Jump to content

Archived

This topic is now archived and is closed to further replies.

Recommended Posts

4 hours ago, Blackbox88 said:

Turn Windows Defender OFF haha 

Maybe the guy wanted to write: install a better AV app that turns Defender off.

In the secondary school I was always confused by greatly honored poets when I was trying to figure out what they thought of behind their pointless sentences. LOL

Share this post


Link to post
Share on other sites
4 hours ago, itman said:

What we really haven't talked about is the origin of the problem which is:

Quote

What is causing these errors is a hidden Chrome extension called Chrome Media Router that automatically scans a network for Chromecast devices when the browser starts.

Where does the above quote come from?

4 hours ago, itman said:

Here's a detailed analysis of a recent malware that exploited Chrome Media Router:

Well, I would not call it "recent" as it dates back to January. Do you suppose this bearded malware was able to remain invisible for Eset? I do hope you are not right. It would be a nightmare.

Share this post


Link to post
Share on other sites
1 hour ago, lamar said:

Maybe the guy wanted to write: install a better AV app that turns Defender off.

In the secondary school I was always confused by greatly honored poets when I was trying to figure out what they thought of behind their pointless sentences. LOL

hahahaha so true

Share this post


Link to post
Share on other sites
11 hours ago, lamar said:

Where does the above quote come from?

From the bleepingcomputer.com link in regards to Kaspersky like issues I posted previously.

11 hours ago, lamar said:

Do you suppose this bearded malware was able to remain invisible for Eset?

Eset along with most VirusTotal AV vendors detect the Trojan. None from what I can tell, detect any of the malicious JavaScript's it uses.

Bottom line - unless browser based Chromecast is used, the Chrome Media Router extension should remain in its default disabled state.

Share this post


Link to post
Share on other sites

Thank you @itman your posts truly contribute to clarity.

Share this post


Link to post
Share on other sites
1 hour ago, itman said:

Bottom line - unless browser based Chromecast is used, the Chrome Media Router extension should remain in its default disabled state.

Realized this might be misinterpreted.

Based on what I have read, once the Media Router extension is enable in Chrome via use of the Chromecast  casting feature, the extension remains permanently enabled. As such, you remain vulnerable to any attack misusing it.

Share this post


Link to post
Share on other sites

I just found the same that ESET NOD 32 Antivirus is blocking Chromecast but only when using Google Chrome latest version. The reason is that Google Chrome now access the Chromecast unit on port 8009 using TLS. By disabling HTTP scanner in Settings->Internet protection->Web Access Protection->Web Protocol I got Google Chrome to detect my Chromecast unit. It would be very nice if it was possible to define ports not to be scanned in ESET. Currently it just says 443, 0-65535 i.e. all ports. Any knows if I can define ports not to be scanned.

Share this post


Link to post
Share on other sites

If it works with 0-8008, 8010-65535, use these ranges. Here I suggested more exclusions as per Google's KB article:

Please check my previous suggestion at

Probably within this week a newer version of the Internet protection module 1375 will be available on the pre-release update channel which will address the issue without defining any exclusions in your ESET product. If everything goes well, the module will be distributed to all users afterwards.

Share this post


Link to post
Share on other sites
1 hour ago, Marcos said:

If it works with 0-8008, 8010-65535, use these ranges. Here I suggested more exclusions as per Google's KB article:

Please check my previous suggestion at

Probably within this week a newer version of the Internet protection module 1375 will be available on the pre-release update channel which will address the issue without defining any exclusions in your ESET product. If everything goes well, the module will be distributed to all users afterwards.

Thank you Marcos for the update! 

Share this post


Link to post
Share on other sites
1 hour ago, Marcos said:

Probably within this week a newer version of the Internet protection module 1375 will be available on the pre-release update channel which will address the issue without defining any exclusions in your ESET product. If everything goes well, the module will be distributed to all users afterwards.

good news

Share this post


Link to post
Share on other sites

I switched to get pre-release updates

Share this post


Link to post
Share on other sites
2 hours ago, Marcos said:

0-8008, 8010-65535

I would suggest 443, 0-8008, 8010-65535.

It appears the developer set the HTTPS scanning to initially trigger on port 443 and then check for any port directed MITM proxy activity on any other ports which BTW, is what this Eset modification is all about. This processing was initially borked and all processes were being detected and added to the list of SSL/TLS protocol scanned processes. Based on recent testing, it appears the all processes HTTPS scanning has been corrected. I am observing only processes listed that originally connected via port 443.

Share this post


Link to post
Share on other sites

I just uninstall ESET because of this problem - how can we get the new version module or get informed that problem is fixed ?

Share this post


Link to post
Share on other sites
20 minutes ago, lucien said:

I just uninstall ESET because of this problem - how can we get the new version module or get informed that problem is fixed ?

