A NOD32 HEADS UP

Discussion in 'NOD32 version 2 Forum' started by curious george, Aug 29, 2007.

Thread Status:
Not open for further replies.
  1. curious george

    curious george Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    218
    Well I was downloading a file a while back and i had nod32 and avg anti spyware running. I always scan files before opening and running and such so I scanned the file with NOD32 and it came out clean. When i double clicked it, AVG AS pop out a whole bunch of crap so to say warning me about the stuff that was on there. NOD32 had failed to catch one of the most common keyloggers (Ardamax Keylogger) and some other random trojans. Im not here to complain but rather give you guys a heads up on the updating. Good luck guys.
     
  2. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    Thanks, but i guess what would be really helpful is if you send a sample to eset. That way it might be included in a update in the close future.

    And for the record i tried to download the Ardamax Keylogger trial from ardamax.com/keylogger and nod32 popped up and blocked the download. Said it was "a variant of Win32/KeyLogger.Ardamax". That's the only file i could find to test it myself.
     
    Last edited by a moderator: Aug 29, 2007
  3. ASpace

    ASpace Guest

    Most likely it is already detected . By default in NOD32 Potentially unsafe applications are disabled for all modules and according to ESET NOD32's help file keyloggers are detected under this cathergory

    https://www.wilderssecurity.com/showpost.php?p=1063580&postcount=2


    @ curious george
    Please , check your settings against Blackspear's tutorial of NOD32 v2
    https://www.wilderssecurity.com/showthread.php?t=37509
     
  4. curious george

    curious george Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    218
    The thing is, it was encrypted I guess and it was a LONG time ago. Also I have setup NOD32 to automatically detected potentially harmful software. Im not horrible with computers and all. The only thing that is disabled with NOD32 is the outlook express monitor which i dont use outlook so i find it pointless to have on. But in any case ill try to find that file again. Who knows maybe they did update it -_-
     
  5. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    Encrypted files would be impossible to detect, but should be possible to detect when decrypted. If it was a long time ago i don't think it's really relevant at all anymore. Nod32 is normally updated at least once (often more) each day with new virus defs. If it's a long time ago then i'm pretty sure nod32 will detect the keylogger now if it's correct that it didn't at some point. Also when i tried to download the keylogger it was detected for sure. So i really don't think this warning is relevant or accurate at this point for the users of nod32.
    If you find something that nod32 is not able to detect you should submit the sample to eset right away and not wait for a long time because in that case a lot of others most likely already sent a sample to eset and eset already updated the defs.
     
  6. rogervernon

    rogervernon Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    289
    NOD detected and blocked that download for me within the last minute!
     
Thread Status:
Not open for further replies.