Executable compressors work by compressing selected portions of executables. At runtime, compressed executables are decompressed and reconstructed directly into their virtual image (memory) so that no data is ever written to the disk. The executable can therefore be run exactly as it was before without the user even knowing it was compressed.

PECompact2 is a next generation win32 executable/module compressor. Commonly termed an 'executable packer', such utilities compress executables and modules (i.e. *.EXE, *.DLL, *.OCX, *.SCR). At runtime the compressed modules are rapidly decompressed in memory.

Why would one want to compress an executable/module?

There are many reasons. One of the most common is that compression offers an inherent degree of tamper resistance and obfuscation. Another is that since the usual compression ratio is greater than 70% (that is, the compressed file is 30% of the original), larger executables and modules may load much quicker from the network or disk hosting them. Since storage medium is often the largest bottleneck in overall system performance, the time spent decompressing can be much less than the time saved by not having to load as much data from the storage medium.

• Add tamper resistance.

• Obfuscate and help deter reverse engineering.

• Compression is typically 70% or greater on large files, far better than popular file compression software. This is because compression is targeted to a specific file/data format.

• Load time can be improved by having a smaller image to load from the storage medium (disk, network, etc..).

But there are some other tricks that PECompact2 can do, aren't there?

Yes, PECompact2 has been built to be very extensible. Using advanced plug-ins by, PECompact2 is able to be enhanced and extended by third parties.

PECompact2 includes plug-ins to perform CRC checks, password based encryption, message box prompt for permission to execute, and much-much more. And since these plugins can all be combined in any order and quantity, each compressed file can be very unique.

For absolute uniqueness, the loader itself (decompression stub) is also a plug-in type and so can be changed or extended.

Codec Plug-ins:
LZMA - FFCE - aPLib - JCALG1 - BriefLZ
Other Codec Plug-ins:
 Password Protect - MessageBox - Invert - Copy - Expand
API Hook Plug-ins:
Fast-Import - Redirect
Loader Plug-ins:
Anti-Debug - Debug - Enhanced Anti-debug - Reduced

Choosing the right executable packer can make a huge difference!

In addition to supporting more executable/modules than any other win32 executable packers, we do it tigheter than all the rest! Here is the results of compression of Adobe Acrobat Reader 6.0:

Original file size: 7,671,876
File date: 11/03/03

PECompact is available in English, Russian, Chinese (traditional and simplified), German, Dutch, French, Swedish, Italian, Slovenian, Polish, and Japanese!

Why PECompact?

Compatibility:

• Complete Windows platform support (all variants).

• Supports EXE, DLL, SCR, and all other Win32 PE formats except device drivers (SYS).

• Supports software and hardware DEP (Data Execution Prevention).

• Supports VC++ 7 and 8 (Visual Studio 2003, 2005) CRT SEH protections; currently only win32 packer that properly addresses the issue. This is to say, if your C++ exception handling code doesn't work with other packers, it will with PECompact!

• Compressed programs work under WINE (Windows emulator for Linux).

• Compressed programs work with NJStar Communicator, ATI OpenGL drivers, and other applications other compressors may fail with.

• Modules compressed with each build are tested in complex load scenarios under all win32 flavors. Our test cases assure proper functioning.

Anti-Virus Interoperabilility:

• Viruses can not hide within compressed modules because major anti-virus software support scanning inside the PECompact's modules!

Software Protection:

• Compressed modules are inherently more difficult to reverse engineer.

• PECompact support custom loaders that can be written to provide your own unique protection mechanisms, greatly deterring the creation of automatic unpackers.

• Tampering or modification of modules can be detected at runtime.

• Plug-ins are available that extend and enhance the protection of your software. These include the FastImport, API Redirect, and IsPacked plug-ins.

Extensibility:

• A number of plug-in types allow for extreme customization and third-party extensions. For example, plug-ins are included to perform CRC checks, password based encryption, message box runtime confirmations, and compression by a number of different algorithms. And since these plug-ins can be used IN ANY ORDER OR QUANTITY on each and every file, how you use PECompact2 is up to you!

• Loader and API hook plug-ins can give you custom software protection. No shrink-wrapped software protection mechanism can compete with a custom solution. Custom protection is the best protection. For development of custom loader plug-ins, email us or visit the forum.