Virus.Win32.Kaze

The virus corrupting itself actually makes it true to it's name :)

LogandiSFM

>video is 15 minutes long
>starts with dan immediately talking about how horribly the virus is written
it's gonna be one of those videos isn't it

SquimpusMcGrimpus

For anyone not aware, December 7th was the day that Japan attacked Pearl Harbor, which is the connection to the "kamikaze" part

Trillyana

What an uncharacteristically polite virus asking you for permission before attempting to do anything untoward.

michaelpalacios

The reason why the file explorer shows "KAMIKAZE" is because there's an HTML file in every system folder, including the root of the drive, that replaces all the UI inside the file explorer frame. Of course it got replaced with the word "KAMIKAZE".

SuperSmashDolls

I'm honestly shocked that Win98 restarted in the normal way. I'm fairly certain that the dialog calls some DLL routine with RUNDLL32 to initiate shutdown.

VectraQS

Brilliant, as always. You can start typing the executable name in a focused explorer window to get to it quicker. Takes way less than scrolling through the directory :)

Endermanch

I tried to write a file infector in C a few years ago. It could successfully infect some programs, but it only worked on Windows XP and crashed frequently. File infectors are hard to get right, apparently. At least malware failing can still be very entertaining.

Toxoidb

The feature of the virus corrupting itself is definitely making it true to it's name!

realausome

I like how at 10:51 you can already see the system font falling apart, it's quite subtle at first - it no longer showed some of uppercase characters in the window title bar!

icedream

this feels like a strange thing to mention, but that low humming background ambient noise in this is really calming.

caz

The CC messages are so sweet. Thank you for making these videos, they're very enjoyable!

Silver-Rexy

Seeing these back-to-back brings back a ton of nostalgia for how amazing Windows XP looked and felt after the 95/98/Me design

johnandmegh

Prime example at 11:50 of what happens if you kill both fontdrvhost.exe processes, you get nothing but icons and no text. Everything will go back to normal with a simple logout/login.

WickerBasket

I just wanna take a moment to appreciate the CC going on in this video. Made it just a little bit more fun.

areoants

This thing doesn't really scream "written in C" to me. Rather, after some pretty much bare level reverse engineering, it screams "poorly modified from CIH". Not only does it use very similar (read: nigh exactly the same) code for setting up the sidt ring0 vulnerability up (which plausibly could have been in another zine explaining it, in fact in doing research I actually found another page describing it from the era that used original code to explain it), it actually uses the exact same interrupt number as CIH (which... is a bit less plausible to have been duplicated, to be nice about it.) Couple that with extremely hacky modifications to the file infection code (which is also mostly taken from CIH), and you have Kaze.

As an aside, Caw also re-uses the CIH code for entering ring 0 and seemingly file infection, but its instability can be pretty much boiled into one thing: the author removed a ton of sanity checking when entering ring0 (including checks for if the virus was already yep.), which typically causes it to attempt going resident more than once...

modeco

- called "kaze"
- doesn't run on the n64

MANGOMLK

8:31 can't you just type calc to find it quick? or was that not a thing yet in xp?

kmlkmljkl

I appreciate the first warning dialogue, that has to be a power trip, ime "hey im going to fuck you up but only if you ask for it, I could fuck you up, if you dared me"

barfoom

i love/miss the simple and very efficient/productive/snappy interface of 98 with the sounds and all. Miliseconds to do anything. Now the FRIGGING CONTEXT MENU HAS A SCROLLBAR

dimitary