HPAVC

home *** CD-ROM | disk | FTP | other *** search

/ HPAVC / HPAVC CD-ROM.iso / PROTX310.ZIP / PROTEXE.DOC < prev next >

Wrap

Text File | 1997-08-13 | 44KB | 1,033 lines

ProtEXE v3.10 - EXE/COM encryption/validation/protection Copyright (c) 1995-1997 by Tom Torfs, all rights reserved -= MANUAL =- 0.1 Table of contents -=-=-=-=-=-=-=-=-=-=- 0.1 Table of contents 1.1 Overview 1.2 Reasons for using ProtEXE 2.1 Commandline usage 2.2 Configuration file 2.3 Interactive shell 3.1 ProtEXE operation notes 3.2 Files that shouldn't be protected with ProtEXE 3.3 ProtEXE and executable compressors 3.4 ProtEXE and virus-scanners 3.5 ProtEXE and other operating systems & multitaskers 4.1 Verifying the registration information 4.2 Testing the CRC failed message 5.1 Reasons for registering ProtEXE 5.2 How to register ProtEXE 6.1 Contacting the author 6.2 Where to find the most recent version of ProtEXE 7.1 Errors, warnings & errorlevels 8.1 Credits 9.1 Disclaimer 1.1 Overview -=-=-=-=-=-= ProtEXE is a programmer's tool that protects your DOS executables (EXE & COM) from tampering and other corruption in three ways: a) the code and data are encrypted b) via a CRC any changes in the code and/or data and optionally in the extra data (overlays etc.) are detected immediately c) anti-debugging, anti-disassembling and anti-unpacking techniques stop crackers from stepping through your programs with a debugger or reverse-engineering them with a disassembler 1.2 Reasons for using ProtEXE -=-=-=-=-=-=-=-=-=-=-=-=-=-=- If you're a programmer, you won't like it when some kiddie changes your precious programs' output into some useless rubbish, or changes your name by his/hers, or ... You wouldn't like it either if some cracker broke your programs' registration key routine or copy protection, or something like that. You would even like it less if someone changed your program into a logic bomb or virus. Just imagine what all this could do to your reputation as a programmer. That's why programs like ProtEXE are there. Now why should you use ProtEXE instead of some other program that does basically the same job ? Because: - ProtEXE is secure: lots of anti-debugging techniques and automatic polymorphic self-encryption and decryption stop debuggers and disassemblers from examining the decryption algorithm; anti-unpacking tricks stop automated unpacking programs from removing the protection; one of the more advanced anti-unpacking tricks is the tie option {+}, another advanced security feature is the runtime data decryption system for C/C++, Pascal and assembly language {+} - ProtEXE is fast: the decryption and CRC validation take so little time that you won't see the difference between the original and the protected version of a program - ProtEXE protected EXE and COM files require only a little bit more memory and disk space than the unprotected versions; this space is well invested since it significantly enhances your program's security - ProtEXE can automatically call your favorite executable compressor to make the executables more compact (a freely usable executable compressor, ComprEXE, is included; see COMPREXE.DOC for more details) - ProtEXE has the ability to copy any extra data from the source file to the target file (like some overlays); it can also force overlaid programs to load their overlays from the new position, allowing to protect some programs that would otherwise be impossible to protect/compress - ProtEXE can protect the DOS part of 'new executables', such as Windows or OS/2 executables - ProtEXE can CRC check the overlays and other extra data {+} - ProtEXE can retain all the additional information in the EXE header and can optionally fool the protected program into thinking the header hasn't changed at all - ProtEXE can include additional information (e.g. copyright info) in the header of the EXE file - ProtEXE can leave certain information in the beginning of the EXE file (before CS:IP entry point) unencrypted; this is especially handy for protecting device driver-EXEs etc. - ProtEXE can protect programs that stay resident (TSRs) (although some of the more advanced features will be disabled) - ProtEXE has the ability to replace the message that's displayed when the CRC fails by your own text {+} - ProtEXE can optionally display a banner text before the program gets run (useful for programs that take long to initialize etc.); after this banner ProtEXE can optionally wait for a keypress, echo the key pressed and/or abort by pressing ESC - ProtEXE can optionally password-protect the executables, with a customizable prompt and error message - ProtEXE has a comfortable interactive shell which allows you to use it without having to type long commandlines - ProtEXE can read often used options from a configuration file and change & save these options from the interactive shell - ProtEXE displays statistics about the memory usage etc. of the original, compressed (optional) and protected program - ProtEXE is inexpensive: see ORDER.FRM for detailed pricing - Once you purchased the registered or commercial version of ProtEXE, you may protect as many programs as you like with it, there are no royalties 2.1 Commandline usage -=-=-=-=-=-=-=-=-=-=- PROTEXE <oldfile>[.EXE|.COM] [<newfile>[.EXE|.COM]] [-c[<compressor