Guest Chuck Posted July 22, 2013 Share Posted July 22, 2013 I've been trying to log into the support forum for a few hours now, even using the password recovery system is not working, as I still get an invalid user/pass after resetting. So I had to come to this forum to try and get an answer to my question. Can anyone here verify that there is a real threat at a site I do business with regularly? The web site is "www.neuromedinc.com" I am denied access to the web site, and I get a popup stating a trojan is found and a reboot is needed to clean my system. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,168 Posted July 23, 2013 Administrators Share Posted July 23, 2013 I've tested the password recovery feature by entering my nick in the form and subsequently received an email from the system. The website in question is not blocked; it's a malicious external script that is detected. In the future, feel free to report potential false positives to ESET as per the instructions here. Link to comment Share on other sites More sharing options...
Guest Chuck Posted July 23, 2013 Share Posted July 23, 2013 I've tested the password recovery feature by entering my nick in the form and subsequently received an email from the system. Well that is not a solution for us. If I were to type in "guest chuck" or "chuck" the e-mail delivery system would not know where to send an email, now would it. Bottome line is, the new password sent to my email doesn't work. I still get redirected to the "Invalid username or password" page. The website in question is not blocked; it's a malicious external script that is detected. So the web site is making a call to a java or c script file and there is a virus attached to it? Most web sites make calls to "external' scripts, that is a broad and generalized response we're not finding useful. In the future, feel free to report potential false positives to ESET as per the instructions here. That link is useless in this case, due to it being based on zipping and sending a file. Wheres the link to send an entire web site? This is business software?!? One event and one response leaves a sense of extreme dissappointment. The e-mail password recovery system has failed, which in turn makes one think that the people coding the web site seem ameture, and the "support" forum feels like getting a tier one "tech" from an ISP. Are we better off just getting a refund at this point? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,168 Posted July 24, 2013 Administrators Share Posted July 24, 2013 Just to make it clear, with a guest account you don't use any password to log in to this forum so using the password recovery feature makes no sense until you create an account. Authentication with a username and password is required only for registered users. If you created an account and now report this as a guest because you couldn't log in, please supply me with your registered username so that I can check the status of your account. So the web site is making a call to a java or c script file and there is a virus attached to it? Most web sites make calls to "external' scripts, that is a broad and generalized response we're not finding useful. Yes, there's a line in the source that loads a java script from another url. Also the script is bounded with typical malware markers. As for reporting blocked URLs to ESET, there's a section in the above mentioned KB article called "Email – Report a blocked website or false positive" towards the end of the article with simple instructions how to proceed. Link to comment Share on other sites More sharing options...
Guest Chuck Posted August 12, 2013 Share Posted August 12, 2013 samples@eset.com is the address to report a false positive on a web site to, and yet..again on our last attempt.... Your message did not reach some or all of the intended recipients. Subject: Domain whitelist - www.neuromedinc.com Sent: 8/12/2013 2:30 AMThe following recipient(s) cannot be reached: 'samples@eset.com.' on 8/12/2013 2:30 AM Server error: 'Invalid recipient' Not Business Software....... Link to comment Share on other sites More sharing options...
segFault 2 Posted August 12, 2013 Share Posted August 12, 2013 See if the email address you used has a period (as it shows above), if it does, remove the period and resend. if it was sent as 'samples@eset.com.' it likely failed due to the period. Regards, segFault Link to comment Share on other sites More sharing options...
Guest Chuck Posted August 13, 2013 Share Posted August 13, 2013 @segFault, Thank You for pointing that out. It was assumed that the email address samples@eset.com being unreachable was just more of the same with this "business" software. Link to comment Share on other sites More sharing options...
Recommended Posts