Вы находитесь на странице: 1из 126

ESET SMART SECURITY 5

( 5.0 )
Microsoft Windows 7 / Vista / XP / 2000 / Home Server
,

ESET Smart Security


ESET, spol. s r. o., 2011

ESET Smart Security ESET, spol.


s r.o.
. - www.eset.com.
. ,

, , ,
, , ,
.
ESET, spol.s r.o. ,
, .
: www.eset.com/support/contact
9/8/2011


1. ESET
Smart Security 5
..................................................5
1.1

?
........................................................................5

1.2
........................................................................6

1.3
........................................................................6

2.
..................................................8
2.1
........................................................................9

2.2
........................................................................11

2.3
........................................................................15

2.4 ........................................................................15

2.5
........................................................................16

3.

..................................................17
3.1
........................................................................17

3.2 , ,

........................................................................18

3.3
........................................................................19

3.4
........................................................................20
-
3.5
........................................................................21

3.6
........................................................................22

4.
ESET Smart Security
..................................................23
4.1
........................................................................25
4.1.1
...........................................................................25

4.1.1.1

..........................................................................26
4.1.1.1.1
............................................................................26

4.1.1.1.2 (

............................................................................27
)
4.1.1.1.3
............................................................................27

4.1.1.1.4 ............................................................................27

4.1.1.1.5

............................................................................28

4.1.1.1.6

............................................................................28
4.1.1.1.7 ,

............................................................................28
4.1.1.2
..........................................................................29

4.1.1.3

..........................................................................30

4.1.1.3.1
............................................................................30
4.1.1.3.1.1
.........................................................................30
Smart
4.1.1.3.1.2
.........................................................................31

4.1.1.3.2
............................................................................31

4.1.1.3.3
............................................................................32

4.1.1.3.4
............................................................................32
4.1.1.4
,
..........................................................................33

4.1.1.5

..........................................................................34
4.1.1.6

..........................................................................35
ThreatSense
4.1.1.6.1
............................................................................35
4.1.1.6.2
............................................................................36
4.1.1.6.3
............................................................................36
4.1.1.6.4
............................................................................37
4.1.1.6.5
............................................................................37
4.1.1.6.6 ............................................................................38
4.1.1.7

..........................................................................38

4.1.2

...........................................................................39
4.1.3

...........................................................................40

4.2.1
4.2.2
4.2.3
4.2.3.1
4.2.3.2
4.2.4
4.2.4.1
4.2.4.1.1
4.2.4.1.2
4.2.5
4.2.6
4.2.7

...........................................................................43

...........................................................................44

...........................................................................45

..........................................................................46

..........................................................................47

...........................................................................48

..........................................................................48

............................................................................48
:

............................................................................50
:

...........................................................................51
:

...........................................................................52

...........................................................................52

4.3
........................................................................53

4.3.1
...........................................................................54

4.3.1.1
HTTP, HTTPs
..........................................................................54
4.3.1.1.1
............................................................................55
-
4.3.1.2

..........................................................................55
URL-
4.3.2
...........................................................................57

4.3.2.1
..........................................................................58
POP3, POP3S
4.3.2.2
..........................................................................59
IMAP, IMAPS
4.3.2.3
..........................................................................59

4.3.2.3.1
............................................................................60

4.3.2.4
..........................................................................61

4.3.3
...........................................................................61

4.3.3.1

..........................................................................62

4.3.3.1.1
............................................................................62
4.3.3.1.2
............................................................................63

4.3.4

...........................................................................63

4.3.4.1

..........................................................................64

4.3.4.2
..........................................................................65

4.3.4.3
..........................................................................65
SSL
4.3.4.3.1
............................................................................66
4.3.4.3.1.1
.........................................................................67

4.3.4.3.1.2
.........................................................................67

4.4
........................................................................67

4.5
........................................................................68

4.5.1

...........................................................................72

4.5.1.1

..........................................................................73

4.5.1.2

..........................................................................73

4.5.1.2.1 ............................................................................73

4.5.1.2.2 -
............................................................................74
4.5.1.2.3
............................................................................76

4.5.2

...........................................................................77

4.6
........................................................................77

4.6.1
...........................................................................78

4.6.1.1

..........................................................................79

4.6.2

...........................................................................80
4.6.2.1

..........................................................................83

4.6.3

...........................................................................84

4.6.4

...........................................................................85
4.6.4.1

..........................................................................85

4.6.4.2
..........................................................................85

4.6.4.3
..........................................................................86

4.6.5

...........................................................................87
4.6.6
ESET SysInspector
...........................................................................88
4.6.7

...........................................................................89

4.6.7.1
ESET Live
..........................................................................90
Grid
4.6.7.1.1
............................................................................91

4.6.8

...........................................................................92

4.6.9

...........................................................................93

4.6.10

...........................................................................94

4.6.11

...........................................................................94

4.7
........................................................................94
4.7.1

...........................................................................95
4.7.2

...........................................................................95

4.7.2.1

..........................................................................96

4.7.3

...........................................................................97

4.2 ........................................................................42
4.7.4

...........................................................................97

4.7.5
4.7.6

...........................................................................98

...........................................................................98

5.

..................................................99
5.1
........................................................................99
-
5.2
........................................................................100

5.3
........................................................................101

5.4
........................................................................101

5.5 ESET
........................................................................103
SysInspector
5.5.1

...........................................................................103
ESET SysInspector
5.5.1.1
..........................................................................103
ESET SysInspector
5.5.2

...........................................................................104
5.5.2.1

..........................................................................104

5.5.2.2
..........................................................................105
ESET SysInspector
5.5.2.3
..........................................................................106
5.5.3

...........................................................................108

5.5.4

...........................................................................108

5.5.4.1

..........................................................................109

5.5.4.2
..........................................................................109

5.5.4.3
..........................................................................111

5.5.5

...........................................................................111

5.5.6

...........................................................................113

5.5.7

...........................................................................113

5.5.8
ESET SysInspector
...........................................................................114
ESET Smart Security
5.6 ESET
........................................................................115
SysRescue
5.6.1

...........................................................................115

5.6.2
-

...........................................................................115
5.6.3
...........................................................................115

5.6.4

...........................................................................116
5.6.4.1
..........................................................................116
5.6.4.2
..........................................................................116
ESET
5.6.4.3
..........................................................................117

5.6.4.4 -
..........................................................................117
5.6.4.5
..........................................................................117
USB-
5.6.4.6 ..........................................................................117
5.6.5
...........................................................................118
ESET SysRescue
5.6.5.1

..........................................................................118
ESET SysRescue

6.
..................................................119
6.1
........................................................................119

