It’s a somewhat more complicated installation than we’re used to with GOTD offers, though not nearly as bad as apps like Nero Ult. or VSP, but what sparks my concern is the inclusion of winpcap. It’s older, no longer supported software, for the purpose of monitoring network activity & capturing that data. I can’t think of why they’d want or need that, but even assuming complete & total innocence on the developer’s part, it opens a door I don’t want opened – cybercriminals have long used winpcap, still use it, & I’d rather not have it installed. 2nd, it’s fair to assume that the developer uses winpcap to collect data, so how well is that data going to be protected? Is there an infrastructure that manages all these winpcap installations, and is it likely to be hacked? 3rd, their winpcap installation adds a driver, npf.sys, that’s caused problems in the past – Google & you’ll get hits referencing BSDs. It’s no longer updated, but win10 is, perhaps too often, and as a driver that loads with Windows, it can break the process of Windows starting. That’s another risk I’m not willing to take.
I wish I could say more about AceThinker Video Master itself, but it won’t run in win7 or win10 VMs, nor will it run in win10’s Sandbox. I can say that in addition to the program’s folder, folders are added to ProgramData, Users\ [UserName]\ AppData\ Local, Users\ [UserName]\ AppData\ Roaming, Users\ [UserName]\ Documents, & C:\Usr. 3 files are added to C:\Windows\ System32 -- Packet.dll, pthreadVC.dll, & wpcap.dll, while npf.sys is added to C:\Windows\ System32\ Drivers. When uninstalled folders in ProgramData & Users\ [UserName]\ AppData\ Roaming remain, though the biggest concern, the winpcap driver, is removed.
winpcap[.]org/
shouldiblockit[.]com/pthreadvc.dll-f04a90f917ba10ae2dcbe859870f4dea.aspx
winpcap[.]org/docs/docs_412/html/group__packetapi.html
bleepingcomputer[.]com/startups/npf.sys-16912.html
winpcap[.]org/docs/docs_412/html/group__NPF.html