Webslinger 2 Posted October 17, 2013 Share Posted October 17, 2013 (edited) Asus RT-AC66U firmware 3.0.0.4.376.1123 (latest official firmware) Eset SS 7.0.317.4 Virus signature database: 10229 (20140809)Rapid Response module: 4544 (20140809)Update module: 1051 (20140409)Antivirus and antispyware scanner module: 1434 (20140729)Advanced heuristics module: 1152 (20140724)Archive support module: 1206 (20140702)Cleaner module: 1098 (20140801)Anti-Stealth support module: 1060 (20140514)Personal firewall module: 1220 (20140709)Antispam module: 1027 (20131119)ESET SysInspector module: 1241 (20140410)Real-time file system protection module: 1007 (20111129)Translation support module: 1232 (20140624)HIPS support module: 1138 (20140709)Internet protection module: 1138 (20140711)Web content filter module: 1028 (20121113)Advanced antispam module: 1807 (20140808)Database module: 1058 (20140319) Using Automatic firewall setting Windows 8.1 Pro x64 Access is timing out to asusnetwork.net (or the router's internal IP) for router's web access. Firefox, IE, Chrome . . . doesn't matter. Neverending cycling attempt by browser to access router. Eset 6 worked fine. Tried adding router IP to IDS exception. Doesn't help. This may be related: https://forum.eset.com/topic/569-eset-nod32-antivirus-and-eset-smart-security-70104-beta-released/#entry2888 Edited August 9, 2014 by Webslinger Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted October 17, 2013 Administrators Share Posted October 17, 2013 Does disabling firewall via gui actually make a difference? Link to comment Share on other sites More sharing options...
Webslinger 2 Posted October 17, 2013 Author Share Posted October 17, 2013 (edited) Does disabling firewall via gui actually make a difference? Sometimes, but it's erratic. I'm erasing broswer cache each time to ensure the cache isn't affecting testing results. Edited November 12, 2013 by Webslinger Link to comment Share on other sites More sharing options...
Webslinger 2 Posted October 17, 2013 Author Share Posted October 17, 2013 I'm seeing this a lot in my Eset logs, but I have no clue if this is what's causing the problem: 2013-10-17 1:36:14 PM Communication denied by rule 172.30.1.1:34961 239.255.255.250:1900 UDP Block incoming SSDP (UPNP) requests for svchost.exe C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE2013-10-17 1:35:59 PM No application listening on the port 172.30.1.1:80 172.30.1.2:51807 TCP 172.30.1.1 is the router 172.30.1.2 is the local computer initiating the request over the browser Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted October 17, 2013 Administrators Share Posted October 17, 2013 Make sure that the IP address 172.30.1.1 is in the Trusted zone. Then check IDS settings in the advanced firewall setup and make sure that UPnP is allowed for system services in the Trusted zone (enabled by default). If turning off the firewall doesn't resolve the issue at all times, try disabling application protocol filtering in the advanced setup. Let us know about your findings. Link to comment Share on other sites More sharing options...
Webslinger 2 Posted October 17, 2013 Author Share Posted October 17, 2013 (edited) The router is in the trusted zone. UPNP is not allowed for system services in the Trusted Zone by default. You can check this yourself by clicking the "default" button. The checkmark will disappear. Anyway, I enabled it. Doesn't really seem to help. On rare occasions I can suddenly access the router. I have no clue where application protocol filtering is located in advanced setup. Edited October 17, 2013 by Webslinger Link to comment Share on other sites More sharing options...
Webslinger 2 Posted October 18, 2013 Author Share Posted October 18, 2013 Does disabling firewall via gui actually make a difference? Actually, I don't think it does. I just dropped it again, and this time that didn't make a difference at all. This issue almost appears random, so it's hard to pinpoint. But it happened right after I uninstalled 6 and installed 7. Link to comment Share on other sites More sharing options...
