69 of 23,294 files
- Independent (IND)
Often misspelled, this is an unprotect for ProLok from Vault Corporation. Date is a guess.
PROLOCK.UNP HOW TO KILL PROLOCK by the Lone Victor This file describes how to eliminate the Prolock code from almost any file. It will work for DBASE III, FrameWork, and a number of other programs that I have tried. All that is needed is a copy of the program, DEBUG, and this file. The original Prolock disk is not needed. After these fixes are applied the program will be 6K - 8K smaller and will not require the original disk to run. One limitation built into this script file is the search performed for the .EXE header (4D 5A). Thus, the original program, before Prolock was applied, had to be a .EXE instead of a .COM file. This is true of most programs, such as dBase and Framework. Original .COM files could also be unprotected this way, but I have yet to find any. The following instructions use the dBase III file DBASE.EXE as an example. Make careful note of where an example address or number is give. The numbers will be different for a different file. Enter the commands given below which are in capital letters, not the comments and examples. <CR> means press the Carriage Return or Enter key. DEBUG DBASE.EXE R <CR> ;record the BX and CX registers example: BX=0001 CX=C750 U <CR> ;skip first screen U <CR> ;look for a LOOP instruction example: xxxx:0167 LOOP 0160 xxxx:0169 XCHG DX,AX ;the addresses need not be the same ;as in the example. G 169 <CR> ;go to the address after the LOOP S 100 3000 83 C4 08 <CR> ;search for code example: xxxx:0746 xxxx:13C4 ;<- use the last address displayed A 13C4 <CR> ;assemble code at address found above XOR AX,AX <CR> RET <CR> <CR> S 100 3000 C0 45 F8 <CR> ;search for code example: xxxx:1140 ;<- use this address E 1140 0B 46 <CR> ;enter encoded int 80 at address found M 0:C F 0:200 <CR> ;copy BPT vector to int 80 vector G <CR> ;prolock tests diskette drives S 100 3000 4D 5A ;search for .EXE header example: xxxx:03D6 xxxx:06E0 . . xxxx:1B50 ;<- use last address displayed ; This number is the addres of the now decoded, original program, before ;Prolock was applied. We need to subtract this hex number from the size of ;the original Prolock file (BX,CX we recored fist). example 1 C750 - 1B50 -------- 1 AC00 ; This can be done using debug: H C750 1B50 <CR> ;ask debug for sum and difference example E2A0 AC00 ;<- use last number RBX <CR> ;load BX and CX with new file size :0001 <CR> RCX <CR> :AC00 <CR> N DBASE <CR> ;choose any new file name ;(use no extention) W 1B50 <CR> ;write out file starting at the address ;of the .EXE file that we found above. Q <CR> ;quit debug REN DBASE DB.EXE ;rename new file to a .EXE filename That's all there is to it. The new file contains no Prolock code, and will run without the original disk. Here is a brief description of what was actually done. The first LOOP decodes the Prolock code. We do a GO to the end of that loop. The Search for the bytes 83 C4 08 finds the code that prints the error message when Prolock fails to find it's special disk. We Assemble new code at that address which returns a 0 in AX. This tricks Prolock into thinking the disk was found, and it then decodes the original .EXE file. The Search for the bytes C0 45 F8 finds the code that loads the original .EXE file. By the time this code is executed, the .EXE file is decoded and we want to stop and write it out. We can't put a Break Point there because Prolock will destroy our BPT vector. So we enter the code for an INT 80 at this address and copy or BPT vector to the unused INT 80 vector. In addition, this code is "encrypted" by having each byte exclusive ORed with the byte C6. Our INT 80 code (CD 80) thus becomes the bytes 0B 46. The Move 0:C F 0:200 instruction copies the debug Break Point vector to the INT 80 vector for use there. We then do a GO and Prolock checks the A: drive for a Prolock disk, thinks it finds it, and decodes the original .EXE file. Before it can execute the file it hits our INT 80, which returns us to debug. Finally we search for the .EXE header, calculate how long the file is without the Prolock code, and write it out to a file. This file is Renamed to a .EXE file and can then be run. →e file is without the Prolock code, and write it out to a file. This file is Renamed to a .EXE file and c