OneHalf (computer virus)

From Wikipedia, the free encyclopedia

OneHalf
Common name OneHalf
Technical name OneHalf
Family OneHalf
Classification Virus
  Type DOS
  Subtype file and boot infector
Isolation 1994
  Point of Isolation Unknown
  Point of Origin Slovakia
Author(s) Vyvojar
This box: view  talk  edit

OneHalf is a DOS-based polymorphic computer virus (hybrid boot and file infector). It is known for its peculiar payload: it encrypts certain parts of user's Hard disk, but then decrypts them on-the-fly when they are accessed, thus user does not notice anything. The encryption is done by bitwise XORing by a randomly generated key, which can be decrypted simply by XORing with the same bit stream again. However, careless disinfection will result in data loss; if the user does not decrypt the data, then destroys the virus which decrypts and accesses it, the data will be lost. After encrypting one half of the HDD, virus displays the following message:

Dis is one half.

Press any key to continue ...

It is also known as one of the first viruses to implement a tecnhique of "patchy infection", introduced in Bomber.

OneHalf has many variants.

[edit] External links

Languages