In the wild:
PCK/ - Packer
Packer detection is a heuristic detection routine designed to detect common packers used by malware. Even though some packers are commercially available, many executables compressed with them are malware, or have a behaviour that presents a security or privacy risk.
Usually these packers employ encryption mechanisms and often manipulate the original executable code to hide the real functionality.
Please note that legitimate software may employ some of these commercial packers. A packer detection does not necessarily mean that the detected file is malicious. Due to this, enabling packer detection is usually only recommended for corporate users or for users who understand what runtime packers are and how to interpret a packer detection.
A PCK/ detected file is most likely not to be malicious if one or more of the following are true:
- The program is in use for a very long time and is known to the user
- The program was installed by the user himself
- The program comes from a trustworthy source
If you are ever unsure whether a PCK/ detected file is legitimate we highly recommend uploading it to
for further analysis.
In order to aggravate detection and reduce size of the file it is packed with a runtime packer.
说明添加者： Andrei Ivanes 打开 2010年3月19日星期五
说明更新者： Andrei Ivanes 打开 2010年3月19日星期五