id>]] [-m<msgfile>] [-b<bannerfile>] [-p<password>[,<prompt>,<error>]] [-t[<parameters>]] [-s<rol>] [-r] [-k] [-o] [-e[k][o][c]] [-h] [-f] [-d] [-i<infofile>] * Command line basics * <oldfile> is the name of the executable to protect. <newfile> is the name of the protected executable. If you omit <newfile>, <oldfile> will be replaced and the original file will be stored as <oldfile>.OLD (unless you use option -o). If no extension is provided, .EXE or .COM is automatically appended. You can specify multiple options on the command line to customize ProtEXE's behaviour. Note that for all options you can use the / switch character instead of the - character if you prefer. If an option is followed by - (e.g. -o-) a previous setting (e.g. from the configuration file) is overridden. You can also override options which take a filename or other parameter, e.g. -m or -p. An overview of the command line options can be displayed by putting the parameter /? (or -?) on the commandline. You can put often used options in the configuration file (see chapter "Configuration file"). If you specify no parameters on the commandline, the interactive shell is started instead (see chapter "Interactive shell"). All options marked with {+} are available in the registered and commercial versions only. * General options * [-c[<compressor id>]] With option -c you can call an executable compressor before protecting the EXE file. The actual compressor corresponding to the id is configured in the file PACKERS.PTX (see chapter "Structure of PACKERS.PTX" for more information). If no id is specified, the first compressor in the configuration file will be used. By default the following compressors are supported: c COMPREXE (default, included in archive) l LZEXE p PKLITE pc PKLITE commercial version d DIET cp COMPACK t TINYPROG u UCEXE w WWPACK x XPACK Using an executable compressor makes the executable smaller and adds some additional protection. There are several advantages to integrating them in ProtEXE: not only that you can do everything with one command line, but also that ProtEXE can not only calculate statistics relative to the intermediate compressed file but also to the original uncompressed file. Furthermore this method allows the use of the tie and data encryption options. [-m<msgfile>] {+} <msgfile> is the name of the file which is displayed when the CRC fails. This file may not be larger than 4096 bytes. The default message is: CRC failed -> executable has been corrupted In the unregistered version, preceded by the ProtEXE version string. I would suggest you always use a message file, which clearly explains what has happened to the user of your program and what he/she should do about it. [-b<bannerfile>] <bannerfile> is the name of the file that should be displayed before running the program. This file is also limited to 4096 bytes. You can put the following special codes as the last character in the bannerfile: (there may be nothing after this, including spaces) \x01 (Ctrl-A) Wait for a keypress w/o echo, pressing ESC aborts \x02 (Ctrl-B) Wait for a keypress w/o echo, no abort possible \x03 (Ctrl-C) Wait for a keypress with echo, pressing ESC aborts \x04 (Ctrl-D) Wait for a keypress with echo, no abort possible \x05 (Ctrl-E) Wait for a keypress with echo & CR/LF, pressing ESC aborts \x06 (Ctrl-F) Wait for a keypress with echo & CR/LF, no abort possible If this control code is followed by a CR/LF, that CR/LF is stripped off. This allows you to create a bannerfile with a prompt on the same line using a text editor which forces the file to be terminated by a CR/LF. In the unregistered version, the ProtEXE version string is inserted at the beginning of the banner. [-p<password>] Every time the program is run, <password> will have to be typed in. If the entered password is incorrect, the program will simply abort with an error. Spaces must be replaced by underscores. Use \ to quote the next character (\" for double quote, \, for comma and \\ to force a backslash). The password is case sensitive, so "PASSWORD" is not the same as "password" or "Password". The password itself isn't stored anywhere in the executable, not even in encrypted form. One-way functions are applied on it and those are compared against the expected values. You can also specify password prompt and password error message files after the password, separated by commas. Note that the prompt file should not be terminated with a newline if you wish to have the input on the same line as the prompt. The default password prompt is: "Enter password:". The default password error message is "Invalid password". In the unregistered version the ProtEXE version string will be inserted in front of the password prompt. NOTE: using the -p option also increases the startup stack size the protected executable will have by 80 bytes (unless option -ec is also used, see further). This does not affect the program's stack. [-t[<parameters>]] {+} This option ties the decryption module and the program together, so that even if a cracker would succeed in unpacking the executable, it would never work. When using the -t option, ProtEXE does a test run of the program to analyze it. This test run should be representative for general