Quote from PECompact help file:
Quote:
|
In addition to space savings, PECompact2 inherently makes it more difficult to reverse engineer your module(s). The compressed data is unreadable and not directly modifiable. PECompact2's default loader employs some basic anti-debugging code to aid in prevention of reverse engineering. In addition,PECompact2 supports Loader plug-ins. Therefore, third parties can create custom loaders after purchasing the loader SDK.
|
PeCompact main purpose is to compress and create custom operations before, during and after decompression. That are the features which differs from other compressors/protectors (it isn't a protector but let's compare them). If someone had developed a custom dll with anti-debug tricks and executed its functions inside compressed executable then it's possible to encounter things you are discussing. Anyway, such tricks are not hard, since you can always unpack the executable after all loaders do their job (because they must stay out of compressed PE and DLLs).
PeCompact2 internal "anti-debug" and "anti-reverse" tricks are very old and weak, not to say it doesn't really contain them (for instance: it's enough to change one byte to disable checksum verification and modify any range of compressed executable you want).
Regards.