Eset Ess 6 Userguide Tha

ESET Smart Security 6 ..............................................................................................................................................................
6
............................................................................................................................................................................................ 6
............................................................................................................................................................................... 7
............................................................................................................................................................................................ 7
..................................................................................................................................................................................... 8
...................................................................................................................................................................... 8
............................................................................................................................................................................... 9
.................................................................................................................................................................................. 11
...................................................................................................................................................................... 11
............................................................................................................................................................................ 12
........................................................................................................................................................................ 12
...................................................................................................................................................................... 13
.............................................................................................................................................................................. 14
....................................................................................................................................................................... 14
............................................................................................................................................................. 14
.......................................................................................................................................................................................... 17
................................................................................................................................................................................... 18
............................................................................................................................................................................ 19
......................................................................................................................................................................... 20
ESET Smart Security ................................................................................................................................................... 20
......................................................................................................................................................................................... 22
................................................................................................................................................................. 23
............................................................................................................................................................................. 36
(HIPS) .................................................................................................................................................... 39
............................................................................................................................................................................................ 41
.................................................................................................................................................................................. 42
........................................................................................................................................................................... 43
.................................................................................................................................................................... 44
.............................................................................................................................................................................. 47
- ......................................................................................................................................................... 50
....................................................................................................................................................................................... 51
............................................................................................................................................................................ 52
........................................................................................................................................................................................ 52
...................................................................................................................................................................... 53
....................................................................................................................................................................... 58
............................................................................................................................................................................ 60
........................................................................................................................................................................... 64
.................................................................................................................................................................................. 65
.................................................................................................................................................................... 67
................................................................................................................................................................... 68
................................................................................................................................................................................ 69
............................................................................................................................................................................ 72
......................................................................................................................................................................... 76
............................................................................................................................................................................................ 77
...................................................................................................................................................................................... 78
........................................................................................................................................................................ 79
................................................................................................................................................................................. 80
.............................................................................................................................................................................. 81
ESET SysInspector..................................................................................................................................................................... 82
ESET Live Grid ........................................................................................................................................................................... 82
........................................................................................................................................................................ 83
........................................................................................................................................................................... 85
.......................................................................................................................................................................................... 86
..................................................................................................................................................................... 87
..................................................................................................................................................................... 88
........................................................................................................................................................................ 89
................................................................................................................................................................................ 90
...................................................................................................................................................................................... 90
........................................................................................................................................................................................ 91
..................................................................................................................................................................... 91
.................................................................................................................................................................... 92
................................................................................................................................................................................. 92
................................................................................................................................................................................... 92
....................................................................................................................................................................................... 93
.................................................................................................................................................................................. 94
.................................................................................................................................................................................. 94
............................................................................................................................................................................ 94
........................................................................................................................................................................................ 95
.......................................................................................................................................................................................... 95
......................................................................................................................................................................... 96
........................................................................................................................................................................ 96
ESET SysInspector ......................................................................................................................................................................... 96
ESET SysInspector ................................................................................................................................................ 96
.................................................................................................................................................... 97
................................................................................................................................................................. 103
................................................................................................................................................................................ 104
.............................................................................................................................................................................. 107
ESET SysInspector ESET Smart Security ............................................................................................................... 109
ESET SysRescue ........................................................................................................................................................................... 109
........................................................................................................................................................................... 109
............................................................................................................................................................................... 110
........................................................................................................................................................................... 110
..................................................................................................................................................................................... 110
ESET SysRescue....................................................................................................................................................... 112

...................................................................................................................................................................................... 113
............................................................................................................................................................................. 115
........................................................................................................................................................................... 115
.......................................................................................................................................................................................... 115
.......................................................................................................................................................................................... 116
........................................................................................................................................................................................ 116
......................................................................................................................................................................................... 116
....................................................................................................................................................................................... 117
..................................................................................................................................................................................... 117
..................................................................................................................................................................................... 117
............................................................................................................................................................... 117
............................................................................................................................................................. 118
................................................................................................................................................................... 118
DoS ......................................................................................................................................................................... 118
DNS Poisoning ........................................................................................................................................................................ 118
............................................................................................................................................................................ 118
............................................................................................................................................................................... 118
TCP Desynchronization........................................................................................................................................................... 119
SMB .................................................................................................................................................................................. 119
ICMP ............................................................................................................................................................................ 119
.............................................................................................................................................................................................. 119
....................................................................................................................................................................................... 120
................................................................................................................................................................................. 120
..................................................................................................................................................................................... 120
.................................................................................................................................................................................... 121
ESET Smart Security 6

ESET Smart Security 6 ThreatSense


( SSL) POP3
IMAP
ESET Live Grid
ESET Smart Security
( )

USB, /

HIPS
ESET Smart Security

ESET
80

ESET Smart Security
ESET
Smart Security

ESET Smart Security

ESET ()
(IDS)

ESET Smart Security ESET


ESET

ESET ESET Smart Security 6
( )

6

ESET Smart Security :
Microsoft Windows XP
400 MHz 32 (x86) / 64 (x64)
RAM 128
320
Super VGA (800 x 600)
Microsoft Windows 7, 8, Vista, Home Server
1 GHz 32 (x86) / 64 (x64)
RAM 512
320
Super VGA (800 x 600)
.