program use. If such a representative run requires certain command line parameters, you should specify them after the -t option. Spaces must be replaced by underscores. Use \_ to force an underscore, \" to force a double quote and \\ to force a backslash. The -t option will only be effective when applied directly on the uncompressed, unencrypted executable. Do not use an executable compressor before running ProtEXE -t, because otherwise only the compressor code would be tied to the decryption module, not the program itself. You should instead use the -c option if you wish to both compress and tie the executable. The number of ties is limited to 64. If no ties are possible, the -t option is ignored. If the number of ties is less than 5, the executable is probably already protected/compressed, unless it is a very small executable. If you use this option, you should test your executable *carefully* before assuming it works; not all executables like the tie option. The -t option is disabled when you use -r to protect a TSR program. [-s<rol>] {+} In the registered and commercial versions of ProtEXE, you can use the external PTXCrypt programming libraries for C/C++, Pascal and assembly language. These libraries can be extracted using PTXCRYPT.EXE if you have a valid registration key. Once you registered, these libraries can freely be used to encrypt/decrypt your data (using a 64-bit XOR encryption, thus not subject to US export restrictions) via a randomly chosen key which is provided by the ProtEXE runtime decryption module, effectively making the data unaccessible without that protection module. You can also specify a user defined 32-bit rol-value to 'personalize' the encryption system. It is highly recommended to use a unique value for all your programs, as this significantly enhances their security. This 32-bit rol-value should be passed in hexadecimal notation (8 digits from 0..9 and A..F) after the -s parameter. [-r] This option allows ProtEXE to protect programs that stay resident in memory (commonly known as TSR programs). This option disables some of the advanced features and also reduces the security of the protected executable, so you should only use it when absolutely necessary. In some (rare) cases, using option -r may be required to protect a non-TSR program, too. It's always worth a try, when your program refuses to work after protection. The following options are disabled when using -r: -t, -eo, -f. [-k] This option tells ProtEXE to leave the original code 100% intact. This may be necessary when the program performs some sort of self-check. If you do not use option -k, ProtEXE may make some minor modifications to the code to enhance the security. [-o] If option -o is given, the original file will be deleted instead of renamed to .OLD. Using this option is not recommended. This option is ignored if an output file is specified. * EXE-only options * [-e] EXE files contain the length of actual code/data in their header. Sometimes the EXE file contains data after this, which is not loaded when the program is run, but which might be read separately afterwards (overlays). This may also be debug info, used by a symbolic debugger (such as Turbo Debugger), but not required by the program itself. It may also be the 'new executable' part for Windows, OS/2, ... executables. If option -e is given, any extra data in an EXE-file is simply copied into the target file, instead of being stripped off. This doesn't guarantee that the extra data is still useful after the protection. If you get the 'stripping extra data' warning and the protected program doesn't work, you should try using this option. [-ek] If the program has overlays and it doesn't work with option -e, there is a chance the overlay positions are hardcoded in the program. In that case try using option -ek. This forces the extra data to be kept at the same position as in the original file. The -ek option is also required to protect most types of 'new executables' (e.g. Windows or OS/2 executables). However, it will usually only work with programs that have an independant DOS part (not the typical DOS stub of 'This program cannot run in a DOS session' or something like that), for the reason below. The -ek option requires the protected code to be smaller than or equal to the unprotected version. If that isn't the case, ProtEXE shows a warning and the extra data will be relocated anyway. In that case, you should use the -c option to compress the code first. In fact, this will usually be necessary to use the -ek option. If the compression fails or isn't significant enough, there's not much more you can do. [-eo] An alternative to the -ek option for programs that hardcode their overlay positions, is the -eo option. This option forces the program to read the overlays from the new position. NOTE: this option only works for handle file I/O functions. FCBs are not supported, as they are hardly ever used for file I/O anymore. Some programs use an overlay system that is incompatible with ProtEXE -eo. You should try using option -ek to protect these instead. This does not work for 'new executables', only for plain DOS programs. The -eo option is disabled when you use -r to protect a TSR program. The -eo option is ignored if