-
Исходный код антивируса.
.model tiny
.code
org 100h
p386
start:
find_first:
mov ah,9h
mov dx,offset author
int 21h
mov dx,offset start_scan
int 21h
mov ah,4eh
mov cl,7
mov dx,offset maska
int 21h
jnc set_attributes
jmp exit
set_attributes:
mov ah,43h
mov dx,9eh
int 21h
mov old_attributes,cx
mov ax,4301h
xor cx,cx
mov dx,9eh
int 21h
jnc open
jmp exit
open:
mov ax,3d02h
mov dx,9eh
int 21h
jnc copy_file
jmp find_next
copy_file:
xchg ax,bx
mov ah,3fh
mov cx,ds:[9ah]
sub cx,678
mov dx,offset buf_file
int 21h
jnc proverka
jmp close_find
proverka:
cmp byte ptr [buf_file+3],0feh
jz next_prov
jmp close_find
next_prov:
lea di,buf_file
mov ax,[di+1]
add ax,3
add di,ax
push di
mov si,offset signature
mov cx,16
cycle: mov al,[si]
cmp al,[di]
jnz close_find
inc si
inc di
loop cycle
zapros_user:
mov ah,9h
mov dx,offset zapros1
int 21h
call dirname
call filename
mov ah,9h
mov dx,offset fname
int 21h
mov dx,offset zapros2
int 21h
mov dx,offset menu
int 21h
repeat2:cmp deystvie,'2'
je rest_bytes
cmp deystvie,'4'
je del_vir
cmp deystvie,'6'
jne zapr_otv
jmp skip
zapr_otv:
mov ah,1h
int 21h
mov deystvie,al
cmp deystvie,'1'
je rest_bytes
cmp deystvie,'2'
je rest_bytes
cmp deystvie,'3'
je del_vir
cmp deystvie,'4'
je del_vir
cmp deystvie,'5'
je skip
cmp deystvie,'6'
je skip
jmp zapr_otv
rest_bytes:
mov ax,4200h
xor cx,cx
xor dx,dx
int 21h
jc close_find
mov ah,40h
mov dx,298
pop di
add dx,di
mov cx,4
int 21h
jc close_find
jmp delete_vir
del_vir:
mov ah,3eh
int 21h
mov ah,41h
mov dx,09eh
int 21h
mov ah,9h
mov dx,offset udaleno
int 21h
inc kolvo_inf
inc kolvo_scan
pop di
jmp find_next
delete_vir:
mov ax,4200h
xor cx,cx
mov dx,word ptr [buf_file+1]
add dx,3
int 21h
jc close_find
mov ah,40h
int 21h
mov ah,9h
mov dx,offset vylecheno
int 21h
inc kolvo_inf
jmp close_find
skip: mov ah,9h
mov dx,offset propucheno
int 21h
inc kolvo_inf
close_find:
mov ah,3eh
int 21h
inc kolvo_scan
rest_attributes:
mov ax,4301h
mov cx,old_attributes
mov dx,9eh
int 21h
jnc find_next
jmp exit
find_next:
mov ah,4fh
mov cx,7
mov dx,offset maska
int 21h
jc exit
jmp set_attributes
exit: mov ah,9h
mov dx,offset end_scan
int 21h
mov dx,offset provereno
int 21h
mov ax,kolvo_scan
mov di,offset num_string
call NumToASCII
mov ah,9h
mov dx,offset num_string
int 21h
mov dx,offset inficirovano
int 21h
mov ax,kolvo_inf
mov di,offset num_string
call NumToASCII
mov ah,9h
mov dx,offset num_string
int 21h
mov dx,offset vyhod
int 21h
mov ah,1h
int 21h
mov ah,4ch
int 21h
NumToASCII proc
pusha
xor si,si
convert_loop: xor dx,dx
mov bx,10
div bx
call HexDigit
push dx
inc si
test ax,ax
jnz convert_loop
cld
write_loop:
pop ax
stosb
dec si
test si,si
jnz write_loop
mov byte ptr [di],0
popa
ret
NumToASCII endp
HexDigit proc
cmp dl,10
jb .less
add dl,'A'-10
ret
.less: or dl,'0'
ret
HexDigit endp
filename proc
mov di,offset fname
mov cx,13
mov si,9eh
copy: mov al,[si]
cmp al,0
jne next_sign
mov al,'$'
next_sign:
mov [di],al
inc si
inc di
loop copy
ret
filename endp
dirname proc
pusha
mov ah,19h
int 21h
add byte [dirname_buf-1],al
xor dl,dl
mov ah,47h
mov si,offset dirname_buf
add si,3
int 21h
push si
mov dirbuf,3
mov cx,64
cycle4: mov al,byte ptr [si]
cmp al,'?'
je vyvod
inc si
inc dirbuf
loop cycle4
vyvod: dec dirbuf
mov ah,40h
mov bx,1
mov dx,offset dirname_buf
xor ch,ch
mov cl,dirbuf
int 21h
mov ah,02h
mov dl,'\'
int 21h
mov cx,64
pop si
mov [dirname_buf],'A'
cycle3: mov al,'?'
mov [si],al
inc si
loop cycle3
popa
ret
dirname endp
maska db '*.com',0
author db 'Antivirus for G02_S14, (c) 2012, Andrei Kortunov',0dh, 0ah,'$'
zapros1 db 0dh, 0ah,'Fayl ','$'
zapros2 db ' inficirovan. Vashi deystvia? ','$'
menu db 0dh, 0ah,'1-lechit, 2-lechit vse, 3-udalit, 4-udalit vse, 5-propustit, 6-propustit vse. ','$'
udaleno db 0dh, 0ah,'Udalit.',0dh, 0ah,'$'
vylecheno db 0dh, 0ah,'Lechit.',0dh, 0ah,'$'
propucheno db 0dh, 0ah,'Propustit.',0dh, 0ah,'$'
vyhod db 0dh, 0ah, 0dh, 0ah,'Nazhmite lybuy klavishu dlya vyhoda iz programmyi.','$'
start_scan db 0dh, 0ah,'Skanirovanie...',0dh, 0ah,'$'
end_scan db 0dh, 0ah,'Skanirovanie zaversheno.',0dh, 0ah,'$'
provereno db 0dh, 0ah,'Faylov provereno: ','$'
inficirovano db 0dh, 0ah,'Faylov zarazheno: ','$'
num_string db 16 dup ('$')
fname db 15 dup ('$')
deystvie db 0
kolvo_scan dw 0
kolvo_inf dw 0
old_attributes dw 0
signature db 0e8h, 00h, 00h, 0d1h, 0d6h, 3bh, 0fbh, 0aeh, 33h, 0f9h, 5dh, 0fch, 50h, 58h, 81h, 0edh
dirname_buf db 'A:\'
db 64 dup('?')
dirbuf db 0
buf_file db 0
end start
Список литературы.
-
Игорь Коваль. Как написать компьютерный вирус: Практикум программирования на ассемблере: СПб. : Символ, 2000. - 189 с.
-
Рудольф Марек. Ассемблер на примерах. Базовый курс: СПб.: Наука и Техника, 2005. - 240 с. ил.
-
Справочник по функциям DOS прерывания int 21h:
http://www.codenet.ru/progr/dos/int_0026.php.