formingus 2 Posted January 22, 2023 Share Posted January 22, 2023 I am in GSM unlock business , sometimes protection are spread over my hard drive. Once i get hacked and now i am using Interactive mode of Firewall. I got some outbound connection for some test.dat. Scanning will not show any thing , is there a way to send for deep analyze of this file ? Because it maybe some protection of my software that use outbound and in this case if i block it my software will not work certain things! Link to comment Share on other sites More sharing options...
Solution itman 1,746 Posted January 22, 2023 Solution Share Posted January 22, 2023 (edited) TCP Port 1688 is used by Microsoft's KMS service: https://www.speedguide.net/port.php?port=1688 . That is its used to verify the license status of Microsoft software such as Office, etc.. The first question is if you are using license cracking software such as KMSAuto? You mention GMS unlock activities which I assume has something to do with unlocked cell phones? Perhaps this test.dat file is associated with that. In any case, with zero detection's of it at VT, it doesn't appear to be malware. However your posted screen shot results shows a 4 year old scan result. Run a reanalyze on the file at VT. Edited January 22, 2023 by itman Link to comment Share on other sites More sharing options...
Recommended Posts