the -ek option is also used (no need to relocate overlays if you keep them at the same position). [-ec] {+} If you add the letter c after the option -e, the overlays will also be CRC checked every time you run the program. NOTE: using the -ec option also increases the startup stack size the protected executable will have by 512 bytes. This does not affect the program's stack. You can combine the -ek/-eo and -ec options into -ekc/-eoc or -eck/-eco. [-h] Option -h disables packing the header. All additional information in the EXE header will be copied to the target file. Using this option can allow some otherwise unprotectable executables to be protected. [-f] In some (rare) cases, using option -h is not enough, because the program expects the exact same header to be found (including the memory paragraphs etc. fields). This option fakes the old header to be presented to the program if it tries to read its own header. However, if the program depends on these fields having certain values other than as a kind of self-check, there is a chance it will not function properly after protection. NOTE: this option only works for handle file I/O functions. FCBs are not supported, as they are hardly ever used for file I/O anymore. The -f option is disabled when you use -r to protect a TSR program. [-d] Option -d leaves all code before the CS:IP entry point in the EXE file unencrypted. It is obvious that you should only use this option if really necessary. An example where this option is necessary is to protect EXE files that are in fact device drivers (such as SETVER.EXE, EMM386.EXE etc.). But keep in mind that all the actual device driver code (= before CS:IP entry point) will remain unencrypted. Using the -d option is not a guarantee at all that the device driver will still be usable after the protection. [-i<infofile>] <infofile> is the name of the file containing the text that is to be included in the header of the EXE file (e.g. copyright info). This file is limited to 16384 bytes. If you begin this file with \x1B[2J and end it with \x1A, you can display the text using TYPE <name of EXE file>. 2.2 Configuration file -=-=-=-=-=-=-=-=-=-=-= The configuration file is named CONFIG.PTX and must be in the same directory as PROTEXE.EXE or in any directory of the PATH. The file should contain one commandline option per line. The help option (-?) and filenames to protect are not allowed. Lines beginning with ; (comments) and blank lines are ignored. An option specified in the configuration file can always be overridden on the commandline (see "Commandline usage"). You can also create a configuration file from within the interactive shell (see chapter "Interactive shell"). 2.3 Interactive shell -=-=-=-=-=-=-=-=-=-=- When you start ProtEXE without parameters, the interactive shell is started. In this shell you can browse through your directories and disks and select any executables you wish to protect. If you move the lightbar over an executable and press Enter, that file will be protected. You will be asked whether you want to use the same file as targetfile, or a different file. Then the normal, non- interactive part of ProtEXE will be spawned with the correct settings. After finishing it waits for a keypress (to allow you to examine the statistics or a possible error message), and then returns to the shell. You can also customize the options and optionally save them to disk. You can switch between the files and the options with the left & right arrow keys. You can change an option by moving the lightbar over it and pressing Enter. Press F1 for a quick help screen about the used keys. Just like in the commandline mode, the registered/commercial-only options are disabled in the unregistered evaluation version. 2.4 Structure of PACKERS.PTX -=-=-=-=-=-=-=-=-=-=-=-=-=-= The file PACKERS.PTX must be in the same directory as PROTEXE.EXE or in any directory of the PATH. Any non-blank line in PACKERS.PTX that does not begin with a semicolon (comment), has the following structure: (different fields are separated by at least one space, all fields are case insensitive except the commandline) <id> <exe> <com> <backup> <cmdline> <id> is a short abbreviation to identify the compressor. It must be passed on the commandline after -c (see the chapter "How to use ProtEXE" for more information). <exe> is Y or N depending on wether the compressor supports EXEs. <com> is Y or N depending on wether the compressor supports COMs. <backup> is either - or the extension of the backup file created by the compressor. It will be cleaned up by ProtEXE automatically. <cmdline> is the commandline to execute when calling the compressor. It is executed the same way as if you would type it in from the DOS command prompt, so you don't need to specify a full path and extension of the compressor program, as long as it is somewhere in the PATH or in the current directory. You can also use the macros %F and %T in the commandline. %F expands to the filename of the program being compressed, and %T (optionally) expands to the filename of the target program. If you don't specify %T, ProtEXE will assume the source and target files are the same. See the default PACKERS.PTX for an example. 