PECompact v3.11 BETA

PECompact v3.11 BETA
PECompact v3.11 BETA

PECompact has been a leader in the Windows executable compression industry for over a decade. You’ll find no other compressor that offers the features of PECompact. It has a plugin system that offers virtually limitless customization, setting it apart from all other competitors.

Software distributions large and small have used PECompact. Our biggest client has been Google, used on their Google Desktop product (now discontinued), but countless small and mid size companies and independent developers use PECompact to compress and/or protect their executables.

Why compress?
Software vendors will want to compress their Windows executables for a wide array of reasons, but the usual reason is to help protect the code and data inside. Compression inherently does this, though it is no fool-proof solution (no fool-proof solution is possible).

PECompact is technically a Windows executable compressor only, but plug-ins are available for it that offer protection against reverse-engineering (some sold separately by third-parties).

If you don’t care about your data security, then perhaps you may need to reduce EXE size even further than archivers like ZIP and RAR can achieve. Since our algorithm is optimized for PEs, we pre-process the code using advanced algorithms that make it more compressible for dictionary based compressors like LZMA.

Decreasing your EXE size can actually speed load time because the retrieval time from the storage media or network is often greater than the very rapid decompression time. Pages that are not used will quickly get paged out by Windows as needed, then your application will be running just as if it were never compressed. Shared sections of your PE are skipped by default and your EXE still makes full use of shared system DLL pages. So, there is only upside on the performance side of the equation.

Why PECompact?
Ok, so you want to compress, but need to pick a compressor. There is UPX, Aspack, and PECompact. Those are the top 3 PE (32-bit) native EXE compressors.

UPX has a decompression switch and is open source (often abused by malware authors), Aspack can not compress as well as PECompact and has no plug-in support at all. It also lacks other key features of PECompact. We invite you to try them all for yourself, as we’re confident you’ll come back to PECompact if you are ‘our type of customer’.

To get to the question of Why PECompact? The answer is its maturity, interoperability, compatibility, and compression ability. You want a Windows executable (PE) compressor that has been around for a while and is supported by all the popular security software. That way, the security products can scan inside your EXE. This keeps the bad guys from using the compressor, and maintains all the benefit for the good guys. This is important, because if a security product can’t see inside the EXE, it will often just mark it as suspicious. We work hard to achieve good interoperability with all the major security software companies.

PECompact’s compression ratio is second to NONE. Our record speaks for itself. Compare us yourself. We pack better than ASPack, much better than PEtite, and compress as well as UPX (but don’t have that ‘decompress’ switch that UPX has). We keep your code and data compressed as good as it can be, offering the perfect mix of security, stability, and interoperability. PECompact compressed executables work everywhere and require no modifications.

PECompact does things right. For instance, it skips shared sections of DLLs by default, and can skip any shared section — allowing you to maintain memory sharing between process instances. It makes sure icons needed for use by the shell are kept uncompressed, so your shell view icons don’t disappear. It makes sure version and manifest information is also kept uncompressed, and can keep any other type of resource you desire kept uncompressed. Additionally, it is the ONLY compressor that properly preserves debug information embedded in the PE. Naturally, it fully supports software and hardware DEP as well as code signing (after compression).

Great compression – The most obvious feature to mention is excellent compression. Since we’re optimized to compress PEs, their code, data, and resources.. we are able to achieve a compression ratio. One that is much better than any ZIP format compression software, for instance. Compared to other executable compressors, we are either better or roughly equal in compression ratio. It depends on the EXE and other factors. As an example, we PECompact almost always beats the latest version of ASPack in compression ratio. Compare them yourselves on YOUR module(s), but we’ll soon publish a new benchmark showing the difference on some common applications.
Faster load time – Since the slowest bottleneck is usually the storage system, loading the whole module into memory and decompressing it is advantageous in many situations. It depends on a few variables, such as how big your EXE is and how fast the disk is. CPU decompression time is so minimal that it is not even considered a factor.
Does things ‘right’ – From skipping compression of shared sections of DLLs, preserving debug information, or leaving shell icons uncompressed – you can be PECompact does things the ‘right’ way. It has had MANY years to mature and be worked free of bugs.
Robust plug-in framework (and library) – PECompact boasts a great plug-in framework. We allow several different types (CODEC, API Hook, and Loader). Best of all, you can use as many as you want on the same executable. You can, for instance, chain a series of CODECs together!
Good security industry support – As one of the ‘good guys’ we work with anti-virus and anti-malware companies to help them scan inside PECompact compressed executables. We deter abuse whenever we can. Use of PECompact on high profile software such as Google Desktop ensures any rare accidental false alarm by any vendor is immediately corrected. I believe PECompact has the best security software support in the industry, but that is a guess.
Interoperability – We’ve worked hard to achieve great interoperability with most EXE formats. Our new v3.03 beta even emulates extra-data appended to the end of an EXE then referenced
by a static offset, as is the case of an installer.
Compatibility – Compressed modules are fully compatible with Windows 95 through Windows 7 (all editions of both NT and 9x kernels), and all those in-between — including 64-bit variants (WOW64). Further, compression works on C++, Delphi, VB, and most other languages that will generate native 32-bit PEs.
Settings, Settings, Settings – If plug-ins weren’t enough, we have more settings than you’ll likely ever need in your lifetime.
Software Protection – While PECompact itself is not written specifically to be a protector, there are plug-ins to facilitate this. Additionally, compression itself obfuscates the module, adding an inherent layer of protection.
PECompact *IS* fully compatible with DEP, code signing (sign after compression), and Windows 7/2008. We keep PECompact well maintained. It supports native PE modules, but does not support device drivers or some .NET assemblies. PE+ (PE64) support is still pending as it requires a massive rewrite of the loader (decompression stub).

Users of Guests are not allowed to comment this publication.