ProtEXE v3.11 - EXE/COM encryption/validation/protection
Copyright (c) 1995-1997 by Tom Torfs, all rights reserved


                               -= MANUAL =-

0.1 Table of contents
-=-=-=-=-=-=-=-=-=-=-

0.1 Table of contents

1.1 Overview
1.2 Reasons for using ProtEXE

2.1 Commandline usage
2.2 Configuration file
2.3 Interactive shell

3.1 ProtEXE operation notes
3.2 Files that shouldn't be protected with ProtEXE
3.3 ProtEXE and executable compressors
3.4 ProtEXE and virus-scanners
3.5 ProtEXE and other operating systems & multitaskers

4.1 Verifying the registration information
4.2 Testing the CRC failed message

5.1 Reasons for registering ProtEXE
5.2 How to register ProtEXE

6.1 Contacting the author
6.2 Where to find the most recent version of ProtEXE

7.1 Errors, warnings & errorlevels

8.1 Credits

9.1 Disclaimer

1.1 Overview
-=-=-=-=-=-=

ProtEXE is a programmer's tool that protects your DOS executables (EXE & COM)
from tampering and other corruption in three ways:
        a) the code and data are encrypted
        b) via a CRC any changes in the code and/or data and optionally
           in the extra data (overlays etc.) are detected immediately
        c) anti-debugging, anti-disassembling and anti-unpacking techniques
           stop crackers from stepping through your programs with a debugger
           or reverse-engineering them with a disassembler

1.2 Reasons for using ProtEXE
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

If you're a programmer, you won't like it when some kiddie changes
your precious programs' output into some useless rubbish, or changes
your name by his/hers, or ...
You wouldn't like it either if some cracker broke your programs'
registration key routine or copy protection, or something like that.
You would even like it less if someone changed your program into
a logic bomb or virus.
Just imagine what all this could do to your reputation as a programmer.

That's why programs like ProtEXE are there. Now why should you use
ProtEXE instead of some other program that does basically the same job ?

Because:
        - ProtEXE is secure: lots of anti-debugging techniques and
          automatic polymorphic self-encryption and decryption stop
          debuggers and disassemblers from examining the decryption
          algorithm; anti-unpacking tricks stop automated unpacking
          programs from removing the protection; one of the more
          advanced anti-unpacking tricks is the tie option {+},
          another advanced security feature is the runtime data decryption
          system for C/C++, Pascal and assembly language {+}
        - ProtEXE is fast: the decryption and CRC validation take
          so little time that you won't see the difference between the
          original and the protected version of a program
        - ProtEXE protected EXE and COM files require only a little bit
          more memory and disk space than the unprotected versions;
          this space is well invested since it significantly enhances
          your program's security
        - ProtEXE can automatically call your favorite executable
          compressor to make the executables more compact (a freely
          usable executable compressor, ComprEXE, is included;
          see COMPREXE.DOC for more details)
        - ProtEXE has the ability to copy any extra data from the source
          file to the target file (like some overlays); it can also
          force overlaid programs to load their overlays from the new
          position, allowing to protect some programs that would otherwise
          be impossible to protect/compress
        - ProtEXE can protect the DOS part of 'new executables', such as
          Windows or OS/2 executables
        - ProtEXE can CRC check the overlays and other extra data {+}
        - ProtEXE can retain all the additional information in the EXE
          header and can optionally fool the protected program into
          thinking the header hasn't changed at all
        - ProtEXE can include additional information (e.g. copyright
          info) in the header of the EXE file
        - ProtEXE can leave certain information in the beginning of the
          EXE file (before CS:IP entry point) unencrypted; this is
          especially handy for protecting device driver-EXEs etc.
        - ProtEXE can protect programs that stay resident (TSRs)
          (although some of the more advanced features will be disabled)
        - ProtEXE has the ability to replace the message that's displayed
          when the CRC fails by your own text {+}
        - ProtEXE can optionally display a banner text before the program
          gets run (useful for programs that take long to initialize etc.);
          after this banner ProtEXE can optionally wait for a keypress,
          echo the key pressed and/or abort by pressing ESC
        - ProtEXE can optionally password-protect the executables, with
          a customizable prompt and error message
        - ProtEXE has a comfortable interactive shell which allows you
          to use it without having to type long commandlines
        - ProtEXE can read often used options from a configuration file
          and change & save these options from the interactive shell
        - ProtEXE displays statistics about the memory usage etc. of
          the original, compressed (optional) and protected program
        - ProtEXE is inexpensive: see ORDER.FRM for detailed pricing
        - Once you purchased the registered or commercial version of
          ProtEXE, you may protect as many programs as you like with it,
          there are no royalties

