Readme or information text

 ³  ³  ÚÄ ³   \  ³   \  ³  ÚÄ ³
 ÚÄ ³  ÚÄ ³  ³ \ ³  ³ \ ³  ³  ³
 Ù  Ù  Ù  Ù  Ù   Ù  Ù   Ù  ÄÄÄÙ
ChkEXE v1.17 (SAVE-Kennung: HBO_CKE)
FreeWare from Hann0 B”ck <[email protected]>
Fr deutsche Dokumentation siehe ChkEXE.TXT

ChkEXE is a program, which can detect several EXE-packers and protectors.

Usage of ChkEXE:
CHKEXE [filename] [/A] [/X] [/N] [/C] [/L]

Description of all Parameters:

/A  Usually ChkEXE will only show you files that are packed/protected. This
    Parameter will show you all files, also files that aren't detected as
    packed/protected files. Useful if you want to know if there is a file
    not packed/protected.

/X  Shows also known compilers. I've added this function because many people
    asked for it. It can only detect a very small number of compilers. I
    wanted to release an own program for it, but it was not worth releasing
    it, so I've added it to ChkEXE.

/N  Usually ChkEXE stopps after 25 lines. If you use this parameter, it
    won't. Use this if you want to have the output in a file
    (CHKEXE > FILE.TXT).

/C  Will show you the first 30 bytes of the program-code. In EXE-files this
    is at CS:IP. In COM-files these are the 30 first bytes of the file.
    I've added this function as an undocumented feature for testing new
    protectors. I thought it was very useful, so I made it to a documented
    parameter.

/L  Shows you a list of all detected packers/protectors. 

You can also use Wildcards (*, ?) to specify the filename. It's impossible to
set a path as a parameter. This is because of some PowerBasic-functions.
Maybe I'll rewrite this part in a future version.

You can also set parameters with the SET CHKEXE=...
If you want to have a parameter as standart, you can do this in your
AUTOEXE.BAT.
Example:
SET CHKEXE=/X
(Check always for known compilers)

ChkEXE is FreeWare, you can use it free of charge.
For bugs, suggestions, improvements, new packers etc. contact me.

ChkEXE is protected with LZEXE v1.00a, REC v0.35, CrackStop v1.01 and some
additional tricks.

------------------------------------------------------------------------------

Notes:

HackStop v1.17:
In this version there are countless several betas.
The version-numberings have the following meanings:
v1.17á3 means á3, shareware and regged version
v1.17á8r means á8, regged version
v1.17á8s means á8, shareware
v1.17á8/386 means á8, 386-version
v1.17á8x means special version, which is only used by Ralph Roth
v1.17 B63 means v1.17 Built 63 (version numbering of newer versions)

CRYPT/CRYPTEXE/CRYPTCOM/COM2TXT/PACK/SECURE:
With these names there are always two completely different programs:
CRYPT from Dismember and from Light Show/Eclipse.
CRYPTEXE from Doors of Perception and from Dmitriy Borisov.
CRYPTCOM from Nowhere Man/NuKE and from Frank Baumgartner.
COM2TXT from Dark Stalker/UCF and from NIDE Naoyuki
PACK from TurboPower Software and from NoddegamrA
SECURE from Piotr Warezak and from G. M. McKay

SuckStop:
There are several 1.0-versions of this program. Until now, only one version
is detected (618), because the others have a mutation engine and are very
difficult to detect.

NE/PE/LX-protectors:
I've got big problems in detecting protectors for Windows and OS/2. ChkEXE
detects only a small number of them. I would be glad if anyone could help me
with them.

------------------------------------------------------------------------------

Greetings fly out to:

Dark Stalker [UCF]:
You did it again, you have unpacked ChkEXE v1.16. But hey, it wasn't as easy
as previous versions. And I've improved the selfcheck a bit more for v1.17.

Liu TaoTao:
Now I made a selfcheck that can't be faked with MKEXE. Try to find something
against it. It's an old and well known methode.

Random [UCF]:
In one of your first mails to me you said that you will release a new ALEC,
when I add a detection for it. Not what's up?

Rich856:
Your ERP is really cool. It shows everybody the useless of non-encrypting
protectors.
BTW, thanks for your great help with the ALEC-detection.

Ralph Roth:
Hey, now you MUST add EXE-encryption. Just look at ERP.
And what's about the promised Mutation Engine, PE-Encryption etc.?
You already have these options in other programs (REC, RCC ...), so why don't
you add them to HackStop.

