Академический Документы
Профессиональный Документы
Культура Документы
6
............................................................................................................................................................................................ 6
............................................................................................................................................................................... 7
............................................................................................................................................................................................ 7
..................................................................................................................................................................................... 8
...................................................................................................................................................................... 8
............................................................................................................................................................................... 9
.................................................................................................................................................................................. 11
...................................................................................................................................................................... 11
............................................................................................................................................................................ 12
........................................................................................................................................................................ 12
...................................................................................................................................................................... 13
.............................................................................................................................................................................. 14
....................................................................................................................................................................... 14
............................................................................................................................................................. 14
.......................................................................................................................................................................................... 17
................................................................................................................................................................................... 18
............................................................................................................................................................................ 19
......................................................................................................................................................................... 20
ESET Smart Security ................................................................................................................................................... 20
......................................................................................................................................................................................... 22
................................................................................................................................................................. 23
............................................................................................................................................................................. 36
(HIPS) .................................................................................................................................................... 39
............................................................................................................................................................................................ 41
.................................................................................................................................................................................. 42
........................................................................................................................................................................... 43
.................................................................................................................................................................... 44
.............................................................................................................................................................................. 47
- ......................................................................................................................................................... 50
....................................................................................................................................................................................... 51
............................................................................................................................................................................ 52
........................................................................................................................................................................................ 52
...................................................................................................................................................................... 53
....................................................................................................................................................................... 58
............................................................................................................................................................................ 60
........................................................................................................................................................................... 64
.................................................................................................................................................................................. 65
.................................................................................................................................................................... 67
................................................................................................................................................................... 68
................................................................................................................................................................................ 69
............................................................................................................................................................................ 72
......................................................................................................................................................................... 76
............................................................................................................................................................................................ 77
...................................................................................................................................................................................... 78
........................................................................................................................................................................ 79
................................................................................................................................................................................. 80
.............................................................................................................................................................................. 81
ESET SysInspector..................................................................................................................................................................... 82
ESET Live Grid ........................................................................................................................................................................... 82
........................................................................................................................................................................ 83
........................................................................................................................................................................... 85
.......................................................................................................................................................................................... 86
..................................................................................................................................................................... 87
..................................................................................................................................................................... 88
........................................................................................................................................................................ 89
................................................................................................................................................................................ 90
...................................................................................................................................................................................... 90
........................................................................................................................................................................................ 91
..................................................................................................................................................................... 91
.................................................................................................................................................................... 92
................................................................................................................................................................................. 92
................................................................................................................................................................................... 92
....................................................................................................................................................................................... 93
.................................................................................................................................................................................. 94
.................................................................................................................................................................................. 94
............................................................................................................................................................................ 94
........................................................................................................................................................................................ 95
.......................................................................................................................................................................................... 95
......................................................................................................................................................................... 96
........................................................................................................................................................................ 96
ESET SysInspector ......................................................................................................................................................................... 96
ESET SysInspector ................................................................................................................................................ 96
.................................................................................................................................................... 97
................................................................................................................................................................. 103
................................................................................................................................................................................ 104
.............................................................................................................................................................................. 107
ESET SysInspector ESET Smart Security ............................................................................................................... 109
ESET SysRescue ........................................................................................................................................................................... 109
........................................................................................................................................................................... 109
............................................................................................................................................................................... 110
........................................................................................................................................................................... 110
..................................................................................................................................................................................... 110
( SSL) POP3
IMAP
( )
USB, /
HIPS
ESET
80
ESET Smart Security
ESET
Smart Security
(IDS)
ESET Smart Security 6
ESET Smart Security ESET
ESET Smart Security 6
ESET
ESET ESET Smart Security 6
( )
6
ESET Smart Security :
Microsoft Windows XP
400 MHz 32 (x86) / 64 (x64)
RAM 128
320
Super VGA (800 x 600)
Microsoft Windows 7, 8, Vista, Home Server
1 GHz 32 (x86) / 64 (x64)
RAM 512
320
Super VGA (800 x 600)
.