You can enable pre-release updates in the advanced update setup in order to get the new module as early as possible, probably by the beginning of next week.

However, a very similar workaround is by editing the list of HTTPS ports and changing it to "0-8008, 8010-65535" (without quotation marks).

Share this post


Link to post
Share on other sites

I dont have acces to the router - ISP have restricted it. Last night i reinstall last ESET kit from official server and now works OK. Chromecast is visible. 

Later - that didnt last long - now cast destination not found :)

 

I finally found where to edit https ports from settings of ESET AV - now problem solved

TY Markos!

Share this post


Link to post
Share on other sites

Im having this problem too.  For me this is terrible...I am a personal trainer and I use chromecast to cast the days workout into my 2 classrooms.  I can't operate without it.  When will this be fixed?

Share this post


Link to post
Share on other sites
51 minutes ago, Rsladeasu said:

Im having this problem too.  For me this is terrible...I am a personal trainer and I use chromecast to cast the days workout into my 2 classrooms.  I can't operate without it.  When will this be fixed?

If you read the discussion above, the solution is to change the list of HTTPS ports to ranges 0-8008,8010-65535

image.png

Share this post


Link to post
Share on other sites
11 hours ago, lucien said:

I dont have acces to the router - ISP have restricted it. Last night i reinstall last ESET kit from official server and now works OK. Chromecast is visible. 

Later - that didnt last long - now cast destination not found

This is discussed here a few days ago. Downloadable version does not contain the most up-to date protection. That's why you were able to cast. After the installation Eset immediately started an update procedure, and when finished, Chromecast is over. That's normal.

I wrote a step-by step workaround guide on 27 July . You can find it on Page 4.

If it helped you, then upvote it please. This will help other guys to find the easiest workaround who do not want to read the whole thread.

Share this post


Link to post
Share on other sites
1 hour ago, Rsladeasu said:

I am a personal trainer

I wrote a step-by step workaround guide on 27 July . You can find it on Page 4.

If it helped you, then upvote it please. This will help other guys to find the easiest workaround who do not want to read the whole thread.

Share this post


Link to post
Share on other sites
On 7/26/2019 at 6:30 PM, lamar said:

I truly hope the bugfix will come soon. However you really do not need to wait for that. Do the following step by step:

01. Open Eset console |

02. Click "Setup" |

03. Click "Advanced setup" |

04. Click "Web and email" |

05. Click " Web access protection" |

06. click "Web protocols" |

07. Now you are on the right place |

08. Focus on "Ports used by HTTPS protocol" |

09. You have to see the text "443, 0-65535" in the input field. |

10. Replace the text with "443, 0-8008, 8010-65535" (of course, without quotes) (you can copy-paste) |

11. Press "OK" |

12. If Windows asks for permission, press "Yes" |

13. Close ALL instances of Chrome |

14. Reopen Chrome |

15. Connect to your Chromecast |

16. Success!

After the bugfix will have been rolled out, you can reset the original text you modified.
 

Work around for everybody who doesn't want to read the whole thread! 
Please also upvote it! (On page 4)

All credits go to Lamar!

Share this post


Link to post
Share on other sites
42 minutes ago, Blackbox88 said:

Work around for everybody who doesn't want to read the whole thread! 
Please also upvote it! (On page 4)

All credits go to Lamar!

I have not used the "Work around" yet, as I thought someone mentioned that if I changed the HTTPS protocol, it would leave my computer vulnerable to attack. Did I misunderstand?

I'm thinking I should just wait till ESET fixes the issue with another update. Am I right? Plus I hope they get around it soon. 

Share this post


Link to post
Share on other sites
1 minute ago, AnnaJuist said:

I have not used the "Work around" yet, as I thought someone mentioned that if I changed the HTTPS protocol, it would leave my computer vulnerable to attack. Did I misunderstand?

I'm thinking I should just wait till ESET fixes the issue with another update. Am I right? Plus I hope they get around it soon. 

Offcourse every exeception will leave you computer vulnerable however this wasn't in the previous version of ESET, which didn't gave any issues, also as you only open one port the risk from my point of view is still low.

Have a good back up of your computer stored somewhere and you are good.

I am running with the workaround and all is going good :)

Share this post


Link to post
Share on other sites

The "fix" was working...but today it stopped working again!  WTF.  I hate this

Share this post


Link to post
Share on other sites
1 hour ago, Rsladeasu said:

The "fix" was working...but today it stopped working again!  WTF.  I hate this

Try excluding both ports 8008 and 8009. So the range specification would be;

443, 0-8007, 8010-65535

Share this post


Link to post
Share on other sites
2 hours ago, Rsladeasu said:

The "fix" was working...but today it stopped working again!  WTF.  I hate this

Can you screenshot the range of ports you exclude? 

Here it is still working.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...