Avira Virus Lab

  • Name
  • Date discovered
    Mar 2, 2018

Packer detection is a heuristic detection routine designed to detect common packers used by malware. Even though some packers are commercially available, many executables compressed with them are malware or behave in a way that presents a security or privacy risk.

Usually these packers employ encryption mechanisms and often manipulate the original executable code to hide the real functionality.

Please note that legitimate software may employ some of these commercial packers. A packer detection does not necessarily mean that the detected file is malicious. Consequently, enabling packer detection is usually only recommended for corporate users or for users who understand what runtime packers are and how to interpret a packer detection.

A PCK/ detected file is most likely not to be malicious if one or more of the following are true:
- The program has been in use for a very long time and is known to the user
- The program was installed by the user him/herself
- The program comes from a trustworthy source

If you are ever unsure whether a PCK/ detected file is legitimate we highly recommend uploading it to http://www.avira.com/en/support/submit_suspicious_files.html for further analysis.