itman

Did you modify Eset default firewall rules? Refer to this thread: https://forum.eset.com/topic/39039-eset-firewall-and-steam/ . In this instance, the poster set Eset firewall to learning mode. In other words, Steam had unrestricted network access to the poster's device.

Refer to below screenshot: https://support-eol.eset.com/en/trending_eol_products.html

This won't work for this app: https://forums.lenovo.com/t5/Enterprise-Client-Management/Lenovo-Vantage-Enterprise/m-p/5016572?page=1#5181855

The real question is why is this Eset service being invoked on Eset consumer versions: https://help.eset.com/protect_admin/11.0/en-US/epns.html ?

No one else at VT detects this .pdf as malicious.

Did you verify that these two programs are identical;; that is the hash value for both are identical?

Inbound UPnP traffic; i.e. port 1900, UDP, is a security risk; especially if originating from the router. Most ISP issued routers no longer perform that type of network traffic. You can stop this type of traffic by disabling Win SSDP service. I have w/o any subsequent issues occurring. Alternatively, you can disable UDP PnP processing on the router. Unless you really know what you are doing, I would not override Eset firewall inbound blocking

My suggestion here to allow for manual user entry of their financial web sites. I was surprised to see that option removed. Also, it was my previous understanding that only Eset whitelist web site redirection would be the only function deprecated.

All the blocked entries are for inbound network traffic from svchost.exe. They are also all UDP protocol related. Have you modified Eset default firewall rules or added new firewall rules?

Other security solutions detect malware on this web site: https://www.virustotal.com/gui/url/b46e440427a1adca8708e0d7ae228ff3380b47975ae146cc749f610ffea6357e

The no. of accounts varies by Eset in-country provider. In the U.S., it's a minimum of 10 licenses! Also as a FYI, what Eset is doing marketing-wise is not unique among AV solutions. BitDefender's VPN solution also has a 10 license minimum purchase: https://www.bitdefender.com/solutions/premium-security.html .

As far as WindScribe VPN goes, they do offer a "not to bad" free version and other options to lower its paid version cost: https://www.techradar.com/reviews/windscribe

Someone at malwareips.com noted it's WindScribe: https://malwaretips.com/threads/eset-v17-0.127074/post-1066689 .

You should also purchase an Eset consumer product of your choice. All Eset products will prompt you upon insertion of removable media to scan the drive for malware which is a necessity when the drive has been used on any external device.

I installed ver. 17.0.15 yesterday from scratch after uninstalling same and it appears to have fixed the memory usage problem. Now ekrn.exe stays at 40 - 50MB.

This is not going to get resolved until you post the Eset logs @Marcos requested. Only Eset moderators can access forum attachments.

If Secure all Browsers enabled was All Extensions specified for Extension installation mode per below screen shot?

Disable Browser Privacy & Security in Eset GUI and Eset's extension will not install in any supported browser.

From a developer's point of view, it was probably one of the worst features Eset implemented. It required constant maintenance of an internal whitelist of known banking and select financial web sites with constant forum postings for some web site not being included. Bottom line is Eset wants you to always run in Secure all browser mode since it eliminates all the above. If you chose not to do so, B&PP standalone mode still exists accessible from Win desktop icon or within the Eset GUI.

It has been noted multiple times in past forum postings by Eset moderator that B&PP redirection would be removed in future Eset versions. The more recent of these postings stated it would be removed in ver. 17 as noted below;

Only for Firefox. Eset doesn't support Brave browser.

Refer to this Sucuri scan of your web site: https://sitecheck.sucuri.net/results/https/beskidzywiec.pl .

Actually, it's a problem for any AV solution currently performing HTTP/HTTPS scanning. See this posting/thread on the subject: https://forum.eset.com/topic/38340-web-access-protection-and-encrypted-client-hello-ech/?do=findComment&comment=173774 . Appears the only security solution that performs HTTP/HTTPS scanning that has figured out how not to bust ECH tunneling is AdGuard and only if using their DNS servers. -EDIT- "To add to this mystery" the Cloudflare test web site: https://www.cloudflare.com/ssl/encrypted-sni/ is excluded from Eset HTTP/HTTPS scanning which can be verified by mouse clicking on the web site page lock symbol and noting that Eset's root cert. is not shown. However if Eset SSL/TLS scanning is disabled, then the Secure SNI test passes. One possibility is Clouldfare is redirecting to this web site: https://crypto.cloudflare.com/cdn-cgi/trace/ to perform the Secure SNI test. This web site is scanned using Eset SSL/TLS processing.

Steam has instructions here: https://help.steampowered.com/en/faqs/view/66C8-4FF1-8470-B666 when using a firewall.

Based on what is posted here: https://help.steampowered.com/en/faqs/view/2EA8-4D75-DA21-31EB , it appears Steam randomly assigns ports in the ranges specified in the article. Hence, Eset firewall alerts being generated when different ports are being used. You might consider creating firewall rule/s for Steam processes for the port ranges specified. Or, creating generic rules for Steam processes without port specification.