:
ESET Live Grid
ESET
Microsoft Windows Internet Explorer
-
:
/
ESET ()
ESET Smart Security
- / .msi
ESET Live Grid ESET Live Grid ESET
ESET
ESET Smart Security ESET Smart Security
...
(.msi)
10
ESET Live Grid
( " ")
()
Internet Explorer ()
IP URL
(3128 )
Internet Explorer
11
...
:
ESET Smart Security
(/ ESET
)
ESET Smart Security ESET
Smart Security
ESET
ESET Smart Security ESET Smart Security
...
12
...
ESET
:
L ( (1) )
'0' (0) 'o' o
ESET Smart Security
:
1.
2. /
3.
13
ESET Smart Security
ESET Smart Security
ESET Smart Security
:
- ESET Smart Security
-
-
- .
- ESET SysInspector
ESET SysRescue
14
- ESET ESET
ESET Smart Security
15
- :
( )
-
( )
ESET Smart Security ...
-
( )
-
"i"
ESET -
( )
-
-
16
ESET
ESET ESET
ESET Smart Security
17
( ... F5 )
LAN ... .
> >
...
18
:
: RPC
1.
19
ESET Smart Security
20
:
-
- Microsoft Office Internet Explorer
Microsoft ActiveX
-
/
(//USB...)
HIPS - HIPS
-
- ( )
-
40 140
21
:
- HTTP HTTPS
- POP3 IMAP
-
-
: ( ... (F5) > > >
> )
:
... ESET
( ) .xml
...
>
... ...
...
22
-
..
... - ( )
( )
:
(PUA)
( )
ThreatSense
( ThreatSense)
( )
F5 > >
... ThreatSense
23
( )
:
-
- / USB
-
( )
:
-
-
-
-
> > >
ThreatSense -
(.sfx)
24
( ) 10
ThreatSense -
( )
(USB)
...
( ... )
-
- ( )
-
: ()
25
ESET Smart Security
( > >
> )
eicar.com
EICAR (European Institute for Computer
Antivirus Research) http://www.eicar.org/download/eicar.com
:
(F5) > >
ESET
( )
ESET
26
- ( / /USB)
USB
>
>
( )
-
- USB /
-
-
-
( )
27
... >
ThreatSense ...
UAC
: ( pagefile.sys )
...
-
-
28
-
60
( )
(F5) > > > ...
ThreatSense
:
... :
29
>
...
( )
:
:
( )
( )
:
- ( ,
, winlogon, Windows, dlls )
- (
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run)
- :
-
-
-
-
> >
(
)
( )
( >
)
ThreatSense ... ( )
30
:
1. ...
2.
(?) (*)
"*.*"
"D:\*"
doc "*.doc"
() ( "D") : "D????.exe"
()
:
-
-
(
) >
... -
... -
31
ThreatSense
ThreatSense
( )
ThreatSense
ThreatSense :
... ThreatSense ()
ThreatSense :
ThreatSense
(
)
ThreatSense
-
-
- : DBX (Outlook Express) EML
- : ARJ, BZ2, CAB, CHM, DBX, GZIP, ISO/BIN/NRG, LHA, MIME, NSIS, RAR, SIS, TAR,
TNEF, UUE, WISE, ZIP, ACE
- (SFX)
- ( ) (UPX, yoda,
ASPack, FSG ) ( )
32
- ( )
/DNA/ -
ESET
( )
ESET Live Grid - ESET ESET Live Grid
3 :
-
- ( )
-
: ()
ThreatSense
.edb, .eml .tmp Microsoft Exchange
* () ? ( )
*
?
33
:
-
:
() -
:
- : 10.
-
( ) :
:
:
-
-
ThreatSense
ThreatSense :
(ADS) - NTFS
-
- ( )
-
/
(USB, , , , )
34
"" ( )
( )
( )
35
:
ESET Smart Security
( )
ESET Smart Security (//USB/...)
