I contacted AVG, and their responses were, at best, "scripted" (and practically useless).
Whether or not "SPECIAL.EXE" was/is actually "packed" by FSG is effectively immaterial. The key point is that AVG thinks it is, and "flags" it, accordingly.
The "thing" is that AVG doesn't currently have the capability to "decompress" an FSG-packed module, so it can't "scan" it, so... it "flags" it, and puts the ball in "our court"...
The bottom line is that FSG-packed s/w are "suspect", in that they MAY be (or contain) malware... or not. In the case of THIS "special.exe", the correct seems to be "not". At least, one hopes....
FWIW, I found the following post on CNET, which explains "packing" quite well.
runtime packed fsg
by ManicWaldo - 5/10/09 3:03 AM In reply to: How dangerous is "runtime packed fsg" by auto78900
"Runtime Packed FSG" is not dangerous at all, not in any shape, manner or form. It's a "signature" that a particular program was used in making the file. It's a program designed to "pack" a program (.exe, etc) into a smaller size. FSG = Fast Small Good.
Now why does it show up in AV software?
Because malicious code writers use it frequently to:
1. pack their virus/malware executable files
2. make it harder for AV software to unpack the file and look for malicious code
It was used in legitimate programs also, but not much anymore because there are new and better packers available. And some not so legitimate, such as key generators made for software theft.
So what the Anti-Virus program is saying, "I don't know for sure if this is anything bad, but it was packed with a program that is often used to pack virii. So use at your own risk."
Since "runtime packed fsg" is not malware or a virus or anything bad in and of itself, you won't find much clear information about it. All the AV software is identifying is the fact that a "packer" program called "FSG" was used.
Here's an example of one of the latest greatest packers in legitimate use:
PECompact
PECompact compresses Windows modules (EXE, DLL, SCR, etc..) substantially, while leaving them able to be run just as before. At runtime, compressed modules are rapidly decompressed in memory. Smaller (<50%) size usually means quicker load time. PECompact generally compresses files much smaller than if they had been compressed by modern data compression software such as RAR.
