flightcpuboy's analysis of this virus: malwareup.org/v... huge thanks to flight for his work disassembling this virus and for making this video possible. and huge thanks to all of you for continuing to watch
Пікірлер: 294
@jackmiller56758 жыл бұрын
For those who are curious - after Aidstest it shows "А не пора ли г-ну Лозинскому на пенсию !" ("Is it not the time when mr. Lozinsky should retire?" - Lozinsky is a Dr. Web company director and an author of Aidstest antivirus)
@Diwenry5 жыл бұрын
Yup, that's right
@cameronbosch12134 жыл бұрын
diwan “It isn’t time for Mr. Lozinsky to retire!” is the text.
@mihaelkYeah5 жыл бұрын
This infects EXE files in such a way that they never run again. Looks like these executables are about to be _executed..._
@FlightCPUboy9 жыл бұрын
Thanks for getting the payloads to work on the standalone--it's a whole lot different than what you see on the VM! The screen shaking effect is very well rendered in 60 FPS and the other payloads are just as cool yet menacing. I think what helped the most during analyzing this virus is recognizing the difference between garbage instructions and meaningful instructions in the disassembly listing. iirc, more than half of the virus is occupied by garbage instructions especially trivial jumps and calls. Look for instructions that directly modify memory. From thereon you can just follow the virus's decryption algorithm (it was just a xor for the most part but it became complicated soon enough) and emulate that through a script. I think that this channel will definitely new reach heights. Keep it up Dan! The quality of your videos will improve. There may be a limited number of viruses but there is still a lot of content to cover on the old vx scene. The possibilities are endless. Congrats on 60k subs and good luck on getting a master's and finding a career!
@roxasthesquiddog5 жыл бұрын
Love the comment you made for the uploader, I appreciate that.
@Lunar_Capital9 жыл бұрын
That alarm payload kinda spooks me ;-;
@MayDay3869 жыл бұрын
Camo Yoshi yoshishy
@Lunar_Capital9 жыл бұрын
oh definitely if i was 6-9 i would be frozen in shock for a minute!
@MayDay3869 жыл бұрын
Camo Yoshi google this fluttershy lol
@CoryC3219 жыл бұрын
Даниил Геймер Or we could not. .I'd rather not.
@CoryC3219 жыл бұрын
Даниил Геймер What?
@GlitchyPSI8 жыл бұрын
PRINT A RUSSIAN IN MUSHROOM LMFAO
@Underappreciatedclassics5 жыл бұрын
GlitchyPSI i died XD
@NigelMontezuma5 жыл бұрын
PRINT OUR A MESSAGE IN RUSSIAN
@user-xi2pv3pk2h4 жыл бұрын
Россия тут
@batorerdyniev98053 жыл бұрын
NИva
@notsu3 жыл бұрын
@@user-xi2pv3pk2h да
@nasurak1345 Жыл бұрын
Someone should make an indie horror game based off of having to navigate a DOS network and recognizing and destroying viruses by their bizarre and sinister behaviors before they drop their destructive payload and destroy what you were looking for, and probably also scare the crap out of you. The different ways some of these behave and stop you from using common disinfecting methods are interesting, and would make a fun and tense low budget puzzle/horror game.
@ChungusKhann12 күн бұрын
100% this needs to happen.
@Futuretitan48909 күн бұрын
Imma try to do that lol
@Etobio9 жыл бұрын
danooct1 "This should print out a Russian in mushroom." I make those same mistakes my friend
@grande19005 жыл бұрын
@@Etobio Is it safe?
@alfieclaborn44464 жыл бұрын
grande1900 yes
@CadrinTheWerecat9 жыл бұрын
I wonder if SS Rat managed to improve his English skills after all these years.
@StefanSreto9 жыл бұрын
danooct at 4am is better than sex
@DieNVA6 жыл бұрын
Being online on Discord, playing some music or some video games while listening to music or watching at 4am is much better than sex
@CWINDOWSsystem329 жыл бұрын
_"...a Russian in mushroom."_ ~Daniel White Trap House
@thebible13389 жыл бұрын
***** lol
@TorutheRedFox9 жыл бұрын
+CWINDOWSsystem32 BIGST LAWL EVUR M80
@InessaMaxinova7 жыл бұрын
"naivnij/наивный" (did I wrote it right?) means "foolish/naive" in russian. I speak polish, which is quite similar to russian.
@xyzzy-dv6te4 жыл бұрын
You wrote "naiwnyj" and I speak Polish too
@dydysh994 күн бұрын
Native speaker z rosyjskiego - masz rację:) наивный po rosyjsku też znaczy “naiwny” po polsku.