Webslinger 2 Posted October 18, 2013 Author Share Posted October 18, 2013 (edited) I just reverted back to Eset 6. *poof* Access to web interface of Asus RT-AC66U works perfectly fine. Edited October 18, 2013 by Webslinger Link to comment Share on other sites More sharing options...
King Grub 5 Posted October 22, 2013 Share Posted October 22, 2013 (edited) Hello, I would just like to chime in and say that I am experiencing something familiar. I am using a NETGEAR 3700 router, and after upgrading to Nod32 v7 yesterday, the router configuration page (routerlogin.net) quite often hangs at "transferring data from..." and I have to repeatedly click the option in the interface I want. I get into the interface, but it keeps stalling like described above with Nod32 v7 installed. Note that I am using Nod32, the standalone AV, not ESS, but it still happens, so it can't be the firewall. Just disabling any or all parts of the protection doesn't help. Uninstalling, however, does. Once I uninstalled v7 and reverted back to the earlier version - *poof* here too - works perfectly fine here too. I was quite convinced my router was dying until I thought of uninstalling Nod32 v7 for testing purposes. And it worked, it definitely was the culprit. Edited October 22, 2013 by King Grub Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted October 22, 2013 Administrators Share Posted October 22, 2013 If disabling protection modules, protocol filtering and HIPS / self-defense (followed by a computer restart) doesn't make any difference, try renaming C:\Windows\System32\drivers\eamonm.sys and ehdrv.sys in safe mode, one at a time, and then try to reproduce the issue. Let us know about your findings. Link to comment Share on other sites More sharing options...
Webslinger 2 Posted November 11, 2013 Author Share Posted November 11, 2013 (edited) Bottom line is default Eset SS settings on 3 different systems doesn't let me access an RT-AC66U through its web interface with Eset SS 7, whereas Eset SS 6 on default settings does. I suggest this is a serious problem If disabling protection modules, protocol filtering and HIPS / self-defense (followed by a computer restart) doesn't make any difference This doesn't make any difference. Edited November 11, 2013 by Webslinger Link to comment Share on other sites More sharing options...
Webslinger 2 Posted November 11, 2013 Author Share Posted November 11, 2013 (edited) try renaming C:\Windows\System32\drivers\eamonm.sys and ehdrv.sys in safe mode, one at a time, and then try to reproduce the issue. Let us know about your findings. This also doesn't make any difference. Renaming the first file kills real-time system file protection. Renaming the other file kills HIPS. No change. You may be able to access the router briefly for 10 seconds, if you're extremely lucky, but afterwards, you get constant timeouts. I think it's time for Eset to get one of these routers in and do some testing. Edited November 11, 2013 by Webslinger Link to comment Share on other sites More sharing options...
Arakasi 549 Posted November 12, 2013 Share Posted November 12, 2013 I noticed some reports similar that after installing ESET their drivers for network adapters are broken or corrupted. My suggest for testing would be to go to device manager after install, and unable to access router, and delete the network adapters and drivers/software, then reboot your machine. Let windows reinstall, or install your drivers from latest off vendor site and see if it corrects the issue ? Just a suggestion Link to comment Share on other sites More sharing options...
Webslinger 2 Posted November 12, 2013 Author Share Posted November 12, 2013 (edited) I noticed some reports similar that after installing ESET their drivers for network adapters are broken or corrupted. My suggest for testing would be to go to device manager after install, and unable to access router, and delete the network adapters and drivers/software, then reboot your machine. Let windows reinstall, or install your drivers from latest off vendor site and see if it corrects the issue ? Just a suggestion Uninstalling and reinstalling network drivers makes no difference. More importantly, this issue is occurring across every single computer I've tested on. Uninstalling Eset 7 and downgrading to Eset 6 fixes the problem. Every single time Also, I should note all systems are using Windows 8.1 Pro x64. Also using an Asus USB-AC53 wireless adapter (but I've used other wireless adapters). Lastly, I've asked a network admin (somewhere else) if he can reproduce the issue. He has (with another Asus RT-AC66U). Edited November 12, 2013 by Webslinger Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted November 12, 2013 Administrators Share Posted November 12, 2013 Before reproducing the issue, please enable "Advanced pcap logging" in the IDS setup -> Troubleshooting. When you reproduce the issue, compress the log C:\ProgramData\ESET\ESET Smart Security\Diagnostics\EpfwLog.pcapng and send it to me for analysis. Link to comment Share on other sites More sharing options...