3.1 ProtEXE operation notes -=-=-=-=-=-=-=-=-=-=-=-=-=- ProtEXE tags a little code module of its own to the program. That module decrypts the program in memory, performs all necessary segment relocations, restores the stack etc., and then jumps to the original entry point. That's the basic system in a nutshell. In practice, the code module does more, such as CRC-checking, password-verifying, anti-debugging and anti-unpacking techniques, etc. Different ProtEXE features execute in the following order: * load image CRC check * overlay CRC check (optional) * registration info * banner (optional) * password (optional) It is possible to use ProtEXE multiple times on a program, also with different combinations of options. However, doing so doesn't make much sense, as the program would only get bigger (and slightly slower, especially after multiple layers, and even more so if overlay crc checking is turned on) with not much improvement in security. If someone would be capable of unpacking one layer of ProtEXE, there is no reason why he/she couldn't unpack two or more. 3.2 Files that shouldn't be protected with ProtEXE -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ProtEXE can essentially only protect DOS executables. If you try to protect a new executable like those for Windows or OS/2 and most DOS extenders (PharLap, DOS/4GW,...) (protected mode programs), ProtEXE will give a warning and only protect the DOS part. See the notes on option -ek and warning W07 for more details. To protect programs that are in fact device drivers, like SETVER.EXE, EMM386.EXE, etc. you should use the -d option. This is still no guarantee the device driver will still function correctly after the protection, but without it it will certainly not work; ProtEXE will give a warning if you try to protect such an executable without the -d option. COM files may not be larger than approx. 60-62K. Otherwise they can't be protected by ProtEXE, because the protected COM would exceed 64K. COM files smaller than 4 bytes can't be protected, either. In both cases, you should convert them to an EXE file using the included COM2EXE utility. EXE files with overlays in the EXE-file will require the use of the -e option with ProtEXE. If the protected executable won't function, you should try using options -ek, -eo, -h, -f and/or -d. Please read the information in the chapter "Commandline usage" concerning these options first. Files that read/write data or code directly to their images on disk won't work with ProtEXE (or with any file compressor). Note that this does not apply to overlays. A program is free to write to its overlays, unless you have protected the program with option -ec of course. Programs that spawn other programs (e.g. DOS shell) work fine with ProtEXE. Terminate & stay resident programs (TSRs) also work, but require the use of the -r option (see chapter "Commandline usage"). Self-extracting EXE files (such as those created by PKZIP, LHA, ARJ, RAR, ...) can be protected by ProtEXE. For most (if not all) of these you must use the -e option, and for LHA you must use -eo. 3.3 ProtEXE and executable compressors -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Yes. It is even supported directly by ProtEXE. See the option -c in the chapter "Commandline usage" and the chapter "Structure of PACKERS.PTX" for more information. A freely usable executable compressor, ComprEXE, is included in the archive. See COMPREXE.DOC for more information. I encourage using a compressor with ProtEXE, because that way the program becomes a lot smaller and a little bit harder to crack. What you shouldn't do is first run ProtEXE and then the compressor. ProtEXE scrambles the code so that it becomes uncompressable. In most cases the compressors refuse to compress it because instead of becoming smaller the code would become larger. 3.4 ProtEXE and virus-scanners -=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Some heuristic virus scanners, such as F-Prot, may say that ProtEXE and programs protected with it are suspicious because they contain anti-disassembling and anti-debugging tricks. This is absolutely normal, since that is the purpose of ProtEXE, so you may safely ignore these warnings, unless you seriously suspect someone has infected the program with a virus and then encrypted it with ProtEXE. 3.5 ProtEXE and other operating systems & multitaskers -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ProtEXE has been tested and works fine under the following operating systems & multitaskers: - DOS - Qemm386, EMM386, ... - Desqview - Windows 3.X, 95 and NT - OS/2 Warp 3 & 4 - Linux DOSEMU 4.1 Verifying the registration information -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= You can always verify the registration information in a ProtEXE'd executable. Just run the protected program with the following command line: <progname> ~~~ProtEXE-RegInfo~~~ There may be no more parameters after this, and the parameter is case-sensitive, so it must be typed in exactly as above. If you want to do this often, you might find it more convenient to use PROTXVER.BAT to do this for you. Just type PROTXVER followed by the name of the executable. If the program was damaged, it will abort with a CRC error before it gets to the registration info, to reduce the risk of more damage (see also: ProtEXE operation notes). When the program was not protected with ProtEXE v3.0 or later, it will probably give an 'illegal parameter' error message or just ignore the parameter and run normally. This is normal behaviour. Apart from the ProtEXE version, copyright message and registration information, also an 8-digit hexadecimal code will be displayed (only ProtEXE 3.10 or later). This is the UNIX timestamp of the protection (number of seconds since 1970-01-01, 00:00) and can be used to distinguish different distribution versions of a program. In the commercial version, no registration name is displayed but just "Commercial version". 