SnoopStop v1.15 ННННННННННННННН Well, here it is, my .COM file encryptor/protector :) This protector is right for you if you distribute COM files and you want to make them moderately secure. If you write a crack, intro or something else, would you like someone with a hex editor opening the file and changing the credits / messing up the code? Of course not :) Features: ДДДДДДДДД - 256 bit encryption of COM files [non-unique key specific to each copy] - Various anti-debugging tricks and no lame prefetch tricks either :) - Anti-SoftICE (tested with v2.80) - Anti-CUP386 (all modes) - Anti-GTR v1.90 and v1.A1 - Semi-random encryption of constants within COM file - Works with WWPack when converted to an EXE - Files protected can be HackStopped too - CRC checking of code to prevent alteration by lamers - Code encryption to kill Sourcer-touting lamers - No longer detected as VCL by F-PROT because of the new code encryption - Code removed from memory before running protected program to prevent F-PROT from false-alarming a memory scan (VCL). - Anti-TEU and anti-UPC code added: sanitises memory areas also. - Registration incentive added: protected files fail to run (exit w/error) ~25% of the time. Security: ДДДДДДДДД SnoopStop is NOT a secure protector. No COM protector can be. However, SnoopStop takes steps to protect your files against automated unpackers, but nothing can be secure against a real cracker. What you *can* be assured of is that SnoopStop will scare off any hex-editor touting lamers, who would want to change your copyright or something like that. Lamer-proof : Yes [and how!] Real-100%-harcode-cracker-proof : No way! Remember that even CrackStop v1.03 and HackStop v1.18 can be unpacked, and these claim to be a lot more secure than SnoopStop. SnoopStop detects TEU (what I used to unpack CS and HS protected files) and locks up the system if it is found in memory. SnoopStop provides security against the masses. The real crackers can pass through in droves, but it will at least make them puzzle for about five minutes or so, during which time they'll wonder "is it really worth it?". Lamers, too, want easy cracks, and any serious protection will cause them to scram. So, SnoopStop is probably a good choice for BBStros, demos, shareware etc., which would be cracked easily by a seasoned cracker, but that you want to protect against large-scale cracking. WARNING! ДДДДДДДД You *must* erase your code from memory after it has been run, or it can be dumped using CRKCOM or similar. You *must* register too :) Wish-list ДДДДДДДДД [Note: these are arranged in order of probability: the wishes nearest the top are being worked on, those at the bottom may take some time] - Windows [95] compatibility - Checksum/CRC protection of the encrypted data to guard against corruption - Mutation of the protector code - EXE file support - Absolute compatibility - Completely rock solid kick-ass protection *:) Protected files have been tested under real-mode DOS v7 and QEMM v8 + DOS v7; they worked well under both environments. Compatibility with Windows NT is not guaranteed. SnoopStop is not compatible with Windows, and a protected file will exit with an error if run from the Windows environment. Using it: ДДДДДДДДД Syntax: snpstop The file will be automatically protected. There are, as yet, no options. Registration: ДДДДДДДДДДДДД To disable the annoying banner printed by SnoopStop, and to get a unique ID for use with the encryption, you must do one or more of these: ю Send me a registered version of your unpacker/protector etc ю Send me any code snippets or anti-debug code you have ю Write me a nice e-mail saying what you use SnoopStop for - you must have publicly distributed at least one protected file, e.g. a BBStro. To register, mail - you'll get back a registered version in a couple of days. When you register, you'll also get COM2EXE and MarkEXE in the archive (companion products to be used with SnoopStop and other stuff). *If* you are ROSE, Stefan Esser etc. and send me a free registered version of your protector, then you'll get your registered SnoopStop back without any added protection at all. Otherwise, it's protected like the evaluation version. Whilst SnoopStop can't as yet protect EXE files, you can still use COM2EXE and MarkEXE to create an EXE file, and that will still run. Greetings ДДДДДДДДД Greets must go to: ------------------ Daniel Arndt: Much thanks for CE and encryption sources. Although your delta offset stuff was confusing, I fixed it. And >why< on earth did you protect a HackMe with CrackStop? Stone: I have nothing but respect for you. A guy who releases his sources, comments them, and is Swedish to boot. Kewl :) Christoph Gabler: Here's ultimate TEST.COM :) Trap v1.16 sounds nice, so hurry up and finish it 8=] BTW, my name is 'James MacDonald' or 'Trill', not 'Jam MACDonald' or something like that :( BTW, yeah, v1.109 sucked, so what? v1.13 is much better, with new code encryption.. And thanks for the Insider FAQ! Dark Stalker: DS-CRP rules, thanks for some AD routines :) Merlin: P/CRYPT sucks, it's way too incompatible (like SS), but the 'only lamers' idea rules.. Lord Caligo: Cool filebase, cool web page, cool cool cool! But spread SnoopStop unpacked and you die :) JVP and Synopsys: Run TEU/UPC on a SnoopStopped file and enjoy :) SnpUP is sunk in this version too, natch! Fravia+: *Great* site. 'Nuff said. Although UNIX filenames would be nicer (.html, not .htm) :) Greythorne: Symbiote was pretty smart, but all those di offsets in the added code don't really need to be used. Look at ExeEncrypt! ROSE: For getting me interested in RTE. One look at HackStop v1.14 and I was hooked :) Stefan Esser: Hey, would you like to swap free regged protectors? No, not LamerStop which sucks; you don't write real protectors in Turbo Pascal - at least have the sense to rip off X3, IBM-CRP etc :) Szasi: Don't unpack this so soon, enjoy it first. 'Savour the flavour' :) Hann0: The EXE mailing list *rules*. Long may it continue! -- Trill