• How To Edit Exe File Using Visual Basic
• How To Edit Executable Files
• Exe File Location
• Windows Executable File Extensions
• How To Edit Exe File In Visual Studio

1. An exe file is an executable file.It may or may not be a virus. It could also be a harmless program file. You would need to run an exe file through virus total to find out if it is malicious.
2. In computing, executable code or an executable file or executable program, sometimes simply referred to as an executable, causes a computer 'to perform indicated tasks according to encoded instructions', as opposed to a data file that must be parsed by a program to be meaningful. The exact interpretation depends upon the use.
3. 1) Don't try to modify a prog by editing his source in a dissasembler.Why? Couse that's for programmers and assembly experts only. If any of you dumb kids try to view it in hex you'll only get tons of crap you don't understand.

How To Edit Exe File Using Visual Basic

If I open an executable with Resource Tuner and then go to SaveAs and save the executable under a different name WITHOUT making ANY changes to it, and then I compare the two files with a hex editor, there are MANY changes to the file. Why are there changes even though I didn't make any?

A COM file is a type of simple executable file. On the Digital Equipmentoperating systems of the 1970s, .COM was used as a filename extension for text files containing commands to be issued to the operating system (similar to a batch file).^[1] With the introduction of CP/M (a microcomputer operating system), the type of files commonly associated with COM extension changed to that of executable files. This convention was later carried over to DOS. Even when complemented by the more general EXEfile format for executables, the compact COM files remained viable and frequently used under DOS.

The .COM file name extension has no relation to the .com (for 'commercial') top-level Internet domain name. However, this similarity in name has been exploited by malicious computer virus writers.

DOS binary format[edit]

The COM format is the original binary executable format used in CP/M (including SCP and MSX-DOS) as well as DOS. It is very simple; it has no header (with the exception of CP/M 3 files),^[2] and contains no standard metadata, only code and data. This simplicity exacts a price: the binary has a maximum size of 65,280 (FF00h) bytes (256 bytes short of 64 KB) and stores all its code and data in one segment.

Since it lacks relocation information, it is loaded by the operating system at a pre-set address, at offset 0100h immediately following the PSP, where it is executed (hence the limitation of the executable's size): the entry point is fixed at 0100h. This was not an issue on 8-bit machines since they can address 64k of memory max, but 16-bit machines have a much larger address space, which is why the format fell out of use.

In the Intel 8080 CPU architecture, only 65,536 bytes of memory could be addressed (address range 0000h to FFFFh). Under CP/M, the first 256 bytes of this memory, from 0000h to 00FFh were reserved for system use by the zero page, and any user program had to be loaded at exactly 0100h to be executed. COM files fit this model perfectly. Before the introduction of MP/M and Concurrent CP/M, there was no possibility of running more than one program or command at a time: the program loaded at 0100h was run, and no other.

Although the file format is the same in DOS and CP/M, .COM files for the two operating systems are not compatible; DOS COM files contain x86 instructions and possibly DOS system calls, while CP/M COM files contain 8080 instructions and CP/M system calls (programs restricted to certain machines could also contain additional instructions for 8085 or Z80).

.COM files in DOS set all x86 segment registers to the same value and the SP (stack pointer) register to FFFEh, thus the stack begins at the very top of the memory segment and works down from there.^[3]

In the original DOS 1.x API, which was a derivative of the CP/M API, program termination of a .COM file would be performed by calling the INT 20h (Terminate Program) function or else INT 21h Function 0, which served the same purpose, and the programmer also had to ensure that the code and data segment registers contained the same value at program termination to avoid a potential system crash. Although this could be used in any DOS version, Microsoft recommended the use of INT 21h Function 4Ch for program termination from DOS 2.x onward, which did not require the data and code segment to be set to the same value.

It is possible to make a .COM file to run under both operating systems in form of a fat binary. There is no true compatibility at the instruction level; the instructions at the entry point are chosen to be equal in functionality but different in both operating systems, and make program execution jump to the section for the operating system in use. It is basically two different programs with the same functionality in a single file, preceded by code selecting the one to use.