6.1.1
...........................................................................119
6.1.2
...........................................................................119
6.1.3

...........................................................................120

6.1.4

...........................................................................120
6.1.5

...........................................................................120

6.1.6

...........................................................................121

6.1.7

...........................................................................121

6.1.8

...........................................................................121

6.2
........................................................................122

6.2.1
DoS-
...........................................................................122
6.2.2

...........................................................................122
DNS
6.2.3
...........................................................................122

6.2.4

...........................................................................122

6.2.5
TCP-
...........................................................................123
6.2.6
SMB Relay
...........................................................................123
6.2.7
...........................................................................123
ICMP
6.3
........................................................................124

6.3.1

...........................................................................124

6.3.2

...........................................................................124
6.3.3

...........................................................................125
6.3.4

...........................................................................125

6.3.4.1

..........................................................................125
6.3.4.2
..........................................................................126

6.3.4.3
..........................................................................126

6.3.4.4
6.3.4.5

..........................................................................126

..........................................................................126

1. ESET Smart Security 5


ESET Smart Security5
. ThreatSense

, . ,
.
ESET Smart Security5 ,
,
. ,
, ,
, , , ,
.

1.1 ?

,
. , ( 20 ). ,
.


, .

, ,
, .

, ESET Smart Security, ,
.
ESET Live Grid
ESET Live Grid ,
.
ESET
.
,
ESET Live Grid. ,
, .

ESET Smart Security (-/DVD-/USB ..). ,
, ,
. ,
.

,
-
, .
,
.
, . -
, - .


ESET Smart Security ,

.
, ESET Smart Security.

ESET Smart Security,
.

1.2
ESET Smart Security
.
Windows 2000, XP
400, 32- (x86) 64- (x64)
128
320
Super VGA (800 600)
Windows7, Vista
1, 32- (x86) 64- (x64)
512
320
Super VGA (800 600)

1.3
, , ,
.
,
.
.
, ESET Live Grid,
.
.
ESET ,
.
.
. .
.

.

, .
. ,
, Windows Internet Explorer.
.
,
.
,
DVD- .
.
6

.

,
.
.
.
( ) .
, ,
.
.
- .
, ...
-.
, ( ,
).
.

2.
.
! , .
,
. . .
( ).
ESET Smart Security.
, ,
.
. ,
. ,
.
1. ESET Smart Security .
, .
, :
.

2. ESET Smart Security , ,



. (
) .

2.1
,
. ,
.
; .
ESET Live Grid. ESET Live Grid
ESET ,
.
ESET, , .

ESET Live Grid,


.

.
, .
,
.
, .

,
ESET Smart Security .
.
9

.
, ,
.
.
, .
,
.
ESET Smart Security, ,
. ,
ESET Smart Security .
. .
, , .
- ESET.

10

, , .
ESET Smart Security . ESET Smart
Security, , ESET Smart
Security , ....

2.2
,
.

.
C:\Program Files\ESET\ESET Smart Security\
, ( ).

11

, .

-,
. , - ,
, -. ,
Internet Explorer () . - ,
-.

- -
. IP- URL- - . ,
- ( 3128). -
, ,
. - Internet
Explorer. .

12

,
. ... .

,
.
.

, .

. .
, .

13

.
,
. ESET Smart Security.
, , .

(- ESET ESET Live Grid


) (.
).
ESET. ESET
Smart Security .
. ,
.

, .
.
. .

14

2.3
ESET Smart Security ,
.
.
1.

,
.
, .
2. , /
> ESET Smart Security.
3. .
.
.

2.4
, .
,
.
, .
, ... ,
ESET, .

, .
,
.
, .
L ( 1 ()).
O , o o.

.

15

2.5
ESET Smart Security
. ,
Smart. .
.

16

3.
ESET Smart Security
.

3.1
ESET Smart Security .
, , .
.
: ESET Smart Security.
: Smart
.
: .
: ,
, ..
: , , ,
, , , , ESET SysInspector ESET SysRescue.
: , ESET, - ESET,
, .

.
, .
ESET Smart Security.
.

17

3.2 , ,

, . ,
,
. ,
. ,
.

, -
. :
;
;
;
;
.
,
, ( ,
) .
:
. ESET Smart Security ,
....
.
:
. ,
.
: i
. ,
, .
18

ESET :
. ,
.
:
.
, .
:
. .
.
,
. - ,
ESET. ESET
.

3.3

.
. ,
,
.
ESET Smart Security,
.

19

( ,
F5 )
. .
.
, , -
, ....

3.4 -
, ESET Smart
Security, -, .
- F5,
> -
. -, (IP-) . -,
.

, , -.
20

. - .
,
.

3.5
ESET Smart Security .

. >
... > > , apaep
a apoe ....

.
ESET Smart Security.

21

3.6
.

. > >
.... ,
.
ESET Smart Security
. , .
,
.

.
.
. ,
, RPC,
.

22

4. ESET Smart Security


ESET Smart Security
.



, .
.
:
, .
- Microsoft Office
, , Internet Explorer,
Microsoft ActiveX.
:
.
: .
( ),
.
.

23

.
: HTTP HTTPS
.
:
POP3 IMAP.
: , .. .
.
, .
, - ( 20
).
.
... (F5) > > >
> .
, .
, .
, .
, .

.
.
.
. ...,
,
ESET,
( ). ...
XML
.

24

4.1
,
. .
, .
, .
, ....
..., ,
, .

:
.
. ,
. .
...: ,
(, ).
4.1.1

, .
, , ,
, .

25

4.1.1.1
,
.
, .
.

, .
ThreatSense ( ThreatSense)
.
.

, , , .
.
Smart. ,
. F5,
, >
> .
... ThreatSense,
Smart.

. (,
)
, .

4.1.1.1.1
.
: , .
: , -/DVD-, USB- ..
: .
, (,
).

26

4.1.1.1.2 ( )
, .
,
.
: .
: .
: .
: .
:
. ,
, -
.
4.1.1.1.3
>
> >
.
ThreatSense :

. .
, ,
, ,
.
(.
sfx) ( ).
10 .
.
ThreatSense :
.
( ). ,
-
.
, (, USB-)
, ...,
. ,
, .
4.1.1.1.4
(
...
).
: .
.
, , .
:
( ).
,
.. ,
. ,
.
: .
. , ,
.

27

. , .
( ) , .
, ,
.

4.1.1.1.5

. .
. , -

.
ESET Smart Security .
,
( >
> >
).
4.1.1.1.6
,
eicar.com. , , ,
. EICAR (
)
. eicar.com - http://www.eicar.org/download/eicar.com.
. . ,
.
4.1.1.1.7 ,

,
, .


