I Checked it, I did not run it, but um . . . yea Kaspersky doesn't detect it from a file scan so I cant say its anything . . .(looking through asm machine code)Quote:
can somone check please if this verify is a backdoor program ?
[Only registered and activated users can see links. Click Here To Register...]
Um Ok heres the run down of what i got after decompiling it.
It makes a few refferance calls to advapi32.dll
which can be used eather as a malicious dll ( to hide from system process)
or as a networking dll so it may actually be ok!
There is only one refference to keyboard state and tons of refferences to winsock controls ( Server emulation / pinging tools)
so
this might actually be real!
but
It might be BOTH REAL AND A KEYLOGGER!! ;) so only way to tell is to
Run the program on a computer you don't care about and check if it does anything naughty
You can check what other computers/ networks your connected to by using
Start - > RUn - > Cmd -> Netstat
this will list all open connections that you have
Like if you have a browser open on google. . . it will show you google's Ip address etc.. . .
So I would say TEST THIS 1 !
Ps: where did you get this file?
also I think it was coded using Vb6 ;)