* David Kirschbaum writes to All, on Monday May 05 1997
   at 11:10:
 DK> It's a total fraud, of course .. but I just wondered what the program
 DK> is _actually_ doing (and a disassembly would be the best way to find
 DK> out, I suppose).
There's so much HLL startup and cleanup code that it's almost pointless. I 
started tracing through it, thinking that it hooking all these vectors were 
rather sus, and eventually I realised it was quite normal HLL startup code.
 DK> It's encrypted (several layers), of course.  I worked through the
 DK> decryption in DEBUG, saved a chunk of the "clear-text" (if you can use
 DK> that phrase for a binary program) out .. and it looks like the
 DK> original program was programmed in C.  So the disassembly is gonna be
 DK> ugly.
 DK> But if anyone's already done that, I'd love to see the disassembled
 DK> assembly language source .. or the original C source, if anyone knows
 DK> where it is.
Borland Pascal.
 DK> Or if nothing else, an authoritative (anyone out there consider
 DK> themselves an authority?) explanation as to what it actually does.
Didn't get that far.
FWIW I did my disassembly after replacing my HD with a newer one (and copying 
over the contents); I had the old one connected while I did it, just in case.
Cheers.
... rowan@sensation.net.au
---
---------------