Under CP/M 3, if the first byte of a COM file is C9h, there is a 256-byte header;^[2] since C9h corresponds to the 8080 instruction RET, this means that the COM file will immediately terminate if run on an earlier version of CP/M that does not support this extension. (Because the instruction sets of the 8085 and Z80 are supersets of the 8080 instruction set, this works on all three processors.) C9h is an invalid opcode on the 8088/8086, and it will cause a processor-generated interrupt 6 exception in v86 mode on the 386 and later x86 chips. Since C9h is the opcode for LEAVE since the 80188/80186 and therefore not used as the first instruction in a valid program, the executable loader in some versions of DOS rejects COM files that start with C9h, avoiding a crash.

Files may have names ending in .COM, but not be in the simple format described above; this is indicated by a magic number at the start of the file. For example, the COMMAND.COM file in DR DOS 6.0 is actually in DOS executable format, indicated by the first two bytes being MZ (4Dh 5Ah), the initials of Mark Zbikowski.

Large programs[edit]

Under DOS there is no memory management provided for COM files by the loader or execution environment. All memory is simply available to the COM file. After execution, the operating system command shell, COMMAND.COM, is reloaded. This leaves the possibilities that the COM file can either be very simple, using a single segment, or arbitrarily complex, providing its own memory management system. An example of a complex program is COMMAND.COM, the DOS shell, which provided a loader to load other COM or EXE programs. In the .COM system, larger programs (up to the available memory size) can be loaded and run, but the system loader assumes that all code and data is in the first segment, and it is up to the .COM program to provide any further organization. Programs larger than available memory, or large data segments, can be handled by dynamic linking, if the necessary code is included in the .COM program. The advantage of using the .COM rather than .EXE format is that the binary image is usually smaller and easier to program using an assembler.^[4] Once compilers and linkers of sufficient power became available, it was no longer advantageous to use the .COM format for complex programs.

Platform support[edit]

The format is still executable on many modern Windows NT-based platforms, but it is run in an MS-DOS-emulating subsystem, NTVDM, which is not present in 64-bit variants. COM files can be executed also on DOS emulators such as DOSBox, on any platform supported by these emulators.

Use for compatibility reasons[edit]

Windows NT-based operating systems use the .com extension for a small number of commands carried over from MS-DOS days although they are in fact presently implemented as .exe files. The operating system will recognize the .exe file header and execute them correctly despite their technically incorrect .com extension. (In fact any .exe file can be renamed .com and still execute correctly.) The use of the original .com extensions for these commands ensures compatibility with older DOS batch files that may refer to them with their full original filenames. These commands are DISKCOMP, DISKCOPY, FORMAT, MODE, MORE and TREE.

Execution preference[edit]

In DOS, if a directory contains both a COM file and an EXE file with same name, when no extension is specified the COM file is preferentially selected for execution. For example, if a directory in the system path contains two files named foo.com and foo.exe, the following would execute foo.com:

A user wishing to run foo.exe can explicitly use the complete filename:

Taking advantage of this default behaviour, virus writers and other malicious programmers have used names like notepad.com for their creations, hoping that if it is placed in the same directory as the corresponding EXE file, a command or batch file may accidentally trigger their program instead of the text editor notepad.exe. Again, these .com files may in fact contain a .exe format executable.

On Windows NT and derivatives (Windows 2000, Windows XP, Windows Vista, and Windows 7), the PATHEXT variable is used to override the order of preference (and acceptable extensions) for calling files without specifying the extension from the command line. The default value still places .com files before .exe files. This closely resembles a feature previously found in JP Software's line of extended command line processors 4DOS, 4OS2, and 4NT.

Malicious usage of the .com extension[edit]

Some computer virus writers have hoped to take advantage of modern computer users' likely lack of knowledge of the .com file extension and associated binary format, along with their more likely familiarity with the .com Internet domain name. E-mails have been sent with attachment names similar to 'www.example.com'. Unwary Microsoft Windows users clicking on such an attachment would expect to begin browsing a site named http://www.example.com/, but instead would run the attached binary command file named www.example, giving it full permission to do to their machine whatever its author had in mind.

There is nothing malicious about the COM file format itself; this is an exploitation of the coincidental name collision between .com command files and .com commercial web sites.

