EXE Manager's Help Index About Manager ~: read this!~ Registration Known crackers Selecting source target files Protection options generation options Checking required hardware EM_PROCS.OBJ About EXE Manager EXE Manager is designed for protecting EXE files from cracking. It has several protection methods. You can enable them separately. The methods are: Checking known crackers Intercepting functions calling previous handler Decrypting instructions execute Checking program terminated normally Of course, EXE Manager protects programs against debugging even if you disable all of the advanced protection methods listed above. ( EXE Manager can also do the following: Protect programs password message protected program starts Detect required hardware Attach programs local network ~CAUTION:~ It's strongly recommended that you read all about a certain option before you enable it. The reason is that some of the protection methods may not be compatible with some programs you protect, some TSRs or DOS versions. This means that even if a protected program runs correctly on your machine, it may not run somewhere else. Most of EXE Manager's protection methods are only effective when EXE Manager is used together with some other protection systems. There are two typical sequences of actions you need to perform to protect your program. 9 ~1. If you have the registered version of EXE Manager:~ + Protect the program with EXE Manager with the following options checked: Check known crackers Intercept calls Dynamic decryption Check other options as your program requires. If you want to protect the program with password, specify it now. Protect the program with an external protection system. This may be a copy-protection system, EXE packer, etc. Protect the program with EXE Manager again. Now enable only the Check known crackers option. Convert your program to COM format if desired. ~2. If you don't have the registered version of EXE Manager or your~ ~program is incompatible with EXE Manager's advanced features:~ _ Protect the program with an external protection system. This may be a copy-protection system, EXE packer, etc. Protect the program with EXE Manager with the following options checked: Check known crackers Intercept calls Check other options as your program requires. Convert your program to COM format if desired. If you have the source code of the program you protect, you may also check the Enable EM_Started procedure option and use some procedures from the EM_PROCS.OBJ file. ~See also:~ Index Registration Protection options Trace allowed overlays Code generation options Check known crackers Intercept calls Dynamic decryption Store Store areas Leave command options Enable EM_Started procedure Novell NetWare attachment Checking the required hardware Required Required Supported video adapters Abort hardware detected Always detect hardware Registration You should register your copy in order to use all the features of EXE Manager. The registered version supports more powerful protection method - decrypting some parts of the protected program when it is running. This protects your programs against unknown to EXE Manager cracking tools. Registration is ~free~ for hackers all over the world. Just drop me a message on boards where you find my name (Solar Designer) or catch me on IRC, I'm usually called Solar_Diz there. p I don't mind if you ~crack~ EXE Manager to register it. In that case you have to tell me how long it took you. ~See also:~ Index Source file You need to enter the file name to protect here. It must be an EXE file. G You can also use the Select button to select this file from a list. Target file You need to enter the target file name here. It must be an EXE file. If you specify the same file as both source and target, a temporary file will be created and renamed to target only after the protection. Selecting source & target files You can use the Select button to select both source and target files from a list. If target file name was not specified before, both file names will be replaced with the selected name, otherwise target file name will remain the same and only source file name will be replaced. If you specify the same file as both source and target, a temporary file will be created and renamed to target only after the protection. Trace allowed When both this option and the Store option are checked, EXE Manager will trace the specified program before protecting it to determine if its PSP is already in use (it is already protected). Z If EXE Manager doesn't trace a certain program correctly, you may not check this option. Copy overlays When this option is checked, EXE Manager will copy overlays (if there are any) to the protected program. Check for known crackers Checking this option turns on the protection method described below. Programs