does nod32 detect martins undetectable keylogger

Discussion in 'NOD32 version 2 Forum' started by theshadow247, Nov 19, 2006.

Thread Status:
Not open for further replies.
  1. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    i just installed nod32 2.70.16 with latest signatures.1870.and scanned the keylogger archive and nod found nothing.then i unrared the file and scanned and still nod didnt detect it.i even installed it on a vertuale drive and nod still didn't detect it.i then did a on demand scan.but still nod didn't find the keylogger.iam using black spears settings....
     
  2. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    If you have a sample that you think ESET may like to look at, please upload a sample at www.virustotal.com and email it to samples@eset.com per instructions here and include any relevant information and a link to this thread.

    Cheers :)
     
  3. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    hi.NOD32 user.i will send it to eset.the only reason i scanned it with nod32 is.i already scanned it with antivir 7.and kaspersky 6.0.1.411.and both detected it in the archive.system safety montor free also detected it.i was shure nod would of found it to but it didnt..
     
  4. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    :)

    Cheers :)
     
  5. daveiw

    daveiw Registered Member

    Joined:
    Nov 19, 2006
    Posts:
    72
    Location:
    UK
    It is for this very reason I keep Ewido resident scanner running alongside Nod. Ewido found the nasty immediately. ;)
     
    Last edited: Nov 19, 2006
  6. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    thats exactly why i use system saftey monitor it detected it rite away.when i scanned it with antivir.and kaspersky system safety monitor found it first.and its alot liter than ewido in real time.i tested the file at virus total and a handful of av's detected it.iam suprised that nod32 doesnt detect it though huristics though...
     
  7. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    No solution can offer 100% detection of everythign 100% of the time and this is the reason why it is best not to fully rely on only one product regardless of how good it is.

    Cheers :)
     
  8. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    hi.NOD32 user.i agree with that.but.with nods track record you would think that it would catch a keylogger that other av's with less of a track record of nod32.for me thats the suprise.i dont mean to put nod32 down iam still using it.so this is not a flame post agains nod....
     
  9. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    It may be one of two things......The keylogger may not have been active at the time so NOD32 catches actual threats, not pending threats. Two - NOD32 is not primarily an anti-keylogger so it may not have "caught" an active keylogger at this time. That a good anti-virus programme catches anything in addition to viruses is a good thing!
     
  10. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    Just a thought, but when nod32 was used to scan the keylogger, the detection of "potentially dangerous applications" must be turned ON - or it will NOT be detected.
     
  11. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    hi.Q Section.you make a very good point about the active threat.i didnt let it get to that point i should of because i was using shadowuser and was in shadow mode where nothing could of happend enyway.i will test it again to see.thanks for bringing up that point.and yes webyourbusiness.potentially dangerous applications.was turned on....
     
  12. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,731
    Location:
    New York City
    Nod32 now catches Martin's Undetectable Keylogger as Win32/Spy.Keylogger LFTrojan. Amon caught it both upon execution and extraction of the ZIP archive. Good job Eset !!
     
Thread Status:
Not open for further replies.