Bitsum PECompact v2.98.5 | 1 MB
PECompact Executable Compressor - Superior performance, compatibility, and extensibility!
Executable compressors work by compressing selected portions of executables. At runtime, compressed executables are decompressed and reconstructed directly into their virtual image (memory) so that no data is ever written to the disk. The executable can therefore be run exactly as it was before without the user even knowing it was compressed.
PECompact2 is a next generation win32 executable/module compressor. Commonly termed an 'executable packer', such utilities compress executables and modules (i.e. *.EXE, *.DLL, *.OCX, *.SCR). At runtime the compressed modules are rapidly decompressed in memory.
Why would one want to compress an executable/module?
There are many reasons. One of the most common is that compression offers an inherent degree of tamper resistance and obfuscation. Another is that since the usual compression ratio is greater than 70% (that is, the compressed file is 30% of the original), larger executables and modules may load much quicker from the network or disk hosting them. Since storage medium is often the largest bottleneck in overall system performance, the time spent decompressing can be much less than the time saved by not having to load as much data from the storage medium.
* Add tamper resistance.
* Obfuscate and help deter reverse engineering.
* Compression is typically 70% or greater on large files, far better than popular file compression software. This is because compression is targeted to a specific file/data format.
* Load time can be improved by having a smaller image to load from the storage medium (disk, network, etc..).
But there are some other tricks that PECompact2 can do, aren't there?
Yes, PECompact2 has been built to be very extensible. Using advanced plug-ins by, PECompact2 is able to be enhanced and extended by third parties.
PECompact2 includes plug-ins to perform CRC checks, password based encryption, message box prompt for permission to execute, and much-much more. And since these plugins can all be combined in any order and quantity, each compressed file can be very unique.
For absolute uniqueness, the loader itself (decompression stub) is also a plug-in type and so can be changed or extended.
LZMA - FFCE - aPLib - JCALG1 - BriefLZ
Other Codec Plug-ins:
Password Protect - MessageBox - Invert - Copy - Expand
API Hook Plug-ins:
Fast-Import - Redirect
Anti-Debug - Debug - Enhanced Anti-debug - Reduced
The list of plug-ins goes on. PECompact can be extended in an infinite number of ways. You can truly control how your executable is compressed.
* Complete Windows platform support (all variants, including Vista).
* Supports EXE, DLL, SCR, and all other Win32 PE formats except device drivers (SYS).
* Supports software and hardware DEP (Data Execution Prevention).
* Compressed executables can be matched to debug symbols by debuggers like Visual Studio. PECompact is unique in this proper handling of the debug directory.
* Supports VC++ 7 and 8 (Visual Studio 2003, 2005, 2008) CRT SEH protections; currently only win32 packer that properly addresses the issue. This is to say, if your C++ exception handling code doesn't work with other packers, it will with PECompact!
* Compressed programs work under WINE (Windows emulator for Linux).
* Compressed programs work with NJStar Communicator, ATI OpenGL drivers, and other applications other compressors may fail with.
* Modules compressed with each build are tested in complex load scenarios under all win32 flavors. Our test cases assure proper functioning.
* PECompact has a low false alarm rate in comparison to other executable compressors.
* Viruses can not hide within compressed modules because major anti-virus software support scanning inside the PECompact's modules!
* If a false alarm does occur on your compressed executable, it is important you notify the offending anti-virus software. They will then get the problem fixed (assuming they act responsibily).
* Compressed modules are inherently more difficult to reverse engineer.
* PECompact support custom loaders that can be written to provide your own unique protection mechanisms, greatly deterring the creation of automatic unpackers.
* Tampering or modification of modules can be detected at runtime.
* Plug-ins are available that extend and enhance the protection of your software. These include the FastImport, API Redirect, and IsPacked plug-ins.
* A number of plug-in types allow for extreme customization and third-party extensions. For example, plug-ins are included to perform CRC checks, password based encryption, message box runtime confirmations, and compression by a number of different algorithms. And since these plug-ins can be used IN ANY ORDER OR QUANTITY on each and every file, how you use PECompact2 is up to you!
* Loader and API hook plug-ins can give you custom software protection. No shrink-wrapped software protection mechanism can compete with a custom solution. Custom protection is the best protection. For development of custom loader plug-ins, email us or visit the forum.
* Change.Package: Updated Russian translation.
* Change.Package: Moved more plug-ins to the registered version only, to deter abuse.
* Post-release updates:
o [.2] Addition.Package: Added new plug-in to break automated decompression by UN2PEC, pec2hooks_break_un2pec. (registered version only)
o [.2] Change.EAD.Loader: Updated Enhanced Anti-Debug Loader.
o [.3] Fix.Plugins: Fixed build config issues with pec2hooks_break_un2pec.dll.
o [.4] Fix.Plugins: Fixed pec2hooks_break_un2pec.dll not always working correctly.
o [.4] Fix.EAD.Plugin: Some fixes made to anti-dump code.
o [.5] Fix.Plugins: Fixed flags incompatibility between pec2hooks_break_un2pec and pec2hooks_fastimport.
homepage - http://www.bitsum.com/pecompact.shtml