, .

.

, ,
. ,
28

(F5) > >


. ,

.

, .
.
.

,
, , .
ESET.
4.1.1.2
Microsoft Office ,
, Internet Explorer, Microsoft ActiveX.
. F5,
, >
> .
ESET Smart Security
> .
, Microsoft Antivirus API (, Microsoft
Office2000 Microsoft Internet Explorer5.0 ).

29

4.1.1.3
,
. .
,
.
,
. ,
,
.

. Smart
- .
, .
. .
.
> .
4.1.1.3.1
4.1.1.3.1.1 Smart
Smart
. Smart ,
. Smart

. .
. .

30

4.1.1.3.1.2
,
, .
.
, ,
.
>

. ,
, .
, .
, ... > .
, ,
.
4.1.1.3.2
, ( ,
, , ) .
.
: , .
: , USB- , - DVD-.
: , .
: .
: .
, , .
,
.

-
. ,
. ,
, .

31

4.1.1.3.3
.
(
, ).
(F5)
> .... ,
.
.
ThreatSense, , .
. , ,
Smart ,
, .
.... ,
Smart .
.
4.1.1.3.4
,
.

. , , ,
( pagefile.sys ),
.
:
. ,
.
: , , .
: , .
: .
: .
, .
: .

32

: .
.

, .
: ,
, .
:
.
. 60,
. , .

4.1.1.4 ,
,
, ,
. .

33

4.1.1.5
.
, .
- . ,
, , ,
.

.
: ,
, . ,
.
. ,
( , ),
> ,
.
: , .
...: , .
: , .
.
1. ,
2. , .
, *
?.

, *.*.
.doc, *.doc.
( ),
(, D), : D????.
exe. () .

34

4.1.1.6 ThreatSense
ThreatSense , .
, .. .
( , , ,
), .
,
. ThreatSense
.
ThreatSense :
, ;
;
..
, ... ,
ThreatSense (. ).
, ThreatSense
.





ThreatSense ,
. ,

(
). ThreatSense
, .
4.1.1.6.1
,
.
: ,
.
: .
: DBX (Outlook Express) EML.
: ARJ, BZ2, CAB, CHM, DBX, GZIP, ISO/BIN/NRG, LHA, MIME, NSIS,
RAR, SIS, TAR, TNEF, UUE, WISE, ZIP, ACE .
: ( SFX)
, .
: , ,
.
(UPX, yoda, ASPack, FGS ..), .

35

4.1.1.6.2
,
. .
, .
,
. (
) .
/DNA/ Smart:
, ESET,
.
.
.
.
, (
).
,
.
. ( ,
). .
, ( , ).
.
.
.
.
:
. , ,
(,
). .
ESET Live Grid: ESET
ESET Live Grid,
, .
4.1.1.6.3
.
.
: .
.
, , .
:
( ).
,
.. ,
. ,
.
: .
. , ,
.
. , .
( ) , .
, ,
.

36

4.1.1.6.4
, .
. ThreatSense ,
.

.
, . ,
, .
,
. ,
.
,
, . ,
.edb, .eml .tmp Microsoft Exchange.
,
. ,
. ,
.
* () ? ( ).
, .
,
. ,
.
,
.
4.1.1.6.5

.
: , .
.
,
. .
, :
. ,
,
. .

37

: .
10.
:
( ), . .
, .
. ,
.
4.1.1.6.6
.
: ,
, . , ,
.
Smart: Smart

. ,
. Smart ,
ThreatSense .
ThreatSense
.
(ADS):
NTFS , .
, .
:
. ,

.
: ,
, (,
).
: .
, .
4.1.1.7
, -, ,
(USB-, , -, DVD- ..).
(,
, ..), .
ESET Smart Security .
Smart ( . Smart),
,
.
,
, .
ESET Smart Security . ,

. .
,
. , .
,
. , ,
.

38


, ,
. ,
. , .

- ,
. , .

,
. , , , .
,
, ,
.
4.1.2
ESET Smart Security (-/DVD/USB- ..). ,
, ,
. ,
.

-/DVD-/ Blu-ray
USB-
USB-
FireWire

39

: ,
, (-/DVD-/USB-).
, ,
.
: .
: ,
.
...: .

: ,
. ,
.
..., .
. ,
, , .
, ,
.
4.1.3

, .

, ,
, .
(F5),
> .
( ) ESET Smart
Security, , .
.
.
ESET Smart Security ,
,
.
Self-defense
Windows.
.
.
:
, .
: .
: .
: , . ,
, , ,
, .
X .
40

.
14.
, .

, .
...,
, . , ,
.
, .
.
, .

, ,
. , . ,
, , ,
, , ,
. ,
.
(/
) , ,
. .
,
.

41

4.2
.

.
. ,
HTTP, POP3 IMAP.
.
,
. , .
.

:
.
. ,
, .
:
.
. .
,
.
, .
:
.
...: .
, .
:

.
...: , ,
.
42

...:
.
...:
.
4.2.1
ESET Smart Security .
(F5), >
. . ,
.
.
. ,

.
.
(, ):
.
: .
, ,
.
, .
,
.
: ,
. ,
, .
.
: ;
. , ESET Smart Security
.
,
.

ESET Smart Security.


43


. (
) , .
.
4.2.2
ESET Smart Security.
.
( )
, .
.
, ,
, ... (. ). ,
, , .
, .

, .
.
: (
).
,
( ):
(, , .
), (
), .
.
: ,
(. ).

44

4.2.3
,
.
,
. , (F5) > >
> .

... ,
. ,

.
.
. ,
.
...,
, ( ).
. .
, .
, (Del), .
.
, . , ,
.
.
, .

, .

.
.
: ,
. .
: .
.
.
45

, .
: , .
:
, .
( ): .
4.2.3.1
, ,
.
.
.
.

, , ,
(+/-) .
/. .
. ,
.
./. : ,
.
./. : , .
() .
: .
:
.
: .
: . , IP-
, ,
.
, ,
( , ..)
. .

46

4.2.3.2
.
, .
, .
.
.
: , , , ,
.
: , ,

.
: ( ).
IP- .

, .
..., .
.
, ....
, .
: .
.
( >
;
(. )).
. ,
. , ,
.
-.
:
TCP UDP.
, ( Internet Explorer iexplore.exe),
.
80,
-.

47

4.2.4
, ,
(. : ).

.
, .
. ,

.
.
. IP-, IPv4/
IPv6.
4.2.4.1
,
. IP- .
IP-, .
,
.
, .

4.2.4.1.1 :
, ,
. ,
, IPv4 .
. .
( IP- ) , .. ,
,
.
IP- ...,
, .
, ,
....
48

,
().
, .
( ),
. ...,
.