@2xsaiko9 жыл бұрын
-"thanks for 60,000 subscribers"- Thank *YOU* for making awesome videos! You deserve all the subs :D Everytime you post a new video, I watch it instantly when I see it
@Fyralism9 жыл бұрын
*"This should print out a russian in mushroom"* -Danooct1 or Daniel White 2015 I am crying laughing
@roxasthesquiddog5 жыл бұрын
That is this KZbinrs real name?
@roxasthesquiddog5 жыл бұрын
Danooct1 is Daniel white?
@TELEK1NET1C5 жыл бұрын
@@roxasthesquiddog yeah
@GabeofPlayStationLand9 жыл бұрын
WOW! Thanks for the long video, Dan! I am a fan of your videos and a Virtual Machine user (I'm a kid who installed DOS and Windows 3.1 for shiz and giggles). I am proud to be one of your 60,000 subscribers!
@Pyromaster_9 жыл бұрын
When I was about 15 I got a virus on my grandparents computer that look like the cyber police we're going to come and arrest me. Ever since then I've been afraid to do anything on the internet that I didn't know. That's why I love watching your virus videos, is so I know what's going on and I can look for a way to disable the virus. And you can imagine how I got the virus on it
@mclaine339 жыл бұрын
Wow that's fucking cool man! Congrats on the 60K subs! This is a very unique virus that really do fucked with the users a lot! Never seen one as crazy as this before with a few exceptions like CIH and a few worm videos... That's crazy man. Thanks once again!
@MayDay3869 жыл бұрын
Oh flutter.exe
@fuzzywuzzy45649 жыл бұрын
I love old viruses!! Theure so cool and the creative payloads have a creepy feel to them
@underintact1348 жыл бұрын
was there a metallica refrence to the song seek and destroy in that payload?
@mcj886 жыл бұрын
Heh, that was my thought too. ♪ SEARCHIIIIN', SEEK AND DESTROY! ♪
@wyzmith28409 жыл бұрын
"Hey Danooct1, what you doing?" "Ooohh ya know, just printing out a Russian in 'Mushin'."
@yunagamer9 жыл бұрын
You deserve every subscriber you have. Your awesone.
@Nikku42118 жыл бұрын
Some graphical payloads are impressive for DOS. Does this machine have VGA?
@nottucks2 жыл бұрын
5 years late, but yes, he is using VGA.
@fireflykoi18899 жыл бұрын
Congratulations on 60,000 subscribers! Road to 100,000!
@robertnussberger20285 жыл бұрын
I did not really know that dos viruses mess with the crt screens.
@SkyTheLeafeon Жыл бұрын
"This should print out a Russian in mushroom." -danooct1, 2015
@PVE1981 Жыл бұрын
I'm Russian and I hate mushrooms.
@SkyTheLeafeon Жыл бұрын
@@PVE1981 Well, I mean, there's nothing wrong with that. Lots of mushrooms are poisonous, if not deadly.
@FairPlay1377 жыл бұрын
Oh, by the way, the MalwareUp link is dead.
@avi8aviate5 жыл бұрын
Not sure how I'm going to print a Russian in mushroom.
@life_bricks8 ай бұрын
"This should print out a russian in mushroom" - danooct1, 2015
@TheCanadianToast7 жыл бұрын
5:25 Kind of reminds me of a jumpy VHS tape playing. Lol. :P
@team56th9 жыл бұрын
I wonder, does the second payload look the same on LCD monitors, or if it's different, how does it look?
@danooct19 жыл бұрын
team56th i might have to check that out, actually. I had a different CRT hooked up when i was doing initial tests and it just made the monitor blank out a lot (the shaking payload, that is, all the other stuff should be the same)
@chrispychickin9 жыл бұрын
danooct1 it looks like it might be messing with refresh rate, I remember seeing stuff like that on my old win98 pc when you set the refresh rate to a value that was too high for the monitor to handle
@GaminCow9 жыл бұрын
Been here since 20k and never disliked anything you uploaded Dan keep up the videos and thanks for many great videos!
@SpunkMcKullins9 жыл бұрын
Congrats on your degree, Dan.
@Tehstroyer8 жыл бұрын
So the computer is still "usable" during the shaking screen? Makes me wonder how would it look like when running an UI application, or even a game.
@FairPlay1377 жыл бұрын
Tehstroyer I'd imagine all text-based programs will flicker. Not sure about graphics-based, though.
@cameronbosch12132 жыл бұрын
@FairPlay137 I tried edit (in a VM), it crashed DOS. Like Dan said, running pretty much anything graphical crashes DOS.