Stefan Esser:
Hey, MutaWWP is a little joke. It took me a few minutes to write a detection
for it. Try to write a really good MtE with no constant bytes. (But I think
I will add detection for every MutaWWP you will release)

JVP:
TEU is excellent. It's nearly impossible to stop it.

tBB [KLF]:
What's about the party for the Hideout BBS?

Members of the exe-mailing-list:
It was a good idea, wasn't it? The mailing-list now has over 60 members.

------------------------------------------------------------------------------

I do not guarantee for error-free Software, although I try to do. I'm not
responsible for what you do with it. All Trademarks are recognized, although
if they're not signed as.

I'm a member of the Shareware Autoren VEreinigung (SAVE). The SAVE is a group
of german ShareWare-authors. For more information check out the SAVE-Homepage
under http://www.s-a-ve.com

*********************************
*  Hann0 Boeck <[email protected]>   *
*  Plauenerweg 4                *
*  D-71540 Murrhardt            *
*  http://www.xoom.com/hanno    *
*********************************

Type Bits/KeyID    Date       User ID
pub  1024/9359B6E5 1997/05/10 Hann0 Boeck <[email protected]>

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i

mQCNAzN0qr4AAAEEALq58qHsHbqjwUFOTP1O8nh+Gu6nT432VX11s1zqU73W9wOd
vuQ1an5k1m+j6V/+GDER7AaTaMgHR9idnOQzcqZ5G8gSh+6y+EYCzS+WbWH0VUqo
qbOK1LxuM+mSNdsEdpgQObgoJavWs4AdnZ/G3sMNKxS9huZRgUrOlQuTWbblAAUR
tBpIYW5uMCBCb2VjayA8aGFubm9AZ214LmRlPokAlQMFEDPwo05KzpULk1m25QEB
bZcD/2tIhtOj/dsfrRx2TshY+f2F/kKZ+0sN7nbxv6S2l/cr+QkJSFE7ftx0kZWa
xXckF35/d8vvx8u35Es5ZocPeB13B2PxkKZHVaxg9bDF+9FSHa/R5KBNj/VXqmIy
SrdJp3mwuKV8yfOxulfUY84Mk5dcK/vGZrxRqQKtWN7zh8dt
=RpyL
-----END PGP PUBLIC KEY BLOCK-----

 │  │  ┌─ │   \  │   \  │  ┌─ │
 ┌─ │  ┌─ │  │ \ │  │ \ │  │  │
 ┘  ┘  ┘  ┘  ┘   ┘  ┘   ┘  ───┘
ChkEXE v1.17 (SAVE-Kennung: HBO_CKE)
FreeWare from Hann0 Böck <[email protected]>
Für deutsche Dokumentation siehe ChkEXE.TXT

ChkEXE is a program, which can detect several EXE-packers and protectors.

Usage of ChkEXE:
CHKEXE [filename] [/A] [/X] [/N] [/C] [/L]

Description of all Parameters:

/A  Usually ChkEXE will only show you files that are packed/protected. This
    Parameter will show you all files, also files that aren't detected as
    packed/protected files. Useful if you want to know if there is a file
    not packed/protected.

/X  Shows also known compilers. I've added this function because many people
    asked for it. It can only detect a very small number of compilers. I
    wanted to release an own program for it, but it was not worth releasing
    it, so I've added it to ChkEXE.

/N  Usually ChkEXE stopps after 25 lines. If you use this parameter, it
    won't. Use this if you want to have the output in a file
    (CHKEXE > FILE.TXT).

/C  Will show you the first 30 bytes of the program-code. In EXE-files this
    is at CS:IP. In COM-files these are the 30 first bytes of the file.
    I've added this function as an undocumented feature for testing new
    protectors. I thought it was very useful, so I made it to a documented
    parameter.

/L  Shows you a list of all detected packers/protectors. 

You can also use Wildcards (*, ?) to specify the filename. It's impossible to
set a path as a parameter. This is because of some PowerBasic-functions.
Maybe I'll rewrite this part in a future version.

You can also set parameters with the SET CHKEXE=...
If you want to have a parameter as standart, you can do this in your
AUTOEXE.BAT.
Example:
SET CHKEXE=/X
(Check always for known compilers)

ChkEXE is FreeWare, you can use it free of charge.
For bugs, suggestions, improvements, new packers etc. contact me.

ChkEXE is protected with LZEXE v1.00a, REC v0.35, CrackStop v1.01 and some
additional tricks.