See also[edit]

References[edit]

1. ^Christian, Brian; Markson, Tom; Skrenta, Rich (eds.). 'Section 5.3'. The PDP-11 How-To Book (Revision 1 ed.). Archived from the original on 2018-08-01. Retrieved 2018-08-01. (NB. Has a reference for the RT-11 operating system running on the PDP-11 minicomputer, which shows in section 5.3 that .COM is used to refer to a command file.)
2. ^ ^abElliott, John C.; Lopushinsky, Jim (2002) [1998-04-11]. 'CP/M 3 COM file header'. Seasip.info. Archived from the original on 2018-08-01.
3. ^Paul, Matthias R. (2002-10-07) [2000]. 'Re: Run a COM file'. Newsgroup: alt.msdos.programmer. Archived from the original on 2017-09-03. Retrieved 2017-09-03.[1]
4. ^Scanlon, Leo J. (1991). 'Chapter 2'. Assembly Language Subroutines for MS-DOS (2 ed.). Windcrest Books. p. 16. ISBN0-8306-7649-X.

External links[edit]

In computing, executable code or an executable file or executable program, sometimes simply referred to as an executable, causes a computer 'to perform indicated tasks according to encoded instructions',^[1] as opposed to a data file that must be parsed by a program to be meaningful.

The exact interpretation depends upon the use. 'Instructions' is traditionally taken to mean machine code instructions for a physical CPU,^[2] in some contexts a file containing bytecode or scripting language instructions may also be considered executable.

Generation of executable files[edit]

Executable files can be hand-coded in machine language, although it is far more convenient to develop software as source code in a high-level language that can be easily understood by humans. In some cases, source code might be specified in assembly language instead, which remains human-readable while being closely associated with machine code instructions. Free download winbox 2.2.18. The high-level language is compiled into either an executable machine code file or a non-executable machine-code object file of some sort; the equivalent process on assembly language source code is called assembly. Several object files are linked to create the executable. Object files -- executable or not -- are typically in a container format, such as Executable and Linkable Format (ELF).^[3] This structures the generated machine code, for example dividing it into sections such as the .text (executable code), .data (static variables), and .rodata (static constants).

How To Edit Executable Files

In order to be executed by the system (such as an operating system, firmware, or boot loader), an executable file must conform to the system's application binary interface (ABI).^[4] Most simply a file is executed by loading the file into memory and simply jumping to the start of the address space and executing from there, but in more complicated interfaces executable files have additional metadata, specifying a separate entry point. For example, in ELF, the entry point is specified in the header in the e_entry field, which specifies the (virtual) memory address at which to start execution. In the GCC (GNU Compiler Collection) this field is set by the linker based on the _start symbol.

Executable files typically also include a runtime system, which implements runtime language features (such as task scheduling, exception handling, calling static constructors and destructors, etc.) and interactions with the operating system, notably passing arguments, environment, and returning an exit status, together with other startup and shutdown features such as releasing resources like file handles. For C, this is done by linking in the crt0 object, which contains the actual entry point and does setup and shutdown by calling the runtime library.^[5]

Executable files thus normally contain significant additional machine code beyond that directly generated from the specific source code. In some cases it is desirable to omit this, for example for embedded systems development or simply to understand how compilation, linking, and loading work. In C this can be done by omitting the usual runtime, and instead explicitly specifying a linker script, which generates the entry point and handles startup and shutdown, such as calling main to start and returning exit status to kernel at end.^[6]

See also[edit]

References[edit]

1. ^'executable'. Merriam-Webster's Online Dictionary. Merriam-Webster. Retrieved 2008-07-19.
2. ^'Machine Instructions'. GeeksforGeeks. 2015-11-03. Retrieved 2019-09-18.
3. ^'Chapter 4: Object Files'. refspecs.linuxbase.org. Retrieved 2019-09-18.
4. ^Boelen, Michael (2019-05-15). 'The 101 of ELF files on Linux: Understanding and Analysis - Linux..'Linux Audit. Retrieved 2019-09-18.
5. ^content, Tim Fisher Tim Fisher has 30+ years' professional technology support experience He writes troubleshooting; Lifewire, is the General Manager of. 'List of Executable File Extensions'. Lifewire. Retrieved 2019-09-18.
6. ^McKellar, Jessica (Mar 16, 2010). 'Hello from a libc-free world! (Part 1)'.

Exe File Location

External links[edit]

Windows Executable File Extensions

• EXE File Format at What Is

How To Edit Exe File In Visual Studio