ESET Online Help

Select the category
Select the topic

Loaded Modules (DLLs)

The list of all DLLs loaded by this process. You can select all DLLs available on the screen or select individual one and Mark as Safe, Mark as Unsafe, Block, Unblock, Mark as Inspected, Mark as Not inspected them, or click Seen On button to get the list of computers on which these DLLs were seen on by using the buttons located at the bottom of the screen.

The process tree on the right side

The process tree reflects the parent-child relationship between processes where child processes are shown directly beneath their parent and right-indented. Processes that are on the left are orphans, and their parent has exited.

Filtering, Tags and Table options

Use filters at the top of the screen to refine the list of displayed items. Tags are also powerful when searching for a specific computer, detection, incident, executable, or script. Also you can click the gear gear_icon icon for table options to manage the main table.

Click a loaded module to take further actions:


Go to the Executable details tab.


Go to the Statistics tab.


Go to the Detections tab.

Seen On

Go to the Seen On tab.


Go to the Sources tab.


Go to the Block Hashes tab.


Hash from Blocked Hash section is removed.

Mark as Safe

Safe state, many rules determine the risk. Mark as Safe does have an impact on detections. Select the targets you want to mark as safe from target window. Mark as Safe does not necessarily guarantee that a specific module will never be included in detections. There are a few hundred rules, and some raise detections, regardless of which module executed the suspicious action. For example, a popular instance, trusted modules as PowerShell, can do it. Other rules try to evaluate risk based on the module. Such rules consider the “safe” flag. This flag means that the user analyzed the module, and it is unlikely that the module is malicious, so rules assume that the risk is earlier during the evaluation.

Mark as Unsafe

If you marked as safe some executable by mistake, you could use this to unmark it.

Download File

The download window for the affected DLL appears.


Assign tag(s) to a loaded module from the list of existing, or create a new custom tag(s).


Quick filters, depending on the column where you activated the context menu (Show only this, Hide this).