January 22, 2009 at 13:43Why did Yandex buy a Punto Switcher? Version 1.0
I remember when it only became known that Yandex had bought the rights to the Punto Switcher, the question immediately arose “Why?”. It seems like you can’t shove the advertisement into it, punto itself is free ... Yandex simply acquired a popular chip, “for the image”? Well, maybe. However, it seems to me that such a massive program can be used for research purposes. Details under the cut.
Here is what AVZ gives out on every scan:
It’s clear that this is not a malicious keylogger at all. It’s just possible that punto helps track audience preferences. So, maybe the guys got their bearings on time and turned the little program into an ideal marketing tool.
PS Perhaps someone already wrote about this, but the search yielded nothing. I may be mistaken, but this is just a hypothesis. No more than speculation.
Here is what AVZ gives out on every scan:
C: \ Program Files \ Punto Switcher \ pshook.dll -> Suspicion of Keylogger or Trojan DLL
C: \ Program Files \ Punto Switcher \ pshook.dll >>> Behavioral analysis
1. Responds to events: keyboard, mouse
2. Transfers data to the process: 2100 C: \ Program Files \ Punto Switcher \ punto.exe (window = "Punto Switcher Main Window")
3. Finds out which window is in the focus of input
4. Interrogates the state of the keys
5. Interrogates the status of the keyboard
6. Interrogates the active keyboard layout
C: \ Program Files \ Punto Switcher \ pshook.dll >>> Neural network: a file with a probability of 83.43% is similar to a typical keyboard / mouse event interceptor
It’s clear that this is not a malicious keylogger at all. It’s just possible that punto helps track audience preferences. So, maybe the guys got their bearings on time and turned the little program into an ideal marketing tool.
PS Perhaps someone already wrote about this, but the search yielded nothing. I may be mistaken, but this is just a hypothesis. No more than speculation.