.
1) ESET
... , ,
(. : ).
IP- DNS NetBios.
(, __/1/2/).
.
.
PEM (.pem)
ESET Authentication Server (.
: ).

(.crt)

, . ,
.
, .

49

. .
. IP-
, .
.
. (.
: ).
.
.
.
. .
IP- , , IP .
. , .
, . ,
, .
2)
.
, , .

4.2.4.1.2 :
.
, ,
, ESET Authentication Server.
ESETAuthentication Server - ESET.
ESET Authentication Server . (
, > ESET > ESET
Authentication Server).
, ,
( 80) , .
, .
50

, ,
.
4.2.5 :
.
, .
,
- .
.
. () .
, ,
. ( )
.
, .

,
. , .
.
: .
:
.
: (, 80 -)
.

, .
,
.

51

4.2.6
ESET Smart Security ,
. > ,
Eset .

. ESET .



( )

.

: ,
, .
4.2.7
ESET Smart Security , .
: ,
( ). ,
. ,
.
: ,
, .
:
, (HTTP, POP3, IMAP
). ,
.
: ,
. . ,
, , ,
. ,

52

.
:
, .

4.3
,
.
.

. ,
.
.
POP3 IMAP.
ESET Smart Security
, ( POP3, MAPI, IMAP, HTTP).
,
.
: / .
...: / .
"" : , ,
, . ,
, .
"" : , ,
, . ,
, .
: , ,
, .
53

, ,
.
.
4.3.1
. ,
.
.
.
> > .
4.3.1.1 HTTP, HTTPs
-
HTTP HTTPS. ESET Smart Security
HTTPS.
. ESET Smart Security ,
SSL TLS. ESET Smart Security
-. HTTP
(F5) > >
> HTTP, HTTPs. HTTP
HTTP. , HTTP.
80, 8080 3128. HTTPs
.
HTTPS: .
HTTPS : HTTPs
, , HTTPS.
HTTPS : ,
- , , HTTPS.
443.
.
SSL
( > > SSL)
SSL.

54

4.3.1.1.1 -
ESET Smart Security , .
, , ,
, -
( . -). ,
. ,
.
, ,
. .
, ,
ESET Smart Security. .
. ,
. ,
.
, .

4.3.1.2 URL-
URL- HTTP-, ,
. , ,
. - . -
.
HTTP- , ,
HTTP- .
URL- , ,
. ,
.
... HTTP- ,
. URL- HTTPS
SSL.
* () ? ( ).
, .
,
. ,
. ,
55

.
.

.../ : ()
( ).
.
...: , , (* ?).
/ : , .
.
...: .

56

4.3.2
POP3
IMAP. Microsoft Outlook ESET
Smart Security , (
POP3, MAPI, IMAP, HTTP).
, ThreatSense.
,
. POP3 IMAP
.

>
> .
ThreatSense:
, , ..
..., .

.
, .
,
HTML .
( , ).
.
: .
: ,
( ).
:
.
:
,
. (
). ,

.
: ,
, .
57

Hello [virus] : [virus] Hello. %VIRUSNAME%


.
4.3.2.1 POP3, POP3S
POP3 ,
. ESET Smart Security
.
, ,
. ,
. POP3 -
.
110, .
.
.
SSL
( > > SSL)
SSL.

POP3 POP3S.
: , POP3,
.
, POP3: , POP3 (110
).
ESET Smart Security POP3S.
. ESET Smart Security
, SSL TLS.
POP3S: .
POP3S : POP3S
, POP3S .
POP3S : , POP3S,
(995 ).

58

4.3.2.2 IMAP, IMAPS


IMAP - . IMAP
POP3. ,
, ,
, . ESET Smart Security
.
, ,
. ,
. IMAP -
.
143, .
.
.
SSL
( > > SSL)
SSL.

4.3.2.3
ESET Smart Security
. ,
ESET Smart Security. ,
ESET Smart Security ,
. >
... > > >
. :
Microsoft Outlook, Outlook Express, Windows, Windows Live Mozilla Thunderbird.
"",
.
Kerio Outlook Connector Store.

59

4.3.2.3.1
: Microsoft Outlook, Outlook
Express, Windows, Windows Live Mozilla Thunderbird.
.
, .
.

: .
: .
: .
,
: ,
.
: .
"" :
.
: ,
.

:
.
: ,

60

4.3.2.4
.
, .
: , .
. ,
, . ,
, - .
4.3.3
, ,
.
80 . .
, ,
.


( ) (
) . , ,
, .
, , .
( ,
, ).
, ,
.
ESET Smart Security .
.
:
.

:
, . [SPAM].
: ,
.
61

: , .
: ,
. .
: ,
, , .

ESET Smart Security
. (ESET Smart Security >
> > ).
: .
, :
, .
:
.
:
, .
ESET Smart Security Microsoft Outlook, Outlook Express, Windows,
Windows Live Mozilla Thunderbird.
4.3.3.1
.
, ,
. ( ),
.
, .
4.3.3.1.1
, , ,
,
. ,
.
ESET Smart Security >

ESET Smart Security .
.
, , ,
.

62

4.3.3.1.2
, , .
ESET Smart Security >
ESET
Smart Security, .

,
. .
,
. .
4.3.4
ThreatSense,
.
- .
(SSL) > SSL.
: , ,
HTTP(S), POP3(S) IMAP(S),
.
. Windows Vista 1, Windows7 Windows Server2008,
Windows (WFP).
Windows ,
.
HTTP POP3: -
HTTP POP3.
, - : -
, (
> > ).
, - :
- HTTP POP3, ,
.

63

4.3.4.1

. HTTP/POP3
. ,
, .
. ,
, .

64

4.3.4.2
. HTTP/
POP3, , .
.
IPv4: IP-,
, .
: .

4.3.4.3 SSL
ESET Smart Security SSL .
SSL ,
, , SSL
.
SSL: , SSL
, .
, ,
, .
, (
), , .
( ):
SSL ( ) .
SSL, .
SSL: ,
SSL.
:
SSL- , .
SSL.
SSL 2:
, SSL, .

65

4.3.4.3.1
SSL
ESET, spol. s r.o. ().
.
, ESET (,
Opera, Firefox). , (, Internet
Explorer), .
> > ...,
.

(, VeriSign). ,
- (, -
)
. (, ) , TRCA.
( ),
, ,
. ,
, : .
,
. ,
.

, ,
, .
, ,
. ,
.

66

4.3.4.3.1.1
,
ESET Smart Security ,
, (F5) >
> > SSL > >
. ESET Smart Security ,
.

