I got a chance to try this out and i have to admit , job well done! I used some custom stubs of my own and even tho they bypassed runtime and scantime within the actual backdoor client i was using i could not retrieve any information other then system information like ( cpu,ram and pc name etc..) Obtaining a screenshot of the desktop resulted in a black page. Also i could not capture a webcam shot of the PC i had backdoored at home. Keylogger did not work as it caused the system to hang which im guessing might be a webroot feature of protecting the user.. Very nice protection and this is coming from a blackhat A hint a lot of crypters are using new methods of encryption i suggest taking a look into that . As you can see from myavscan ( a online scanner that uses 32 different anti-virus vendors ) - the file is fully FUD ~snip~ Scan results removed as per policy: Policy Regarding the Posting of Jotti/Virus Total Results Cheers~