Infiltrations can reach the system from various entry points: web pages, shared folders, email, or removable computer devices (USBs, external disks, CDs, DVDs, and so on).

If your computer shows signs of malware infection, for example it runs slower, often freezes, and so on, ESET recommends doing the following:

1.Click Computer scan.

2.Click Smart scan (for more information, see the Smart scan section).

3.After the scan has finished, review the log for the number of scanned, infected, and cleaned files.

If you only want to scan a certain part of your disk, click Custom scan and select targets to scan for malware.

As a general example of how infiltrations are handled by ESET Endpoint Security for macOS, suppose that an infiltration is detected by the real-time file system monitor using the default cleaning level. Real-time protection attempts to clean or delete the file. If no predefined action is available for the real-time protection module, you are asked to select an option in an alert window. Usually, the options Clean, Delete, and No action are available. Selecting No action is not recommended, since infected files are left in their infected state. This option is intended for situations when you are sure that the file is harmless and has been detected by mistake.

Cleaning and deleting
Apply cleaning if a file is attacked by a virus that has attached malicious code to it. If this is the case, first try to clean the infected file in order to restore it to its original state. If the file consists exclusively of malicious code, it is deleted.

Deleting files in archives
In the default cleaning mode, the entire archive is deleted only if it contains infected files and no clean files. In other words, archives are not deleted if they also contain harmless clean files. Use caution when performing a Strict cleaning scan. With Strict cleaning the archive is deleted if it contains at least one infected file, regardless of the status of other files in the archive.