Webslinger 2 Posted November 12, 2013 Author Share Posted November 12, 2013 Before reproducing the issue, please enable "Advanced pcap logging" in the IDS setup -> Troubleshooting. When you reproduce the issue, compress the log C:\ProgramData\ESET\ESET Smart Security\Diagnostics\EpfwLog.pcapng and send it to me for analysis. Done. Link to comment Share on other sites More sharing options...
zolar 0 Posted November 13, 2013 Share Posted November 13, 2013 I also encountered the same problem which unable to access the Asus' router admin page. I also own both Asus RT-AC66u and USB-AC53, running Windows 7 64bit with Eset SS version 7. I can access the Asus router admin page using iPad without any problem. Link to comment Share on other sites More sharing options...
Webslinger 2 Posted November 13, 2013 Author Share Posted November 13, 2013 I also encountered the same problem which unable to access the Asus' router admin page. I also own both Asus RT-AC66u and USB-AC53, running Windows 7 64bit with Eset SS version 7. I can access the Asus router admin page using iPad without any problem. Yeah, this is a pretty serious problem that Eset needs to address. And actually, the model of the wireless adapter doesn't matter (appears to timeout using anything). Link to comment Share on other sites More sharing options...
Webslinger 2 Posted November 20, 2013 Author Share Posted November 20, 2013 Is this problem being looked into at all? Link to comment Share on other sites More sharing options...
zolar 0 Posted November 29, 2013 Share Posted November 29, 2013 My license is going to expire very soon, I will change my anti-virus software to Avast if there is no resolution before that. Seriously, very disappointed if ESET unable to fix this problem. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted November 29, 2013 Administrators Share Posted November 29, 2013 It seems to be the same issues as discussed here. Please continue in that thread so that the discussion is kept at one place. I assume that the problem is with Asus routers not adhering to rfc standards for http communication which may cause issues in conjunction with ESET's http scanner. Providing us with special logs for troubleshooting should help us pinpoint the issue, As a workaround, you may want to exclude the IP address of your router from content filtering. Link to comment Share on other sites More sharing options...
Webslinger 2 Posted November 30, 2013 Author Share Posted November 30, 2013 Actually adding the router as an IP exclusion doesn't help either. I've tried about 4 other AV programs including Eset 6--and only Eset 7 causes this problem. Link to comment Share on other sites More sharing options...
muzicengineer 0 Posted November 30, 2013 Share Posted November 30, 2013 I added my router's IP address to Excluded IP addresses under protocol filtering in Web and Email. That solved the prob for me. I had something similar like this happen with Eset and slingbox in version 6. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted December 1, 2013 Administrators Share Posted December 1, 2013 Actually adding the router as an IP exclusion doesn't help either. I've tried about 4 other AV programs including Eset 6--and only Eset 7 causes this problem. That should work provided that the correct IP address was added correctly to the list of addresses excluded from protocol filtering and disabling web protection or protocol filtering solved the issue. Perhaps you could post a screen shot of your list of addresses excluded from protocol filtering as well as a screen shot of the router's setup page with the address bar included. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted December 1, 2013 Administrators Share Posted December 1, 2013 I added my router's IP address to Excluded IP addresses under protocol filtering in Web and Email. That solved the prob for me. I had something similar like this happen with Eset and slingbox in version 6. Please check your pm. I've sent you instructions for generating logs that will help us pinpoint the issue. Link to comment Share on other sites More sharing options...
Recommended Posts