. (
), .
4.3.4.3.1.2
, .
, ,
. -,
, .
. (
), .

4.4
,

.
, .
-,
. ,
- ( 20 ).
, ,
.
: ,
, , .
. ,
.

67

: ESET Smart Security .


. ,
!.
.... , ,
.
, .
.
> > > ,
. ,
. .
- , , .
-: ,
. ,
. , -,
.
-: - ,
. . URL
, . URL
, , .
: (, , )
,
.
: - ,
-.
- .
.
-...: -
. URL - URL:
. , -
. , - .
,
. , ,
-,
.
:
( , , ,
..). .

4.5
ESET Smart Security
. :
.
, ,
,
. .
- ESET,
, .
,
.
.
. ,
,
ESET.
: ESET
68

ESET Smart Security.

. ,
, , .
: ,
- ESET. , ,
.
, ESET Smart Security.

69


.
. ,
.

!
.
, . .
.
.
:
. .

.

70

.
.
. ( ,
F5 )
. > .

:
. (,
- ). - , ,
- .
, ,
.

71

4.5.1
,
.
,
ESET.
( F5) > .
.
,
(, HTTP).


. , .

. , .
ESET .

, . HTTP-,
, :
http://____IP-:2221.
,
.
. ,
.
, -,
.
> ESET Smart Security.
.
... ,
.
...,
.
:
. , -
. , .
72

4.5.1.1
.
,
, .
.
. ..., ...
. ,
.


.
.
, .
4.5.1.2
....
, HTTP .
4.5.1.2.1
, .
,
.
.
,
.
. .
-
. ,
.
, -
. ,
.
.
,
.

73

,
.
.
: ,
. ,
.
, .
.
, :
, , .
. ,
. ,
. ,
.
,
, .
, ,
, .

(. ).
4.5.1.2.2 -
-
(F5), ...
. HTTP
.
-
-
epe poc-cepep
-,
-, > -
.
-, , ESET Smart Security.

74

epe poc-cepep .
ESET Smart Security -,
( > -).
: - , , , .
-, ESET Smart Security .
-. Internet Explorer
, (,
) , HTTP , . ,
.

-.
. , ,
-. ,
. ,
ESET Smart Security ,
-.

75

4.5.1.2.3
NT
.
(, ).

, ().
.
: ( ),
.

( ),
. ,
, .
,
, .
, ,
.
, .
,
. ,
, .
.
: ,
.
.
: _\ ( _\)
. HTTP .
,
.

76

4.5.2
, ,
.
.
> . ESET Smart Security
.
Peypoe aoaecoe ooee
Aoaecoe ooee oce ycao oeoo
Aoaecoe ooee oce xoa ooae ccey
.
.
. .

4.6
,

.

77


ESET SysInspector
peoca a aaa:
ESET. , ,
.
ESET SysRescue: ESET SysRescue.
4.6.1

. ,
. .
.
, ESET Smart
Security .

>
. .
.
: ,
ESET Smart Security. , ,
, ,
. .
: , ESET Smart
Security. ,
78

. .
, ,
, .
:
. .
,
.
: ,
. , ,
( ) .
: ,
. ,
. .
.
, .
,
.
: , ,
.
,
( Ctrl+C).
CTRL SHIFT.
.
.
:
(, ..).
.../...:
, .
: (, ).
: , .
/ : ;
.
: XML.
: ,
, .
4.6.1.1
ESET Smart Security .
> ... > > .
.
, . ,
.
: , ,
, , .
: ,
, ,
(%).
, .
, .
, .

79

:
.
: , ,
.
: ,
, .
: .
: , " ", .
: ( ,
..).
..., .
, , OK.

4.6.2

.
ESET Smart Security,
.
, , .
:
, , , ,
. (
... ).
: , ,
. ,
.

80

.
Ocae

Aoaecoe ooee oce ycao oeoo
Aoaecoe ooee oce xoa ooae ccey

( )
(
)
(
, ),
... , ,
....

1. .
2. .

81

3. .
: .
: ( ).
: .
: .
: .

4.
.
: .
: .
: .
: .
5. , ,
.


, , ,
( ).
6. .
.

82

4.6.2.1
...
.... .
: .
Ocae - .
.
, : ,
.
: ESET SysInspector,
(, , )
.
: .
: ,
.

,
.
.
. .
. , , ,
. , ,
, .
. ,
, .
:


, , ,
( ).
.
. .
, ,
. ,
, .
, .
.

83

4.6.3
, ESET Smart Security,
> .
,
. ,
.

.
: .
: ,
.
: ,
.
: , -.
:
.
,
. ,
.

84

4.6.4
.
,
ESET Smart Security .
.
, , , .
ESET .

, , ,
, , ,
(, ) (,
).
4.6.4.1
ESET Smart Security (
).
.... .
,
....
4.6.4.2
, , .
, .
..., , .
: ,
ESET.

85

4.6.4.3
, ,
(, ) ,
ESET. ,
.

86

4.6.5
,
> . ,
.
1... .

.
1 ( 10 ) : ,
10.
1 ( 24 ) : ,
24.
1 ( ) : ,
.
1 ( ) - ,
.
( )
( ) . .
,
.

.
, ( )
( ) .

87

4.6.6 ESET SysInspector


ESET SysInspector ,
, ,
, .
,

.
SysInspector .
.
.
, .
- .
.
: .
... : . ESET SysInspector (
).
: .
,
, .
: ESET SysInspector ( ).
: .
...: XML .

88

4.6.7
, ,
ESET . ESET Smart Security
ESET Live Grid
.
. ,
. , ,
>
ESET Live Grid.

: , .
Windows.
, ,
, Ctrl+Shift+Esc.
: ESET Smart Security, ESET Live Grid,
(, , ..) ,
.
1 ()
9 ().
. , 1 (),
( ) ,
.
: , .
ESET Live Grid.
: , ESET Live Grid.
. 9 ()
. .
- , aa ESET.
,
.

89

: .
: .
, .
: .
: ().
: .
: .
: , .
: / .
4.6.7.1 ESET Live Grid
ESET Live Grid ( ESET ThreatSense.Net)
, .
ESET
.
,
ESET Live Grid.
.
1. ESET Live Grid.
, .
2. ESET Live Grid ,
, . ESET
. ESET .
ESET Live Grid ,
. , ,
, , , , ,
.
ESET
(, ), ESET ,
.
ESET Smart Security
ESET .
, .doc .xls. ,
.

90

ESET Live Grid


ESET Live Grid,
ESET.
> ESET Live Grid.

