Real time protection vs On demand scan

Discussion in 'ESET Smart Security' started by papa33600, Feb 23, 2008.

Thread Status:
Not open for further replies.
  1. papa33600

    papa33600 Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    77
    Hello,

    I have a litlle problem with antivirus protection :

    if I try to download ardamax keylogger, ESS detects it as a threat and prevents
    me from doing so.
    Now I already have a copy of this program, and if I try to move it to another folder, ESS puts it in quarantine.
    But if I analyze the file with a right-click on demand scan, ESS does not detect
    any threat. Why?

    Thanks for your answers.
     
  2. ASpace

    ASpace Guest

    Ardamax is a keylogger and ESET detects it as Pottentially UnSafe Application.

    Your web-protection and real-time file system protection settings are configured so that detection for Pottentially UnSafe Application is enabled.

    When you right click to scan a file from the context menu , v3 uses a separate "Context menu" profile (this profile is different from the default "In-depth analysis" which is used when you perform "Standart scan" , for example.

    In 3.0.5xx or earlier right click scans were performed by one profile (In-depth analysis) . ESET have made 3.0.6xx versions with different profiles (in my opinion not a good idea).

    So , Ardamax is not detected when you right click it to scan it because its Pottentially UnSafe program detection is disabled with scans from the context menu.
     
  3. papa33600

    papa33600 Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    77
    OK, but I set on demand scanning to detect Pottentially UnSafe Application,
    (all options are checked in fact)...
     
  4. ASpace

    ASpace Guest

    But you set your In-depth scanning profile , not the one used for the context menu scans
     
  5. papa33600

    papa33600 Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    77
    OK sorry for the previous post, I understood now!
     
  6. ASpace

    ASpace Guest

    No , no , Excuse me . Mine doesn't detect it on-demand , too.

    ardm1.png

    ardm2.png



    Then , I think it can't see what is inside , can't unpack it to be scanned.
    When run the on-access will catch it.
     
  7. papa33600

    papa33600 Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    77
    Well HiTech_boy, I thank you very much for your answer, because indeed, if I set on demand scan to detect potentially unsafe apllications (ans also potentially unwanted apllications), then ardamax keylogger is detected as a threat.
    It's OK for me now. Thanks,

    papa33600
     
  8. ASpace

    ASpace Guest

    You are welcome , papa33600 ! :)
     
Thread Status:
Not open for further replies.