protected with this option checked will look for known crackers in memory, and try to either disable them or abort the program. ~Advantages:~ It is the safest protection method. ~Disadvantages:~ It doesn't disable unknown crackers. ~Possible problems:~ None. ~See also:~ 2 Intercept calls Dynamic decryption Intercept DOS calls Checking this option turns on the protection method described below. Programs protected with this option checked will intercept DOS calls and perform some DOS functions without calling the previous handler. Furthermore, these programs will clear themselves from memory when they terminate. ~Advantages:~ Some crackers will not be able to popup. It will not be possible to crack a program protected with this option checked by making a memory dump after the termination. ~Disadvantages:~ It may be required to check the Store option and limit the command line length. < Also, the protected program MUST terminate with DosFn 4Ch. ~Possible problems:~ If the protected program doesn't run, you may need to check the Store option. If the protected program uses the EXEC function (DosFn 4Bh or INT 2Eh), it should only execute programs that terminate with DosFn 4Ch. To solve this problem, I recommend you to use the EM_InitExec and EM_DoneExec procedures. ~See also:~ l Check known crackers Dynamic decryption Store Store areas Dynamic code decryption Checking this option turns on the protection method that is only available in the registered version. This method is described below. Programs protected with this option checked will have some parts of their code modified so that these parts can only be executed with the EXE Manager's INT 3 handler. ~Advantages:~ If somebody tries to crack a program protected with this option checked, even if he manages to make a memory dump, the code in this dump will not run without the EXE Manager's INT 3 handler. This means that the cracker will also have to include the handler to the cracked program. Even if he manages to do all that, he will be able to debug the cracked program only using debuggers that don't use INT 3. ~Disadvantages:~ It is required to check the Intercept calls option. | Also, you'll either have to check the Store areas option or uncheck the Leave command options option. ~Possible problems:~ Some compilers that generate executable code, debuggers, etc. can't be protected with this option checked. B Other problems are same as for the Intercept calls option. ~See also:~ h Check known crackers Intercept calls Store Store areas Store code in PSP area In most cases you'll have to check this option if the Intercept calls option is checked. Checking this option limits the command line length. If you specify more than 30 characters on the protected program's command line, an error message will be displayed. ~See also:~ k Intercept calls Dynamic decryption Store areas Leave command options Store code in FCB areas When both the Dynamic decryption and Store options are checked, you can check this option to leave some space for command line options. ~See also:~ j Intercept calls Dynamic decryption Store Leave command options Leave command line options When this option is unchecked the protected program will not receive its command line options. Enable EM_Started procedure When this option is checked the protected program will check if it was normally terminated the previous time and abort itself if it wasn't. You must have the source code of the program you want to protect in order to use this protection method. You should insert a call to the EM_Started procedure to the very beginning of your program. Novell NetWare attachment This feature allows you to attach program to a local network so that it will run on all the computers in it, but won't run outside of it. Every time you run a program protected using this method, it checks the NETWARE.KEY file in current directory. This file should be created using the NETWARE.COM program supplied with EXE Manager. ~See also:~ % Specifying attachment keyword EM_InitExec and EM_DoneExec procedures These procedures may be required if you check the Intercept calls option and your program uses the EXEC function (DosFn 4Bh or INT 2Eh). They are located in the EM_PROCS.OBJ file. | You need to make a far call to EM_InitExec right before the call to EXEC, and EM_DoneExec after. Example for Turbo Pascal: {$L em_procs.obj} procedure EM_InitExec; far; external; procedure EM_DoneExec; far; external; SwapVectors; EM_InitExec; Exec(...); EM_DoneExec; SwapVectors; end. EM_Started procedure This procedure sets the flag that indicates that your program's startup code is already executed. Definition for Turbo Pascal: : {$L em_procs.obj} procedure EM_Started; far; external; ~See also:~ / Enable EM_Started procedure EM_PROCS.OBJ EM_Protected function This function can be used