/
//Blu-ray
USB
USB
FireWire
36
- (/ /USB)
:
-
-
... -
-
...
- (//USB...)
-
-
37
-
-
(Del) -
- (//USB)
- /
-
- ( )
-
- ( ) ( )
: (*, ?)
... /
-
-
-
- :
-
38
(HIPS)
(HIPS) HIPS
HIPS
HIPS (F5) > HIPS HIPS ( / ) ESET Smart
Security
HIPS (F5) HIPS > HIPS HIPS
( / ) ESET Smart Security
: HIPS
ESET Smart Security
HIPS Windows HIPS
:
-
-
-
-
X 14
HIPS ... HIPS
:
1.
2.
3. ( F1).
4.
5.
6.
39
HIPS
40
( / )
HIPS
HTTP, POP3 IMAP
:
:
:
-
... -
41
:
-
... -
... -
... -
42
- :
-
-
-
-
-
-
- ( )
- (HTTP - 80, POP3
- 110 )
IP / - IP
/
- IP
X - ESET Smart Security
ESET Smart Security
()
... ( ) ,
:
- ( )
( ) - (
- ) ( )
- ( )
43
(F5) > >
>
... ...
:
... ( )
(Del)
:
-
-
:
-
-
( ) -
44
/ (+/-) /
/ -
/ -
():
- IP
( )
45
-
-
-
-
-
-
-
-
-
/ -
-
-
46
(Del) -
:
-
-
- ( )
IP
...
...
,
( >
( ))
:
TCP UDP
( Internet Explorer iexplore.exe)
80
( - )
IP
IPv4/IPv6
IP
IP
47
-
IPv4
( IP )
/
IP/ ...
...
/ / ()
( )
...
:
1) ESET
(RSA)
...
( - ) IP, DNS
NetBios ( server_name_/directory1/directory2/authentication)
48
:
PEM (.pem)
ESET ( - )
(.crt)
:
/ IP /
( - )
IP IP
2)
49
-
/ ESET
/
ESET ESET
ESET ( Start > Programs > ESET >
ESET Authentication Server)
( 80)
50
( )
( )
:
-
-
- ( - 80)
51
ESET :
ESET Smart Security :
-
-
- (HTTP, POP3, IMAP
)
-
-
52
POP3 IMAP ESET Smart Security
(POP3, MAPI, IMAP, HTTP)
//
... - //
-
-
-
53
ThreatSense -
...
HTML
:
-
- ( )
-
/ -
( )
- ""
"[]" : "[] " %VIRUSNAME%
ESET Smart Security
ESET Smart Security ESET Smart Security
> ... > > >
Microsoft Outlook, Outlook Express, Windows Mail, Windows Live Mail Mozilla
Thunderbird ESET
Kerio Outlook Connector Store
(POP3, IMAP)
: Microsoft Outlook, Outlook Express, Windows Mail, Windows Live Mail
Mozilla Thunderbird
-
-
-
54
-
-
-
-
-
-
IMAP, IMAPS
Internet Message Access Protocol (IMAP) IMAP POP3
ESET Smart Security
IMAP
143
SSL
> > SSL SSL
POP3, POP3S
POP3 ESET Smart Security
55
POP3 110
SSL
> > SSL SSL
POP3 POP3S
POP3 - POP3
POP3 - POP3 (110 )
ESET Smart Security POP3S ESET
Smart Security SSL (Secure Socket Layer) TLS (Transport Layer Security)
POP3S -
POP3S - POP3S
POP3S
POP3S - POP3S (995 )
80
() ()
56
( ,
)
ESET Smart Security
:
- /
-
"[SPAM]"
-
-
-
""
- ""
ESET Smart Security >
ESET Smart Security
ESET Smart Security >
ESET Smart Security
""
57
HTTP (Hypertext Transfer Protocol)
HTTPS ( )
ESET Smart Security > >
HTTP, HTTPs
ESET Smart Security
HTTP
(F5) > > > HTTP, HTTPS HTTP/HTTPS
HTTP HTTP 80 (HTTP),
8080 3128 ( )
ESET Smart Security HTTPS HTTPS ESET
Smart Security SSL (Secure Socket Layer) TLS (Transport Layer Security)
HTTPS :
HTTPS -
HTTPS - HTTPS HTTPS
58
HTTPS -
HTTPS 443
SSL
> > SSL SSL
ESET Smart Security
(
)
: ESET Smart Security
URL
URL
HTTP , ,
URL HTTP
URL
... / HTTP
URL HTTPS SSL
* () ? ( )
*
?