:

ESET Live Grid
ESET

Microsoft Windows Internet Explorer

-
:

/

ESET ()
ESET Smart Security
- / .msi

: ESET Smart Security

ESET ( )

ESET Live Grid ESET Live Grid ESET

ESET

ESET Smart Security ESET Smart Security
...

(.msi)
ESET Smart Security

:
1. ESET Smart Security

( )
10

ESET Live Grid
( " ")
C:\Program Files\ESET\ESET Smart Security\

()

Internet Explorer ()

IP URL
(3128 )
Internet Explorer
11

...

:

ESET Smart Security
ESET Live Grid

( " ")
ESET ESET Smart Security

(/ ESET
)

Smart Security
ESET

...
12
...

ESET
:

L ( (1) )
'0' (0) 'o' o

ESET Smart Security
:
1.

2. /
3.

13

ESET Smart Security

ESET Smart Security

ESET Smart Security
:
- ESET Smart Security
-

-
- .
- ESET SysInspector
ESET SysRescue
14
- ESET ESET

ESET Smart Security

15
- :
( )

-
( )
ESET Smart Security ...
-

( )
-
"i"

ESET -
( )

-

-

16
ESET
ESET ESET

ESET Smart Security

17
( ... F5 )

LAN ... .

> >
...

18
ESET Smart Security

:
: RPC

1.

19

3.
.

ESET Smart Security

ESET Smart Security

ESET Smart Security
.
20

:
-
- Microsoft Office Internet Explorer
Microsoft ActiveX
-
/
(//USB...)
HIPS - HIPS
-
- ( )

-

40 140
21

:
- HTTP HTTPS
- POP3 IMAP
-
-
: ( ... (F5) > > >
> )

:
... ESET
( ) .xml
...
>
... ...

...
22
-

..
... - ( )

( )

:
(PUA)

( )

ThreatSense
( ThreatSense)

( )

F5 > >
... ThreatSense

23
( )

:
-
- / USB
-

( )

:
-
-
-
-

> > >
ThreatSense -

(.sfx)
24
( ) 10

ThreatSense -
( )

(USB)
...

( ... )
-

- ( )

-

: ()

25

ESET Smart Security
( > >
> )

eicar.com
EICAR (European Institute for Computer
Antivirus Research) http://www.eicar.org/download/eicar.com
:

(F5) > >

ESET

( )
ESET
26

- ( / /USB)
USB

>

>

( )

-
- USB /
-
-
-
( )

27

... >

ThreatSense ...

UAC

: ( pagefile.sys )

...
-
-
28
-

60

( )

(F5) > > > ...

ThreatSense

:

... :

29
>
...
( )

:
:
( )

( )
:
- ( ,
, winlogon, Windows, dlls )
- (
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run)

- :
-
-
-
-

> >
(
)
( )

( >
)
ThreatSense ... ( )
30

:
1. ...
2.

(?) (*)

"*.*"
"D:\*"
doc "*.doc"
() ( "D") : "D????.exe"
()
:
-
-
(
) >
... -

... -
31
ThreatSense
ThreatSense
( )

ThreatSense
ThreatSense :

... ThreatSense ()
ThreatSense :
ThreatSense
(
)
ThreatSense

-
-
- : DBX (Outlook Express) EML
- : ARJ, BZ2, CAB, CHM, DBX, GZIP, ISO/BIN/NRG, LHA, MIME, NSIS, RAR, SIS, TAR,
TNEF, UUE, WISE, ZIP, ACE
- (SFX)
- ( ) (UPX, yoda,
ASPack, FSG ) ( )
32
- ( )

/DNA/ -
ESET

( )
ESET Live Grid - ESET ESET Live Grid

3 :
-

- ( )

-

: ()

ThreatSense

.edb, .eml .tmp Microsoft Exchange

* () ? ( )

*
?

33

:
-
:
() -
:
- : 10.
-
( ) :

:
:
-

-

ThreatSense
ThreatSense :
(ADS) - NTFS

-

- ( )
-
/
(USB, , , , )
ESET Smart Security
34

"" ( )

( )

( )

35

:
ESET Smart Security
( )

Microsoft Office Internet Explorer Microsoft

ActiveX
Microsoft Office
F5 > >
ESET Smart Security >
Microsoft Antivirus API ( Microsoft Office 2000 Microsoft Internet Explorer

5.0 )

ESET Smart Security (//USB/...)