2.1 Commandline usage
-=-=-=-=-=-=-=-=-=-=-

PROTEXE <oldfile>[.EXE|.COM] [<newfile>[.EXE|.COM]]
   [-c[<compressor id>]] [-m<msgfile>] [-b<bannerfile>]
   [-p<password>[,<prompt>,<error>]] [-t[<parameters>]] [-s<rol>]
   [-r] [-k] [-o] [-e[k][o][c]] [-h] [-f] [-d] [-i<infofile>]

* Command line basics *

<oldfile> is the name of the executable to protect. <newfile> is the name
of the protected executable. If you omit <newfile>, <oldfile> will be
replaced and the original file will be stored as <oldfile>.OLD (unless
you use option -o).
If no extension is provided, .EXE or .COM is automatically appended.

You can specify multiple options on the command line to customize
ProtEXE's behaviour. Note that for all options you can use the / switch
character instead of the - character if you prefer.

If an option is followed by - (e.g. -o-) a previous setting (e.g. from
the configuration file) is overridden. You can also override options
which take a filename or other parameter, e.g. -m or -p.

An overview of the command line options can be displayed by putting
the parameter /? (or -?) on the commandline.

You can put often used options in the configuration file (see chapter
"Configuration file").

If you specify no parameters on the commandline, the interactive shell
is started instead (see chapter "Interactive shell").

All options marked with {+} are available in the registered and
commercial versions only.

* General options *

[-c[<compressor id>]]

With option -c you can call an executable compressor before protecting
the EXE file. The actual compressor corresponding to the id is configured
in the file PACKERS.PTX (see chapter "Structure of PACKERS.PTX" for more
information). If no id is specified, the first compressor in the
configuration file will be used.

By default the following compressors are supported:
c  COMPREXE (default, included in archive)
l  LZEXE
p  PKLITE
pc PKLITE commercial version
d  DIET
cp COMPACK
t  TINYPROG
u  UCEXE
w  WWPACK
x  XPACK

Using an executable compressor makes the executable smaller and adds some
additional protection. There are several advantages to integrating them
in ProtEXE: not only that you can do everything with one command line,
but also that ProtEXE can not only calculate statistics relative to the
intermediate compressed file but also to the original uncompressed file.
Furthermore this method allows the use of the tie and data encryption
options.

[-m<msgfile>] {+}

<msgfile> is the name of the file which is displayed when the CRC fails.
This file may not be larger than 4096 bytes.
The default message is:
   CRC failed -> executable has been corrupted
In the unregistered version, preceded by the ProtEXE version string.
I would suggest you always use a message file, which clearly explains
what has happened to the user of your program and what he/she should
do about it.

[-b<bannerfile>]

<bannerfile> is the name of the file that should be displayed before running
the program. This file is also limited to 4096 bytes.

You can put the following special codes as the last character in the
bannerfile: (there may be nothing after this, including spaces)
   \x01 (Ctrl-A)  Wait for a keypress w/o echo, pressing ESC aborts
   \x02 (Ctrl-B)  Wait for a keypress w/o echo, no abort possible
   \x03 (Ctrl-C)  Wait for a keypress with echo, pressing ESC aborts
   \x04 (Ctrl-D)  Wait for a keypress with echo, no abort possible
   \x05 (Ctrl-E)  Wait for a keypress with echo & CR/LF, pressing ESC aborts
   \x06 (Ctrl-F)  Wait for a keypress with echo & CR/LF, no abort possible

If this control code is followed by a CR/LF, that CR/LF is stripped off.
This allows you to create a bannerfile with a prompt on the same line
using a text editor which forces the file to be terminated by a CR/LF.

In the unregistered version, the ProtEXE version string is inserted at
the beginning of the banner.

[-p<password>]

Every time the program is run, <password> will have to be typed in. If the
entered password is incorrect, the program will simply abort with an error.
Spaces must be replaced by underscores. Use \ to quote the next character
(\" for double quote, \, for comma and \\ to force a backslash).
The password is case sensitive, so "PASSWORD" is not the same as "password"
or "Password".
The password itself isn't stored anywhere in the executable, not even in
encrypted form. One-way functions are applied on it and those are compared
against the expected values.

You can also specify password prompt and password error message files
after the password, separated by commas. Note that the prompt file should
not be terminated with a newline if you wish to have the input on the same
line as the prompt.
The default password prompt is: "Enter password:". The default password
error message is "Invalid password".
In the unregistered version the ProtEXE version string will be inserted
in front of the password prompt.

NOTE: using the -p option also increases the startup stack size the
protected executable will have by 80 bytes (unless option -ec is also used,
see further). This does not affect the program's stack.

