itman

Out of curiosity, connect to this speed test web site which is also in the U.S. and see if any alert is generated http://speedtest.att.com/speedtest/

Yes in this case.

Then obviously don't connect to https://www.speedtest.net/ .

I have no problems with https://www.speedtest.net/ using IE11. But I am also in the U.S. and you are in Israel. Obviously, routing to the web site via Internet backbone is different for you. Try using a few different browsers and see if the Eset alert issue persists. If it does in all browsers, the next step is to contact your ISP provider and have them do a line test on your Internet connection.

A few other strange things I have noticed in regard to the Eset forum web site lately. I have begun receiving an error message from the site when I log off. Not always but something not observed in the past. I was having issues logging onto to the site although this seems to have disappeared recently. I would have to log in two and sometimes three times before the logon registered. Believe Cloudfront might have locked down the site a bit too much.

Please enter the URL for the speed test web site.

If your PC is not receiving frequent Eset alerts on this regard, I would say so. On the other hand if the alert appears randomly without the browser open for example, I would say further examination would be required.

Probably the same company since Eset also blocks this URL.

I just played a couple of uTube videos using IE11that were accessed via Google search lookup. No alerts from Eset whatsoever. It appears the problem is related to neither of these sources directly. But rather, by whatever web site being accessed by users to then access uTube that is causing the Eset alert.

https://www.merriam-webster.com/dictionary/nefarious

Tackled this another way. Eset Filtered Web Site log equates us.cssvsync.com to IP address, 88.214.193.110. Using that IP address for a Robtex lookup yields: A server located in the U.K. Next entered the same IP address into IPVoid which yielded: All this indicates that any DNS server routing to us.cssvsync.com FQDN is most likely nefarious.

As best as I can determine, us.cssvsync.com is not a publicly routed domain name. In other words, it does not resolve DNS-wise to anything I have tried. So there is no way to verify what Eset is detecting.

Assumed is the web site you are viewing the utube video on is trying to redirect you to us.cssvsync.com. Try playing a utube video from another web site and see if the same Eset alert is displayed. If no alert is displayed, the problem is the web site where you attempted to play the first utube video.

I wonder if this is related to your manually disabling Windows Defender. Note that Eset at installation time normally disables WD. You didn't mention what Win OS ver. you are using, but adhering to correct installation procedure would be most critical on Win 10 due to the Windows Security Center interface factor. What you might try to do is uninstall Eset EAV. Reboot. Reverse what you did to disable WD and ensure it is fully functional. Reboot. Then reinstall EAV. Verify that WD has been disabled and Windows recognizes EAV as the only realtime AV active. Finally, verify that Eset is fully functional.

Refer to this recent thread in regards to the same issue with that URL: https://forum.eset.com/topic/19450-reddit-site-block/ . In this case, OP determined the blocking was related to AdBlock activity.

I guess the forum went "incognito" mode?

Appears /private/var/vm is used as some type of virtual memory swap disk on MacIntosh's: https://www.bleepingcomputer.com/forums/t/682395/what-is-the-purpose-of-this-vm-folder/ Remember that Google search is "your best friend" on questions like this.

Eset's detection is correct. Did initial scan at URLVoid.com. That yielded Dr. Web detecting it as malicious. Viewed Quttera's analysis there and it showed a possible malicious status. So scanned the site at Quttera's web site which yielded the following: https://quttera.com/detailed_report/maxsecureantivirus.com

Again, NordVPN has an option associated with the kill switch where you can specify what apps it applies to: https://www.addictivetips.com/vpn/best-vpns-kill-switch/

This just started today. All I see is myself?

The Eset ELAM driver is Eset's version of the default ELAM driver used by Windows Defender in Win 10. The acronym stands for "Early Launch Anti-malware." It's purpose it to load itself prior to any non-device kernel mode drivers loading so that it can inspect any malicious activities originating from those app drivers. Once boot and driver load processing is completed, the ELAM driver auto unloads itself since it is no longer needed. Hence the reason why the service associated with the driver always shows a stopped status. Also as far as I am aware of, the Server 2012 OS does not use the ELAM driver; only Win 10 and possibly the latest Server OS vers.. Therefore, it should always remain in the stopped status as far as its applicable service status is concerned. Note: the ELAM driver interfaces with an OS kernel component. As far as I am aware of, that component is only present on Win 10 and again, possibly the latest Win Server OS release. -EDIT- Correction. ELAM driver is indeed used on WIN 8 and Server 2012. Ref.: https://docs.microsoft.com/en-us/windows-hardware/drivers/install/early-launch-antimalware Here's an article with a detailed explanation on how the ELAM driver works: https://blogs.technet.microsoft.com/dubaisec/2016/05/09/elam-driver/

Correct. The problem is what about necessary periodic Windows OS network communication? For example, auto checking for Windows Updates, Win Store and System packaged updates on Win 10, etc., etc.. Appears that you still might be using Win 7. Win 10 is extremely "chatty" when it comes to Internet activity.

Getting back to the original Eset alert elapsed time display, I couldn't find a user manual on the web for ver. 7 Smart Security. But I did find one for ver. 8 which I assume is the same in regards to alert elapsed time display: https://download.eset.com/manuals/eset_ess_8_userguide_enu.pdf Note the setting highlighted in red. In the "Configure notifications" section should be a setting which alert display time can be increased in value. Alternatively, you can just uncheck the option highlighted in blue which will keep alerts displayed until they are manually closed.

Eset kernel and firewall processes for ver. 12.1.34 use approx. 90K of memory on my Win 10 x(64) 1809 build as shown in the below screen shot. Assumed is memory usage will vary depending on Win OS ver. used.

Getting back to the default Windows client VPN connection. Microsoft created this as a simply means to establish a point-to-point tunnel connection to an external network; namely your employer's network for example. The public VPN services all use their own VPN client. This is most likely the installation of a mini-port filter driver for the existing device network connection. Use of such a driver gives the capability for example to block all traffic from the network adapter that is not VPN related.