Potentially Unsafe Applications

[cutting_edgetech 25]

Does NOD 32 detect keyloggers if detection for Potentially Unsafe Applications is not enabled? I just read in the documentation that Keylogges are classified as Potentially Unsafe Applications.

[Arakasi 549]

Hello cutting edge tech,

 

The following threads should provide some insight for you :
 

https://forum.eset.com/topic/965-eset-and-keyloggers/?hl=keylogger

https://forum.eset.com/topic/838-detection-of-commercial-keyloggers/?hl=keylogger

https://forum.eset.com/topic/423-eset-nod32-fail-when-detect-award-keylogger/?hl=keylogger

[Marcos 5,090]

Basically enabling potentially unwanted applications should suffice as keyloggers fall into this category.

[cutting_edgetech 25]

Thanks for the links Marcos! I enabled detect Potentially Unsafe Applications last night, and today when I logged in NOD 32 blocked BundleOfferManager.exe which was installed with Camstudio a month ago. I explicitly declined all bundled software offers with Camstudio which was like 4 different offers if I remember correctly. I remember thinking how ridiculous it was to offer so much bloatware. It was the highest I have seen with any installer. Despite the fact that I declined all bundled software offers Camstudio installed BundleOfferManager.exe with the installation.  NOD 32 informed me it attempted to run which is alarming to me since I was not even using Camstudio at the time it was blocked from running. I thought applications like this would be detected with Potentially Unwanted Applications enabled, but it was not detected until after I enabled detect Potentially Unsafe Applications. Maybe NOD 32 just started detecting this, or maybe it was because I did not have detect Potentially Unsafe Applications enabled until now. I have contacted Camstudio, and I also started a thread about it at Wilders .

 

Btw.. This forum is still cutting off the last part of my post. I tried to reference a thread at WildersI started about this, but it removes it  everytime. It removes anything I type below that also. So I will have to accept my incomplete post since it will continue to remove part of my post.

Edited February 24, 2014 by cutting_edgetech

[Arakasi 549]

Try resetting and clearing your browser cache.

Which browser are you using ?

Maybe it is just links that it is not letting you post and this has been brought up in the past as a browser issue.

Try posting with a different browser and let us know your results.

[cutting_edgetech 25]

I almost always use Firefox. I have IE of course, and I also have Opera installed.

[SweX 871]

Thanks for the links Marcos! I enabled detect Potentially Unsafe Applications last night, and today when I logged in NOD 32 blocked BundleOfferManager.exe which was installed with Camstudio a month ago. I explicitly declined all bundled software offers with Camstudio which was like 4 different offers if I remember correctly. I remember thinking how ridiculous it was to offer so much bloatware. It was the highest I have seen with any installer. Despite the fact that I declined all bundled software offers Camstudio installed BundleOfferManager.exe with the installation.  NOD 32 informed me it attempted to run which is alarming to me since I was not even using Camstudio at the time it was blocked from running. I thought applications like this would be detected with Potentially Unwanted Applications enabled, but it was not detected until after I enabled detect Potentially Unsafe Applications. Maybe NOD 32 just started detecting this, or maybe it was because I did not have detect Potentially Unsafe Applications enabled until now. I have contacted Camstudio, and I also started a thread about it at Wilders .

 

Btw.. This forum is still cutting off the last part of my post. I tried to reference a thread at WildersI started about this, but it removes it  everytime. It removes anything I type below that also. So I will have to accept my incomplete post since it will continue to remove part of my post.

First, yes the toolbar (at least that's part of the detection name from ESET) that comes with defraggler from piriform in the standard installer is also detected as potentially unsafe. ESET would be best to answer why some apps fall in the unsafe or unwanted categories. Though I really I don't care what category they put them in as long as they are detected. 

 

Second, yes it is still happening for me too, luckily I always copy my posts before clicking on the "post" button so if some text disappears I just need to click edit, copy back the whole post, save it, and the text will stay in place. 

[Arakasi 549]

Potentially unsafe applications fall in the category of utilities/IT tools/system enhancing products like registry cleaners, or authentic remote access programs etc.

Potentially unwanted applications fall in the category of bloatware, like RegClean Pro, 24/7 Help, Conduit toolbar, Ask Toolbar, pretty much applications that don't do exactly what they say they do, or "junk".

 

Hope this clarifies the two categories even just a little.

[Arakasi 549]

Hiren's has a lot of Potentially Unsafe Applications, but none of them are malicious; except the fake, injected or bundled iso's or sets of Hiren's floating around that aren't from their site.

[cutting_edgetech 25]

I'm just glad NOD 32 detects them all. I was just trying to find an explination as to why NOD 32 blocked it about a month after the installation. I thought it might have been since I had just enabled Potentially Unsafe Applications. I'm very happy with NOD 32! I'm glad they detect this junk unlike many other AV's.

[SweX 871]

Yes it's most likely detected now because of that you just enabled detection for Potentially unsafe applications.

Edited February 26, 2014 by SweX