/

//Blu-ray
USB
USB
FireWire
36
- (/ /USB)

:
-
-
... -
-
...

- (//USB...)
-
-
37
-
-
(Del) -
- (//USB)
- /
-
- ( )
-
- ( ) ( )
: (*, ?)
... /
-
-
-
- :

-
38
(HIPS)
(HIPS) HIPS

HIPS

HIPS (F5) > HIPS HIPS ( / ) ESET Smart
Security
HIPS (F5) HIPS > HIPS HIPS
( / ) ESET Smart Security
: HIPS
ESET Smart Security
HIPS Windows HIPS

:
-
-
-
-

X 14

HIPS ... HIPS

:
1.
2.

3. ( F1).
4.

5.
6.
39

HIPS

40

( / )
HIPS

HTTP, POP3 IMAP

:

:

:
-
... -
41
:
-

... -

... -

... -
ESET Smart Security (F5) >

:
-

( ) -
-

-

- ESET Smart
Security
ESET Smart Security
ESET Smart Security

ESET Smart Security

> > > :
:

42
- :
-

-
-
-
-

-

- ( )

- (HTTP - 80, POP3
- 110 )
IP / - IP
/

- IP

X - ESET Smart Security

ESET Smart Security
()

... ( ) ,

:
- ( )
( ) - (
- ) ( )

- ( )

43

(F5) > >
>
... ...

:
... ( )

(Del)

:
-
-

:
-
-
( ) -
44

/ (+/-) /

/ -
/ -
():
- IP

( )

45
-
-
-
-
-
-
-
-
-
/ -
-
-
46
(Del) -

:
-
-
- ( )
IP
...
...
,
( >
( ))

:
TCP UDP
( Internet Explorer iexplore.exe)
80

( - )

IP
IPv4/IPv6

IP
IP

47
-
IPv4

( IP )
/
IP/ ...
...
/ / ()
( )
...
:
1) ESET
(RSA)
...
( - ) IP, DNS
NetBios ( server_name_/directory1/directory2/authentication)

48
:
PEM (.pem)
ESET ( - )

(.crt)

:

/ IP /

( - )

IP IP

2)

49
-
/ ESET
/
ESET ESET
ESET ( Start > Programs > ESET >
ESET Authentication Server)
( 80)

50

( )

( )

:
-
-
- ( - 80)


ESET
51
ESET :

-

-
- (HTTP, POP3, IMAP
)
-
-
52

POP3 IMAP ESET Smart Security
(POP3, MAPI, IMAP, HTTP)

//
... - //
-
-
-

POP3 IMAP Microsoft Outlook ESET

Smart Security (POP3, MAPI, IMAP, HTTP)
ThreatSense
POP3 IMAP
> >
53
ThreatSense -
...

HTML
:
-
- ( )
-
/ -
( )

- ""
"[]" : "[] " %VIRUSNAME%

ESET Smart Security
> ... > > >

Microsoft Outlook, Outlook Express, Windows Mail, Windows Live Mail Mozilla
Thunderbird ESET

Kerio Outlook Connector Store
(POP3, IMAP)

: Microsoft Outlook, Outlook Express, Windows Mail, Windows Live Mail
Mozilla Thunderbird

-
-
-
54

-
-
-
-

-
-
IMAP, IMAPS
Internet Message Access Protocol (IMAP) IMAP POP3
ESET Smart Security

IMAP
143

SSL
> > SSL SSL
POP3, POP3S
POP3 ESET Smart Security
55

POP3 110

SSL
> > SSL SSL
POP3 POP3S
POP3 - POP3
POP3 - POP3 (110 )
ESET Smart Security POP3S ESET
Smart Security SSL (Secure Socket Layer) TLS (Transport Layer Security)
POP3S -
POP3S - POP3S
POP3S
POP3S - POP3S (995 )

80

() ()

56
( ,
)
ESET Smart Security
:
- /

-
"[SPAM]"
-
-
-
""

- ""
ESET Smart Security (ESET

Smart Security > > > )
-
-
-
-
-
ESET Smart Security Microsoft Outlook, Outlook Express, Windows Mail, Windows Live Mail
Mozilla Thunderbird

ESET Smart Security

ESET Smart Security
""

57

HTTP (Hypertext Transfer Protocol)
HTTPS ( )
ESET Smart Security > >

HTTP, HTTPs
ESET Smart Security
HTTP
(F5) > > > HTTP, HTTPS HTTP/HTTPS
HTTP HTTP 80 (HTTP),
8080 3128 ( )
ESET Smart Security HTTPS HTTPS ESET
Smart Security SSL (Secure Socket Layer) TLS (Transport Layer Security)
HTTPS :
HTTPS -
HTTPS - HTTPS HTTPS
58
HTTPS -
HTTPS 443
SSL
> > SSL SSL

ESET Smart Security
(
)

: ESET Smart Security

URL
URL
HTTP , ,

URL HTTP
URL
... / HTTP

URL HTTPS SSL

* () ? ( )

*
?

