Nightowl

Thank you

https://www.eset.com/int/business/download/endpoint-antivirus-linux/ Clicking "Online help guide" directs to here https://help.eset.com/getHelp?product=eeau&version=9.1.4.0&lang=0 which gives Correct link is this https://help.eset.com/eeau/91/en-US/ or this https://help.eset.com/getHelp?product=eeau&version=9.1.4.0&lang=1033 (this second link is taken from AV GUI help link , but still redirects to 9.0 instead of 9.1 , because of the d.o.t.s , instead of '91') like this https://help.eset.com/getHelp?product=eeau&version=91&lang=1033

You can try Smart Security for 30 days trial and then decide for yourself if it suits your needs.

Hello kurco, I'm on Ubuntu 22.04 I will give it a try , thank you

I am looking to sign the kernel module to use with Secure Boot as with it , ESET shuts down(real time protection doesn't function) Is the guide here all I need? : https://help.eset.com/eeau/9/en-US/secure_boot.html Thanks in advance.

You can see a comparision here https://www.eset.com/int/#compare If you are not interested in what Smart Security offers then you are good with Internet Security

If you want to completely rule out ESET being the reason , you can completely uninstall it and try again , if it worked ,then we can say ESET prevented it somehow , if it didn't work , then it is not ESET which is causing this.

Also when you sign in and fail Head to ESET GUI > Setup > Troubleshooting Wizard Do you see anything related to MYOB there?

Pause ESET firewall temporarily , does that application work for you after pause? And check the Network Troubleshooter , it shows there if the firewall is blocking communication to something.

I believe it's due HTTPS protocol , when you enable scanning , it can catch the script , when you disable the HTTPS scanning , it just cannot detect it because it's encrypted connection Because the website is running on HTTPS , for example if it's accessible on HTTP , then the access will again get blocked even if HTTPS scanning is off.

To be more safe , block in your firewall the IP Address that the detections came from 93.115.20.78

That's great Staying with an Operating System that receives updates on regular basis (supported) is much better than using one that got left out of support.

I believe he means the IP addresses that get blocked temporarily for 1 hour or so , RDP attacks or whatever.

Get rid of Windows7 it's better choice , it's like wearing a bullets' vest against rockets , it's not helpful.

Keep in my mind , the longer and more complicated the password is , more time the brute-force will take or might even become impossible if the password is long and complicated enough it would take very long time to finish.

- Upgraded ESET - Upgraded 20.04 LTS to 22.04 LTS All is good , Thanks ESET

You are probably good my friend , if ESET is not detecting anything , probably there is nothing. If you are still unsure of ESET , you can have a second opinion scanner for example like Kaspersky which can also scan UEFI and compare the results , still you don't trust both of them , just flash the firmware and then you are good to go like you bought this motherboard new, still you don't trust the firmware flash , open your window , make sure no one is downstairs , and throw the motherboard like a Catapult But short answer to you , all AntiViruses can only show you that there is threat there but cannot remove it for you , you have to flash a firmware or get rid of the motherboard. But to end your paranoia , most likely you have nothing there , and those rootkits are made specially to spy on high-value targets like Governments , Hospitals , Politicians , high-tech companies , corporations No one will spend long days to make a stealthy rootkit , to infect a person like me , where you only can find games and personal stuff on PC which isn't valuable for the attacker , even if the attacker wants to blackmail me for them , it's pointless , he can take them and have fun and also post it worldwide , it doesn't hurt me It hurts people who have sensitive information like big companies or governments or hospitals who cannot share info about their patients, etc... But a rootkit is very good for a Government that is spying on another Government for an example , that way the rootkit is so helpful for A government , to take information from B government while staying stealthy , we had several examples of governments doing so with different ways not only Rootkits. I doubt there is someone after you that is so much good with malware development and decided to infect you with some Rootkit , or it can be possible you went somewhere wrong and infected yourself with a rootkit But rest your mind , if ESET is not showing you anything wrong or weird , then you are probably good , but still like I said before you can still change the motherboard or flash a firmware again , then you can be sure that there is nothing wrong inside it

It's the only answer you can get , AVs cannot modify inside the BIOS/UEFI , they are limited or it's their choice not to touch since it can damage the whole computer if a mistake is done Flashing a BIOS/UEFI firmware again will get rid of what trouble it had before, sometimes it can introduce bug-fixes AVs can only detect the threats but won't remove it for you You have to flash a firmware to get it removed And don't worry about Paranoid , I understand your feeling when you think that your pc is infected somewhere it's a bad feeling , I know it , getting rid of the motherboard will get you a feeling that you no longer attached to the same firmware but flashing is also good and can work

You can just to the BIOS/UEFI settings and from there you can decide if it's UEFI/BIOS , because it would be written somewhere in the settings. Since you've made multiple topics about threats of UEFI/BIOS, if ESET isn't detecting anything most likely there is nothing there , because those rootkits usually target high-value targets , like governments and stuff like this You can enable Secure Boot , which prevents other stuff from loading on startup like a rootkit/malware in BIOS/UEFI if it's available If you are really sure and paranoid about that UEFI/BIOS chip that it's infected , just throw the motherboard from the Window , it's the most secure option Or flash the UEFI/BIOS from Motherboard's model page from manufacturer website , and after that your UEFI/BIOS is clean , since you flashed it from official manufacturer website If there was something in there , it shouldn't be able to survive the flash.

See here how to run ESET Log Collector https://support.eset.com/en/kb3466-how-do-i-use-eset-log-collector

Your router is different thing, better to keep the router updated with the latest firmware which should fix security issues , if it's not in support anymore and doesn't receive updates , I highly recommend buying a router that has update support WPA2 can be cracked if I am not mistaken, but having a long password can make it harder for the attacker to find it If you feel your WIFI is getting jumped on, first try change the SSID and Password(make it complicated and long) If your router is vulnerable and it's provided by your ISP , you can call them and ask them to replace it with one that have security updates, if not it's better you buy one and let the ISP router stay as Modem (bridge mode) Read more here about WPA2 : https://www.fortinet.com/blog/business-and-technology/wpa2-has-been-broken-what-now A newer router will offer you WPA3 which is better for now , but some devices just doesn't have compatibility with WPA3 especially if they were old A personal firewall on your devices and a hardware firewall(router) should be enough to protect from all these attacks

Depending how is the Rootkit is developed to do so , some of them will drop malware on operating system load , they will load their driver through the firmware or something like this I could be wrong , but someone at ESET or at this forum can be more detailed than me Eset will detect it , but cannot remove it You will have for example if your PC was HP , you will need to go to HP website , download UEFI/BIOS , Flash UEFI/BIOS and then the rootkit shall be gone.

Yes they can load malware into your PC , no matter how much you format the hard disk , they can come back through the firmware. and yes ESET can detect UEFI/BIOS threats and alert you about them

You can name it however you like , UEFI Virus or UEFI Rootkit , end of the day , they are doing malicious work Difference between those and normal viruses that go to operating system , that in Operating System you can remove the virus by using an Anti-Virus or by re-installing Windows When that Virus or Rootkit infects the Firmware , then it can survive formatting the hard disk and stuff like this , and the only way to remove it , is to flash again UEFI/BIOS from Manufacturer website. Even if ESET or whatever Antivirus you were using detected a BIOS/UEFI Threat , it cannot do anything to do it , you have to flash the firmware again from Manufacturer website ESET explains about them more here : https://help.eset.com/glossary/en-US/rootkits.html And about other types

If ESET GUI is empty, I bet a fully un-installation of the product and re-installing will fix this gui problem