ESET Live Grid (): ESET Live Grid,


ESET.
: , ESET Live Grid
.
, , ESET Smart Security,
.
ESET .
: , ,
ESET ESET Live Grid.
...: ESET Live Grid.
ESET Live Grid , , ,
. ESET
. .
4.6.7.1.1
ESET Live Grid ,
ESET .
ESET .
, .
: .
ESET ,
. , ,
, .
(.doc ..) .
.
():
, ESET ,
. , ESET
.
91

,
.
.
4.6.8
.
, .

.
, +.
/ IP - , IP- ,
.
IP - IP- .
- .
/ -
.
/ - .
- .
...
, .
- , , DNS,
IP-.
TCP - TCP.
, -
,
, .

92

- , ,
( ).
, ,
.
- . ,
.
-
.
: .
: .
, ,
.
: .
. .
.
:
. .
. .
4.6.9
ESET .
> .
, , ESET.
,
.
. ,
WinRAR WinZIP, infected
samples@eset.com. , ,
(, -, ).
. ESET, ,
: (i) ; (ii) .
, .
: .
: , .
, .
: ESET
, .
. ESET ,
. ,
.

93

4.6.10
Windows
. Microsoft Windows .
ESET Smart Security
. .
: .
,
.
: ,
.
: ,
.
: .
.
,
.
4.6.11
ESET (, ekrn).
, .
ESET Smart Security. .
: ,
. ,
.
: ,
. ,
.
,
, .
( ), .
: , . ...,
.

4.7

.

.

.
.
, ,
,
.

,
.
.
ESET Smart Security .
,
- , ,
, .

94

4.7.1
ESET Smart Security
. >
ESET Smart Security.
,
.
,
,
.
ESET Smart Security, .
,
.
, .
.

.
,
.
,
.

4.7.2
,
ESET Smart Security (,
) .
( ,
).
. ,
. .
().

, (.).

95

,
.

. .
,
. ,
, , ....
.
(.)
.


,
.
, ,
.
...,
.
4.7.2.1

, .
: , ,
.
: ,
, .
: .
: , " ", .
: ( ,
..).
,
.
, ,
.
. ,
96

.
4.7.3
()
, . ,
, .
: ,
.
: . ,
, .
4.7.4
, ESET
Smart Security .
.
. ESET Smart Security
.

: .
, .
.
:
,
, ,
( Windows Vista).
.
: ,
ESET Smart Security >
.
, .

97

4.7.5
.
.
ESET Smart Security .
,
.
: ESET Smart Security
.
.
( ) : ;
ESET Smart Security.
( ) : ;
ESET Smart Security.
: ESET Smart Security
.
: ESET Smart Security .
:
, , ,
.
.
4.7.6
,
-
, .
,
.
, . -
, - .
ESET Smart Security
. ,
... , >
. , .
,
, .
ESET Smart Security ,
.

, -
.
, -
.

( 1). ,
, .
. ,
. ,
, .
( ),
.
, ,
. ,
- ,
,
, .
98

5.
5.1 -
. . ,
. ESET Smart Security -
.
-, - ,
> -. -
ESET Smart Security .
, .
- -,
- -,
.

-, -
, .
-, - .
, Internet Explorer.
: ( ),
.
- (
).
,
. .
.

99

5.2
ESET Smart Security .
, XML. ,
ESET Smart Security .
, ESET Smart Security
. XML .
. >
..., .
..., , .
. >
....
(, export.xml).
.

100

5.3
, ESET Smart Security.
Ctrl+G
Ctrl+I
Ctrl+L
Ctrl+S
Ctrl+Q
Ctrl+U

ESET SysInspector



,

ESET
.
F1
F5
/
*
TAB
Esc

5.4
ESET Smart Security (
ecls) ( BAT-).
ESET:
ecls [..] ..

/base-dir=
/quar-dir=
/exclude=
/subdir
/no-subdir
/max-subdir-level=
/symlink
/no-symlink
/ads
/no-ads
/log-file=
/log-rewrite
/log-console
/no-log-console
/log-all
/no-log-all
/aind
/auto



,
( )


( )

ADS ( )
ADS

( )
( )


( )


/files
/no-files
/memory
/boots
/no-boots
/arch
/no-arch

( )



( )
( )

101

/max-obj-size=
/max-arch-level=
/scantimeout=
/max-arch-size=

,
( 0 = )

, (
0 = )
/max-sfx-size=
,
( 0 = )
/mail
( )
/no-mail

/mailbox
( )
/no-mailbox

/sfx
( )
/no-sfx

/rtp
( )
/no-rtp

/adware
// ( )
/no-adware
//
/unsafe

/no-unsafe
( )
/unwanted

/no-unwanted
(
)
/pattern
( )
/no-pattern

/heur
( )
/no-heur

/adv-heur
( )
/no-adv-heur

/ext=
,
/ext-exclude= ,

/clean-mode=
.
: , ( ), , ,

/quarantine
, , (
)
/no-quarantine


/help
/version
/preserve-time


0
1
10
50
100



( )

. 100 ,
.

102

5.5 ESET SysInspector


5.5.1 ESET SysInspector
ESET SysInspector ,
. ,
, ,
,
.
ESET SysInspector. -,
ESET Smart Security , , -, (SysInspector.
exe) - ESET. ESET SysInspector, >
ESET SysInspector.
. , .
, XML
.
> ESET SysInspector (
. ESET SysInspector ESET Smart Security).
ESET SysInspector .
10 ,
.
5.5.1.1 ESET SysInspector
ESET SysInspector, SysInspector.exe, - ESET.
ESET , ESET SysInspector
( > ESET > ESET Smart Security). ,
:
.

103

5.5.2
: ,
, , .
( , ,
..).

5.5.2.1
, ESET SysInspector.

,
. ,
.
( , , ,
, ..).
. ESET SysInspector,
.

,
.

, , ,
.

.
104


, , .
, ,
. .
ESET SysInspector ,
.

,
. .
( 1), .
, ,
, .
,
.
, 6 9, .
- ESET,
ESET SysInspector , ESET
Online Scanner. ESET Online Scanner .
.
.


. .

.
Backspace .

.
! , , ,
. , ,
. ,
.
5.5.2.2 ESET SysInspector
ESET SysInspector ,
. - ( ),
. ,
.
,
.
.

.

, .
,
, , ,
, ..
,
, .
. ,
105


. ESET
SysInspector \??\ .
.

,
, (TCP UDP), ,
. IP- DNS-.
,
, .

,
, , ,
..
, .
.

, Windows.
, .

, .

Microsoft
Windows.

,
.

Program Files.
.

ESET SysInspector.
5.5.2.3
.
, .
, , ,
.
, .
, .
. ,
. ESET SysInspector
.
,
.
.
.
.

