess the floppy drive is a little bit upset with me tonight."
I love your para-oblivious meta-commentary.
Nope i'm just here for the Packard Bell Floppy disc seek test
Danoct! He's back!
@danooct1 what if you reinstall the virus? Will it have the same decryption key and will it save your data or is it randomized?
Is there any reason you would want to remove it if infected?
Then keeping it isn't really that bad, is it? By the way, if it encrypts all of the files, does it say something else?
The beginning feels like I'm in an airplane and you're the pilot. Now I feel floaty.
"It doesn't do anything except steal your dad"
Our teacher talked about this virus in the class
It's interesting :D
Cool teacher.
My favourite virus. So different and interesting.
Soo... It doesn't hurt ya till you try to uninstall it?
So, what would happen if OneHalf landed on the last half of the hard drive?
I think I've had this virus. o.o
Do you know what encryption or encoding algorithm this virus uses? If it was DES and you lost the key you could recover it in seconds with modern hardware.
Packard Bell
Danooct1 is awesome for testing viruses. He still does.
Hey Danooct1, what camcorder do you use?
Would this be considered one of the first ransomwares?
So basically this virus predicted Thanos
"This floppy drive is a little upset tonight"
Very interesting stuff here....as per usual.
I love those floppy seek sounds
"Nothing's been added or deleted from it"
Then how did OneHalf get there?
Logan Darklock the virus is creative. look at the modern ones: except memz, they all try to make money
+Asriel Dreemurr memz4life
love your stuff, thanks dude
Such nostalgic sounds from that computer. VRRRR-VRRRR-BVBVBVBVBVBBVBVBVBVBVRRRRRRRRR
That's one loud as hell keyboard. I like it.
So, an early version of BitLocker?
What HDD is in thic PC?
Wow I remeber this virus was on my 486, there was a DOS tool to fix the files specially from this virus
I like how low-key it is. Its a super ominous.
This made me shit my pants more than slenderman at midnight.