59
.../ -
( ) ( )
/ URL
... - ("*" "?")
/ -
... -
ThreatSense
(SSL) > SSL
- HTTP(S), POP3(S)
IMAP(S)
: Windows Vista Service Pack 1, Windows 7 Windows Server 2008 Windows Filtering
Platform (WFP) WFP :
HTTP POP3 - HTTP POP3
( >
> )
- HTTP POP3
60
: Windows Vista Service Pack 1 Windows Server 2008 Windows Filtering Platform
(WFP) WFP
ESET Smart Security
:
-
- ( )
HTTP/POP3/IMAP
...
IP
HTTP/POP3/IMAP /
IPv4/IPv6 -
IP//
-
61
IPv4
IP// 4
- IP ( 192.168.0.10)
- IP IP ( ) ( 192.168.0.1 192.168.0.99)
- ( ) IP
255.255.255.0 192.168.1.0/24 192.168.1.1 192.168.1.254
IPv6
/ IPv6 4
- IP ( 2001:718:1c01:16:214:22ff:fec9:ca5)
- ( ) IP (: 2002:c0a8:6301:1::1/64)
SSL
ESET Smart Security
SSL SSL
SSL
SSL - SSL
()
62
( ) - SSL ( )
SSL
SSL - SSL
- SSL
SSL
SSL v2 - SSL
SSL / ESET ()
ESET ( Opera, Firefox)
( Internet Explorer)
> > ...
Trusted Root Certification Authorities ( VeriSign)
( )
( ) TRCA ( )
TRCA
TRCA
( )
SSL
SSL
( ) :
63
( )
PIN ESET Smart Security
ESET Smart Security (F5) >
ESET
()
:
URL (F5) > > URL URL
64
/ ESET
: ESET :
samples@eset.com (
40 140
:
1. ESET Smart Security :
F5
2. >
65
66
- ( )
...
67
( ) :
- IP () , 127.0.0.0/8, 192.168.0.0/16 403 404
-
-
- ( )
-
URL URL
68
URL
* () ? ( ) TLD
(examplepage.com, examplepage.sk, ) (
sub.examplepage.com) URL
:
/
69
-
- ESET
ESET Smart Security
70
:
:
-
1. / -
( ... F5 ) >
2. -
( )
(ISP)
71
( F5) >
ESET
( HTTP)
72
...
( )
>
ESET Smart Security
...
-
... ...
... , HTTP LAN
73
:
-
-
-
:
-
-
- ( )
:
( )
(F5) ...
HTTP :
>
74
:
ESET Smart Security ( > )
:
,
ESET Smart Security
Internet Explorer
( ISP) HTTP
:
/ ESET Smart Security
LAN
NT
LAN LAN ( )
( )
: LAN
: \ ( \ )
HTTP
/
ESET Smart Security
75
76
> ESET
Smart Security:
ESET SysInspector
-
ESET
77
ESET Smart Security
> :
- ESET Smart Security
- ESET Smart Security
-
HIPS - HIPS ( )
-
-
,
URL,
-
-
( Ctrl + C) CTRL
SHIFT
:
- ( )
.../ ... -
- ( )
-
/ -
- XML
-
78
ESET Smart Security > ... > >
:
X
-
(%)
-
-
-
-
- " "
- ( )
...