59
.../ -
( ) ( )

/ URL
... - ("*" "?")
/ -
... -
ThreatSense
(SSL) > SSL
- HTTP(S), POP3(S)
IMAP(S)
: Windows Vista Service Pack 1, Windows 7 Windows Server 2008 Windows Filtering
Platform (WFP) WFP :
HTTP POP3 - HTTP POP3
( >
> )
- HTTP POP3

60

: Windows Vista Service Pack 1 Windows Server 2008 Windows Filtering Platform
(WFP) WFP

ESET Smart Security
:
-
- ( )

HTTP/POP3/IMAP

...
IP
HTTP/POP3/IMAP /

IPv4/IPv6 -
IP//
-
61
IPv4

IP// 4
- IP ( 192.168.0.10)
- IP IP ( ) ( 192.168.0.1 192.168.0.99)
- ( ) IP
255.255.255.0 192.168.1.0/24 192.168.1.1 192.168.1.254
IPv6

/ IPv6 4
- IP ( 2001:718:1c01:16:214:22ff:fec9:ca5)
- ( ) IP (: 2002:c0a8:6301:1::1/64)
SSL
ESET Smart Security
SSL SSL
SSL
SSL - SSL

()
62
( ) - SSL ( )

SSL
SSL - SSL
- SSL
SSL
SSL v2 - SSL
SSL / ESET ()
ESET ( Opera, Firefox)
( Internet Explorer)
> > ...
Trusted Root Certification Authorities ( VeriSign)
( )
( ) TRCA ( )

TRCA
TRCA

Trusted Root Certification Authorities ESET Smart Security

(F5) > > > SSL > >
ESET Smart Security
( )

( )
SSL
SSL

( ) :
63
Trusted Root Certification Authorities

:
- -
- -
- -
- -

( )
PIN ESET Smart Security

ESET Smart Security (F5) >
ESET

()
:
URL (F5) > > URL URL

64

/ ESET
: ESET :

samples@eset.com (

40 140
:
1. ESET Smart Security :

F5
2. >

65
ESET Smart Security

1.

ESET Smart Security
- ...

HTTPS (SSL) https://

(HTTPS) SSL > >
> SSL
: , HTTP

2. Windows
...

: ( ) Windows 7 Windows Vista:
66
1. Start ( ) Control Panel User Accounts

2. Manage another account
3. Create a new account
4.
Create Account
5. ESET Smart Security >
3.
... - URL URL

- ( )

...
67

( ) :
- IP () , 127.0.0.0/8, 192.168.0.0/16 403 404

-
-
- ( )

-

URL URL
68
URL
* () ? ( ) TLD
(examplepage.com, examplepage.sk, ) (
sub.examplepage.com) URL
:
/
ESET Smart Security

ESET

()
ESET
: ESET ESET Smart Security
69
-
- ESET
ESET Smart Security
70
:
:
-

1. / -
( ... F5 ) >

2. -

( )
(ISP)

71

( F5) >

ESET

( HTTP)
72
...

( )

>
ESET Smart Security
...

-

... ...

... , HTTP LAN
73

:
-

-
-

:
-

-
- ( )
:

( )
(F5) ...
HTTP :

>

74
ESET Smart Security
:
ESET Smart Security ( > )
:
,
ESET Smart Security
Internet Explorer
( ISP) HTTP

:
/ ESET Smart Security
LAN
NT
LAN LAN ( )

( )

: LAN
: \ ( \ )
HTTP

/

ESET Smart Security

75
( (F5) > > )

: 6871 6870 6868 6869

6869 2
( ) 6868
ESET Smart Security
76
> ESET
Smart Security:

ESET SysInspector
-
ESET
77
ESET SysRescue - ESET SysRescue

ESET Social Media Scanner - ( Facebook)
ESET

ESET Smart Security
> :


-

HIPS - HIPS ( )

-

-
,
URL,
-
-
( Ctrl + C) CTRL
SHIFT
:
- ( )
.../ ... -
- ( )
-
/ -
- XML
-
78

ESET Smart Security > ... > >
:
X
-
(%)

-
-
-
-
- " "
- ( )
...


:
( ... )
:
/
:
( )
( )
( )
( ) ...
...
1.
2.
79
3. :
-
- ( )
-
-
-
4.
:
-
-
-
-
5. :

--
6.


