ESET Online Help

Search English
Select the topic


Detection engine guards against malicious system attacks by scanning files, emails and network communication. If an object classified as malware is detected, remediation will start. Detection engine can eliminate it by first blocking it and then taking action such as cleaning, deleting or moving to quarantine.

Real-time & Machine learning protection

Advanced machine learning is now a part of the detection engine as an advanced layer of protection, which improves detection based on machine learning. Read more about this type of protection in the glossary. You can configure Reporting and Protection levels of the following categories:


A computer virus is a malicious code prepended or appended to existing files on your computer. However, the term "virus" is often misused. "Malware" (malicious software) is a more accurate term. Malware detection is performed by the detection engine module combined with the Machine learning component. Read more about these types of applications in the glossary.

Potentially unwanted applications (PUAs)

A Potentially unwanted application is a software with an intent not unequivocally malicious, however; it may install additional unwanted software, change the behavior of the digital device, perform activities not approved or expected by the user or has unclear objectives.

This category includes advertising display software, download wrappers, various browser toolbars, software with misleading behavior, bundleware, trackware, etc. Read more about these types of applications in the glossary.

Potentially suspicious applications

Is a software compressed with packers or protectors frequently used to deter reverse engineering or to obfuscate the content of the executable (for example, to hide the presence of malware) by proprietary methods of compression and/or encryption.

This category includes: all unknown applications that are compressed with a packer or protector frequently used to compress malware.

Potentially unsafe applications

This classification is given for commercial, legitimate software that might be misused for malicious purposes. An unsafe application refers to legitimate commercial software that has the potential to be misused for malicious purposes.

This category includes: cracking tools, license key generators, hacking tools, remote access or control tools, password-cracking applications and keyloggers (programs that record each keystroke typed by a user). This option is disabled by default.
Read more about these types of applications in the glossary.

Read the following before modifying a threshold (or level) for category Reporting or Protection:



By default, the above machine learning protection settings apply to On-demand computer scan as well. If required, you can configure On-demand & Machine learning protection settings separately. Click the switch icon to disable Use real-time protection settings and proceed with configuration.