Samples

Discussion in 'ESET Smart Security' started by smilinguido, Aug 24, 2009.

Thread Status:
Not open for further replies.
  1. smilinguido

    smilinguido Registered Member

    Joined:
    Aug 24, 2009
    Posts:
    4
    Guys, unfortunately eset does not answer to a new virus sample

    I explain: I am using the new eset smart security 4 437 home edition and i tried to send virus samples to anyways (by email, by http://www.eset.eu/support/form, by eset interface, etc) but eset takes a lot of time to launch a vaccine for the virus...

    In my case, i tried to send to eset labs a keylogger that my eset does not detect anyway, and until now, eset still does not detect it

    So, why it happens?

    There is a form to contact eset and to garantee they releases a vaccine for the virus i send? There is an correct email or a really contact form i can sending a sample and eset can answer me, with garantee?

    Howo_O

    Please, anyone, answer me

    Thanks

    Mark


    :doubt:
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    For isntructions on submitting suspicious files or false positives, read this article. In the email should enclose as much information as possible, inlcuding whether the file was running on a computer when you discovered it.
     
  3. smilinguido

    smilinguido Registered Member

    Joined:
    Aug 24, 2009
    Posts:
    4
    Ok, was a mistake...i put 2 threads unintentionally....i didnt see it..so sorry...

    Well, about my doubt still continues..I did it a few days sending the sample as you said..I saw this article (http://kb.eset.com/esetkb/index?pag...earch&viewlocale=en_US&searchid=1251094132680) but even eset does not answer me and he did not send to me a vaccine for the virus....

    I ask for you or everybody a question:

    Is there any correct form or email or anyother way the eset can answer me for sure and garantee to give to me a vaccine in the next updates from my eset? the purpose of my eset can detect it so soon?? How they garantee it??

    Bye

    o_O
     
  4. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    You will barely see Eset's reply to your mail with suspicious files. They do never reply unless they need additional information. I may understand your disappointment but they need to evaluate a file, compile appropriate AV definition, thoroughly test it and finally release it for public. All the said is time consuming. Nevertheless sometimes Eset seems to me sluggish as well. However keep in mind that not all files submitted to Eset are recognized as a risk in the end. Eset is renowned for low false positives.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    What was the subject of the email and the domain part of the email you sent it from?
     
  6. smilinguido

    smilinguido Registered Member

    Joined:
    Aug 24, 2009
    Posts:
    4
    Guys, I sent all informations about this sample and my computer, but even eset does not answer me...and responding to you, marcos, i put in the subject the following text as eset in website asks: " Nod Sample" and i tried to put " suspected infection" but nothing

    Even this way eset does not reply and does not launch a vaccine for the virus...


    What i do nowo_O

    :thumbd:
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I've searched received emails for "Nod Sample" but did not find any. On the contrary, the subject "suspected infection" was often used by malware hunters who submit bunches of files on a daily basis so I gather these weren't from you either. I'll drop you a PM so that you can reply me with your email address.
     
  8. smilinguido

    smilinguido Registered Member

    Joined:
    Aug 24, 2009
    Posts:
    4
    Dear friend..

    As you said i am sending the emails i tried to contact

    cases.438708.420732_5623825_3435093.e66ed1a034@cases.netsuite.com>

    info@datsec.de

    samples@eset.com.br

    and

    samples@eset.com


    All without success

    Please help me!

    P.s I put in subject to samples@eset.com.br like this: "[nod32sample]
     
  9. ASpace

    ASpace Guest

    No , they do reply , but don't reply to the public.


    So does each and every AV vendor .


    Yes , but most others do have time to also inform the user . They also have time and resourses to "release a vaccine" when neccesary in a prompt manner . ESET always seems to be sluggish , IMO.
     
  10. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    As I wrote, you should email suspicious files to samples[at]eset.com as written in the KB article. Emailing distributors all around the world won't help as they confine technical support only to their country and users.

    I've already tried:
    1, searching samples emails for "nod32sample", "Nod Sample" and "suspected infection" as you advised. The first two didn't give any results, the latter subject is often used by malware hunters so I gather your mail wasn't among them either.
    2, I've PM'd you and ask for the email address you used for submitting the file in question. Still haven't got a reply, instead you keep replying in this thread and I still don't have the most important information necessary to locate your sample.
     
  11. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    and thank you for saying that beause it proves a couple of points. One they just dont make changes on the fly to satisfy people, they actually take the time to test samples before adding them. And as I have learned of late, it is almost less problematic to get a trojan then to have your software detect a FP and you delete it. It can play havoc on ones OS. So, Eset still has very high detection rates with, as you said, low FPs, and that is just fine with me.
     
  12. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    This reputation has recently been destroyed by the average of 1 serious FP/month. Look around.
     
  13. Brambb

    Brambb Registered Member

    Joined:
    Sep 25, 2006
    Posts:
    411
    Location:
    The Netherlands
    I dont recall any 'serious' FP really, I dont call the installer of Adobe flash player a serious FP.
     
  14. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Feel free to use the search function.
     
  15. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    To ASpace: Thx for your reply :D , no offence but probably you didn't have the honour of experiencing other AV vendors. There are dozens out there much worse than Eset.

    To funkydude: I have been using Eset products for more than 7 years and I was having only 1 false positive all around. Saying 1 FP per month counts 12 FPs per year, considering amount of AV definitions issued per year and thus the protection provided, do you really think Eset's reputation has been damaged? Look for competitors' results.
     
  16. danieln

    danieln Eset Staff

    Joined:
    Jan 7, 2009
    Posts:
    112
    False positives cannot be counted by absolute numbers only. Every FP differs depending the number of affected users and severity (flagging a windows file is much different than flagging some crack).
     
  17. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    Yes, you are absolutely right but I aimed to defend Eset a little :D. My only FP was an *.exe file of Your Uninstaller 2008. I reported that file according to KB and in afternoon's AV definition release, it was already corrected. So, the reaction time was less than 2 hours what for a non-windows file with low severity is acceptable, indeed.
     
  18. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I dont doubt you, I know you are smart when it comes to this, well except in one area which we will discuss in a minute.;)

    But FD is right and it can happen. All vendors are constantly tinkering their heuristic settings all the time and it can make things better, or it can screw a lot up. So hopefully Eset untweaked this one. But in the past, they have been one of the best at low FPs, but I agree, one bad one can create havoc my friend.

    Now, your sig, is the past reference to a product you used with a line through it really called for. You almost would have to admit that would be more along the lines of something I would do. Your words are your best advocate for makig your points, not props.;)
    Jeff
     
  19. ASpace

    ASpace Guest

    Worse in what ?! Worse in detection -> Yes , there are . Worse in speed -> Yes , there are . Worse in performance -> Yes , definitely . But there is noone worse than ESET in reaction (support and samples detection) .

    ESET company has a great product and this is what still keeps them on the top . However , this product is from the very best past . Even the current product/version is more or less like the one they had (resembles v2) . Great product - poor service -different people . The bigger the ESET , worse the service.

    If you still think that "There are dozens out there much worse than Eset." , start digging in the nasty side of the Web , find a new malware (barely detected by vendors) , submit it to ... let's say Kaspersky , Microsoft , AVIRA , Symantec and check out their reaction(s) . Additionally , if you happen to be an IT administrator and you come across a real infection resident on one of your machines/servers , I am sure you'd prefer ESET to add detection ASAP - not a whole week later or ... never (as it has happened).
     
Thread Status:
Not open for further replies.