ESET Smart Security >
:
( ... )
:
/
:
( )
( )
( )
( ) ...
...
1.
2.
79
3. :
-
- ( )
-
-
-
4.
:
-
-
-
-
5. :
--
6.
ESET Smart Security >
80
:
-
-
-
-
-
>
: 1...
:
: 1 (10 ) - 10
: 1 (24 ) - 24
: 1 ( ) -
: 1 () - X
( ) () KB ()/MB/GB
81
() ( )
ESET SysInspector
ESET SysInspector
SysInspector :
-
-
-
-
:
-
... - ESET SysInspector ( )
-
:
- ESET SysInspector ( )
-
... - .xml .xml
.doc .xls
82
ESET Live Grid
ESET
-
/ ESET
(.doc )
( ) -
ESET
ESET ESET Smart
Security ESET Live Grid
83
- Windows
Ctrl+Shift+Esc
- ESET Smart Security ESET Live Grid (
)
1 - () 9 - ()
: () ()
- ESET Live Grid
- ESET Live Grid
: ()
ESET
-
-
84
:
-
- B ()
-
-
-
-
: / -
> ESET Live Grid
( ) +
85
/IP - IP
IP - IP
-
/ -
/ -
-
:
...
- DNS IP
TCP - TCP
-
- localhost
:
-
-
-
-
:
-
-
ESET Smart Security
ESET
86
( )
( )
LAN
ESET Smart Security
87
>
ESET Smart Security
Internet Explorer
: ( )
( )
ESET Smart Security
SMTP - SMTP
: SMTP SSL/TLS ESET Smart Security
SMTP - SMTP
SMTP
-
-
88
LAN - LAN
Windows
( ) - Windows
() - LAN
-
... - LAN ( Windows)
- ...
( )
( %) :
%TimeStamp% -
%Scanner% -
%ComputerName% -
%ProgramName% -
%InfectedObject% -
%VirusName% -
%ErrorDescription% -
%InfectedObject% %VirusName% %ErrorDescription%
- ANSI Windows Regional ( windows-1250)
ACSII 7 ( "" "a" "?")
- Quoted-printable (QP) ASCII
8 ()
ESET >
ESET
WinRAR/ZIP "infected"
samples@eset.com (
)
89
: ESET :
:
( )
-
- ESET
ESET
(GUI)
ESET Smart Security
90
ESET Smart Security
ESET Smart Security
( )
ESET Smart Security
( )
( )
()
-
-
-
- " "
- ( )
91
()
-
-
ESET Smart Security
> ... > >
- ( )
( User Account Control (UAC) Windows Vista Windows 7)
Windows XP UAC
( UAC)
-
92
- /
-
... - F5 > ...
-
- ESET Smart Security
... - ESET
- ESET Smart Security
ESET Smart Security
>
- ESET Smart Security
93
:
( ) - ESET Smart Security
( ) - ESET Smart Security
- ESET Smart Security
- ESET Smart Security
CPU
>
(F5)
X
( 1 )
:
( )
( )
(F5) > > > ...
ThreatSense
:
... :
94
( )
- - ESET
() :
ESET >
-
... -
ESET Smart Security :
Ctrl+G
GUI
Ctrl+I
Ctrl+L
ESET SysInspector
Ctrl+S
Ctrl+Q
Ctrl+U
Ctrl+R
ESET :
F1
F5
Up/Down
TAB
Esc
ESET ( ekrn)
ESET Smart Security :
-
-
( )
95
.xml ESET Smart Security
ESET Smart Security
ESET Smart Security .xml
> ...
...
> ...
