F-Secure
Tools
Other:W32/Packed
| Name : | Other:W32/Packed |
| Detection Names : |
Packed.Win32 |
| Category: | Malware |
| Type: | Other |
| Platform: | W32 |
Summary
A malicious program which does not easily fit into any other malware category.
Disinfection
Manual Disinfection
F-Secure Anti-Virus may not be able to remove files, identified with the prefix Packed.Win32. automatically, so a user's action may be required to select proper disinfection action.
If a file, detected with the Packed.Win32. prefix is an executable with SCR, PIF, CMD, DLL or EXE extension, located in Windows, Windows System or in a root folder of C: drive, this file can be safely deleted or renamed. Here are the instructions on how to remove infected files that F-Secure Anti-Virus does not clean automatically:
Generic malware disinfection instructions can be found here:
F-Secure Anti-Virus may not be able to remove files, identified with the prefix Packed.Win32. automatically, so a user's action may be required to select proper disinfection action.
If a file, detected with the Packed.Win32. prefix is an executable with SCR, PIF, CMD, DLL or EXE extension, located in Windows, Windows System or in a root folder of C: drive, this file can be safely deleted or renamed. Here are the instructions on how to remove infected files that F-Secure Anti-Virus does not clean automatically:
Generic malware disinfection instructions can be found here:
Additional Details
Other:W32/Packed is our Generic Detection name for files that have been packed using file compressor programs purchased using stolen credit cards and/or hijacked "web wallet" accounts.
Malware authors use file compressor programs to compress their malware and thwart security programs attempting to scan, debug, emulate or unpack the compressed file as part of their normal security procedures.
Exact detection of the compressed file itself is problematic due to its polymorphic nature; therefore generic detection of the (usually static) "key" algorithm used to unpack the compressed file is used instead.
Note
If you find a legitimate file that is detected by F-Secure Anti-Virus as one of the following, please send it to us for review:
Malware authors use file compressor programs to compress their malware and thwart security programs attempting to scan, debug, emulate or unpack the compressed file as part of their normal security procedures.
Exact detection of the compressed file itself is problematic due to its polymorphic nature; therefore generic detection of the (usually static) "key" algorithm used to unpack the compressed file is used instead.
Note
If you find a legitimate file that is detected by F-Secure Anti-Virus as one of the following, please send it to us for review:
• Packed.Win32.PolyCrypt
• Packed.Win32.Tibs
• Packed.Win32.Klone
• Packed.Win32.CryptExe
• Packed.Win32.Exeref
• Packed.Win32.Katusha
• Packed.Win32.Krap