[-t[<parameters>]] {+}

This option ties the decryption module and the program together, so that
even if a cracker would succeed in unpacking the executable, it would
never work.

When using the -t option, ProtEXE does a test run of the program to
analyze it. This test run should be representative for general
program use. If such a representative run requires certain command
line parameters, you should specify them after the -t option.
Spaces must be replaced by underscores. Use \_ to force an underscore,
\" to force a double quote and \\ to force a backslash.

The -t option will only be effective when applied directly on the
uncompressed, unencrypted executable. Do not use an executable
compressor before running ProtEXE -t, because otherwise only the
compressor code would be tied to the decryption module, not the
program itself. You should instead use the -c option if you wish
to both compress and tie the executable.

The number of ties is limited to 64. If no ties are possible,
the -t option is ignored. If the number of ties is less than 5,
the executable is probably already protected/compressed, unless
it is a very small executable.

If you use this option, you should test your executable *carefully*
before assuming it works; not all executables like the tie option.

The -t option is disabled when you use -r to protect a TSR program.

[-s<rol>] {+}

In the registered and commercial versions of ProtEXE, you can use the
external PTXCrypt programming libraries for C/C++, Pascal and assembly
language. These libraries can be extracted using PTXCRYPT.EXE if you
have a valid registration key.

Once you registered, these libraries can freely be used to encrypt/decrypt
your data (using a 64-bit XOR encryption, thus not subject to US export
restrictions) via a randomly chosen key which is provided by the ProtEXE
runtime decryption module, effectively making the data unaccessible
without that protection module.

You can also specify a user defined 32-bit rol-value to 'personalize'
the encryption system. It is highly recommended to use a unique value
for all your programs, as this significantly enhances their security.

This 32-bit rol-value should be passed in hexadecimal notation (8 digits
from 0..9 and A..F) after the -s parameter.

[-r]

This option allows ProtEXE to protect programs that stay resident in
memory (commonly known as TSR programs).

This option disables some of the advanced features and also reduces
the security of the protected executable, so you should only use
it when absolutely necessary.

In some (rare) cases, using option -r may be required to protect a
non-TSR program, too. It's always worth a try, when your program
refuses to work after protection.

The following options are disabled when using -r: -t, -eo, -f.

[-k]

This option tells ProtEXE to leave the original code 100% intact.
This may be necessary when the program performs some sort of self-check.

If you do not use option -k, ProtEXE may make some minor modifications
to the code to enhance the security.

[-o]

If option -o is given, the original file will be deleted instead of
renamed to .OLD. Using this option is not recommended.
This option is ignored if an output file is specified.

* EXE-only options *

[-e]

EXE files contain the length of actual code/data in their header.
Sometimes the EXE file contains data after this, which is not loaded
when the program is run, but which might be read separately afterwards
(overlays). This may also be debug info, used by a symbolic debugger
(such as Turbo Debugger), but not required by the program itself. It
may also be the 'new executable' part for Windows, OS/2, ... executables.

If option -e is given, any extra data in an EXE-file is simply copied into
the target file, instead of being stripped off. This doesn't guarantee that
the extra data is still useful after the protection. If you get the
'stripping extra data' warning and the protected program doesn't work, you
should try using this option.

[-ek]

If the program has overlays and it doesn't work with option -e, there is
a chance the overlay positions are hardcoded in the program. In that case
try using option -ek. This forces the extra data to be kept at the same
position as in the original file.

The -ek option is also required to protect most types of 'new executables'
(e.g. Windows or OS/2 executables). However, it will usually only work with
programs that have an independant DOS part (not the typical DOS stub of
'This program cannot run in a DOS session' or something like that), for
the reason below.

The -ek option requires the protected code to be smaller than or equal to
the unprotected version. If that isn't the case, ProtEXE shows a warning
and the extra data will be relocated anyway. In that case, you should use
the -c option to compress the code first. In fact, this will usually be
necessary to use the -ek option. If the compression fails or isn't
significant enough, there's not much more you can do.

[-eo]

An alternative to the -ek option for programs that hardcode their overlay
positions, is the -eo option. This option forces the program to read the
overlays from the new position.
NOTE: this option only works for handle file I/O functions. FCBs are not
supported, as they are hardly ever used for file I/O anymore.

Some programs use an overlay system that is incompatible with ProtEXE -eo.
You should try using option -ek to protect these instead.

This does not work for 'new executables', only for plain DOS programs.

The -eo option is disabled when you use -r to protect a TSR program.

The -eo option is ignored if the -ek option is also used (no need to
relocate overlays if you keep them at the same position).

