spy.spyanytime

I am interested in downloading a new program called rocket typing http://www.easy-to-use-software.com/html/rocket-typing and wonder if it is safe.

Two weeks ago using Nod V3 my download was aborted due to an alert. Since then I have upgraded to V4 which is supposedly better in detection. Just now I dl the file again - not a peep. I then scanned the file - clean.
I uploaded the file to jotti and virustotal and on jotti Dr.Web and Nod give an alert, on Virustotal only NOD says spy.spyanytime.

I am a bit confused - should my installed AV not show the same result? Given the overall showing is it likely that this is a fp?

I am running V4 "out of the box" - any config that should be changed to flag this program?

 

I assume it's a legit program that uses a dll exploited by keyloggers to log key strokes. ESET detects it as Win32/Spy.SpyAnytime potentially unsafe application (PUA). PUA cover legit tools that can be exploited for malicious purposes and are disabled by default.

 

Marcos,
thanks for that.

Still leaves two questions for me:
1) Is my current out of the box config for V4 less "thorough" or paranoid than my previous V3 set-up? Should I amend my set-up config?

2) why are jotti and antivirus showing different results for NOD? Are they using different versions?

 

They both have all settings enabled, including potentially unsafe applications (PUA). You can enable PUA individually for each module (ie. real-time, web, email protection, on-demand scanner, etc.) and add the dll to the exclusion list so that it's not detected.