Adware takes hardware fingerprint & screenshots

[Elixer]

In the never, ever install adware category, here is some crap adware that does a screen shot of your desktop...

When Faster Internet is installed it will create a fingerprint consisting of information related to your motherboard, CPU, hard drives, network adapters, and other information about your computer. This information is then uploaded to the developers server. It will then take a screenshot of the active display on your computer at the time of the install and send this screenshot along with your IP address to the a.duofoldmortify.online/buploada.php URL.

http://www.bleepingcomputer.com/new...-your-active-windows-without-your-permission/

 

[lxskllr]

A detection rate of 9% from VirusTotal. A/V's bordering on useless.

 

[TheRyuu]

A detection rate of 9% from VirusTotal. A/V's bordering on useless.

Just to play devils advocate here, VirusTotal detection rates are not comparative to the actual detection rates that you would have if each of those A/V's was installed on a computer and the sample ran through it. VirusTotal uses them via the command line and the complete feature set of the A/V's is often not enabled when using them from the command line.

That being said I certainly won't argue with the fact that A/V's aren't very effective for the types of threats we're seeing more and more of nowadays.

 

[Elixer]

Just to play devils advocate here, VirusTotal detection rates are not comparative to the actual detection rates that you would have if each of those A/V's was installed on a computer and the sample ran through it. VirusTotal uses them via the command line and the complete feature set of the A/V's is often not enabled when using them from the command line.

Well, VT does say this about how this compares...

A given antivirus in VirusTotal detects a file and its equivalent commercial version does not

VirusTotal antivirus solutions sometimes are not exactly the same as the public commercial versions. Very often, antivirus companies parametrize their engines specifically for VirusTotal (stronger heuristics, cloud interaction, inclusion of beta signatures, etc.). Therefore, sometimes the antivirus solution in VirusTotal will not behave exactly the same as the equivalent public commercial version of the given product.
...
Each antivirus solution present in VirusTotal makes a signature update infrastructure available to VirusTotal. VirusTotal periodically polls this infrastructure (each 15 minutes) in order to see if there is anything new to download. Therefore, if the last update date for new file scans is old it is because the given antivirus vendor has not released any new signatures for VirusTotal.

So, the versions of the AV on VT are usually more powerful than what a home user is running, and they update every 15 mins.

 

[VirtualLarry]

Sounds like attempted extortion.