ÚËÍÍÍË¿ÚËÍÍËÄ¿ÚË Ë¿ ÍÍÍÍ» ÉÍÍÍ» ÉÍÍÍ ÀÊÍÍÍË¿³º È˳³º º º³ Í͹ ÌÍÍ͹ ÌÍÍÍ» ÀÊÍÍÍÊÙÀÊÍÍÍÊÙÀÊÍÊÍÊÙ ÍÍÍͼ ÈÍÍͼ ÈÍÍͼ -/ Shadow Com Cryptor v.1.79 /- 1.intro SDW386 is a freeware simplest com file encryptor, based on Tailgunner's "Shadow Com Cryptor", with polymorphic functions, lame and poor antidebug code against automatic unpackers like UNP, CUP386, AutoHack or something else and some com dumpers, based on check 100h, like DECAY or DumpCom. WARNING! SDW386 cannot stop TEU, E-Dump, Soft-Ice, TR and other advanced debuggers and dumpers. TEU unpack files, compiled on high level languages. If you want protect against TEU, modify startup code of your file and/or use tight commercial protectors like HackStop or other ... SDW386 provided "as-is" without warranty of any kind! IF (you disagree) THEN (you know ;-) REMEMBER! encryptors/protectors/guards cannot stop advanced cracker. Only FreeWare program stop it. Maybe. :-) You may use SDW386 freely, no lamers see your copyrights in crypted files ;-) If you wanna see in crypted files your name, like: [Registered to: KewlBeerDrinker] send me bottle of your favorite beer :-) and get unique version (i promise:) registered on your name :-) If you send me twenty bottles of beer, you may get full commented source of last version SDW386 :-) 2.features positive: - huge polymorphic decryptor. - some antidebug/antidumping code. - unlimited com size. - tested under MSD0S 7.0-6.22, PCDOS 7.0, (EMM386, QEMM 8.1, himem). Win95, Win95-OSR2, WinNT 4.0 Server and Workstation. - freeware ;-) negative: - cannot handle PE/NE/LE/LX/W3 executables. - cannot handle EXE files (maybe in next versions?). if you want crypt exe files, convert it to com. - antidebug code is very simple, crypted files easy to unpack. - not create backup files. if you want backup, do it with your own. 3.usage SDW386.COM [switches] filename.com - file to encrypt. switches: /r - random decoding decryptor method /b - blind mode. copyrights not added to crypted file /v - documentation viewer /s - safe mode. not use int21h call in poly decryptor /l - force use int21h in decryptor 4.techInfo SDW386 use for polymorphism $UPD 2.2 ($pirit's Universal Polymorphic Device) created by ÄNighÅÄ$piriÅÄ attach to protected files approx. 1.4 - 1.8 Kilobytes lenght decryptor. Himself SDW386 and protected files required 386+ to run. Random decoding decryptor - decryptor, who created dynamically, using random decryption command. If decryptor not correct decrypt code, creating new decryptor and crypted code decrypting again. 5.thanks in random order: Many thanks for my wife Svetlana (Tiny Light) for moral support ;-) Stonehead - your help immeasurable ... very much thanks ... SuddenDischarge - nice filebase, but updates not regular ... Cristoph Gabler - insider.faq very informative ... big thanks for you unpack sdw386 script, unsdw386 and antiTR routines. ûirogen - good mutation engine. MaX/MoVSD - ATEU 1.2 sources very help me. Cicatrix - very informative VDAT. but (imho) need links, where may get files. VAG - thanks for your version of DeGlucker 0.05, and many other nice things. Tailgunner - thanks for commented source. MEtEO - great explore HASP parazite, your sources very nice. all ExE-Li$t members ... all who want it :-) 6.history 1.0 - original Tailgunner's version 1.1-1.3 - my first experiments :-) lost after crash harddisk. 1.4a-1.4d - add some antidebug code, add encryption decryptor. 1.5 - improve ûiCE 0.4 polymorphism, remove old encryption decryptor. 1.5a-1.5? - internal versions. experiments with some mutation engines (TPE, EVOL, $UPD, RHINCE, SMEG, MutaGen and other). 1.6-1.77 - add and rearrange antidebug/antidumping code ... 1.78 - add random decrypt layer (optional), implement documentation viewer from MESS 1.30. 1.79 - remove 386 CPU check, add and replace some antidebug code some experiments with $UPD engine. 0.about MANtiC0RE // Tyumen, Russia E-Mail : manticore@mail.com FidoNet: 2:5077/60@Fido.Net EOF? where? :)