80
:
-
-
-
-
-

>
: 1...
:
: 1 (10 ) - 10
: 1 (24 ) - 24
: 1 ( ) -
: 1 () - X
( ) () KB ()/MB/GB

81

() ( )
ESET SysInspector
ESET SysInspector

SysInspector :
-
-
-
-
:
-
... - ESET SysInspector ( )
-
:
- ESET SysInspector ( )
-
... - .xml .xml
ESET Live Grid

ESET Live Grid(ESET ThreatSense.Net )
ESET
ESET Live Grid
:
1. ESET Live Grid

2. ESET Live Grid ESET
ESET
ESET Live Grid

.doc .xls

82
ESET Live Grid / ESET Live Grid

ESET >
ESET Live Grid
ESET Live Grid () - / ESET Live Grid
ESET
- ESET Live Grid
ESET Smart Security
ESET
- ESET ESET Live Grid
... - ESET Live Grid
ESET Live Grid ESET

ESET Live Grid
ESET

-
/ ESET

(.doc )
( ) -
ESET

ESET ESET Smart
Security ESET Live Grid
83
- Windows

Ctrl+Shift+Esc
- ESET Smart Security ESET Live Grid (
)
1 - () 9 - ()
: () ()

- ESET Live Grid
- ESET Live Grid
: ()
ESET

-
-
84
:
-
- B ()
-
-
-
-
: / -

> ESET Live Grid
( ) +
85
/IP - IP
IP - IP
-
/ -
/ -
-
:
...
- DNS IP
TCP - TCP
-

- localhost
:
-
-
-
-
:
-

-

ESET Smart Security

ESET
86
( )
( )
ESET Smart Security ( )

.. ...

...

: ESET

( )
ESET

LAN
ESET Smart Security
87
>
ESET Smart Security

Internet Explorer
: ( )
( )

ESET Smart Security

SMTP - SMTP
: SMTP SSL/TLS ESET Smart Security
SMTP - SMTP
SMTP
-
-
88
LAN - LAN
Windows
( ) - Windows
() - LAN
-
... - LAN ( Windows)
- ...

( )

( %) :
%TimeStamp% -
%Scanner% -
%ComputerName% -
%ProgramName% -
%InfectedObject% -
%VirusName% -
%ErrorDescription% -
%InfectedObject% %VirusName% %ErrorDescription%

- ANSI Windows Regional ( windows-1250)
ACSII 7 ( "" "a" "?")
- Quoted-printable (QP) ASCII
8 ()

ESET >
ESET

WinRAR/ZIP "infected"
samples@eset.com (
)
89
: ESET :

:

( )

-

- ESET
ESET

Windows Microsoft Windows

ESET Smart Security
:
-
- -
- -
- -
-

(GUI)

ESET Smart Security

90

ESET Smart Security

ESET Smart Security

( )
ESET Smart Security
( )

( )

()

-
-
-
- " "
- ( )

91

()

-
-

ESET Smart Security
> ... > >

- ( )
( User Account Control (UAC) Windows Vista Windows 7)
Windows XP UAC
( UAC)
-
92

-

- /
-
... - F5 > ...
-
... - ESET


ESET Smart Security
>
93
:
( ) - ESET Smart Security
( ) - ESET Smart Security

CPU

>
(F5)

X
( 1 )
:

( )

ESET Smart Security

( )

(F5) > > > ...

ThreatSense

:

... :

94

( )

- - ESET
() :
ESET >

-
... -

Ctrl+G
GUI
Ctrl+I
Ctrl+L
ESET SysInspector

Ctrl+S
Ctrl+Q
Ctrl+U
Ctrl+R
ESET :
F1
F5
Up/Down
TAB
Esc
ESET ( ekrn)
-

-

( )
95
- ... Windows explorer

.xml ESET Smart Security

ESET Smart Security
ESET Smart Security .xml

> ...
...

> ...
( export.xml)
:

>
:

ESET SysInspector
ESET SysInspector
ESET SysInspector

96
ESET SysInspector : ESET Security

(SysInspector.exe) ESET

.xml

> ESET SysInspector ( ESET Remote Administrator) ESET SysInspector
ESET Smart Security
ESET SysInspector 10

ESET SysInspector
ESET SysInspector SysInspector.exe ESET ESET
Security ESET SysInspector Start ( > ESET > ESET Smart Security)

-
(
)
ESET SysInspector
97

( )
: ESET SysInspector

" "
"" "" ESET
SysInspector

( 1)

6 9 ESET

ESET Online Scanner ESET SysInspector ESET Online Scanner
:

Backspace

:

ESET SysInspector
ESET SysInspector

98

:
ESET SysInspector \??\

(TCP UDP)
IP DNS

(BHO)

