                   ˿Ŀ   ˿   ͻ ͻ 
                   ˿  ˳       ͹ ͹ ͻ
                      ͼ ͼ ͼ

                        -/ Shadow Com Cryptor v.1.80 /-


 1.intro 

SDW386 is a freeware simplest com file encryptor, with polymorphic
functions, lame and poor antidebug code against automatic unpackers
like UNP, CUP386, AutoHack or similar and some com dumpers, based on
check 100h, like DECAY and DumpCom.

SDW386 provided "as-is" without warranty of any kind!
IF (you disagree) THEN (you know ;-)
REMEMBER! encryptors/protectors/guards cannot stop advanced cracker.
Only FreeWare program stop it. Maybe.

You may use SDW386 freely, no lamers see your copyrights in crypted files.

If you wanna see in crypted files your name, like:
[Registered to: KewlBeerDrinker]
send me bottle of your favorite beer :-) and get unique version
(i promise:) registered on your name.
If you send me twenty bottles of beer, you may get full commented
source of last version SDW386.


 2.features 

positive:
- some antidebug/antidumping code.
- unlimited com size.
- convert EXE files to COM and encrypt it.
- tested under MSD0S 7.0-6.22, PCDOS 7.0, (EMM386, QEMM 8.1, himem).
  Win95, Win95-OSR2, WinNT 4.0 Server and Workstation.
- freeware. ;-)

negative:
- cannot handle PE/NE/LE/LX/W3 executables.
- cannot handle EXE files bigger 64Kb (maybe in next versions?).
- antidebug code is very simple, crypted files easy to unpack.
- not create backup files. if you want backup, do it with your own.


 3.usage 

       SDW386.COM <filename.com> [switches]
       filename.com  - file to encrypt.
       switches:  /s - small, low polymorphic decryptor, easy to trace.
                  /l - large, highly polymorphic decryptor.
                  /r - random decoding decryptor method.
                  /b - blind mode. copyrights not added to crypted file.
                  /c - only convert exe-to-com. not encrypt.
                  /v - documentation viewer.


 4.techInfo 

- SDW386 use for polymorphism iCE 0.5 (irogen Irregular Code Engine)
created by irogen/[NuKE].
- Decryptor, attached to protected files, have length 1.0 Kb - 2.0 Kb.
- Optionally SDW386 use for encryption Random encryption synthezator
(RES) by SSR, who created decryptor "on the fly", using random decryption
command. If decryptor decrypt code not correct - creating new decryptors
and crypted code decrypt again and again.
- SDW386 cannot stop TEU, E-Dump, Soft-Ice, TR and other advanced debuggers
and dumpers. TEU unpack files, compiled on high level languages.
- For protect against TEU, you need modify startup code of your file
and/or use tight commercial protectors like HackStop or other ...
- Against E-Dump noone know universal detection method ...
- Himself SDW386 and protected files required 386+ to run.


 5.thanks 

in random order:
Many thanks for my wife Svetlana (Tiny Light) for moral support ;-)
Stonehead       - your help immeasurable ... very much thanks ...
SuddenDischarge - nice filebase, good idea to greate pages, contain
                  all versions packers/cryptors/unpackers
Cristoph Gabler - insider.faq very informative ... big thanks for your
                  unpack sdw386 script, unsdw386 and antiTR routines.
irogen         - good mutation engine.
MaX/MoVSD       - ATEU 1.2 sources very help me.
Cicatrix        - very informative VDAT. but (imho) need links,
                  where may get files.
VAG             - thanks for your version of DeGlucker 0.05, deSDW
                  and many other nice things.
Tailgunner      - thanks for commented source.
-Jibs-        - big thanks for exe-to-com converter source.
all ExE-Li$t members ...
all who want it :-)

Yesterday i download DeGlucker 0.5 by VAG and OlegPro ... GREAT WORK!
i will be trace probally all protectors!


 6.history 

1.0       - original Tailgunner's version
1.1-1.3   - my first experiments :-) lost after crash harddisk.
1.4a-1.4d - add some antidebug code, add encryption decryptor.
1.5       - improve iCE 0.4 polymorphism, remove old encryption decryptor.
1.5a-1.5? - internal versions. experiments with some mutation engines
            (TPE, EVOL, $UPD, RHINCE, SMEG, MutaGen and other).
1.6-1.77  - add and rearrange antidebug/antidumping code ...
1.78      - add random decrypt layer (optional), implement documentation
            viewer from MESS 1.30.
1.79      - remove 386 CPU check, add and replace some antidebug code
            some experiments with $UPD engine.
1.79b     - bugfix(?) version. fix logo, replace $UPD to SMEG, add
            polymorphic first jump ... NOT RELEASED.
1.80      - "release" after half year "do nothings" ... i very lazy ...
            return back to ViCE 0.5, antidebug code not change.
            change first polymorphic jump like rscc. (hi,ROSE!:)
            add exe-to-com converter by Jibs.


 0.about 

MANtiC0RE // Tyumen, Russia
E-Mail : manticore@mail.com
FidoNet: 2:5077/60@Fido.Net
                                                                 EOF? where? :)
