I feel like there should be a category of virus called "prankware" and tbh, I'm far more impressed by this than by boring file deletes or robbery attempts. I see it as a sign of skill from the hacker who wrote it.
I tried to use my polski superpower to read more about this virus (and possibly someone's claim of the authorship), but MouseMX appears to be mostly associated with Logitech mice these days. I only found some angry Czech or Slovak discussing his predicament in 2004. Anyway, in order to reverse this issue, I would find all instances of the virus (based on size or contents) and replace them with files of the same name from the hidden directory. As you have discovered, there is no risk of having any stashed file overwritten. A vba script could fix it. I admire the author for taking every precaution to make it a non-destructive virus. Greetings from Poland, albeit far from Tarnów.
Bro, either it's your voice or the overall atmosphere, but I frickin' love falling asleep to your videos, they're soo calming! Stay safe and keep uploading, best youtuber of all times!
danooct1 said "20-30 years ago". Well, 20 years ago, it was Windows XP. 30 years ago, it was Windows 3.1 and DOS 6.2/6.22. Crazy how fast PC technology evolved between 1990's and 2000's, but gradually slowed down in the later years.
@@noxxyybecause they are. Michael Crichton once said very smart words - that computers are fun and some people will do their very best to make sure they won't be fun anymore.
@@balukrol indeed, and in the case of computers, in a quite silly way, because computers, at their core, are made for sharing and processing information. you can't exactly take that out of them, yet companies try anyways, because they'll do anything to not admit that data was meant to be shared freely
Perfect timing, I was binge watching your older video again. Once more, thank you for indirectly developing my interest in technology as a whole. Being able to actually understand what these viruses do as a younger adult is just as awesome as it is worrying.
user downloads me -> I am cheesed to meet them -> they are unable to unscramble the myriad of files I have moved around -> cycle repeats always nice to see ya in my sub box, no matter how long it's been. hope you're doin well
Reminded me of the hidden pieces of cheese in Perfect Dark, and also Sheogorath spawning 8,000 cheese wheels and crashing the game. CHEESE! CHEESE FOR EVERYONE! *crash*
I remember reading about this virus on a GameFAQs message board around 2004-2005. I was already somewhat savvy by then so I never dealt with such viruses.
I remember one of the scariest viruses I encountered on Windows 98 was this scary virus that gives your computer a hard shut down with a loud sound at random times. I remember being scared from this virus when I was playing Star Wars Mysteries of the Sith and this hard shut down happened on the family's HP Pavilion that ran Windows 98 in the early 2000's. Wallace: Give me more cheese!
*That sounded scary!* Have you turned to virus articles to find it? PS: Wouldn't be surprised if Wallace's Polish cousin wrote this particular virus. 😁
The mention of remembering viruses but not knowing their names awakened a memory in my brain: for a while, my old XP/Vista computer (don't remember which os I was running on it at the time) went through a phase where, for whatever reason, it would randomly start playing the audio of a movie or TV show. Like it would just play the audio as if I had the video opened in another window, but even with all programs closed it kept playing. And once it started it would not stop unless I restarted the PC. Sometimes it took hours for this audio to pop up, sometimes five minutes after I booted the PC it would start. And just like it came, that weird virus/problem/whatever went away and I never figured out what that was all about lol
"You see, sometimes people have these vague ideas about viruses they saw 20/30 years ago" I remember a friend of mine telling me, way back in 5th grade, that his PC had caught a virus that made the screen melt. I thought he was joking, until I actually saw the MeltingScreen virus.
9:08 can't you just search the computer for where the one with a cheese icon is hanging out, similar to how you saw the gateway folder was cheesed out without knowing it had been?
I knew this thing was written in Poland the moment you mentioned that it uses names such as "Norton Antyvirus spelled with a y". "Antywirus" is the Polish word for an Antivirus, and "Antyvirus" is one of the used spelling variants of that word.
Hi Dan! I'm still looking for that old virus/malware I told you about privately on Twitter/X. I'll try to describe it here in the hope that someone will recognize it: it was a malware that once started would automatically set itself as a screensaver. In this screensaver there was a frog (in 3D) that would jump from right to left of the screen completely exiting it at the top and bottom. The animation was quite "weird" as it seemed to lose some FPS during the jumps. The jumps seemed to be calculated with a sin/cos algorithm (like the ones you see in demoscene). Once the animation was completed the computer would completely freeze (you need to reset it by pressing the button). This was around 2000-2001 and the computer in question was using Windows 98 or Millennium (I can't remember, I was about 9 years old). If anyone knows about this virus or has a sample, please send it to me so I can reverse engineer and document it. Thanks.
Man I wish people nowadays make more of these prank viruses instead of the ones that hold my pc hostage and demands a gorillion dollars for its release
I feel almost certain that this virus would've ended up with an IT worker getting a call with a problem description along the lines of "my whole computer is cheese" and getting very confused.
From the name cheeseMX, I thought it would make the pointer go weird. Like randomly moving it all over the screen. But no, it just cheesify's your program icons.
Love it Dan! You're one of the inspirations that drove me into cyber security. Thanks to your example, I was able to get a good job and support my wife through college. I owe you so much. Appreciate you - thanks for getting back into dropping vids!
Dan! Love your videos! Twice in the span of a month! This is awesome! Question though: I do adore that the style hasn't changed in 10 years, so it still has that good 2014 feel to it. Takes me back. However, with the camera dying, have you ever considered switching to a capture card to get away from the possible trouble of working with a camera? Not saying you should switch, just curious on what you think of it!
I believe only the battery failed here. He has a Panasonic GH8S camera, which isn't something ancient. He could easily source a new battery if need be. Moreover, he did state that he sought to capture the retro feel by recording the monitor. Otherwise, he could simply go back to using virtual machines, as he did in the past.
I did not get this as a youtube notification or in my recommended actually i do not recall how i found it but i did and put this in my watch later. Thank you
I had a virus at the computers at school which would replace files with shortcuts and hide the original file somewhere else. I don't remember if there was any payload
4:00 - A more serious example using with folder names happened with Katawa Shoujo if you downloaded the standalone version and 100% the game installing the Steam Version would overwrite your data leading to a Hotfix coming out a few hours after release
I'm sure you could restore the files manually by looking up all the lactose-based doppelgangers by sorting all executables by size/creation date. Then, restore with the appropriately named original! ... However, if you have multiple files with the same name (ie. setup.exe), you're screwed. The virus seems to blindly overwrite the files in its MX directory if something with the same name is copied there. It would've been fun to rename a bunch of Solitare executables as Space Cadet Pinball and see what happens. EDIT: Disregard the second paragraph, though I left it for posterity. Could become a cool trick where you tell your friends you can turn calculator into a game by renaming it.
Does it overwrite them? From what I could see in the vid, it seems to do the opposite. When 2 files have the same name, it can only infect one of them.
@Kourindouinc You're right! I played the Rover section at 0.25x speed to check and there are NO duplicates. So replacing the infected files should be a breeze! It's probably to fit with the theme of "I'm annoying but not a nuisance" Daniel spoke about in the video.