( export.xml)
:
>
:
ESET SysInspector
ESET SysInspector
ESET SysInspector
96
ESET SysInspector
ESET SysInspector SysInspector.exe ESET ESET
Security ESET SysInspector Start ( > ESET > ESET Smart Security)
-
(
)
ESET SysInspector
97
( )
: ESET SysInspector
" "
"" "" ESET
SysInspector
( 1)
6 9 ESET
ESET Online Scanner ESET SysInspector ESET Online Scanner
:
Backspace
:
ESET SysInspector
ESET SysInspector
98
:
ESET SysInspector \??\
(TCP UDP)
IP DNS
(BHO)
Windows Services
Microsoft Windows
Windows /
Program Files
ESET SysInspector
99
ESET SysInspector :
100
Ctrl+O
Ctrl+S
Ctrl+G
Ctrl+H
1, O
, 1-9
, 2-9
, 3-9
4, U
, 4-9
, 5-9
, 6-9
7, B
, 7-9
, 8-9
9
-
, 9
Ctrl+9
Ctrl+0
Ctrl+5
Ctrl+6
, Microsoft
Ctrl+7
Ctrl+3
Ctrl+2
Ctrl+1
BackSpace
Ctrl+W
Ctrl+Q
Ctrl+T
Ctrl+P
Ctrl+A
Ctrl+C
Ctrl+X
Ctrl+B
Ctrl+L
Ctrl+R
Ctrl+Z
( )
101
Ctrl+F
Ctrl+D
Ctrl+E
Ctrl+Alt+R
Ctrl+Alt+1
Ctrl+Alt+2
Ctrl+Alt+3
Ctrl+Alt+4
Ctrl+Alt+5
()
Ctrl+Alt+C
Ctrl+Alt+N
Ctrl+Alt+P
Ctrl+Alt+O
F1
Alt+F4
Alt+Shift+F4
Ctrl+I
>
> ESET SysInspector
>
:
> ZIP
ESET SysInspector
102
previous.xml ESET SysInspector
current.xml
>
:
ESET SysInspector :
103
/privacy
GUI
/zip
/silent
/help, /?
/gen
: SysInspector.exe "c:\clientlog.xml"
: SysInspector.exe /gen
: SysInspector.exe /gen="c:\folder\"
/ : SysInspector.exe /gen="c:\folder\mynewlog.xml"
: SysInspector.exe /gen="c:\mynewlog.zip" /privacy /zip
: SysInspector.exe "current.xml" "original.xml"
: /
ESET SysInspector
ESET SysInspector
:
1. ESET SysInspector
2. ( ) Shift
3.
4.
5. : - +
/
6. ESET SysInspector >
7.
( ) ESET SysInspector
:
104
(ev) GUI (gv) (lv)
.xml
( )
"-" "+"
01)
UNC CRC16 (*)
:
01) Running processes:
- \SystemRoot\System32\smss.exe *4725*
- C:\Windows\system32\svchost.exe *FD08*
+ C:\Windows\system32\module32.exe *CF8A*
[...]
module32.exe ( "+")
02)
:
02) Loaded modules:
- c:\windows\system32\svchost.exe
- c:\windows\system32\kernel32.dll
+ c:\windows\system32\khbekhb.dll
- c:\windows\system32\advapi32.dll
[...]
khbekhb.dll "+"
03) TCP
TCP
:
03) TCP connections:
- Active connection: 127.0.0.1:30606 -> 127.0.0.1:55320, owner: ekrn.exe
- Active connection: 127.0.0.1:50007 -> 127.0.0.1:50006,
- Active connection: 127.0.0.1:55320 -> 127.0.0.1:30606, owner: OUTLOOK.EXE
- Listening on *, port 135 (epmap), owner: svchost.exe
+ Listening on *, port 2401, owner: fservice.exe Listening on *, port 445 (microsoft-ds), owner: System
[...]
TCP
04) UDP
UDP
105
:
04) UDP endpoints:
- 0.0.0.0, port 123 (ntp)
+ 0.0.0.0, port 3702
- 0.0.0.0, port 4500 (ipsec-msft)
- 0.0.0.0, port 500 (isakmp)
[...]
UDP
05) DNS
DNS
:
05) DNS server entries:
+ 204.74.105.85
- 172.16.152.2
[...]
