Nightowl

Control them all through ESET Protect and ditch the other AVs or you can keep one vendor as secondary scanner(not real-time) that would make your life easier I think.
ESET and Kaspersky both of them have a great detection/protection rate and good reputation between AVs companies/users
McAfee is just painful software.

Lightshot will give you some kind of offer to a toolbar or something like this but not RAV , I know the installer and yes ESET detects it as PUA but not the application itself , just the installer.
I believe it came from uTorrent if that's the two things you recently installed along with Qbittorrent , since Qbittorrent is open source they won't offer any kind of bloatware or toolbars
in the same time uTorrent does

I don't know what kind of antivirus they offer , but it's better to stay away from it , since qBittorent is much safer option than what uTorrent will throw at you.
BiTorrent and uTorrent are owned by same company , and it's not like what it used to be before the program itself , Deluge or qBittorent is a better option since they are open-source.
Update:
Yes I am correct it is uTorrent , Bittorrent is removed by ESET as PUA upon download , Utorrent isn't , I didn't run it but

Yes in AV-Test , you won't find ESET , You can find for Endpoint version - https://www.av-test.org/en/antivirus/business-windows-client/windows-10/february-2022/eset-endpoint-security-9.0-222112/
Here you will find it also consumer: https://www.av-comparatives.org/

Yes in AV-Test , you won't find ESET , You can find for Endpoint version - https://www.av-test.org/en/antivirus/business-windows-client/windows-10/february-2022/eset-endpoint-security-9.0-222112/
Here you will find it also consumer: https://www.av-comparatives.org/

Please delete HCKU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Screenshot.
It downloads an html file from a blacklisted url via mshta.exe

About Analytics , it would be the same thing for Edge , since even Windows 10 is so hungry for your information and data , Edge will be no different since it's made by the same people and the same vision.
Chromium can be the best among them in terms of the same engine browsers since it's the original and open source
Firefox also is good and won't stick it's nose everywhere you go.

Chrome and Edge would be similar to eachother since they share the same engine , but each company would add their unique features
Firefox focuses on privacy , depending on your needs , but 3 of those should be considered safe.
For me I go with Firefox for all usage , Chromium for things that doesn't work properly , but mainly Firefox.
with uBlock origin and uMatrix ( uMatrix can cause websites to break so it's not recommended to all)

Also Eset IDS protection blocks port scanning by default:

I believe every big company in the size of ESET or another , will have a procedure to make in terms of reporting or support or whatever , they need to move step by step , unless it is urgent bug or vulnerability then they will act with a hot fix like any other company
With ESET being so sensitive about False-Positives , they tend to request all these samples to be sent using tickets or using the official form so they can go to the right hands and get analyzed properly , in the Forum I believe not many ESET staff work here or look as much as there are for Support Tickets , for example once you send to a support ticket , if there was ESET Egypt , then you would be redirected to Egypt's support and not Slovakia/US etc.. that would balance the pressure on the support agents.
Nevermind that is only my imagination , but I think still ESET appreciates that you help them with missing variants or detection not working properly , but I guess it's due to hundrends if not thousands of people send them missing detection or bugs or problems , it would be hard to re-act very fast to them and would require more time digging it and see what causes this.
But I understand your point , that you report a problem and then you have to clarify it a lot to make the other side understand you , but I am sure everyone appreciate your efforts here.

I believe Marcos asked you to contact support via a ticket so the problem can be tracked and not get lost in the forum and one of the support representative can actually help you with the problem or connect a developer for it if it was a serious one/bug , I think ESET appreciate your help here by sending missed examples.

thanks user  installed untrusted software and we have removed

For privacy better to go with Firefox

If I am not mistaken , there are 2 devices on your network that are trying to obtain the same IP Address , that is why you are getting detections of it.

Maybe Adsense gave you some kind of malicious advertising , could be possible.

Affected files will be restored from quarantine after the next update.

Yes also nod32 antivirus will detect the same threats , but it has less features , same as internet security , that makes smart security the one with the most features for home edition
LiveGuard is meant for never seen before files to be uploaded to ESET's sandbox in cloud and then wait for an answer if the file is safe or not , it will not initiate on threats that already have detections

Yes also nod32 antivirus will detect the same threats , but it has less features , same as internet security , that makes smart security the one with the most features for home edition
LiveGuard is meant for never seen before files to be uploaded to ESET's sandbox in cloud and then wait for an answer if the file is safe or not , it will not initiate on threats that already have detections

Entschuldigung, das ich nicht englisch mit ihnen kommunizieren kann. Ich bin 73 und habe es nie gelernt.
Gibt es ein deutsches Forum?

It's more better to bring a firewall or Windows Firewall to whitelist to certain IPs or a VPN IP to connect from to eliminate all the attacks, If it's not possible to do so , then using a firewall like pfSense , OPNSENSE , Fortinet , Palo-Alto etc... , can help take off the attacks with their intrusion prevention services that would block the attacks on the firewall level not the server level which is making the CPU run more and also might bring your server down , or with bad luck a breach could happen.

Pre-launch is for testing purposes , most users are set to regular updates
Pre-launch is given to users who changed the update settings to Pre-launch so they can test the modules before they are publicly released to all users, they tend to do that to minimize problems , because if there was a new module and it was released straight to regular and for example it had a problem , it would impact all ESET users
Pre-launch can save ESET from situations like this.

Your symptoms indicate that your MS SQL server may be compromised.  Some things you will want to immediately do are:
Ensure MS SQL Ports are not exposed to the internet.  Typically this will be port 1433 but could be a different port. Audit existing MS SQL user accounts and disable and/or reset the password for all accounts (may need to do this for Windows accounts too as MS SQL can allow the use of Windows Authentication for management) Generate ESET Log Collector logs Check for the following SQL Settings being enabled as they can be abused by attackers:
'xp_cmdshell' - Allows SQL to execute external applications like CMD.exe or Powershell.exe or other 'Ole Automation Procedures' - Allows SQL to execute OLE (similar to MS office macros) and can lead to SQL executing external applications, making network connections, etc... 'show advanced options' - Allows advanced features of SQL to be used (this allows the above features to be used). There are multiple ways MS SQL can be leveraged to execute malicious code.  The most popular are:
Stored Procedures - Can be scheduled inside of MS SQL to execute at specific intervals Triggers - There are 3 types of triggers DDL (Data Definition Language) - executes code whenever statements like CREATE, ALTER, DROP are used. LOGIN - Executes code whenever a user logs into the MS SQL system. DML - (Data Manipulation Language - executes code whenever statement like INSERT, UPDATE, DELETE are used. .NET - MS SQL does have the ability to execute .NET libraries, but this is much harder and rarer to see. I will send you a direct message with some more specific pointers on identifying if your SQL Server is currently compromised. 

Is this what you mean?
I believe not being able to uncheck it is not caused by ESET , it can be your User's permission in Windows.

If ESET is still giving detections and communications to the IP that was logged at port 80 , then it's not blocked , because the communication has been made and ESET has blocked/dropped it as suspicious botnet activity , blocking the IP totally for all ports can help prevent further communications to the botnet server.

According to the email content , they look at which update database you currently have and according to that they send these emails , most probably
Second opinion scanners can be like : HirmanPro , RogueKiller , Windows Defender (All can run as second opinion scanners without any real-time components).

Use uBlock origin for your browser (Firefox/Chrome).