[-ec] {+}

If you add the letter c after the option -e, the overlays will also be
CRC checked every time you run the program.
NOTE: using the -ec option also increases the startup stack size the
protected executable will have by 512 bytes. This does not affect
the program's stack.

You can combine the -ek/-eo and -ec options into -ekc/-eoc or -eck/-eco.

[-h]

Option -h disables packing the header. All additional information in the
EXE header will be copied to the target file.
Using this option can allow some otherwise unprotectable executables
to be protected.

[-f]

In some (rare) cases, using option -h is not enough, because the program
expects the exact same header to be found (including the memory paragraphs
etc. fields). This option fakes the old header to be presented to the
program if it tries to read its own header.
However, if the program depends on these fields having certain values
other than as a kind of self-check, there is a chance it will not
function properly after protection.
NOTE: this option only works for handle file I/O functions. FCBs are not
supported, as they are hardly ever used for file I/O anymore.

The -f option is disabled when you use -r to protect a TSR program.

[-d]

Option -d leaves all code before the CS:IP entry point in the EXE file
unencrypted. It is obvious that you should only use this option if really
necessary. An example where this option is necessary is to protect
EXE files that are in fact device drivers (such as SETVER.EXE,
EMM386.EXE etc.). But keep in mind that all the actual device driver
code (= before CS:IP entry point) will remain unencrypted. Using the
-d option is not a guarantee at all that the device driver will still
be usable after the protection.

[-i<infofile>]

<infofile> is the name of the file containing the text that is to be
included in the header of the EXE file (e.g. copyright info). This file
is limited to 16384 bytes.

If you begin this file with \x1B[2J and end it with \x1A, you can
display the text using TYPE <name of EXE file>.

2.2 Configuration file
-=-=-=-=-=-=-=-=-=-=-=

The configuration file is named CONFIG.PTX and must be in the same
directory as PROTEXE.EXE or in any directory of the PATH.

The file should contain one commandline option per line. The help
option (-?) and filenames to protect are not allowed.
Lines beginning with ; (comments) and blank lines are ignored.

An option specified in the configuration file can always be
overridden on the commandline (see "Commandline usage").

You can also create a configuration file from within the interactive
shell (see chapter "Interactive shell").

2.3 Interactive shell
-=-=-=-=-=-=-=-=-=-=-

When you start ProtEXE without parameters, the interactive shell is
started. In this shell you can browse through your directories and
disks and select any executables you wish to protect. If you move
the lightbar over an executable and press Enter, that file will
be protected. You will be asked whether you want to use the same
file as targetfile, or a different file. Then the normal, non-
interactive part of ProtEXE will be spawned with the correct
settings. After finishing it waits for a keypress (to allow you
to examine the statistics or a possible error message), and then
returns to the shell.

You can also customize the options and optionally save them to disk.
You can switch between the files and the options with the left & right
arrow keys. You can change an option by moving the lightbar over it and
pressing Enter. Press F1 for a quick help screen about the used keys.

Just like in the commandline mode, the registered/commercial-only options
are disabled in the unregistered evaluation version.

2.4 Structure of PACKERS.PTX
-=-=-=-=-=-=-=-=-=-=-=-=-=-=

The file PACKERS.PTX must be in the same directory as PROTEXE.EXE
or in any directory of the PATH.

Any non-blank line in PACKERS.PTX that does not begin with a
semicolon (comment), has the following structure:
(different fields are separated by at least one space,
 all fields are case insensitive except the commandline)

<id> <exe> <com> <backup> <cmdline>

<id> is a short abbreviation to identify the compressor. It must
be passed on the commandline after -c (see the chapter "How to
use ProtEXE" for more information).

<exe> is Y or N depending on wether the compressor supports EXEs.

<com> is Y or N depending on wether the compressor supports COMs.

<backup> is either - or the extension of the backup file created
by the compressor. It will be cleaned up by ProtEXE automatically.

<cmdline> is the commandline to execute when calling the compressor.
It is executed the same way as if you would type it in from the
DOS command prompt, so you don't need to specify a full path and
extension of the compressor program, as long as it is somewhere
in the PATH or in the current directory.
You can also use the macros %F and %T in the commandline. %F expands
to the filename of the program being compressed, and %T (optionally)
expands to the filename of the target program. If you don't specify
%T, ProtEXE will assume the source and target files are the same.

See the default PACKERS.PTX for an example.

3.1 ProtEXE operation notes
-=-=-=-=-=-=-=-=-=-=-=-=-=-

ProtEXE tags a little code module of its own to the program. That module
decrypts the program in memory, performs all necessary segment relocations,
restores the stack etc., and then jumps to the original entry point.
That's the basic system in a nutshell. In practice, the code module does
more, such as CRC-checking, password-verifying, anti-debugging and
anti-unpacking techniques, etc.