DNS
06)
:
06) Important registry entries:
* Category: Standard Autostart (3 items)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- HotKeysCmds = C:\Windows\system32\hkcmd.exe
- IgfxTray = C:\Windows\system32\igfxtray.exe
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- Google Update = "C:\Users\antoniak\AppData\Local\Google\Update\GoogleUpdate.exe" /c
* Category: Internet Explorer (7 items)
HKLM\Software\Microsoft\Internet Explorer\Main
+ Default_Page_URL = http://thatcrack.com/
[...]
0
07)
:
07) Services:
- Name: Andrea ADI Filters Service, exe path: c:\windows\system32\aeadisrv.exe, state: Running, startup: Automatic
- Name: Application Experience Service, exe path: c:\windows\system32\aelupsvc.dll, state: Running, startup:
Automatic
- Name: Application Layer Gateway Service, exe path: c:\windows\system32\alg.exe, state: Stopped, startup: Manual
[...]
08)
:
08) Drivers:
- Name: Microsoft ACPI Driver, exe path: c:\windows\system32\drivers\acpi.sys, state: Running, startup: Boot
- Name: ADI UAA Function Driver for High Definition Audio Service, exe path:
106
09)
:
09) Critical files:
* File: win.ini
- [fonts]
- [extensions]
- [files]
- MAPI=1
[...]
* File: system.ini
- [386Enh]
- woafont=dosapp.fon
- EGA80WOA.FON=EGA80WOA.FON
[...]
* File: hosts
- 127.0.0.1 localhost
- ::1 localhost
[...]
ESET SysInspector
: "%Scriptname%"
:
:
( )
ESET SysInspector
ESET SysInspector
ESET SysInspector
ESET SysInspector >
XML %USERPROFILE%\My Documents\
"SysInpsector-%COMPUTERNAME%-YYMMDD-HHMM.XML"
107
ESET SysInspector
ESET SysInspector >
ESET SysInspector ESET SysInspector
SYSINSPECTOR.EXE
Windows Vista/7
SDK
SDK
ESET SysInspector
ESET SysInspector ( )
1 - () 9 - ()
"6 - ()"
ESET SysInspector ESET
SysInspector
ESET SysInspector
ESET SysInspector "" ESET
Microsoft Windows
" MS" " "
ESET SysInspector
ESI CAT ( -
C:\WINNT\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sp4.cat C:\Program
Files\Windows NT\hypertrm.exe ( HyperTerminal ) sp4.cat Microsoft
108
ESET SysRescue
ESET SysRescue
ESET Security - ESET NOD32 Antivirus,
ESET Smart Security ESET SysRescue ESET Security
ESET SysRescue Microsoft Windows Preinstallation Environment (Windows PE) 2.x Windows Vista
Windows PE Windows Automated Installation Kit (Windows AIK) Windows AIK ESET
SysRescue (http://go.eset.eu/AIK) Windows PE 32 ESET Security
32 ESET SysRescue 64 ESET SysRescue Windows AIK 1.1
: Windows AIK 1
ESET SysRescue ESET Security 4.0
109
Windows 7
Windows Vista
Windows Vista Service Pack 1
Windows Vista Service Pack 2
Windows Server 2008
Windows Server 2003 Service Pack 1 KB926044
Windows Server 2003 Service Pack 2
Windows XP Service Pack 2 KB926044
Windows XP Service Pack 3
ESET SysRescue Start > Programs > ESET > ESET Smart Security > ESET SysRescue