Windows Services

Microsoft Windows

Windows /

Program Files
ESET SysInspector
99

ESET SysInspector :
100

Ctrl+O
Ctrl+S

Ctrl+G
Ctrl+H
1, O
, 1-9
, 2-9
, 3-9
4, U
, 4-9
, 5-9
, 6-9
7, B
, 7-9
, 8-9
9
-
, 9
Ctrl+9
Ctrl+0
Ctrl+5
Ctrl+6
, Microsoft
Ctrl+7
Ctrl+3
Ctrl+2
Ctrl+1
BackSpace

Ctrl+W
Ctrl+Q
Ctrl+T
Ctrl+P
Ctrl+A
Ctrl+C
Ctrl+X
Ctrl+B
Ctrl+L
Ctrl+R
Ctrl+Z
( )
101
Ctrl+F
Ctrl+D
Ctrl+E
Ctrl+Alt+R
Ctrl+Alt+1
Ctrl+Alt+2
Ctrl+Alt+3
Ctrl+Alt+4
Ctrl+Alt+5
()
Ctrl+Alt+C
Ctrl+Alt+N
Ctrl+Alt+P
Ctrl+Alt+O
F1
Alt+F4
Alt+Shift+F4
Ctrl+I

>
> ESET SysInspector

>

:
> ZIP

ESET SysInspector

102

previous.xml ESET SysInspector
current.xml
>
:
SysIsnpector.exe current.xml previous.xml

ESET SysInspector :
103
/privacy
GUI

/zip
/silent
/help, /?
/gen

: SysInspector.exe "c:\clientlog.xml"
: SysInspector.exe /gen
: SysInspector.exe /gen="c:\folder\"
/ : SysInspector.exe /gen="c:\folder\mynewlog.xml"
: SysInspector.exe /gen="c:\mynewlog.zip" /privacy /zip
: SysInspector.exe "current.xml" "original.xml"
: /

ESET SysInspector
ESET SysInspector

:
1. ESET SysInspector
2. ( ) Shift
3.
4.
5. : - +

/
6. ESET SysInspector >
7.

( ) ESET SysInspector

:
104

(ev) GUI (gv) (lv)
.xml
( )
"-" "+"
01)
UNC CRC16 (*)
:
01) Running processes:
- \SystemRoot\System32\smss.exe *4725*
- C:\Windows\system32\svchost.exe *FD08*
+ C:\Windows\system32\module32.exe *CF8A*
[...]
module32.exe ( "+")
02)

:
02) Loaded modules:
- c:\windows\system32\svchost.exe
- c:\windows\system32\kernel32.dll
+ c:\windows\system32\khbekhb.dll
- c:\windows\system32\advapi32.dll
[...]
khbekhb.dll "+"
03) TCP
TCP
:
03) TCP connections:
- Active connection: 127.0.0.1:30606 -> 127.0.0.1:55320, owner: ekrn.exe
- Active connection: 127.0.0.1:50007 -> 127.0.0.1:50006,
- Active connection: 127.0.0.1:55320 -> 127.0.0.1:30606, owner: OUTLOOK.EXE
- Listening on *, port 135 (epmap), owner: svchost.exe
+ Listening on *, port 2401, owner: fservice.exe Listening on *, port 445 (microsoft-ds), owner: System
[...]
TCP
04) UDP
UDP
105
:
04) UDP endpoints:
- 0.0.0.0, port 123 (ntp)
+ 0.0.0.0, port 3702
- 0.0.0.0, port 4500 (ipsec-msft)
- 0.0.0.0, port 500 (isakmp)
[...]
UDP
05) DNS
DNS
:
05) DNS server entries:
+ 204.74.105.85
- 172.16.152.2
[...]
DNS
06)

:
06) Important registry entries:
* Category: Standard Autostart (3 items)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- HotKeysCmds = C:\Windows\system32\hkcmd.exe
- IgfxTray = C:\Windows\system32\igfxtray.exe
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- Google Update = "C:\Users\antoniak\AppData\Local\Google\Update\GoogleUpdate.exe" /c
* Category: Internet Explorer (7 items)
HKLM\Software\Microsoft\Internet Explorer\Main
+ Default_Page_URL = http://thatcrack.com/
[...]
0

07)

:
07) Services:
- Name: Andrea ADI Filters Service, exe path: c:\windows\system32\aeadisrv.exe, state: Running, startup: Automatic
- Name: Application Experience Service, exe path: c:\windows\system32\aelupsvc.dll, state: Running, startup:
Automatic
- Name: Application Layer Gateway Service, exe path: c:\windows\system32\alg.exe, state: Stopped, startup: Manual
[...]

08)

:
08) Drivers:
- Name: Microsoft ACPI Driver, exe path: c:\windows\system32\drivers\acpi.sys, state: Running, startup: Boot
- Name: ADI UAA Function Driver for High Definition Audio Service, exe path:
106
c:\windows\system32\drivers\adihdaud.sys, state: Running, startup: Manual

[...]