------------------------------------------------------------------------------

Notes:

HackStop v1.17:
In this version there are countless several betas.
The version-numberings have the following meanings:
v1.17ß3 means ß3, shareware and regged version
v1.17ß8r means ß8, regged version
v1.17ß8s means ß8, shareware
v1.17ß8/386 means ß8, 386-version
v1.17ß8x means special version, which is only used by Ralph Roth
v1.17 B63 means v1.17 Built 63 (version numbering of newer versions)

CRYPT/CRYPTEXE/CRYPTCOM/COM2TXT/PACK/SECURE:
With these names there are always two completely different programs:
CRYPT from Dismember and from Light Show/Eclipse.
CRYPTEXE from Doors of Perception and from Dmitriy Borisov.
CRYPTCOM from Nowhere Man/NuKE and from Frank Baumgartner.
COM2TXT from Dark Stalker/UCF and from NIDE Naoyuki
PACK from TurboPower Software and from NoddegamrA
SECURE from Piotr Warezak and from G. M. McKay

SuckStop:
There are several 1.0-versions of this program. Until now, only one version
is detected (618), because the others have a mutation engine and are very
difficult to detect.

NE/PE/LX-protectors:
I've got big problems in detecting protectors for Windows and OS/2. ChkEXE
detects only a small number of them. I would be glad if anyone could help me
with them.

------------------------------------------------------------------------------

Greetings fly out to:

Dark Stalker [UCF]:
You did it again, you have unpacked ChkEXE v1.16. But hey, it wasn't as easy
as previous versions. And I've improved the selfcheck a bit more for v1.17.

Liu TaoTao:
Now I made a selfcheck that can't be faked with MKEXE. Try to find something
against it. It's an old and well known methode.

Random [UCF]:
In one of your first mails to me you said that you will release a new ALEC,
when I add a detection for it. Not what's up?

Rich856:
Your ERP is really cool. It shows everybody the useless of non-encrypting
protectors.
BTW, thanks for your great help with the ALEC-detection.

Ralph Roth:
Hey, now you MUST add EXE-encryption. Just look at ERP.
And what's about the promised Mutation Engine, PE-Encryption etc.?
You already have these options in other programs (REC, RCC ...), so why don't
you add them to HackStop.

Stefan Esser:
Hey, MutaWWP is a little joke. It took me a few minutes to write a detection
for it. Try to write a really good MtE with no constant bytes. (But I think
I will add detection for every MutaWWP you will release)

JVP:
TEU is excellent. It's nearly impossible to stop it.

tBB [KLF]:
What's about the party for the Hideout BBS?

Members of the exe-mailing-list:
It was a good idea, wasn't it? The mailing-list now has over 60 members.

------------------------------------------------------------------------------

I do not guarantee for error-free Software, although I try to do. I'm not
responsible for what you do with it. All Trademarks are recognized, although
if they're not signed as.

I'm a member of the Shareware Autoren VEreinigung (SAVE). The SAVE is a group
of german ShareWare-authors. For more information check out the SAVE-Homepage
under http://www.s-a-ve.com

*********************************
*  Hann0 Boeck <[email protected]>   *
*  Plauenerweg 4                *
*  D-71540 Murrhardt            *
*  http://www.xoom.com/hanno    *
*********************************

Type Bits/KeyID    Date       User ID
pub  1024/9359B6E5 1997/05/10 Hann0 Boeck <[email protected]>

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i

mQCNAzN0qr4AAAEEALq58qHsHbqjwUFOTP1O8nh+Gu6nT432VX11s1zqU73W9wOd
vuQ1an5k1m+j6V/+GDER7AaTaMgHR9idnOQzcqZ5G8gSh+6y+EYCzS+WbWH0VUqo
qbOK1LxuM+mSNdsEdpgQObgoJavWs4AdnZ/G3sMNKxS9huZRgUrOlQuTWbblAAUR
tBpIYW5uMCBCb2VjayA8aGFubm9AZ214LmRlPokAlQMFEDPwo05KzpULk1m25QEB
bZcD/2tIhtOj/dsfrRx2TshY+f2F/kKZ+0sN7nbxv6S2l/cr+QkJSFE7ftx0kZWa
xXckF35/d8vvx8u35Es5ZocPeB13B2PxkKZHVaxg9bDF+9FSHa/R5KBNj/VXqmIy
SrdJp3mwuKV8yfOxulfUY84Mk5dcK/vGZrxRqQKtWN7zh8dt
=RpyL
-----END PGP PUBLIC KEY BLOCK-----