Windows AIK Windows AIK (
)
Windows AIK (http://go.eset.eu/AIK)
: Windows AIK 1
ESET SysRescue
USB
ESET SysRescue ... :
ESET Antivirus
USB ( USB )
(/)
110
ESET SysRescue
ISO ISO
-
ESET SysRescue
-
ESET SysRescue
- ESET SysRescue
ESET Antivirus
ESET SysRescue ESET :
ESS/EAV - ESET Security
MSI - MSI
(.nup) ESS/EAV/ MSI
:
ESS/EAV - ESET Security
-
:
ESET SysRescue
ESET SysRescue 576
(RAM) 576 WinPE
( ) WinPE Windows Vista SP1
ESET
SysRescue: ( ) ( ) .inf ( *.sys
)
ESET SysRescue ESET SysRescue
ESET SysRescue
111
ESET SysRescue
IP IP DHCP (Dynamic Host Configuration Protocol)
IP ( IP ) IP
IP LAN DNS DNS
DNS
USB
USB USB USB ( USB )
ESET SysRescue
: USB ESET SysRescue
USB
/
ISO - ISO ESET SysRescue
-
-
: / /
/
-
/
ESET SysRescue
//USB ESET SysRescue
BIOS F9 - F12
/BIOS
ESET Security ESET SysRescue
ESET Security ,
ESET SysRescue
112
ESET SysRescue
(.exe) ESET Security explorer.exe
explorer.exe Windows
ESET Security
ESET SysRescue ESET SysRescue
(, )
113
/base-dir=FOLDER
/quar-dir=FOLDER
/exclude=MASK
/subdir
/no-subdir
( )
/max-subdir-level=LEVEL
/symlink
/no-symlink
( )
/ads
ADS ( )
/no-ads
/log-file=FILE
ADS
/log-rewrite
( - )
/log-console
/no-log-console
( )
/log-all
/no-log-all
/aind
( )
/auto
/no-files
( )
/memory
/boots
/no-boots
( )
/arch
/no-arch
( )
/max-obj-size=SIZE
SIZE ( 0 = )
/max-arch-level=LEVEL
( )
/scan-timeout=LIMIT
LIMIT
/max-arch-size=SIZE
SIZE ( 0 = )
/max-sfx-size=SIZE
SIZE ( 0 = )
( )
/files
/no-mail
/mailbox
/no-mailbox
/sfx
/no-sfx
/rtp
/no-rtp
114
( )
( )
( )
/adware
/ / ( )
/no-adware
/ /
/unsafe
/unwanted
( )
/no-unwanted
( )
/pattern
( )
/no-unsafe
/no-pattern
/heur
/no-heur
( )
/no-adv-heur
( )
/ext=EXTENSIONS
EXTENSIONS
/ext-exclude=EXTENSIONS
/clean-mode=MODE
EXTENSIONS
/quarantine
( )
/no-quarantine
( )
/adv-heur
: , ( ), , ,
/help
/version
/preserve-time
10
50
( )
100
: 100
""
" " ( )
115
:
ESET
( )
:
""
( )
:
-
-
-
- ( ) -
-
( )
: Windows
:
1. : ()
2. : ESET Smart Security
116
( )
( )
""
/
, PIN,
P2P (Peer-To-Peer) Spyfalcon Spy Sheriff
( )
UPX, PE_Compact, PKLite ASPack
" "
ESET Smart Security
( )
( )
117
(PUA)
( )
:
( )
DoS
DoS
DoS
DNS Poisoning
DNS (Domain Name Server) poisoning DNS
DNS IP
(Sasser, SqlSlammer)
118
TCP Desynchronization
TCP Desynchronization TCP Hijacking
( )
Desynchronization
TCP Hijacking
TCP
SMB
SMBRelay SMBRelay2
NetBIOS LAN
SMBRelay UDP 139 445
SMBRelay IP "net use
\\192.168.1.1" Windows SMBRelay SMB
IP
SMBRelay2 SMBRelay NetBIOS IP ""
ICMP
ICMP (Internet Control Message Protocol)
ICMP ICMP
DoS ( )
ICMP ping ICMP_ECHO smurf ICMP
( )
1990
119
" "
""
ICQ Skype
(FUD) ""
( )
PIN
( )
( )
120
( )
( )
( )
"vaigra" "viagra"
:
1. ( )
2. ( )
( ) :
1. :
2. :
1. : .exe
2. :
1. :
2. : ""
""
IP
"" IP
121
""
( )
122