Packed FSG (aka Eldorado?) - real malware?

[Virus Guy]

I'm trying to locate and download a cracked, hacked or otherwise
ultra-low-cost version of this software:

DeskShare Security Monitor Pro

This IP-camera monitoring software. It seems that version 2.41 has been
hacked or cracked a couple of years ago, because I keep finding
references to that specific version all over the place.

I found a rapidshare link to this file:

DeskShare.Security.Monitor.Pro.v2.41.WinAll.Cracked-CRD.rar

And a mediafire link to this file:

cje0168a.rar

Which seem to contain the same files. The crack here is to install the
trial app (which I think is supplied) with an alternate copy of the main
exe file (Security Monitor Pro.exe).

When that file is scanned at VT, the result is:

http://www.virustotal.com/file-scan...549052a3366408a6f0577c6e3cfca4dc90-1303784279

The result looks nasty, including various references to FSG, Eldorado,
and un-specified generic terms (Suspicious, unclassified riskware,
"Trojan Horse", etc).

I'm wondering if this file really is true malware, or if it's just
pushing all the right buttons resulting in a lot of false positives -
perhaps only because of how it's packed (FSG - what is that?).

comments?

 

[Shadow]

I'm trying to locate and download a cracked, hacked or otherwise
ultra-low-cost version of this software:

DeskShare Security Monitor Pro

This IP-camera monitoring software. It seems that version 2.41 has been
hacked or cracked a couple of years ago, because I keep finding
references to that specific version all over the place.

I found a rapidshare link to this file:

Don't use rapidshare files/fileshare/Megaupload/etc for
programs. If you really need something, use a torrent, and check the
comments on that torrent. If the torrent does not exist, the program
probably is not worth the trouble.

comments?

I downloaded the Demo, just out of curiosity. It comes packed
with Inno Setup, at 9Mb(far away from your 5Mb).
The unpacked Security Monitor Pro.exe is written in Net 2005
(Aggghhh) and uses inflate 1.2.3 by Mark Adler to unpack it into
memory. The Demo is the full version that has not been activated by a
(double) serial number.
You obviously downloaded malware.
IMHO
[]'s

 

[Virus Guy]

I downloaded the Demo, just out of curiosity. It comes packed
with Inno Setup, at 9Mb(far away from your 5Mb).

Here's what I downloaded:

http://rapidshare.com/files/123849290/DeskShare.Security.Monitor.Pro.v2.41.WinAll.Cracked-CRD.rar

And this:

http://download387.mediafire.com/2h3dcalckphg/tyn1ci2zwvw/cje0168a.rar

I tried to torrent this:

http://www.seedpeer.com/details/3355088/Security-Monitor-Pro-4.33.html

But even though it was showing several hundred peers and seeds, I was
never able to connect with any of them for some reason.

 

[sh@dow]

I tried to torrent this:

http://www.seedpeer.com/details/3355088/Security-Monitor-Pro-4.33.html

But even though it was showing several hundred peers and seeds, I was
never able to connect with any of them for some reason.

False torrent, false seeders. They seem to want your IP for
something. No idea what. Maybe to scan you for vulnerabilities ?
[]'s

 

[gufus]

Hello, sh@dow!

False torrent, false seeders. They seem to want your IP for
something. No idea what. Maybe to scan you for vulnerabilities ?

What else is new...
--
Golden Rule of Usenet

"Thou Shalt NOT excessively annoy others or
allow Thyself to become excessively annoyed."

Message-ID: [email protected] Sent at 21:14