4.2 Testing the CRC failed message -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= You can test the CRC failed message of a ProtEXE'd executable by using the TestMsg tool. Just type TESTMSG <executable> to view the message. TestMsg will first verify the registration information (see previous chapter) to make sure the executable has been protected with ProtEXE; this is necessary to avoid crashes or other kinds of strange behaviour. TestMsg only works on executables protected with ProtEXE v3.0 or later. 5.1 Reasons for registering ProtEXE -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The unregistered version may freely be evaluated for a period of 30 days. After this period you should register your copy or purchase the commercial version (see ORDER.FRM for more information). By doing so, you support the shareware concept. You may not distribute programs protected with the unregistered evaluation version of ProtEXE, whether it is freeware, shareware or commercial software. Giving copies of your program to a small number of people for alpha- and betatesting is not considered distribution; spreading your program via bulletin board systems, computer networks, shareware vendors and retail is. Several features are not available in the unregistered version: * customizing the CRC failed message * CRC-checking the extra data * the tie option * the PTXCrypt runtime data encryption/decryption system Also, in the unregistered version the ProtEXE version string is inserted before the default CRC failed message, the banner, and the password prompt. The fact that these are not present in the registered version also means a small reduction in the code size. Keep in mind that the registration information can always be verified using the method described in the chapter "Verifying the registration information". 5.2 How to register ProtEXE -=-=-=-=-=-=-=-=-=-=-=-=-=- An order form named ORDER.FRM is included. Instructions on how to register or purchase the commercial version and information about payment methods can be found in there. The registration key can be put in the directory where PROTEXE.EXE is in, or in any directory of the PATH. It will then unlock ProtEXE's registered only features and it will also allow the extraction of the PTXCrypt libraries using PTXCRYPT.EXE. The registration key will also work on future versions. Should the key format ever be changed (e.g. for security reasons), all registered users will receive their new key as soon as possible. The commercial version does not require a registration key. Commercial users who have an email or netmail address will automatically be sent major new versions. They can also be downloaded from 80x86 BBS, instead. See ORDER.FRM for more information. 6.1 Contacting the author -=-=-=-=-=-=-=-=-=-=-=-=- The author can be contacted through the following channels: E-mail: (preferably try the addresses in this order) tomtorfs@mail.dma.be tomtorfs@iname.com tom.torfs@f516.n292.z2.fidonet.org Netmail: (preferably use crashmail) Tom Torfs, 2:292/516@fidonet.org BBS: (private message to sysop) 80X86 BBS +32-15-24.62.32 24h/24h 28800bps V.34/V.FC Snailmail: Tom Torfs Cuperuslei 12 B-2220 Heist-op-den-Berg BELGIUM If you wish to encrypt your correspondence using PGP, this is my PGP public key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQBtAzPwlx4AAAEDAJrir/T++tMCp0+VqyiakX5TA2oDfmYpVb9gI7DlniceL6bx HNGeLlVbFjN9/Jm0aVhBDsL1NFpfk5ixv40txpZIJYskg5TpZbsaIMjA4tNpLjQQ vvsaifXl6SFqYIdxbQAFEbQgVG9tIFRvcmZzIDx0b210b3Jmc0BtYWlsLmRtYS5i ZT4= =Pbll -----END PGP PUBLIC KEY BLOCK----- My public key can also be obtained from http://bewoner.dma.be/tomtorfs or http://80x86.home.ml.org, or can be downloaded from 80x86 BBS or file-requested as PGPKEY. 6.2 Where to find the most recent version of ProtEXE -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ProtEXE world registration site: 80X86 BBS (+32) (0)15-24.62.32 28800 V.34/V.FC 24h/24h 2:292/516@fidonet.org tomtorfs@mail.dma.be / tomtorfs@iname.com File request magic name PROTEXE for the latest version You can also download the latest version from the ProtEXE support page: http://bewoner.dma.be/tomtorfs/protexe This page can also be accessed through the following alias: (which will remain constant even if the above might change) http://protexe.home.ml.org You should also be able to find the most recent ProtEXE versions on ftp://ftp.cdrom.com/simtelnet/pub/simtelnet/msdos/pgmutl a few days after the release. If you're a registered user and have an e-mail or netmail address, you will be notified of new versions and important bug fixes. 