to determine if the program is protected with EXE Manager or not. Definition for Turbo Pascal: D {$L em_procs.obj} function EM_Protected :Boolean; far; external; ~See also:~ EM_PROCS.OBJ EM_GetCPU and EM_GetVideo functions These functions return the detected CPU, FPU and video adapter types. Definition for Turbo Pascal: j {$L em_procs.obj} function EM_GetCPU :Word; far; external; function EM_GetVideo :Word; far; external; The EM_GetCPU function returns the CPU code in the low byte of the result, and the FPU code in the high byte. The CPU codes are , Code CPU 0 8086 2 80286 3 80386 4 80486 5 Pentium 0Fh Not detected The FPU codes are , Code FPU 0 None 1 8087 2 80287 3 80387 4 80487 0Fh Not detected The value returned by the EM_GetVideo function , Bit Mask Detected adapter is compatible with ... 0 0001 MDA 1 0002 CGA 2 0004 EGA, 64 Kb 3 0008 EGA, 256 Kb 4 0010 MCGA 5 0020 VGA 6 0040 VESA SVGA 7 0080 VESA SVGA, 512 Kb 8 0100 VESA SVGA, 1 Mb 9 0200 VESA SVGA, 2 Mb For example, the EM_GetVideo function returns the value 00FEh for a VESA SVGA with 512 Kb video memory. ~See also:~ * Always detect hardware EM_PROCS.OBJ EM_PROCS.OBJ file This file contains some auxiliary routines to use in programs that are intended to be protected with EXE Manager. All the routines will work properly only if you protect your program with the Intercept calls option checked. Also, all the routines should be called far. The routines are: EM_InitExec EM_DoneExec procedures EM_Started procedure EM_Protected function EM_GetCPU EM_GetVideo functions Known crackers This version of EXE Manager knows the following cracking tools: $ Cracking tool Version Release Author EXE Manager's Date disabling method INTRUDER 0.01b MAY 94 CREAT0R, CreaSoft Shows message INTRUDER 1.20 JUN 94 CREAT0R, CreaSoft 'DO NOT CRACK!' INTRUDER 1.30 JUL 94 CREAT0R, CreaSoft and aborts the program AutoHack 4.1 FEB 94 J.Tolsky, BCP corp AutoHack ][ 1.0b 1994 Y.Tolsky, BCP corp SnapShot Pro 3.0 1994 DaLe. Co HACKTOOLS 3.00 1994 Oleg N.Kolesnikov Cheat Compiler 1.0 1993 Steel Rat Player's Tool 3.0 1993 Dmitry Yakunin & Removes PT from Player's Tool 3.996b 1994 Andy Robinson, UHC memory Debuggers Soft-ICE 2.62 1992 Nu-Mega Tech. Makes Soft-ICE's Soft-ICE 2.64 1993 Nu-Mega Tech. API calls Soft-ICE/W 1.0 1992 Nu-Mega Tech. Soft-ICE/W 1.3 1993 Nu-Mega Tech. Soft-ICE/W 1.51 1994 Nu-Mega Tech. Turbo Debugger 3.1 1992 Borland Int. Changes some of TD386 3.1 1992 Borland Int. the debugger's INT handlers, so MS DOS Debug 3.30 1988 Microsoft Corp the debugger MS DOS Debug 5.00 1991 Microsoft Corp won't work. MS DOS Debug 6.20 1993 Microsoft Corp PC DOS Debug 7.00 1995 Microsoft Corp Symbolic Debug 4.00 1985 Microsoft Corp 386 MiniBug 2.0 1988 Phar Lap Software 386 MiniBug 2.2d 1989 Phar Lap Software ACT N82538872 1993 Victor M.Gamayunov D(ALF) 1.0b 1992 Obraztzow S. EDB 0.15 1991 Serge Pachkovsky Required CPU You can select a CPU that your program requires. The protected program will check if it's present. ~See also:~ EM_GetCPU EM_GetVideo functions Abort hardware detected Always detect hardware Required Supported video adapters Required FPU You can select a FPU that your program requires. The protected program will check if it's present. ~See also:~ EM_GetCPU EM_GetVideo functions Abort hardware detected Always detect hardware Required Supported video adapters Supported video adapters You should select all the video adapters that your program supports. The protected program will check if one of them (or compatible) is present. } You can only select a valid combination of adapters. For example, your program can't support CGA if it doesn't support VGA. SVGA adapters are detected using VESA BIOS, so only VESA-compatible adapters can be detected. Realtek SVGA's bug is fixed - video memory size is determined correctly. ~See also:~ EM_GetCPU EM_GetVideo functions Abort hardware detected Always detect hardware Required Required Abort if hardware not detected When this option is checked, the protected program will terminate immediately if the required hardware isn't detected. Otherwise, the user will be asked if he wants to continue anyway. Always detect hardware When this option is checked, the protected program will always call all the hardware detection routines, for example, even if you specify that your program supports an 8086. z You need to check this option if you're using procedures from the EM_PROCS.OBJ file to determine the type of hardware. Show at startup The line of text specified here will be displayed each time the protected program starts. Password If the Novell NetWare attachment option is not checked this field acts as a normal password that will be required to run the protected program. N Otherwise this is the keyword you specify on the NETWARE.COM's command line. ~See also:~ Novell NetWare attachment