Different ProtEXE features execute in the following order:
   * load image CRC check
   * overlay CRC check (optional)
   * registration info
   * banner (optional)
   * password (optional)

It is possible to use ProtEXE multiple times on a program, also with
different combinations of options. However, doing so doesn't make much
sense, as the program would only get bigger (and slightly slower,
especially after multiple layers, and even more so if overlay crc
checking is turned on) with not much improvement in security. If
someone would be capable of unpacking one layer of ProtEXE, there
is no reason why he/she couldn't unpack two or more.

3.2 Files that shouldn't be protected with ProtEXE
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

ProtEXE can essentially only protect DOS executables. If you try to protect
a new executable like those for Windows or OS/2 and most DOS extenders
(PharLap, DOS/4GW,...) (protected mode programs), ProtEXE will give
a warning and only protect the DOS part. See the notes on option -ek
and warning W07 for more details.

To protect programs that are in fact device drivers, like SETVER.EXE,
EMM386.EXE, etc. you should use the -d option. This is still no guarantee
the device driver will still function correctly after the protection,
but without it it will certainly not work; ProtEXE will give a warning
if you try to protect such an executable without the -d option.

COM files may not be larger than approx. 60-62K. Otherwise they can't
be protected by ProtEXE, because the protected COM would exceed 64K.
COM files smaller than 4 bytes can't be protected, either.
In both cases, you should convert them to an EXE file using the
included COM2EXE utility.

EXE files with overlays in the EXE-file will require the use of the
-e option with ProtEXE. If the protected executable won't function,
you should try using options -ek, -eo, -h, -f and/or -d.
Please read the information in the chapter "Commandline usage"
concerning these options first.

Files that read/write data or code directly to their images on disk
won't work with ProtEXE (or with any file compressor). Note that this
does not apply to overlays. A program is free to write to its overlays,
unless you have protected the program with option -ec of course.

Programs that spawn other programs (e.g. DOS shell) work fine with
ProtEXE.

Terminate & stay resident programs (TSRs) also work, but require
the use of the -r option (see chapter "Commandline usage").

Self-extracting EXE files (such as those created by PKZIP, LHA, ARJ,
RAR, ...) can be protected by ProtEXE. For most (if not all) of these
you must use the -e option, and for LHA you must use -eo.

3.3 ProtEXE and executable compressors
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Yes. It is even supported directly by ProtEXE. See the option -c
in the chapter "Commandline usage" and the chapter "Structure of
PACKERS.PTX" for more information.

A freely usable executable compressor, ComprEXE, is included in
the archive. See COMPREXE.DOC for more information.

I encourage using a compressor with ProtEXE, because that way the
program becomes a lot smaller and a little bit harder to crack.

What you shouldn't do is first run ProtEXE and then the compressor.
ProtEXE scrambles the code so that it becomes uncompressable.
In most cases the compressors refuse to compress it because instead
of becoming smaller the code would become larger.

3.4 ProtEXE and virus-scanners
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Some heuristic virus scanners, such as F-Prot, may say that ProtEXE
and programs protected with it are suspicious because they contain
anti-disassembling and anti-debugging tricks.

This is absolutely normal, since that is the purpose of ProtEXE,
so you may safely ignore these warnings, unless you seriously
suspect someone has infected the program with a virus and then
encrypted it with ProtEXE.

3.5 ProtEXE and other operating systems & multitaskers
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

ProtEXE has been tested and works fine under the following operating
systems & multitaskers:
   - DOS
   - Qemm386, EMM386, ...
   - Desqview
   - Windows 3.X, 95 and NT
   - OS/2 Warp 3 & 4
   - Linux DOSEMU

4.1 Verifying the registration information
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

You can always verify the registration information in a ProtEXE'd
executable. Just run the protected program with the following command
line:

<progname> ~~~ProtEXE-RegInfo~~~

There may be no more parameters after this, and the parameter is
case-sensitive, so it must be typed in exactly as above.

If you want to do this often, you might find it more convenient to
use PROTXVER.BAT to do this for you. Just type PROTXVER followed
by the name of the executable.

If the program was damaged, it will abort with a CRC error before
it gets to the registration info, to reduce the risk of more damage
(see also: ProtEXE operation notes).

When the program was not protected with ProtEXE v3.0 or later, it will
probably give an 'illegal parameter' error message or just ignore the
parameter and run normally. This is normal behaviour.