7.1 Errors, warnings & errorlevels -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= These are the errors and warnings that ProtEXE may give: ERROR E01: bad option: <option> An invalid parameter was passed on the command line or in the configfile. A short usage info screen will be displayed. If you need more information, check out the chapter "Commandline usage". ERROR E02: no filename specified on command line You didn't specify a source file to protect. The usage info screen will be displayed. ERROR E03: neither COM nor EXE form of source file exists The filename you entered as a source file does not exist in either COM or EXE form. Correct the error and retry. ERROR E04: source file not found The source file you specified does not exist. Correct the error and retry. ERROR E05: can't rename file ProtEXE was unable to rename the source file to extension .OLD or to rename the temporary file. This might occur if there was already an .OLD file with the read-only attribute on. ERROR E06: same file specified as source and target file You entered the same filename as source and target file, or you tried to protect an .OLD file with the one-parameter form. Correct the error or rename the .OLD file. ERROR E07: error opening source file ProtEXE was unable to open the source file you specified. Make sure this file exists and does not have any special attributes or is not currently in use by another process. ERROR E08: error creating target file ProtEXE was unable to create the target file you specified. Make sure that no file with that name and any special attributes exists already or is currently in use. Make sure the disk is not full, and you're not trying to create the targetfile in a full root directory or on a read-only medium. ERROR E09: can't read message file ProtEXE was unable to read the message file you specified. Make sure this file exists and does not have any special attributes or is not currently in use by another process. ERROR E10: message file is too large (max 4096 bytes) The message file you specified is too large. Make sure you specified the correct file or make it smaller. ERROR E11: can't read banner file ProtEXE was unable to read the banner file you specified. Make sure this file exists and does not have any special attributes or is not currently in use by another process. ERROR E12: banner file is too large (max 4096 bytes) The banner file you specified is too large. Make sure you specified the correct file or make it smaller. ERROR E13: can't read password prompt file ProtEXE was unable to read the password prompt file you specified. Make sure this file exists and does not have any special attributes or is not currently in use by another process. ERROR E14: password prompt file is too large (max 1024 bytes) The password prompt file you specified is too large. Make sure you specified the correct file or make it smaller. ERROR E15: can't read password error message file ProtEXE was unable to read the password error message file you specified. Make sure this file exists and does not have any special attributes or is not currently in use by another process. ERROR E16: password error message file is too large (max 1024 bytes) The password error message file you specified is too large. Make sure you specified the correct file or make it smaller. ERROR E17: can't read info file ProtEXE was unable to read the info file you specified. Make sure this file exists and does not have any special attributes or is not currently in use by another process. ERROR E18: info file is too large (max 16384 bytes) The info file you specified is too large. Make sure you specified the correct file or make it smaller. ERROR E19: file is too small to protect (must be at least 4 bytes) You tried to protect a program smaller than 4 bytes. No use in protecting such a small program. ERROR E20: COM file is too large to protect You tried to protect a COM file that would require more than 64K when protected. In that case you should convert it to an EXE file using the included COM2EXE utility. Another possibility is that the file is not a valid COM nor a valid EXE file, but some sort of datafile. ERROR E21: invalid executable after compression The compressor rendered the executable invalid. Use another compressor or don't use compression. ERROR E22: error creating temporary file <filename> ProtEXE was unable to create a temporary file. Make sure the disk is not full or read-only. ERROR E23: not enough memory You don't have enough conventional memory free for ProtEXE and/or the interactive shell to run. Remove any TSR's and device drivers you don't need. WARNING W01: ignoring registered-only option <option> You tried to use a registered-only option in the unregistered evaluation version. Register! WARNING W02: ignoring option <option> You specified an EXE only option, but the program isn't an EXE; or you specified the -t, -eo or -f options together with -r. The option will be ignored. WARNING W03: stripping extra data/overlays The source file contained extra data such as debug info or overlays. If the program doesn't work after protecting it, try using option -e, -ek or -eo. WARNING W04: no extra data/overlays found, ignoring -e? option You specified the -e, -eo or -ec option