
 SnoopStop v1.15
 

 Well, here it is, my .COM file encryptor/protector :)

 This protector is right for you if you distribute COM files and
 you want to make them moderately secure. If you write a crack,
 intro or something else, would you like someone with a hex editor
 opening the file and changing the credits / messing up the code?
 Of course not :)

 Features:
 

 - 256 bit encryption of COM files [non-unique key specific to each copy]
 - Various anti-debugging tricks and no lame prefetch tricks either :)
 - Anti-SoftICE (tested with v2.80)
 - Anti-CUP386 (all modes)
 - Anti-GTR v1.90 and v1.A1
 - Semi-random encryption of constants within COM file
 - Works with WWPack when converted to an EXE
 - Files protected can be HackStopped too
 - CRC checking of code to prevent alteration by lamers
 - Code encryption to kill Sourcer-touting lamers
 - No longer detected as VCL by F-PROT because of the new code encryption
 - Code removed from memory before running protected program to prevent
   F-PROT from false-alarming a memory scan (VCL).

 - Anti-TEU and anti-UPC code added: sanitises memory areas also.
 - Registration incentive added: protected files fail to run (exit w/error)
   ~25% of the time. 


 Security:
 

 SnoopStop is NOT a secure protector. No COM protector can be. However,
 SnoopStop takes steps to protect your files against automated unpackers,
 but nothing can be secure against a real cracker. What you *can* be assured
 of is that SnoopStop will scare off any hex-editor touting lamers, who
 would want to change your copyright or something like that.

 Lamer-proof                     : Yes [and how!]
 Real-100%-harcode-cracker-proof : No way!

 Remember that even CrackStop v1.03 and HackStop v1.18 can be unpacked,
 and these claim to be a lot more secure than SnoopStop. SnoopStop detects
 TEU (what I used to unpack CS and HS protected files) and locks up the
 system if it is found in memory.

 SnoopStop provides security against the masses. The real crackers can
 pass through in droves, but it will at least make them puzzle for about
 five minutes or so, during which time they'll wonder "is it really worth it?".

 Lamers, too, want easy cracks, and any serious protection will cause them
 to scram. So, SnoopStop is probably a good choice for BBStros, demos,
 shareware etc., which would be cracked easily by a seasoned cracker, but
 that you want to protect against large-scale cracking.

 WARNING!
 

 You *must* erase your code from memory after it has been run, or it
 can be dumped using CRKCOM or similar. 

 You *must* register too :)

 Wish-list
 

 [Note: these are arranged in order of probability: the wishes nearest the
  top are being worked on, those at the bottom may take some time]

 - Windows [95] compatibility
 - Checksum/CRC protection of the encrypted data to guard against corruption
 - Mutation of the protector code
 - EXE file support
 - Absolute compatibility
 - Completely rock solid kick-ass protection *:)

 Protected files have been tested under real-mode DOS v7 and QEMM v8 + DOS v7;
 they worked well under both environments. Compatibility with Windows NT
 is not guaranteed. SnoopStop is not compatible with Windows, and
 a protected file will exit with an error if run from the Windows environment.

 Using it:
 

 Syntax: snpstop <filename>
 The file will be automatically protected. There are, as yet, no options.


 Registration:
 

 To disable the annoying banner printed by SnoopStop, and to get a unique
 ID for use with the encryption, you must do one or more of these:

   Send me a registered version of your unpacker/protector etc
   Send me any code snippets or anti-debug code you have

   Write me a nice e-mail saying what you use SnoopStop for - you must
    have publicly distributed at least one protected file, e.g. a BBStro.

 To register, mail <SnoopStop@netbook.demon.co.uk> - you'll get back
 a registered version in a couple of days. When you register, you'll
 also get COM2EXE and MarkEXE in the archive (companion products to
 be used with SnoopStop and other stuff).

 *If* you are ROSE, Stefan Esser etc. and send me a free registered version
 of your protector, then you'll get your registered SnoopStop back without
 any added protection at all. Otherwise, it's protected like the evaluation
 version.
 
 Whilst SnoopStop can't as yet protect EXE files, you can still use
 COM2EXE and MarkEXE to create an EXE file, and that will still run.

 Greetings
 

 Greets must go to:
 ------------------

 Daniel Arndt:          Much thanks for CE and encryption sources.
                        Although your delta offset stuff was confusing,
                        I fixed it. And >why< on earth did you protect
                        a HackMe with CrackStop? 

 Stone:                 I have nothing but respect for you. A guy who
                        releases his sources, comments them, and is Swedish
                        to boot. Kewl :)

 Christoph Gabler:      Here's ultimate TEST.COM :)
                        Trap v1.16 sounds nice, so hurry up and finish it 8=]
                        BTW, my name is 'James MacDonald' or 'Trill', not
                        'Jam MACDonald' or something like that :(

                        BTW, yeah, v1.109 sucked, so what?
                        v1.13 is much better, with new code encryption..

                        And thanks for the Insider FAQ!

 Dark Stalker:          DS-CRP rules, thanks for some AD routines :)

 Merlin:                P/CRYPT sucks, it's way too incompatible
                        (like SS), but the 'only lamers' idea rules..

 Lord Caligo:           Cool filebase, cool web page, cool cool cool!
                        But spread SnoopStop unpacked and you die :)

 JVP and Synopsys:      Run TEU/UPC on a SnoopStopped file and enjoy :)
                        SnpUP is sunk in this version too, natch!

 Fravia+:               *Great* site. 'Nuff said. Although UNIX filenames
                        would be nicer (.html, not .htm) :)

 Greythorne:            Symbiote was pretty smart, but all those
                        di offsets in the added code don't really need to be
                        used. Look at ExeEncrypt!

 ROSE:                  For getting me interested in RTE. One look at
                        HackStop v1.14 and I was hooked :)
                        <Blatant begging for free regged v1.19>

 Stefan Esser:          Hey, would you like to swap free regged protectors?
                        No, not LamerStop which sucks; you don't write real
                        protectors in Turbo Pascal - at least have the sense
                        to rip off X3, IBM-CRP etc :)

 Szasi:                 Don't unpack this so soon, enjoy it first.
                        'Savour the flavour' :)

 Hann0:                 The EXE mailing list *rules*. Long may it continue!



                                      -- Trill