09)

:
09) Critical files:
* File: win.ini
- [fonts]
- [extensions]
- [files]
- MAPI=1
[...]
* File: system.ini
- [386Enh]
- woafont=dosapp.fon
- EGA80WOA.FON=EGA80WOA.FON
[...]
* File: hosts
- 127.0.0.1 localhost
- ::1 localhost
[...]

ESET SysInspector

: "%Scriptname%"

:

:

( )

ESET SysInspector
ESET SysInspector

ESET SysInspector
ESET SysInspector >
XML %USERPROFILE%\My Documents\
"SysInpsector-%COMPUTERNAME%-YYMMDD-HHMM.XML"

107
ESET SysInspector
ESET SysInspector >
ESET SysInspector ESET SysInspector
SYSINSPECTOR.EXE
Windows Vista/7
SDK
SDK

ESET SysInspector
ESET SysInspector ( )

1 - () 9 - ()

"6 - ()"
ESET SysInspector ESET
SysInspector

ESET SysInspector
ESET SysInspector "" ESET

Microsoft Windows

" MS" " "
ESET SysInspector
ESI CAT ( -
%systemroot%\system32\catroot) CAT CAT
" MS" ""

:
Windows 2000 HyperTerminal C:\Program Files\Windows NT
ESET SysInspector Microsoft
C:\WINNT\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sp4.cat C:\Program
Files\Windows NT\hypertrm.exe ( HyperTerminal ) sp4.cat Microsoft
108
ESET SysInspector ESET Smart Security

ESET SysInspector ESET Smart Security > ESET SysInspector ESET
SysInspector

ESET SysInspector

ESET SysInspector
...
:
-

... - ( )

/ -
... - XML ( )
ESET SysRescue
ESET SysRescue
ESET Security - ESET NOD32 Antivirus,
ESET Smart Security ESET SysRescue ESET Security

ESET SysRescue Microsoft Windows Preinstallation Environment (Windows PE) 2.x Windows Vista
Windows PE Windows Automated Installation Kit (Windows AIK) Windows AIK ESET
SysRescue (http://go.eset.eu/AIK) Windows PE 32 ESET Security
32 ESET SysRescue 64 ESET SysRescue Windows AIK 1.1
: Windows AIK 1
ESET SysRescue ESET Security 4.0
109

Windows 7
Windows Vista
Windows Vista Service Pack 1
Windows Vista Service Pack 2
Windows Server 2008
Windows Server 2003 Service Pack 1 KB926044
Windows Server 2003 Service Pack 2
Windows XP Service Pack 2 KB926044
Windows XP Service Pack 3

ESET SysRescue Start > Programs > ESET > ESET Smart Security > ESET SysRescue
Windows AIK Windows AIK (
)
Windows AIK (http://go.eset.eu/AIK)
: Windows AIK 1
ESET SysRescue
//USB ESET SysRescue ISO ISO / (

VMware VirtualBox)
USB BIOS BIOS -
( Windows Vista) :
: \boot\bcd
: 0xc000000e
:
USB

ESET SysRescue ... :

ESET Antivirus

USB ( USB )
(/)
110
MSI ESET Security

ESET Antivirus ( > ESET Antivirus)
ESET SysRescue
ISO ISO

-
ESET SysRescue
-
ESET SysRescue

- ESET SysRescue
ESET Antivirus
ESET SysRescue ESET :
ESS/EAV - ESET Security
MSI - MSI
(.nup) ESS/EAV/ MSI

:
ESS/EAV - ESET Security
-
:
ESET Security ESET SysRescue ESET Security
ESET SysRescue

ESET SysRescue 576
(RAM) 576 WinPE
( ) WinPE Windows Vista SP1
ESET
SysRescue: ( ) ( ) .inf ( *.sys
)
ESET SysRescue ESET SysRescue
ESET SysRescue

111

ESET SysRescue
IP IP DHCP (Dynamic Host Configuration Protocol)
IP ( IP ) IP
IP LAN DNS DNS
DNS
USB
USB USB USB ( USB )
ESET SysRescue
: USB ESET SysRescue
USB

/
ISO - ISO ESET SysRescue
-

-
: / /
/
-
/
ESET SysRescue
//USB ESET SysRescue
BIOS F9 - F12
/BIOS
ESET Security ESET SysRescue
ESET Security ,
ESET SysRescue

112
ESET SysRescue
(.exe) ESET Security explorer.exe
explorer.exe Windows
ESET Security
ESET SysRescue ESET SysRescue
(, )
ESET Smart Security ( "ecls") ("bat")

ESET:
ecls [..] ..
113
/base-dir=FOLDER
/quar-dir=FOLDER
/exclude=MASK
/subdir
/no-subdir
( )

/max-subdir-level=LEVEL
/symlink
/no-symlink
( )

