Bug Report, 19-Dec-98 (stn) - HS build 203b edump idea: why not doing the same as edump using the same controls? ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ CODE 1.19 MAJOR - Roses P2-333 bug maybe P3/K7 processors have trouble?? my dads p2-400 runs b203 fine prnregs test for pmode int handlers \ removed ifdef debug in verbosedebugline / remove overlay error debuginfo (hs.asm) / reset int 10 in screwdeb (rose.inc) (if you use /Ddebug, verbosedebugline will be compiled so int 10 can't be nuked) /\ reset ifdef tron (rose.inc) - TEU said to unpack HS 1.19 without trouble (Zenix) MINOR - build 198-200 protected files sometimes insert random keys into the keyboard buffer (rar 07-Dec-98) ^ nt bug? --stn - @screw_intruder needs cleanup, int 0-2c loop is very inefficient - bugfixes for NT 4.00 - win16/win32/overlay files are killed (win32 even with display error) (reported by Valery) - COM body encryption is sometimes very boring (Valentino) Analyse: possible repetition rate differs heavily (5 to 86) and seems to be output of Roses mini-mte which produces random encryption algorithms.. - add > 64k reloc handling (rhrg.exe) REC BUGS - exebody length is filled in wrong sometimes (sample existed on my p2 HD) CODE 1.20 - SHAME ][ - PSP moving trick - EDUMP / GTR (hmm, I bet this note will stay here long :)) DOCS - waiting for Thorstens version (january 1999) REMAINING BUGS PLATFORM LIST: + all builds work on Win98/P2-233 (Stonehead) + all builds work on Cyrix 486 (Ralph Roth) 2 + build 183 86 works under NT 4.0/586 6 + build 187 86/386 works on i486 (stn) 9 + build 188 86 works on NT (Rose) 14 + build 190b 86/386 works on Win98 (Pietro Liguori) 18 - build 190? 86/386 doesn't work on NT (Thorsten Weber) ^ hs86 fixed in b192, hs386 fixed in b198 22 - build 191 386 doesn't work on NT: NTVDM error (Jauming Tseng) ^ fixed in b198 20 + build 192 86 works on NT (Valery Shabaev) 23 + build 192 386 works on Win95a/P-MMX200 (rar) 25 + build 192 86/86d/386d work on NT (Rose) 27 + build 198 works on NT 4.0/P-MMX-166, Win95a/P-MMX-200 (rose) 28 + build 198 works on NT (Valery Shabaev) 31 + build 199 works on the XT (stn) 32 + build 203 works on Valentino's DOS 6.0 + EMM386 33 - build 203 crashes (protected files) on Roses P2-333. Win95b BUILD HISTORY: 80 rose 120898 initial build HS 1.19, more comments 180 stn 200898 code review, new 386 anti-tr trick 181 stn 240898 relocation handling 182 stn 020998 better stack handling 183 rose 080998 secret.inc 184 stn 280998 exe body encryption 184a rose 290998 com length bug 185 stn 121098 cmdline handling: filespec -> filename SS had far too high value at entry relocation encryption exe body encryption constants randomized 186 rose 151098 revision control 187 stn 181098 -nb -nr switches added last segment of exe body was corrupted bugfix for exeheaders > 64k 188 stn 191098 resists tr 2.03 (xt's too) more exeheader brandmarks recognized 189 stn 241098 hs386 with anti-teu trick (exe only release) secret area overwritten at startup (thx 2 mr-d) 190 stn 021198 minor fixes 190b stn 081198 try to fix some bugs under NT this fixes a "hs386 infectme.exe -nr" hang on the cyrix (Rose) 190c rose 151198 TR200 fix? started hs beta mailing list 191 stn 161198 try to fix some bugs under NT 192 stn 191198 running line-bugfix for hs386 on my p2 this fixes bugs under Win310 (Valentino Tosatti), P200-MMX/Win95a (Rose) and P2-233 (stn) 192a rose 191198 cosmetic changes 193 stn 211198 reset TRON ifdefs, error handling improved, removed dr6 194 stn 241198 some macros were using ds=0, fixed. @screw_deb?? 194a: protecting: abcdefghi4 protected files: abcdefghijk01lmn234 194b: protecting: abcdefghi4 protected files: abcdefghijk565601lmn234 195 stn 261198 more debugging info for this fucking NT bug 198/197/195: protecting: DEabcdefghi4 protected files: ABCDEabcdefghijk565601lmn234 196 not existing 197 rose 281198 major NT fixes: thrown away Dark Stalkers cup386/7 trick added a cli before dr7 stuff on strategic places 198 stn 291198 cosmetic changes 199 stn 0x1298 1st try to fix J flag by tbscan hr in protected exes (rar) resists DeGlucker 0.04rc improved pure exe body encryption (Valentino) Analysed PGMPAK - HS won't support it, it's buggy added errormessage for #rels > headersize (Valentino) done the build 192 bugfix for coms (was necessary coz I changed something else and it crashed.. weird) (was necessary to run on xts too) 200 rar 071298 New option -te, fixed the DeGlucker AD trick Fixed heuristics virus detection flags of TbScan & RHBVS 201 stn 091298 fixed error when COM too large (Valery) analysed com body algorithm, not fixed yet (Valentino) fixed word algo bug in REC 202 stn 141298 fixed "This file has been protected.." while protecting fixed minimum and maximum .COM file size (rar) tested HS with a nuked int1/3 added large debug info in COM decryptor protecting exes: abcdefgabcde protecting coms: abcdefgabcde4567wxz123yOPQOPQwxz123y4567 protected coms: abcdefgabcdehijlmnopqrsOPQtuwxz123yv894567ABICDJKLMNEFGH 203 stn 161298 fixed CUP386 3.4 being able to unpack HS :)) (Zenix) fixed coprocessor instruction in @fuck_unrec added more debug info for Valentino added debug info around overlay-renaming (3 ones) protecting exes: abcdefgabcdeMNOPMNOP protecting coms: abcdefgabcde4567wxz123yOPQOPQwxz123y4567 protected coms: abcdefgabcdehijlmnopqrsOPQtuwxz123yv894567ABICDJKLMNEFGH protected exes: IJKLMNOP 204 stn 020299 kicked ltr 1.01 (exe)