Apart from the ProtEXE version, copyright message and registration
information, also an 8-digit hexadecimal code will be displayed
(only ProtEXE 3.10 or later). This is the UNIX timestamp of the
protection (number of seconds since 1970-01-01, 00:00) and can be
used to distinguish different distribution versions of a program.

In the commercial version, no registration name is displayed but
just "Commercial version".

4.2 Testing the CRC failed message
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

You can test the CRC failed message of a ProtEXE'd executable by
using the TestMsg tool. Just type TESTMSG <executable> to view
the message.

TestMsg will first verify the registration information (see previous
chapter) to make sure the executable has been protected with ProtEXE;
this is necessary to avoid crashes or other kinds of strange behaviour.

TestMsg only works on executables protected with ProtEXE v3.0 or later.

5.1 Reasons for registering ProtEXE
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

The unregistered version may freely be evaluated for a period of 30 days.
After this period you should register your copy or purchase the commercial
version (see ORDER.FRM for more information). By doing so, you support the
shareware concept.

You may not distribute programs protected with the unregistered evaluation
version of ProtEXE, whether it is freeware, shareware or commercial
software. Giving copies of your program to a small number of people for
alpha- and betatesting is not considered distribution; spreading your
program via bulletin board systems, computer networks, shareware vendors
and retail is.

Several features are not available in the unregistered version:
   * customizing the CRC failed message
   * CRC-checking the extra data
   * the tie option
   * the PTXCrypt runtime data encryption/decryption system

Also, in the unregistered version the ProtEXE version string is
inserted before the default CRC failed message, the banner, and
the password prompt. The fact that these are not present in the
registered version also means a small reduction in the code size.

Keep in mind that the registration information can always be verified
using the method described in the chapter "Verifying the registration
information".

5.2 How to register ProtEXE
-=-=-=-=-=-=-=-=-=-=-=-=-=-

An order form named ORDER.FRM is included. Instructions on how
to register or purchase the commercial version and information about
payment methods can be found in there.

The registration key can be put in the directory where PROTEXE.EXE is in,
or in any directory of the PATH. It will then unlock ProtEXE's registered
only features and it will also allow the extraction of the PTXCrypt
libraries using PTXCRYPT.EXE.

The registration key will also work on future versions. Should the key
format ever be changed (e.g. for security reasons), all registered
users will receive their new key as soon as possible.

The commercial version does not require a registration key. Commercial
users who have an email or netmail address will automatically be sent
major new versions. They can also be downloaded from 80x86 BBS, instead.
See ORDER.FRM for more information.

6.1 Contacting the author
-=-=-=-=-=-=-=-=-=-=-=-=-

The author can be contacted through the following channels:

E-mail: (preferably try the addresses in this order)
        tomtorfs@mail.dma.be
        tomtorfs@iname.com
        tom.torfs@f516.n292.z2.fidonet.org

Netmail: (preferably use crashmail)
        Tom Torfs, 2:292/516@fidonet.org

BBS: (private message to sysop)
        80X86 BBS
        +32-15-24.62.32
        24h/24h
        28800bps V.34/V.FC

Snailmail:
        Tom Torfs
        Cuperuslei 12
        B-2220 Heist-op-den-Berg
        BELGIUM

If you wish to encrypt your correspondence using PGP, this is my PGP
public key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.1

mQBtAzPwlx4AAAEDAJrir/T++tMCp0+VqyiakX5TA2oDfmYpVb9gI7DlniceL6bx
HNGeLlVbFjN9/Jm0aVhBDsL1NFpfk5ixv40txpZIJYskg5TpZbsaIMjA4tNpLjQQ
vvsaifXl6SFqYIdxbQAFEbQgVG9tIFRvcmZzIDx0b210b3Jmc0BtYWlsLmRtYS5i
ZT4=
=Pbll
-----END PGP PUBLIC KEY BLOCK-----

My public key can also be obtained from http://bewoner.dma.be/tomtorfs
or http://80x86.home.ml.org, or can be downloaded from 80x86 BBS or
file-requested as PGPKEY.

6.2 Where to find the most recent version of ProtEXE
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

ProtEXE world registration site:
   80X86 BBS
   (+32) (0)15-24.62.32
   28800 V.34/V.FC
   24h/24h
   2:292/516@fidonet.org
   tomtorfs@mail.dma.be / tomtorfs@iname.com

File request magic name PROTEXE for the latest version

You can also download the latest version from the ProtEXE support page:
   http://bewoner.dma.be/tomtorfs/protexe
This page can also be accessed through the following alias: (which will
remain constant even if the above might change)
   http://protexe.home.ml.org

You should also be able to find the most recent ProtEXE versions on
ftp://ftp.cdrom.com/simtelnet/pub/simtelnet/msdos/pgmutl a few days
after the release.