106

.
ZIP. .
, .
ESET SysInspector ,
.
, , ,
, . , ,
.
,
,

,



,

,
.

, ,
.xml. ESET SysInspector
. .xml.
, .
, .
:
SysIsnpector.exe .xml .xml

107

5.5.3
ESET SysInspector .
.
/gen
/privacy
/zip
/silent
/help, /?

, :
SysInspector.exe "c:\_.xml"
, : SysInspector.exe /gen
, : SysInspector.exe /gen="c:
\\"
, :
SysInspector.exe /gen="c:\\_.xml"
, ,
, : SysInspector.exe /gen="c:\_.zip" /privacy /zip
, : SysInspector.exe ".xml" ".
xml"
. ,
.
5.5.4
, ESET SysInspector
.
ESET SysInspector.
.
.
, .
.

,
, .
ESET SysInspector .
( ), CTRL,
, .

.
.
. -
+ , . ,
.
ESET SysInspector, >
.
, .

108

5.5.4.1
, (
) ESET SysInspector.
.
. .
5.5.4.2
(ev),
(gv) (lv).
XML, .
. .
, . ,
, . -
+. .
.
01) Running processes ( )
, .
UNC-, - CRC16, (*).
.
01) Running processes:
- \SystemRoot\System32\smss.exe *4725*
- C:\Windows\system32\svchost.exe *FD08*
+ C:\Windows\system32\module32.exe *CF8A*
[...]

( +) module32.exe.
.
02) Loaded modules ( )
.
.
02) Loaded modules:
- c:\windows\system32\svchost.exe
- c:\windows\system32\kernel32.dll
+ c:\windows\system32\khbekhb.dll
- c:\windows\system32\advapi32.dll
[...]

khbekhb.dll +. ,
, .
03) TCP connections ( TCP)
TCP.
.
03) TCP connections:
- Active connection: 127.0.0.1:30606 -> 127.0.0.1:55320, owner: ekrn.exe
- Active connection: 127.0.0.1:50007 -> 127.0.0.1:50006,
- Active connection: 127.0.0.1:55320 -> 127.0.0.1:30606, owner: OUTLOOK.EXE
- Listening on *, port 135 (epmap), owner: svchost.exe
+ Listening on *, port 2401, owner: fservice.exe Listening on *, port 445 (microsoft-ds), owner:
System
[...]

TCP,
, .

109

04) UDP endpoints ( UDP)


UDP.
.
04) UDP endpoints:
- 0.0.0.0, port 123 (ntp)
+ 0.0.0.0, port 3702
- 0.0.0.0, port 4500 (ipsec-msft)
- 0.0.0.0, port 500 (isakmp)
[...]

UDP,
.
05) DNS server entries ( DNS-)
DNS-.
.
05) DNS server entries:
+ 204.74.105.85
- 172.16.152.2
[...]

DNS- .
06) Important registry entries ( )
.
.
06) Important registry entries:
* Category: Standard Autostart (3 items)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- HotKeysCmds = C:\Windows\system32\hkcmd.exe
- IgfxTray = C:\Windows\system32\igfxtray.exe
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- Google Update = "C:\Users\antoniak\AppData\Local\Google\Update\GoogleUpdate.exe" /c
* Category: Internet Explorer (7 items)
HKLM\Software\Microsoft\Internet Explorer\Main
+ Default_Page_URL = http://thatcrack.com/
[...]

, 0-
. , ,
.
07) Services ()
, .
.
07) Services:
- Name: Andrea ADI Filters Service, exe path: c:\windows\system32\aeadisrv.exe, state: Running,
startup: Automatic
- Name: Application Experience Service, exe path: c:\windows\system32\aelupsvc.dll, state: Running,
startup: Automatic
- Name: Application Layer Gateway Service, exe path: c:\windows\system32\alg.exe, state: Stopped,
startup: Manual
[...]

,
.
08) Drivers ()
.

110

.
08) Drivers:
- Name: Microsoft ACPI Driver, exe path: c:\windows\system32\drivers\acpi.sys, state: Running,
startup: Boot
- Name: ADI UAA Function Driver for High Definition Audio Service, exe path: c:\windows\system32
\drivers\adihdaud.sys, state: Running, startup: Manual
[...]

, .
09) Critical files ( )
, .
.
09) Critical files:
* File: win.ini
- [fonts]
- [extensions]
- [files]
- MAPI=1
[...]
* File: system.ini
- [386Enh]
- woafont=dosapp.fon
- EGA80WOA.FON=EGA80WOA.FON
[...]
* File: hosts
- 127.0.0.1 localhost
- ::1 localhost
[...]

, .
5.5.4.3
, .
ESET SysInspector
. :
"%Scriptname%"? ,
. , .
.
,
: . ?
, , .
, :
.
. ?
( , ,
..).
.
5.5.5
, ESET SysInspector.

Ctrl+O
Ctrl+S

Ctrl+G
Ctrl+H

111


1, O
2
3
4, U
5
6
7, B
8
9
+
Ctrl+9
Ctrl+0

, 1 9
, 2 9
, 3 9
, 4 9
, 5 9
, 6 9
, 7 9
, 8 9
, 9


,
,

Ctrl+5
Ctrl+6
Ctrl+7
Ctrl+3
Ctrl+2
Ctrl+1
BackSpace

Ctrl+W
Ctrl+Q

,
, Microsoft
,







Ctrl+T
Ctrl+P
Ctrl+A
Ctrl+C
Ctrl+X
Ctrl+B
Ctrl+L
Ctrl+R
Ctrl+Z
Ctrl+F
Ctrl+D
Ctrl+E







,

( )


Ctrl+Alt+O
Ctrl+Alt+R
Ctrl+Alt+1
Ctrl+Alt+2
Ctrl+Alt+3
Ctrl+Alt+4
Ctrl+Alt+5
Ctrl+Alt+C
Ctrl+Alt+N
Ctrl+Alt+P




,

,

( )



F1
Alt+F4
Alt+Shift+F4
Ctrl+I

112

5.5.6
ESET SysInspector
.
Windows 2000, XP, 2003
400, 32- (x86) 64- (x64)
128
10
Super VGA (800 600)
Windows 7, Vista, 2008
1, 32- (x86) 64- (x64)
512
10
Super VGA (800 600)
5.5.7
ESET SysInspector ?
ESET SysInspector ,
.

