Eset support DOES reply to customers (in a fancy way)

Discussion in 'NOD32 version 2 Forum' started by angelo_lopes, Aug 11, 2004.

Thread Status:
Not open for further replies.
  1. angelo_lopes

    angelo_lopes Registered Member

    Joined:
    Mar 6, 2004
    Posts:
    145
    Location:
    Porto, Portugal
    This afternoon I laughed really loud. Please allow me to share this with you, NOD32 Forum Members. Hopefully it will advise Mr. "I'llkeepthenameprivate" at ESET's support the dos and dont's about sending e-mails.

    Here's my question to Suppport: "Yesterday, visiting a web site, NOD32 warned me about a "probably modified trojan VBS/Wisis.D". This is included in your NOD32 - v.1.837 (20040810). Since I can't find it's description in your Virus descriptions database, can you please send me further information on what is this trojan, and what it does".

    Today, 24 hours after my e-mail (and that's VERY good), I got ESET's reply. English is not my mother language, maybe I didn't place the question in a good English, so Mr. X answered me the meaning for "probably modified":
    "NOD32 was finding too many false positives so the description was modified".

    I'll be grateful if someone will come with further information on what is this trojan, and what it does.

    The funny thing: The e-mail I receive had a Aqua color background, a Blue font, and a .bmp screen shot attached. The e-mail size was 3,7MB plus.
    I believe the 3,616KB attachement would be a bit more then 300KB converted to jpeg. C'mon Mr. X. Even M$ Paint can convert files and colored backgrounds do not give your customers a Professional feeling.

    Thanks for making me laugh, anyway. I forgot the last time I did it :D ;)
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Detected by Nod32 since v.1.837 (20040810)

    More info here:

    http://www.sophos.com/virusinfo/analyses/vbswisisa.html

    Hope this helps...

    Cheers :D
     
  3. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Why do we have to go to other companies web sites to find out about detections with NOD?
     
  4. Alec

    Alec Registered Member

    Joined:
    Jun 8, 2004
    Posts:
    355
    Location:
    Dallas, TX
    I certainly agree in principle; however given a likely situation of limited manpower, I guess that I personally would prefer that those really knowledgeable about these things just keep pounding out detection code. That's to say, even without a great online/offline virus description database, I think that Eset is doing many other things so much better than its far larger rivals (i.e., Symantec/Norton, McAfee, Trend Micro, etc.) that I'm a pretty happy camper overall.

    BTW, many of you probably already know about this site (since I probably learned of it myself here at Wilders), but I think that this Virus Bulletin VGrep utility is pretty handy. You enter a search term and it shows how the various AV products list that particular entry. It's perhaps not extremely current, but nevertheless fairly useful, IMHO.
     
  5. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Exactly, I do know they are working on something, have been for a while...

    Cheers :D
     
  6. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    OK OK, I was just asking a question. I agree the detection code is way more important, It's just frustrating to tell people, Hey NOD stopped this but you have to go to Symantec's ( or Sophos or KAV or whatever) site to find out about the particulars.
     
  7. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Agreed, it's also not good for Eset, as in, we don't have the information available, you will have to go our opposition...

    Cheers :D
     
Thread Status:
Not open for further replies.