If you're a registered user and have an e-mail or netmail address,
you will be notified of new versions and important bug fixes.

7.1 Errors, warnings & errorlevels
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

These are the errors and warnings that ProtEXE may give:

ERROR E01: bad option: <option>
An invalid parameter was passed on the command line or in the configfile.
A short usage info screen will be displayed. If you need more information,
check out the chapter "Commandline usage".

ERROR E02: no filename specified on command line
You didn't specify a source file to protect. The usage info screen
will be displayed.

ERROR E03: neither COM nor EXE form of source file exists
The filename you entered as a source file does not exist in either
COM or EXE form. Correct the error and retry.

ERROR E04: source file not found
The source file you specified does not exist. Correct the error and
retry.

ERROR E05: can't rename file
ProtEXE was unable to rename the source file to extension .OLD or to
rename the temporary file. This might occur if there was already an
.OLD file with the read-only attribute on.

ERROR E06: same file specified as source and target file
You entered the same filename as source and target file, or you tried
to protect an .OLD file with the one-parameter form. Correct the error
or rename the .OLD file.

ERROR E07: error opening source file
ProtEXE was unable to open the source file you specified. Make sure
this file exists and does not have any special attributes or is not
currently in use by another process.

ERROR E08: error creating target file
ProtEXE was unable to create the target file you specified. Make sure
that no file with that name and any special attributes exists already
or is currently in use. Make sure the disk is not full, and you're
not trying to create the targetfile in a full root directory or
on a read-only medium.

ERROR E09: can't read message file
ProtEXE was unable to read the message file you specified. Make sure
this file exists and does not have any special attributes or is not
currently in use by another process.

ERROR E10: message file is too large (max 4096 bytes)
The message file you specified is too large. Make sure you specified
the correct file or make it smaller.

ERROR E11: can't read banner file
ProtEXE was unable to read the banner file you specified. Make sure
this file exists and does not have any special attributes or is not
currently in use by another process.

ERROR E12: banner file is too large (max 4096 bytes)
The banner file you specified is too large. Make sure you specified
the correct file or make it smaller.

ERROR E13: can't read password prompt file
ProtEXE was unable to read the password prompt file you specified.
Make sure this file exists and does not have any special attributes
or is not currently in use by another process.

ERROR E14: password prompt file is too large (max 1024 bytes)
The password prompt file you specified is too large. Make sure you
specified the correct file or make it smaller.

ERROR E15: can't read password error message file
ProtEXE was unable to read the password error message file you specified.
Make sure this file exists and does not have any special attributes
or is not currently in use by another process.

ERROR E16: password error message file is too large (max 1024 bytes)
The password error message file you specified is too large. Make sure
you specified the correct file or make it smaller.

ERROR E17: can't read info file
ProtEXE was unable to read the info file you specified. Make sure
this file exists and does not have any special attributes or is not
currently in use by another process.

ERROR E18: info file is too large (max 16384 bytes)
The info file you specified is too large. Make sure you specified
the correct file or make it smaller.

ERROR E19: file is too small to protect (must be at least 4 bytes)
You tried to protect a program smaller than 4 bytes. No use in
protecting such a small program.

ERROR E20: COM file is too large to protect
You tried to protect a COM file that would require more than 64K when
protected. In that case you should convert it to an EXE file using the
included COM2EXE utility. Another possibility is that the file is not a
valid COM nor a valid EXE file, but some sort of datafile.

ERROR E21: invalid executable after compression
The compressor rendered the executable invalid. Use another compressor
or don't use compression.

ERROR E22: error creating temporary file <filename>
ProtEXE was unable to create a temporary file.
Make sure the disk is not full or read-only.

ERROR E23: not enough memory
You don't have enough conventional memory free for ProtEXE and/or
the interactive shell to run.
Remove any TSR's and device drivers you don't need.

WARNING W01: ignoring registered-only option <option>
You tried to use a registered-only option in the unregistered
evaluation version. Register!

WARNING W02: ignoring option <option>
You specified an EXE only option, but the program isn't an EXE;
or you specified the -t, -eo or -f options together with -r.
The option will be ignored.

WARNING W03: stripping extra data/overlays
The source file contained extra data such as debug info or overlays.
If the program doesn't work after protecting it, try using option
-e, -ek or -eo.

WARNING W04: no extra data/overlays found, ignoring -e? option
You specified the -e, -eo or -ec option but no extra data was found
in the EXE file. The -e? option will be ignored.

