http://www.woodmann.net/bart/download.php?id=xt_fsg20.zip
or
http://tinyurl.com/37eqh

What?

what what , isnt it TOT forum?

Yeah, I just guess a small description would be in its place when posting a link to a file of warez release format which is also distributed from our own server, like e.g. "here is a packer I have created, and not really cracked and warezed, like the friggin nfo file in it says"...

Norton AV says:Bloodhound.W32.EF

and you trust it, shame on you

is because of low entrypoint?

i think becouse its shitty, and cant even emulate fsg's code (if executable != msvc or delphi then virus)

Interesting, I was cleaning up a W32/Spybot.worm.gen worm I just got, damned if I know how though since I never click on anything that might get me infected. I had to turn off my firewall though for access to a site, might have happened then.

Luckily I turned the firewall back on when I next logged on (dialup) and caught the worm in action, filenamed 'intersvc.exe' (UPX 0,1,2 packed). Started doing a bit of research after cleaning up, there are now >1000 variants of this worm, and found this entry about the worm:

"Some are encoded using FSG packer for PE executables".

http://hq.mcafeeasap.com/dispVirus.asp?virus_k=100282


'tis a shame your nice packer is used for this shite...
Ah well, such is the pitfalls of net travel.

K.

Kayaker, RTM?????????

Hmmm, you mean this...?

features:
+ designed for asm executable files (kg, cracks, trojans

Ya, I guess you're right

...still shite though

forgot to write one curious situation.

1. If this packer made for viri-trojs,
then Anti-Virs are doing good job, when FALSE-ALARMing!

2. But then, this packer will not be used by Viri-authors.

3. So then Anti-Virs will do bad job,
when FALSE-ALARMing & thay will remove FALSE-ALARM.

4. But then Viri-authors will think about using this packer..

5. GoTo 1.