ESET Insiders cutting_edgetech 25 Posted February 24, 2014 ESET Insiders Share Posted February 24, 2014 Does NOD 32 detect keyloggers if detection for Potentially Unsafe Applications is not enabled? I just read in the documentation that Keylogges are classified as Potentially Unsafe Applications. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted February 24, 2014 Share Posted February 24, 2014 Hello cutting edge tech, The following threads should provide some insight for you : https://forum.eset.com/topic/965-eset-and-keyloggers/?hl=keylogger https://forum.eset.com/topic/838-detection-of-commercial-keyloggers/?hl=keylogger https://forum.eset.com/topic/423-eset-nod32-fail-when-detect-award-keylogger/?hl=keylogger Link to comment Share on other sites More sharing options...
Administrators Marcos 5,290 Posted February 24, 2014 Administrators Share Posted February 24, 2014 Basically enabling potentially unwanted applications should suffice as keyloggers fall into this category. Link to comment Share on other sites More sharing options...
ESET Insiders cutting_edgetech 25 Posted February 24, 2014 Author ESET Insiders Share Posted February 24, 2014 (edited) Thanks for the links Marcos! I enabled detect Potentially Unsafe Applications last night, and today when I logged in NOD 32 blocked BundleOfferManager.exe which was installed with Camstudio a month ago. I explicitly declined all bundled software offers with Camstudio which was like 4 different offers if I remember correctly. I remember thinking how ridiculous it was to offer so much bloatware. It was the highest I have seen with any installer. Despite the fact that I declined all bundled software offers Camstudio installed BundleOfferManager.exe with the installation. NOD 32 informed me it attempted to run which is alarming to me since I was not even using Camstudio at the time it was blocked from running. I thought applications like this would be detected with Potentially Unwanted Applications enabled, but it was not detected until after I enabled detect Potentially Unsafe Applications. Maybe NOD 32 just started detecting this, or maybe it was because I did not have detect Potentially Unsafe Applications enabled until now. I have contacted Camstudio, and I also started a thread about it at Wilders . Btw.. This forum is still cutting off the last part of my post. I tried to reference a thread at WildersI started about this, but it removes it everytime. It removes anything I type below that also. So I will have to accept my incomplete post since it will continue to remove part of my post. Edited February 24, 2014 by cutting_edgetech Link to comment Share on other sites More sharing options...
Arakasi 549 Posted February 24, 2014 Share Posted February 24, 2014 Try resetting and clearing your browser cache. Which browser are you using ? Maybe it is just links that it is not letting you post and this has been brought up in the past as a browser issue. Try posting with a different browser and let us know your results. Link to comment Share on other sites More sharing options...
ESET Insiders cutting_edgetech 25 Posted February 24, 2014 Author ESET Insiders Share Posted February 24, 2014 I almost always use Firefox. I have IE of course, and I also have Opera installed. Link to comment Share on other sites More sharing options...
SweX 871 Posted February 25, 2014 Share Posted February 25, 2014 Thanks for the links Marcos! I enabled detect Potentially Unsafe Applications last night, and today when I logged in NOD 32 blocked BundleOfferManager.exe which was installed with Camstudio a month ago. I explicitly declined all bundled software offers with Camstudio which was like 4 different offers if I remember correctly. I remember thinking how ridiculous it was to offer so much bloatware. It was the highest I have seen with any installer. Despite the fact that I declined all bundled software offers Camstudio installed BundleOfferManager.exe with the installation. NOD 32 informed me it attempted to run which is alarming to me since I was not even using Camstudio at the time it was blocked from running. I thought applications like this would be detected with Potentially Unwanted Applications enabled, but it was not detected until after I enabled detect Potentially Unsafe Applications. Maybe NOD 32 just started detecting this, or maybe it was because I did not have detect Potentially Unsafe Applications enabled until now. I have contacted Camstudio, and I also started a thread about it at Wilders . Btw.. This forum is still cutting off the last part of my post. I tried to reference a thread at WildersI started about this, but it removes it everytime. It removes anything I type below that also. So I will have to accept my incomplete post since it will continue to remove part of my post. First, yes the toolbar (at least that's part of the detection name from ESET) that comes with defraggler from piriform in the standard installer is also detected as potentially unsafe. ESET would be best to answer why some apps fall in the unsafe or unwanted categories. Though I really I don't care what category they put them in as long as they are detected. Second, yes it is still happening for me too, luckily I always copy my posts before clicking on the "post" button so if some text disappears I just need to click edit, copy back the whole post, save it, and the text will stay in place. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted February 25, 2014 Share Posted February 25, 2014 Potentially unsafe applications fall in the category of utilities/IT tools/system enhancing products like registry cleaners, or authentic remote access programs etc. Potentially unwanted applications fall in the category of bloatware, like RegClean Pro, 24/7 Help, Conduit toolbar, Ask Toolbar, pretty much applications that don't do exactly what they say they do, or "junk". Hope this clarifies the two categories even just a little. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted February 25, 2014 Share Posted February 25, 2014 Hiren's has a lot of Potentially Unsafe Applications, but none of them are malicious; except the fake, injected or bundled iso's or sets of Hiren's floating around that aren't from their site. Link to comment Share on other sites More sharing options...
ESET Insiders cutting_edgetech 25 Posted February 25, 2014 Author ESET Insiders Share Posted February 25, 2014 I'm just glad NOD 32 detects them all. I was just trying to find an explination as to why NOD 32 blocked it about a month after the installation. I thought it might have been since I had just enabled Potentially Unsafe Applications. I'm very happy with NOD 32! I'm glad they detect this junk unlike many other AV's. Link to comment Share on other sites More sharing options...
SweX 871 Posted February 26, 2014 Share Posted February 26, 2014 (edited) Yes it's most likely detected now because of that you just enabled detection for Potentially unsafe applications. Edited February 26, 2014 by SweX Link to comment Share on other sites More sharing options...
Recommended Posts