Protect! EXE/COM v.4.0+ (C) 1993 Jeremy Lilley, All Rights Reserved October 30, 1993 The Very Brief Table of Contents: Introduction: What's New With Protect! EXE/COM v.4.0+ ? ... 1 Why Should I Choose Protect ? ............................. 1 Requirements .............................................. 2 How To Use Protect! EXE/COM ............................... 2 Which Files Can't Be Protected ............................ 3 Legal Terms / Disclaimer .................................. 3 License ................................................... 4 How Does Protect! EXE/COM Stand up to Other Utilities? .... 4 Technical Notes ........................................... 5 Closing (Beg Stuff) ....................................... 6 Introduction: What's New With Protect! EXE/COM v.4.0+ ? Well, Protect! EXE/COM v.4.0+ is back again with a powerful polymorphic mutation engine that will mutate the security envelopes. This effectively gives you a new version of Protect! for every file that you protect, hindering cracking, reverse engineering, and modification of your programs. Entirely rewritten in assembly language, Protect! runs much faster, tighter, and more stable. Overlay support is now included for the most part and your files will probably load up to 4 times (See technical notes) faster than with previous versions of Protect. Also, registered users can simply create a file named CRC.MSG to store their default CRC error message file so that they can customize their CRC error messages much more easily. Why Should I Choose Protect ? Compared to other utilities, Protect! is one of the few to check the integrity of the file every time it is run, and it will stop with an error message of your choice if there is a discrepancy. Optimized for speed, Protect! is clearly the product of choice as it never sacrifices the security of your programs. Software developers and programmers (especially for shareware) can protect their programs from being ALTERED when their software is released, and all of the this protection can be implemented without the final user having to know about it. Do your own investigation and checking with Protect! and see for yourself that Protect! really is a secure and powerful utility. Page 1 Also, Protect! is much less expensive ($25) than any other option or utility that could possibly be comparable (unless you made a well-working custom option, which can be costly and time- consuming). Regarding the use of Protect, unregistered users are not legally allowed to distribute files that they Protect, as this is an evaluation version. Hacking is becoming more and more common, and the $25 registration fee is a small price to pay to help prevent your program from being altered or hacked in the field. Requirements: The requirements are basically nil: DOS 2.0, IBM PC, 64k, etc... I can run this program on my 4.77 mhz XT and have it run quickly. The one major software requirement for protecting EXE files is that you are REQUIRED TO USE AN EXE COMPRESSION PROGRAM such as LZEXE (FREE!), PKLITE, Compack, or Diet. The reasons are simple -- scrambled data seems more scrambled if it is compressed first (basically because it looks more like gibberish). Of course, the files also takes up less space when compressed with an executable compressor, and it will give a hacker more problems than those that Protect! EXE/COM gives alone. Protect! EXE/COM also can insure that the programs that it protects will run consistently if they originate in the more consistent form that LZEXE or PKLite provides them in. So generally as an extra caution, the use of an EXE compressor is required. How To Use Protect! EXE/COM: Since the interactive mode was taken out of Protect! v.4.0+, the only syntax for Protect! EXE/COM is the following: ProtExCm filename[.EXT] Here are some usage examples: ProtExCm MyProg.EXE (To Protect MyProg.EXE) ProtExCm MyProg (To Protect either MyProg.EXE or MyProg.COM) Since unregistered users (you) can't customize their own CRC error messages, you get the CRC error message that I specify (which tells whoever sees the message that you haven't registered Protect!) While this isn't crippling as it allows you to completely evaluate Protect!, I provides an incentive to register. In addition, an errorlevel of 250 is returned to DOS when a CRC error occurs. Page 2 Please note that no file can be expanded after being protected with Protect! EXE/COM, so please preserve the backup file (.OLD) until you are sure that the protected file runs correctly (some incompatibilities may arise with certain files). This is about all that you need to know before you can really start protecting your programs with Protect! EXE/COM. EXE files must be compressed with LZEXE, PKLite, or some other executable compression utility such as TinyProg or Compack and before being protected but COM files can be directly protected. A file called Protect.BAT is included, and using it can be a little bit easier than doing the steps separately: Protect MyProg EXE However, you may want to make your own batch files for a specific project or specific files, as Protect.BAT can be an inconvenience to use in some cases. Which Files Can't Be Protected: Windows and OS/2 files cannot be protected with Protect EXE/COM. The reason for this is that a Windows EXE is basically a small DOS program that says "this program requires Windows" with a pointer to the actual Windows program (which only Windows and Windows-supporting products detect in order to use the Windows part). So if you tried to Protect a Windows file, you would have a monster-sized program that tells you that you need Windows to run it (but Windows would not recognize it as a Windows EXE). In short, don't bother trying to Protect Windows files. Don't protect files such as IBMBIO.COM and IBMDOS.COM, found on machines with IBM's version of DOS. COMMAND.COM can be Protected (I wouldn't really do this though), but you might set off a resident virus detector alert in the process. Legal Terms / Disclaimer: Protect! EXE/COM v.4.0+ ("program") will alter executable files and may have or cause compatibility problems with them (that is why .OLD files are created, in case of incompatibility with a particular file) in certain circumstances. Under no circumstances may Jeremy Lilley ("author") be held liable or accountable for any damage to system files, executable files, data files, or any other system damage due to use or misuse of this program. The author also may not be held accountable for loss of profits or for any other damages incurred by the use or misuse of this program. The author has forewarned any users that damage to files may occur with misuse of his program and in executing the program, the user understands this risk. There is not guarantee that this product will not be Page 3 broken into, however the author has made it extremely difficult to do so. Don't worry -- there is little