itman

It appears you are downloading Eset Internet Security versus NOD32. Assuming you have been issued an Eset license key, you can download the most recent version of NOD32 from here: https://support.eset.com/en/kb2885-download-and-install-eset-offline-or-install-older-versions-of-eset-products . Then activate it using the license key option.

This Steam supply chain issue might also be the culprit: https://www.bleepingcomputer.com/news/security/steam-enforces-sms-verification-to-curb-malware-ridden-updates/

For starters, do a hard reset on your router and see if that resolves the issue.

The screen shots you posted show IP address 192.168.0.10? In any case, here's Eset's knowledge base article: https://support.eset.com/en/kb2933-arp-icmp-or-dns-cache-poisoning-attack-in-eset-home-products-for-windows on how to create an IDS detection exclusion for 192.168.0.10.

Did you modify Eset default firewall rules? Refer to this thread: https://forum.eset.com/topic/39039-eset-firewall-and-steam/ . In this instance, the poster set Eset firewall to learning mode. In other words, Steam had unrestricted network access to the poster's device.

Refer to below screenshot: https://support-eol.eset.com/en/trending_eol_products.html

This won't work for this app: https://forums.lenovo.com/t5/Enterprise-Client-Management/Lenovo-Vantage-Enterprise/m-p/5016572?page=1#5181855

The real question is why is this Eset service being invoked on Eset consumer versions: https://help.eset.com/protect_admin/11.0/en-US/epns.html ?

No one else at VT detects this .pdf as malicious.

Did you verify that these two programs are identical;; that is the hash value for both are identical?

Inbound UPnP traffic; i.e. port 1900, UDP, is a security risk; especially if originating from the router. Most ISP issued routers no longer perform that type of network traffic. You can stop this type of traffic by disabling Win SSDP service. I have w/o any subsequent issues occurring. Alternatively, you can disable UDP PnP processing on the router. Unless you really know what you are doing, I would not override Eset firewall inbound blocking

My suggestion here to allow for manual user entry of their financial web sites. I was surprised to see that option removed. Also, it was my previous understanding that only Eset whitelist web site redirection would be the only function deprecated.

All the blocked entries are for inbound network traffic from svchost.exe. They are also all UDP protocol related. Have you modified Eset default firewall rules or added new firewall rules?

Other security solutions detect malware on this web site: https://www.virustotal.com/gui/url/b46e440427a1adca8708e0d7ae228ff3380b47975ae146cc749f610ffea6357e

The no. of accounts varies by Eset in-country provider. In the U.S., it's a minimum of 10 licenses! Also as a FYI, what Eset is doing marketing-wise is not unique among AV solutions. BitDefender's VPN solution also has a 10 license minimum purchase: https://www.bitdefender.com/solutions/premium-security.html .

As far as WindScribe VPN goes, they do offer a "not to bad" free version and other options to lower its paid version cost: https://www.techradar.com/reviews/windscribe

Someone at malwareips.com noted it's WindScribe: https://malwaretips.com/threads/eset-v17-0.127074/post-1066689 .

You should also purchase an Eset consumer product of your choice. All Eset products will prompt you upon insertion of removable media to scan the drive for malware which is a necessity when the drive has been used on any external device.

I installed ver. 17.0.15 yesterday from scratch after uninstalling same and it appears to have fixed the memory usage problem. Now ekrn.exe stays at 40 - 50MB.

This is not going to get resolved until you post the Eset logs @Marcos requested. Only Eset moderators can access forum attachments.

If Secure all Browsers enabled was All Extensions specified for Extension installation mode per below screen shot?

Disable Browser Privacy & Security in Eset GUI and Eset's extension will not install in any supported browser.

From a developer's point of view, it was probably one of the worst features Eset implemented. It required constant maintenance of an internal whitelist of known banking and select financial web sites with constant forum postings for some web site not being included. Bottom line is Eset wants you to always run in Secure all browser mode since it eliminates all the above. If you chose not to do so, B&PP standalone mode still exists accessible from Win desktop icon or within the Eset GUI.

It has been noted multiple times in past forum postings by Eset moderator that B&PP redirection would be removed in future Eset versions. The more recent of these postings stated it would be removed in ver. 17 as noted below;

Only for Firefox. Eset doesn't support Brave browser.