but no extra data was found in the EXE file. The -e? option will be ignored. WARNING W05: EXE is probably device driver; using -d option advised You tried to protect an EXE file which was in fact a device driver without using the -d option. Examples of these executables are EMM386.EXE, SETVER.EXE etc. You should use the -d option to protect this kind of executables, otherwise the protected executable will most likely not function. Read the notes on this option in the chapter "Commandline usage" first. NOTE: there is a very small chance that this warning might come up erroneously if ProtEXE incorrectly detects the EXE as being a device driver; if you're absolutely sure the EXE is not a device driver you can safely ignore this warning. WARNING W06: target load module too large - ignoring option -ek The extra data has to be relocated because the target program has become too large after the protection to keep the extra data at the same position. You can solve this by using the -c option to compress the DOS part of the executable. If the compression fails (e.g. because the file was already compressed), this is not possible. WARNING W07: EXE is new executable - protecting DOS stub only The EXE file is a new executable. Examples of such new executables are Windows and OS/2 executables. Also most DOS extenders (protected mode programs), e.g. PharLap, DOS/4GW,... will use new executables. Only the DOS part of the executable will be protected. You should also use option -ek if you want to keep the new executable part intact. WARNING W08: compressor does not support COM/EXE-format executables When protecting a COM/EXE file, you used the -c option with a compressor that does not support that format of executable (for example LZEXE does not support the COM format). The executable will remain uncompressed. Convert the COM file to an EXE file using the included COM2EXE utility, or use another compressor which supports EXE files. WARNING W09: compression failed The compressor was unable to compress the executable; the executable will remain uncompressed. There are different possible reasons for this to happen: 1) The executable was already compressed and/or encrypted (you can check this by examining the compressor's screen output). Don't compress/encrypt the executable before running ProtEXE, or just don't tell ProtEXE to try compressing it again. In some rare cases using another compressor might help, but don't count on it. 2) The compressor program could not be started (you will normally see a "bad command or filename" error message). Make sure the compressor program is somewhere in your PATH. 3) A disk error (e.g. disk full) occurred. Fix the problem and retry. WARNING W10: can't remove file <filename> ProtEXE was unable to delete a file (temporary file or the original file if -o is used). This could be caused by another process accessing the file at the same time, special attributes, or unsufficient access rights to delete the file. WARNING W11: error in PACKERS.PTX (line <linenumber>) The packer configuration file contains an error at the specified line. ProtEXE will work, but the compressor specified at that line will be unusable. Fix the problem and retry. Also see the chapter "Structure of PACKERS.PTX". WARNING W12: unknown compressor You specified an unrecognized compressor id on the command line. The executable won't be compressed. Make sure the PACKERS.PTX file is in the same directory as the executable or in any directory of your PATH and retry. WARNING W13: error analyzing program; ignoring option -t An error occurred while analyzing the program. A possible cause is not enough memory. The -t option will be ignored. WARNING W14: no ties possible; ignoring option -t You specified option -t, but there are no ties possible with the program. A possible cause is that this program is already protected and/or compressed, or that you didn't specify the right parameters after the -t option. The -t option will be ignored. If an error occurs, ProtEXE will abort with the errorlevel set to the corresponding error number. Warnings are not fatal and don't cause an abort. If no error occurred, ProtEXE will exit with errorlevel 0. If you use the interactive shell, ProtEXE doesn't exit upon an error but waits until a key is pressed and returns to the shell. The only error that might occur in the shell so that it aborts with an error- level other than zero is not enough memory (only if that error would occur in the shell itself, not during protection). 8.1 Credits -=-=-=-=-=- Thanks to the following betatesters for helping me make ProtEXE bug-free: (in alphabetical order) Olivier Baum Jochen De Smet Bulent Eren Jeroen Jacobs Heiko Laternicht Marcel Van Den Dries And of course a big thanks to all registered users of ProtEXE. Your support keeps me going ! 9.1 Disclaimer -=-=-=-=-=-=-= I EXCLUDE ANY AND ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. I MAKE NO WARRANTY OR REPRESENTATION, EITHER EXPRESS OR IMPLIED, WITH RESPECT TO THIS SOFTWARE, ITS QUALITY, PERFORMANCE, MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE. I SHALL HAVE NO LIABILITY FOR SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR RESULTING FROM THE USE OR MODIFICATION OF THIS SOFTWARE. -= END OF FILE =-