@ShadowNinja4522 жыл бұрын
DOOM would be awfully trippy then
@Coburn648 жыл бұрын
Some of those captions that youtube auto-generates is amazing. Need to watch more of these viruses with them turned on.
@kritin60599 жыл бұрын
All the videos of viruses are AMAZING!
@5tronguy1609 жыл бұрын
At first I thought his camera was glitching when the screen shaking payload happened.
@jojos91259 жыл бұрын
I think your Chanel is very entertaining and cool, and you make me laugh. Congratulations on 60k!
@avi8aviate4 жыл бұрын
When in doubt, print out a Russian in mushroom.
@milkyfoks54957 жыл бұрын
5:26 This is why you should never do drugs kids!
@andresbravo2003 Жыл бұрын
The camera fov gives it a warp screen. Holy dell the SSR virus was just scared to me.
@titasbartaska82615 жыл бұрын
*"This Should Print Out A Russian In Mushroom"* -Danooct1 2015
@paytonkirschman48204 жыл бұрын
What happened to viruses that used to mess around with you like this? Now it is all,"GIVE ME ALL OF YOUR MONEY!".
@FairPlay1379 жыл бұрын
3:20 Y'know, people make mistakes sometimes... ...but what Danooct1 just said was...umm......I have no words for it.
@monkeymart9 жыл бұрын
Weird question: How do you remove the virus afterwords? Is it all the same computer when you run a DOS virus, or are there different ones?
@KFISHOWPIGS9 жыл бұрын
Congrats on 60,000!
@banditsuit9 жыл бұрын
>no videos from dan or rogue in a long time why live
@octane6139 жыл бұрын
neat. can you do some more modern viruses?
@Cyortonic9 жыл бұрын
Dan only does old viruses. If you want to see newer viruses, you should check out Rogueamp or Rougeamp 2
@FairPlay1379 жыл бұрын
Magic Turtle Tag team Here I go again... *Rogueamp *rogues
@FloofyLeFloofsta8 жыл бұрын
+MagicTurtle theres still people makeing viruses for fun.there just hard to find
@clementpoon1205 жыл бұрын
5:40 damn I feel dizzy
@actuallypauseless9 жыл бұрын
I want the alarm payload as a actual alarm for a antivirus or some sort of digital alarm with the screen shaking and glitched effect
@pswitch95539 жыл бұрын
The shaking thing looks like an old VHS tape.
@planetarycube59885 жыл бұрын
How nice, a destructive antivirus!
@AndrosynthNuclear9 жыл бұрын
So was the shaking actually a hardware induced effect, or just a graphics hack done in software?
@AureliusR Жыл бұрын
To me, it looks like software messing with the graphics card refresh rate/resolution, switching back and forth between two modes extremely quickly. This causes the monitor to briefly lose sync, causing all the weirdness with the text wrapping around, etc. I don't really think this kind of effect could be easily done just in software, let alone that smoothly and without completely locking the system up.
@FancyForeskin9 жыл бұрын
I thought you were shaking the camera at 5:26 good video man congrats on 60k
@ProfessorHeavy12 жыл бұрын
Probably worth mentioning that the link is no longer usable. Internet Archive has it there, though.
@VirusVox9 жыл бұрын
Also, congrats on 60k!
@pierolivera2699 жыл бұрын
Finally!!! I missed view some vintage viruses in action! :D
@ThrustSSC135 жыл бұрын
>>DON'T TOUCH THE KEYBOARD
@theEpicjosh3656 жыл бұрын
What would the shaking effect look like in a non-CRT screen?
@silentbloodyslayer984 жыл бұрын
I doubt it, modern displays turn off the picture for protection when there are fluctuations on the vertical/horizontal frequency
@jacquelineamelie54679 жыл бұрын
Wow, you're back!
@thecroatianbadger53989 жыл бұрын
not bad for such an old virus very complicated an quite devestading payload
@loki42959 жыл бұрын
Danoct I'm your newest subscriber
@superhacker359 жыл бұрын
grats on 60k subscribers
@Blackbird4659 жыл бұрын
Can you do another Windows virus? You haven't done one in forever.
@thebatesbuster75809 жыл бұрын
I agree ms dos viruses are cool but windows is the best
@aleppogameingreal9 ай бұрын
Russian in Mushroom goes hard
@HybridEdits9 жыл бұрын
Can you do a setup tour?
@OckGypsy Жыл бұрын
3:15 I for one sure would like to learn, mushroom.