/ads
ADS ( )
/no-ads
/log-file=FILE
ADS
/log-rewrite
( - )
/log-console
/no-log-console
( )

/log-all
/no-log-all
/aind
( )
/auto
/no-files
( )
/memory
/boots
/no-boots
( )
/arch
/no-arch
( )

/max-obj-size=SIZE
SIZE ( 0 = )
/max-arch-level=LEVEL
( )
/scan-timeout=LIMIT
LIMIT
/max-arch-size=SIZE
SIZE ( 0 = )
/max-sfx-size=SIZE
SIZE ( 0 = )
/mail
( )
/files
/no-mail
/mailbox
/no-mailbox
/sfx
/no-sfx
/rtp
/no-rtp
114
( )
( )

( )
/adware
/ / ( )
/no-adware
/ /
/unsafe
/unwanted
( )

/no-unwanted
( )
/pattern
( )

/no-unsafe
/no-pattern
/heur
/no-heur
( )

/no-adv-heur
( )

/ext=EXTENSIONS
EXTENSIONS
/ext-exclude=EXTENSIONS
/clean-mode=MODE
EXTENSIONS

/quarantine
( )
/no-quarantine
( )

/adv-heur
: , ( ), , ,
/help
/version
/preserve-time
10
50
( )
100
: 100

""
" " ( )
115
:

ESET

( )

:
""

( )
:
-
-
-
- ( ) -
-

( )
: Windows

:
1. : ()
2. : ESET Smart Security
116

( )

( )

""

/

, PIN,

P2P (Peer-To-Peer) Spyfalcon Spy Sheriff
( )

UPX, PE_Compact, PKLite ASPack
" "

ESET Smart Security

( )
( )
117

(PUA)
( )
:

( )

DoS
DoS
DoS

DNS Poisoning
DNS (Domain Name Server) poisoning DNS
DNS IP

(Sasser, SqlSlammer)

118
TCP Desynchronization
TCP Desynchronization TCP Hijacking

( )
Desynchronization

TCP Hijacking
TCP
SMB
SMBRelay SMBRelay2
NetBIOS LAN

SMBRelay UDP 139 445
SMBRelay IP "net use
\\192.168.1.1" Windows SMBRelay SMB
IP
SMBRelay2 SMBRelay NetBIOS IP ""

ICMP
ICMP (Internet Control Message Protocol)

ICMP ICMP
DoS ( )
ICMP ping ICMP_ECHO smurf ICMP
( )
1990

119
" "
""

ICQ Skype

(FUD) ""

( )
PIN
( )

( )

120

( )

( )

( )
"vaigra" "viagra"
:
1. ( )
2. ( )
( ) :
1. :
2. :
1. : .exe
2. :
1. :
2. : ""

""
IP
"" IP

121

""

( )

122

Eset Ess 6 Userguide Tha

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Eset Ess 6 Userguide Tha

Загружено:

Авторское право:

Доступные форматы

ESET Smart Security 6 ..............................................................................................................................................................

ESET SysRescue....................................................................................................................................................... 112

ESET Smart Security 6

ESET Live Grid

ESET Smart Security

ESET Smart Security

ESET Smart Security 6

ESET Smart Security :

: ESET Smart Security

ESET Smart Security

2. ESET Smart Security

C:\Program Files\ESET\ESET Smart Security\

ESET Live Grid

ESET Smart Security

2. ESET Smart Security

ESET Smart Security

ESET Smart Security

Microsoft Office Internet Explorer Microsoft

Microsoft Antivirus API ( Microsoft Office 2000 Microsoft Internet Explorer

ESET Smart Security (F5) >

ESET Smart Security

ESET Smart Security >

POP3 IMAP Microsoft Outlook ESET

ESET Smart Security (ESET

Trusted Root Certification Authorities ESET Smart Security

Trusted Root Certification Authorities

ESET Smart Security

1. Start ( ) Control Panel User Accounts

ESET Smart Security

ESET Smart Security

( (F5) > > )

: 6871 6870 6868 6869

ESET SysRescue - ESET SysRescue

ESET Live Grid

ESET Live Grid / ESET Live Grid

ESET Smart Security ( )

Windows Microsoft Windows

ESET Smart Security >

- ESET Smart Security

ESET Smart Security

- ... Windows explorer

ESET SysInspector : ESET Security

SysIsnpector.exe current.xml previous.xml

c:\windows\system32\drivers\adihdaud.sys, state: Running, startup: Manual

%systemroot%\system32\catroot) CAT CAT

" MS" ""

ESET SysInspector ESET Smart Security

//USB ESET SysRescue ISO ISO / (

MSI ESET Security

ESET Security ESET SysRescue ESET Security

ESET Smart Security ( "ecls") ("bat")

Вам также может понравиться