risk of damage resulting from this program's use as long as you use it correctly. However, if you try to make it mess up, it probably will. Just remember that it isn't my fault if you misuse my program. License: You may use Protect! EXE/COM for the purposes of evaluating it (after understanding the disclaimer and the documentation) for 30 days. No files protected by Protect! EXE/COM during this trial period may be distributed to other computers at all, commercially or non-commercially. If you find Protect! EXE/COM to be of use to you, you must register Protect! EXE/COM with the author. Government, educational, and commercial institutions must register this program with the author prior to use (please contact him for quantity discounts). Sysops, user groups, disk vendors, and other similar organizations may distribute Protect! EXE/COM provided that no files are excluded from the distribution and that no more that $10 is charged for distribution. CD-ROM distributors will be allowed to distribute Protect! on CD-ROM, but they must notify the author prior to distribution. In addition, because this is encryption software, it *must not* be distributed to countries or regions with U.S. encryption export restrictions such as: Afghanistan, Albania, Bulgaria, Cambodia, Cuba, Czechoslovakia, Hungary, Iran, Iraq, Libya, North Korea, China, Poland, Romania, Syria, the former USSR, Vietnam, or Yemen. No registrations will be taken from these regions. How Does Protect! EXE/COM Stand Up To Other Utilities? Protect! EXE/COM's first concern is security -- especially with EXE files. No other program emphasizes the file integrity checking using a CRC that Protect! does to the extent Protect! does. Try PKLiting an EXE file and change a byte or two in the middle of the file (find parts of text that you can still recognize slightly). As long as the program doesn't crash (it may if you've messed too much with the code portions), PKLite doesn't notice your changes at all. A hacker can also decompress a program compressed with PKLite or LZEXE quite easily -- even if a program is compressed with the supposedly "invincible" -E option on the professional version of PKLite. After decompressing, any hacker can "fix" your program (remove copyright screens, add his own routines, etc...), compress it up again, and spread it around, possibly damaging your profits, your reputation, and others' computers. (I hope you have a good disclaimer...) Fortunately, hacking is not totally rampant like that, but it still is a possibility and a risk, and it is much better to pay a few dollars to be safe than Page 4 to be sorry in the future. I don't want to have "hacks" of my programs floating around or to have to worry about that, and neither should you. Though NO software-only (or even hardware) protection program is 100% fool-proof, I am pretty sure this program is the best for protecting your EXE and COM files. Most "trojan horses," modifications, and "hacks" can't be detected by ordinary tools, and it is up to you to defend the security and well-being of your programs. Technical Notes: First off, most of the testing, including the timing testing, was done on a 4.77 mhz XT because even the smallest delay or incompatibility is pretty noticeable on it. After testing more than a few files, files Protected with Protect! v.4.0+ load about 2-4 times faster that files Protected with Protect! v.3.1. Protect! will add about 1k to an EXE or COM file, depending on big the polymorphic encryption engine makes the security envelope (and how many layers of the security envelope are made). Because of the polymorphic encryption engine, the same file will never be Protected the same size every time, but differences should be less than a few hundred bytes. The new overlay support came as a result of the new coding of PROTEXCM.EXE in assembly language - assembly language is easier to control the structure of the file in, and it can be much more reliable. The security envelope itself has always been in assembly language, but now the actual encoder, PROTEXCM.EXE has been rewritten into assembly language also. For your information, Protect! was written using the A86 assembler, which takes a little getting used to with some of its proprietary features, but it has been much easier to use than any other assembler I have used. Once again, if you want to find out approximately how much new version of Protect! will slow the loading of your EXE file, you can use this formula: Size of File in K bytes Delay in Seconds= ----------------------- 100 x Norton SI Rating The SI rating is how much faster than an XT a computer runs, and everything else is pretty self-explanatory, so if you had a 100k EXE, and loaded it on a 386-40 with an SI of 36, you could expect a 0.028 second delay, something hardly worth calculating. For your information, you can now apply multiple layers of Protect! to EXE files, layering as much "ice" as possible between you and the hacker. However, as you apply zillions of layers of Protect!, remeber that the file size and load time grows pretty quickly and that one layer will suit in most cases. Page 5 Closing (Beg Stuff): After seeing how Protect! EXE/COM can save you time, effort, energy, and money, it is now time to discuss price. There are NO "run-time fees," "royalties," or anything of the type attached to the cost of Protect! EXE/COM; you can protect and distribute as many files as you want with Protect! EXE/COM once you register. The cost is $25 per copy of Protect! EXE/COM which may be used on one machine. There is almost no difference between the registered and unregistered versions of Protect! EXE/COM except for the "beg screen" and the absence of CRC error message customization. It uses a CRC error message saying that the file was protected with an UNREGISTERED copy of Protect! EXE/COM, but nobody should see that message in the first place because it is illegal to distribute Protected files Protected by the unregistered version. My program is really not crippled except that I'm sure you would want to use your own CRC error messages instead of the one I've provided with the unregistered version, and I really do not like finding programs protected with the unregistered version of my program being distributed. There is a definite threat of hackers and viruses on the loose and it is your responsibility to protect your programs. While some compression utilities such as LZEXE and PKLite that are already on the market marginally have the ability to protect your programs, only Protect! EXE/COM has the ability to provide solid protection for only $25. Thank you for evaluating Protect! EXE/COM and actually reading this much of the documentation -- Happy EXE/COM Protecting! Send any Inquiries and Registrations to: Jeremy Lilley Protect! EXE/COM 27816 Radfall Court Santa Clarita, CA 91350 Compuserve: 75060,2074 Internet: 75060.2074@compuserve.com Page 6