WARNING W05: EXE is probably device driver; using -d option advised
You tried to protect an EXE file which was in fact a device driver
without using the -d option. Examples of these executables are
EMM386.EXE, SETVER.EXE etc.
You should use the -d option to protect this kind of executables,
otherwise the protected executable will most likely not function.
Read the notes on this option in the chapter "Commandline usage"
first.
NOTE: there is a very small chance that this warning might come up
erroneously if ProtEXE incorrectly detects the EXE as being a
device driver; if you're absolutely sure the EXE is not a device
driver you can safely ignore this warning.

WARNING W06: target load module too large - ignoring option -ek
The extra data has to be relocated because the target program has
become too large after the protection to keep the extra data at
the same position.
You can solve this by using the -c option to compress the DOS
part of the executable. If the compression fails (e.g. because
the file was already compressed), this is not possible.

WARNING W07: EXE is new executable - protecting DOS stub only
The EXE file is a new executable. Examples of such new executables
are Windows and OS/2 executables. Also most DOS extenders (protected
mode programs), e.g. PharLap, DOS/4GW,... will use new executables.
Only the DOS part of the executable will be protected. You should
also use option -ek if you want to keep the new executable part
intact.

WARNING W08: compressor does not support COM/EXE-format executables
When protecting a COM/EXE file, you used the -c option with a
compressor that does not support that format of executable (for
example LZEXE does not support the COM format).
The executable will remain uncompressed.
Convert the COM file to an EXE file using the included COM2EXE
utility, or use another compressor which supports EXE files.

WARNING W09: compression failed
The compressor was unable to compress the executable; the executable
will remain uncompressed.
There are different possible reasons for this to happen:
1) The executable was already compressed and/or encrypted (you can
check this by examining the compressor's screen output).
Don't compress/encrypt the executable before running ProtEXE, or
just don't tell ProtEXE to try compressing it again. In some rare
cases using another compressor might help, but don't count on it.
2) The compressor program could not be started (you will normally
see a "bad command or filename" error message).
Make sure the compressor program is somewhere in your PATH.
3) A disk error (e.g. disk full) occurred.
Fix the problem and retry.

WARNING W10: can't remove file <filename>
ProtEXE was unable to delete a file (temporary file or the original
file if -o is used).
This could be caused by another process accessing the file at the
same time, special attributes, or unsufficient access rights to delete
the file.

WARNING W11: error in PACKERS.PTX (line <linenumber>)
The packer configuration file contains an error at the specified
line.
ProtEXE will work, but the compressor specified at that line
will be unusable.
Fix the problem and retry. Also see the chapter "Structure of
PACKERS.PTX".

WARNING W12: unknown compressor
You specified an unrecognized compressor id on the command line.
The executable won't be compressed.
Make sure the PACKERS.PTX file is in the same directory as the
executable or in any directory of your PATH and retry.

WARNING W13: error analyzing program; ignoring option -t
An error occurred while analyzing the program. A possible cause
is not enough memory.
The -t option will be ignored.

WARNING W14: no ties possible; ignoring option -t
You specified option -t, but there are no ties possible with the
program. A possible cause is that this program is already protected
and/or compressed, or that you didn't specify the right parameters
after the -t option.
The -t option will be ignored.

If an error occurs, ProtEXE will abort with the errorlevel set to
the corresponding error number.
Warnings are not fatal and don't cause an abort.
If no error occurred, ProtEXE will exit with errorlevel 0.

If you use the interactive shell, ProtEXE doesn't exit upon an error
but waits until a key is pressed and returns to the shell. The only
error that might occur in the shell so that it aborts with an error-
level other than zero is not enough memory (only if that error
would occur in the shell itself, not during protection).

8.1 Credits
-=-=-=-=-=-

Thanks to the following betatesters for helping me make ProtEXE
bug-free: (in alphabetical order)
   Olivier Baum
   Jochen De Smet
   Bulent Eren
   Jeroen Jacobs
   Heiko Laternicht
   Marcel Van Den Dries

And of course a big thanks to all registered users of ProtEXE. Your
support keeps me going !

9.1 Disclaimer
-=-=-=-=-=-=-=

I EXCLUDE ANY AND ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. I MAKE NO WARRANTY
OR REPRESENTATION, EITHER EXPRESS OR IMPLIED, WITH RESPECT TO THIS SOFTWARE,
ITS QUALITY, PERFORMANCE, MERCHANTABILITY, OR FITNESS FOR A PARTICULAR
PURPOSE. I SHALL HAVE NO LIABILITY FOR SPECIAL, INCIDENTAL, OR CONSEQUENTIAL
DAMAGES ARISING OUT OF OR RESULTING FROM THE USE OR MODIFICATION OF THIS
SOFTWARE.

                             -= END OF FILE =-