@PopeCromwell9 жыл бұрын
Pope Cromwell pronounces a blessing upon your Masters, future career and uploads. Pope Cromwell knows you will succeed. Your Pope also adds that he is always pleased with these uploads.
@jacknetarchive9 жыл бұрын
Congrats danooct1!
@yumishindou57056 жыл бұрын
When I see SSR i think silent reading time in english class in high school
@thepirategamerboy129 жыл бұрын
Techno Soft, the creators of Thunderforce II and Herzog Zwei made this? lol
@VirusVox9 жыл бұрын
Man, this virus is really cool.
@DOSgamer129 жыл бұрын
1st payload: Okay? 2nd payload: Blueshark much? 3rd payload: Would be fitting for a creepypasta. 4th payload: Revenge? On what?
@Icesan40967 жыл бұрын
Probably Peter Norton.
@muffinV1363 жыл бұрын
That payload could hurt anyone's eyes
@joe5643389 жыл бұрын
Congrats on getting your master's
@dangezzz9 жыл бұрын
Will you ever make a vid on Virtumonde/Vundo?
@johnathanegbert927711 ай бұрын
I remember this from Destroy the Godmodder 0rigins.
@cambridgeport904 жыл бұрын
darn. As of right now, the link in the description is kinda broken.
@pingwinit86112 жыл бұрын
6 years late, but at 4:54, "Naivnij" means exactly "naive", just in Russian, I guess.
@PVE1981 Жыл бұрын
You're right.
@kit60419 жыл бұрын
That's a crazy virus there
@davidshulzy9 жыл бұрын
Do you use virtual machines for your videos? Just wondering.
@no-kw4gg8 жыл бұрын
some of them, yes. but for this one, no
@Lada3339 жыл бұрын
I might just be dumb af, or have misunderstood something, but why didnt we see the screen glitch payload at the last one?
@danooct19 жыл бұрын
Lada333 the machine hangs
@DarkSmoke109 жыл бұрын
danooct1 dancot please do you have a video of my doom virus i wana see it in action :(
@chryastosslapat9 жыл бұрын
DarkSmoke 10 lol dancot
@matthewbertrand41399 жыл бұрын
Because the fiftieth file was run after fifteen minutes, but before twenty-three (when the shaking payload starts).
@matthewbertrand41399 жыл бұрын
And even if he had sat and watched the "revenge" payload long enough for the shaking to have started, it couldn't have because the computer was hanged at the moment the "revenge" payload began.
@joshuaborges97099 жыл бұрын
dan you should make your own virus/trojan or what ever and show it off to us
@F22C19 жыл бұрын
OH DANNY BOY!
@labsupri66819 жыл бұрын
yay
@SRMsuperrandommoments9 жыл бұрын
This would scare the crap out of me if this happened to my pc.
@dena31935 жыл бұрын
Naivnij))
@maro_10599 жыл бұрын
I wonder if this virus was made by the same people who made bad rats. Also 60,000 K hype!
@maro_10599 жыл бұрын
FinnishGuy101 yep :D
@jleuthardt6 жыл бұрын
The alarm payload scared me
@JM20038 жыл бұрын
Turn captions on at 2:03
@lamie28826 жыл бұрын
"Same for AIDS test" Lol
@hippopotamus868 жыл бұрын
Can you explain how these DOS worms infected other machines? How did the first person get infected?
@ItsLeah438 жыл бұрын
I heard they were generally spread by people downloading things from others through FTP servers.
@asmcint8 жыл бұрын
That was one of many ways, often such things would also find their way onto a machine through an infected floppy disk.
@KylesDigitalLab7 жыл бұрын
Floppy disks
@ghostrecon4209 жыл бұрын
Wow that's a lot of detail on the forum post
@chickerinoradio66175 жыл бұрын
how would that screenshaking payload work on an LCD?
@CWINDOWSsystem329 жыл бұрын
I got a fucking Tai Lopez ad before this. I hope you're happy...
@mwwve5 жыл бұрын
Comments: 100% Print a russian in mushroom
@billman.9 жыл бұрын
You should make your own virus on a modern day computer.
@vimb17179 жыл бұрын
Thx
@NesstheEchidna9 жыл бұрын
Good luck on getting your Master's degree, and America's job market still fucking sucks (I'm trying to find a job myself and I only have a GED) but I hope you can find one too.
@LuxianYT7 жыл бұрын
How does he recover this physical computer after each time?
@floweyseed9 жыл бұрын
There was another antivirus ad on this video.Still an AVG ad!
@MKDSKairu7639 жыл бұрын
Dan, I can't find any more info about this virus anywhere else. Was it not well spread?