Nightowl

HTTP/3, based on QUIC, is the third major version of the Hypertext Transfer Protocol (HTTP) and was adopted as an IETF standard in 2022. QUIC+HTTP/3 were created to solve inherent limitations with TCP that constrain performance and user experience. - From NGINX website

Most likely due to a vulnerability found in that file. ESET designates them as unsafe because a malicious actor can exploit them depending how vulnerable they are.

It's the BIOS package or the updater which is vulnerable , updating to more recent BIOS version will make ESET go quiet It's just mad about the BIOS/driver whatever this is , because it's vulnerable , you can exclude the detection so ESET can be quiet about it , or just update the BIOS/drivers(more recommended) which will fix the vulnerability and make ESET go quiet. But I think ESET is mad about the downloaded files of the BIOS , removing them will get rid of the detection, if the detection was from the BIOS itself , we will see another location in the message.

Better to keep it behind a Firewall protected and allow only specific IP addresses to be able to connect to the domain controller , this is more secure approach. I am also almost sure that the port is open Otherwise the said IP won't be able to reach , or in another scenario there has to be a reverse shell for it to be open a way for bad guys to get in , but I still believe in the first scenario , port is enabled.

Is bing toolbar installed from Edge? Edge tries to force Bing bar on the Desktop

I don't know exactly why the installer cannot run , an ESET staff can help more than me But I have a suggestion to upgrade your Windows 10 to more recent Windows 10 version because 20h2 is out of support.

I believe slow downloads are related to Blizzard(Battle.net) themselves It's not only you , as Battle.net is buggy when you open Download Limit , try to go for no limit If not limited , try to limit it to half of your internet speed or even more or even above your download connection speed. ( sounds stupid I know , but their limit is buggy or used to be buggy ). And it can be their servers are just feeling tired and there isn't enough speed for everyone , I don't know how are their servers located , but your location can also make an affect. I know because I experienced this with high speed connections , with ESET and without ESET with different locations.

Done I sent you a PM

Run the log collector of ESET ?

Ubuntu Mate 22.04 , same as other desktops/server which are working normally.

I understand , thanks for the explanation , I installed the dependency I cannot get the GUI to run , I have this error in systemctl econnd[1774]: ESET Endpoint Antivirus Error: Invalid request: Function not implemented I restarted eea service eea[4375]: ESET Endpoint Antivirus error: Can't start GUI for user vm. Please log out and log in to start GUI for vm I logged in and out Should I try to reinstall again? I have other machines that run same endpoint and linux server but didn't have those troubles , it's weird , and I also noticed if I open the Secure boot , the protections cannot open , am I doing something wrong?

Hello , I used kernel 5.15 and it worked fine , I don't know if this KB can solve it with 6.5 I didn't try because I already removed 6.5 kernel. Thank you.

What happens if you block the Camera Access to Edge from Privacy Settings in Windows 10/11?

Hello , I couldn't dig much into it , I will do so soon and give logs, but I have a question , ESET Protect shows fatal error on starting the product , its installed but cannot start , but I think it could be because of kernel 6.5 of 22.04? I should downgrade to Kernel 5.15 for it to work normally Is it true?

More info about the IP : https://app.crowdsec.net/cti/80.66.88.215 I think what is ESET blocking is the brute force attempts or scanning , I believe you have ports opened on the internet , 135 is one of them , svchost.exe answers on that port.

Hello brother May I ask you if there is an open RDP/SMB/HTTP port enabled to the WAN ? As for port 135 it's related to RDP , is it open to the internet? I ask because in VirusTotal analysis it shows that this IP tries to brute force SMB RDP , DDOS HTTP. https://www.virustotal.com/gui/url/d8612bf4479489b5c1b23a2194531469ac8673a0cb359dc0be69d3464a8c48e5/detection

You are welcome There is a topic about it here also :

Try to update the Lenovo tools to a more recent version if that doesn't fix the ESET detections then you can ignore it or proceed to remove the Lenovo tools Unsafe detection with Lenovo probably means what has been detected is vulnerable therefore ESET doesn't like it because it can be exploited to infect the machine. I've googled about the OneKey Optimzer , It's related to the battery management in the Laptop, if there is no recent version with the vulnerability that ESET is mad about fixed , then I would ditch that and use Windows internal power management.

True and shouldn't be open as your home network doesn't serve DNS to people outside.

You are welcome About port 53 , try to check that device and see the firewall rules for port 53 TCP , it shouldn't be open for DNS unless that device serves something or it's open by mistake.

Yes while connected from LAN , see your IP from whatismyip websites , then disconnect from your WIFI home , and then scan the WAN IP that you got from the website , it should how you the results from Outside > to your side I think inside the LAN , since it's trusted , ports can communicate with eachother unless it's instructed by the personal firewall on the devices (like ESET or windows firewall) to disable certain ports from communicating.

I don't know this application , but try to use LTE/4G connection when attempting to scan your IP , that will show your firewall that you are outsider scanning , scanning from the LAN to WAN IP , will show wrong results if I am not mistaken.

May I ask how did you scan? did you use Nmap for example or ESET built in scanner?

Also to save yourself the QA (Testing) which isn't your task to do so Maybe easier just to switch to ESET VPN or ProtonVPN(offers free servers/countries also) and for blocking ads , just use uBlock Origin for your browser Saves you the hassle and headache to fix those bugs.

I believe now ESET should be able to detect stuff , you can test it with an EICAR test file from EICAR official website I've read now that in a recent FortiOS firewall version 7.2+ , it's able to scan the QUIC protocol but it was never able and the solution was to block QUIC through App Control , same applies to Palo Alto firewall , but I don't know if they added the function to scan QUIC protocol or not. So could be security software solutions like ESET and other companies will follow the path soon.