.
ESET SysInspector ?
ESET SysInspector .
> . XML.
%USERPROFILE%\ \ SysInpsector-%
COMPUTERNAME%--.XML.
.
ESET SysInspector?
, ESET SysInspector,
> . ESET
SysInspector. ESET SysInspector,
SYSINSPECTOR.EXE.
. Windows Vista/7
, .
? SDK?
, SDK ,
. ,
.
ESET SysInspector ?
ESET SysInspector (, , ..)
, ,
.
1 () 9 ().

.
6 (), ?
ESET SysInspector , - .
. ESET SysInspector ,
,
.

113

ESET SysInspector ?
, ESET SysInspector (),
, ESET
.
, .
Microsoft Windows.
Anti-Stealth?
Anti-Stealth .
, ,
.
.
, MS,
?
ESET SysInspector
.
. , ESI
CAT- ( %systemroot%\system32\catroot),
. CAT- ,
.
MS .
.
Windows2000 HyperTerminal, C:\Program Files\Windows NT.
, ESET SysInspector
Microsoft. C:\WINNT\system32
\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sp4.cat, C:\Program Files\Windows
NT\hypertrm.exe ( HyperTerminal), sp4.cat
Microsoft.
5.5.8 ESET SysInspector ESET Smart Security
ESET SysInspector ESET Smart Security,
ESET SysInspector. ESET SysInspector , ,
.
(, , , )
.
ESET SysInspector ,
, , .
, ,
ESET SysInspector . .
.
,
....
.
: . ,
. .
: . .
.
.
: .
...: XML (
).

114

5.6 ESET SysRescue


ESET SysRescue , ESET Smart Security.
ESET SysRescue , ESET Smart Security
, .
, (,
..) .
5.6.1
ESET SysRescue Microsoft Windows 2.x, Windows
Vista. Windows Windows
(Windows AIK), - ESET SysRescue Windows AIK (
http://go.eset.eu/AIK). Windows 32-
, 32- ESET Smart Security ESET
SysRescue 64- . ESET SysRescue Windows AIK
1.1 . ESET SysRescue ESET Smart Security 4.0
.

Windows7
Windows Vista
Windows Vista 1
Windows Vista 2
Windows Server 2008
Windows Server 2003 1 KB926044
Windows Server 2003 2
Windows XP 2 KB926044
Windows XP 3
5.6.2 -
ESET SysRescue, > > ESET > ESET Smart Security >
ESET SysRescue.
Windows AIK
. Windows AIK ,
,
Windows AIK (http://go.eset.eu/AIK).
ESET SysRescue.
5.6.3
-, DVD- USB-, ESET SysRescue
ISO. ISO - DVD-
(, VMware VirtualBox).
USB-,
. BIOS
BIOS (, Windows Vista),
:

file : \boot\bcd
status : 0xc000000e
info : an error occurred while attemping to read the boot configuration data (

- USB.

115

5.6.4
ESET SysRescue,
ESET SysRescue. , ....
.

ESET

-
USB- ( USB-)
( - DVD-)
MSI
ESET, . ,
ESET.
( > ESET), .
5.6.4.1
, ESET
SysRescue.
ISO , ISO .

. - , ,
, .
.
: ,
ESET SysRescue.
: ESET SysRescue.
: , , ESET SysRescue.
5.6.4.2 ESET
- ESET SysRescue ESET
.
ESS/EAV , , ESET.
MSI , MSI.
nup-. ESS/
EAV/MSI-. , ,
.
.
ESS/EAV:
ESET Smart Security.
: ,
.
. ESET Smart Security - ESET SysRescue
, ESET Security, , ESET SysRescue.

116

5.6.4.3
- ESET SysRescue
. -
(), 576 . 576,
Windows - .
(
). Windows Windows Vista 1,
, .
. ESET SysRescue
: ( ) ( ).
INF- ( SYS).
. ,
ESET SysRescue , ,
ESET SysRescue. ESET SysRescue
, .
5.6.4.4 -

ESET SysRescue.
IP-, IP- DHCP.
IP- (
IP-). , IP.
, IP- (
) . DNS
DNS DNS.
5.6.4.5 USB-
USB-, USB-
USB- ( USB-).
, ESET SysRescue.
: USB- ESET SysRescue.
.
,
, . ,
USB- , .
5.6.4.6
- DVD-,
.
ISO: , ISO ESET SysRescue.
: .
: , .
. . DVD- .
.
: .
- DVD-.

117

5.6.5 ESET SysRescue


- DVD- USB-
, ESET SysRescue.
BIOS.
; F9F12
BIOS.
ESET Smart Security.
ESET SysRescue , ,
ESET Smart Security, ,
, .
ESET SysRescue,
, .
5.6.5.1 ESET SysRescue
, ,
(.exe). ESET Smart Security explorer.exe,
.
, explorer.exe, Windows,
. ESET Smart Security , -
.
ESET SysRescue . ESET SysRescue
,
(, ) .

118

6.
6.1
,
() .
6.1.1
, .
- ,
.
.
.
: (
) . .
, ( )
.
.
, . ,
.
.
,
, . ,
.
, .
, , . .
.
: OneHalf, Tenga Yankee Doodle.
6.1.2
,
.
, ,
. ,
.
, .

. ,
.
:
, .
.
, ,
.
: Lovsan/Blaster, Stration/Warezov, Bagle Netsky.

119

6.1.3
,
, . ,
,
.
. ,
, - .
, .
, .
Dropper ,
.
Backdoor , ,
.
, , ,
.
, ,
. ,
. .
, , .
exe.
, , ,
.
: NetBus, Trojandownloader.Small.ZL, Slapper
6.1.4
,
, . (
) ,
:
, .
.
, .
1. . , .
( ,
).
2. . ESET
Smart Security Anti-Stealth,
.
6.1.5
, .
, , .
-
.
. ( )
.
, .
, ,
.
,
.
.
.

. ,
120

, . .
, ,
, .
6.1.6
,
.
, -,
.
,
, .
, ,
, . ,
, , PIN-, ..

.
,
.
,
, (P2P) . Spyfalcon Spy Sheriff (
) . ,
, .
, ,
, .
6.1.7
,
. .
ESET Smart Security .

. , ,
(, ).
(
), .
6.1.8
,
.
. ( ,
). .
, ( , ).
.
.
.
.

121

6.2
,
. .
6.2.1 DoS-
DoS- ( )
, .
. ,
DoS-,
.
-, ,
, .
6.2.2 DNS
DNS ( ) DNS-
, .
,
DNS- IP-. -
.
6.2.3
,
.
.
. .
(Sasser, SqlSlammer) ,
.
.
6.2.4
, , .
,
.
,
. . ,
,
. .
.
. ,
. , ,

.

.

122

6.2.5 TCP-
TCP- , TCP-.
, ,
. (
, ).
.
.
.

.
TCP. ,
.
6.2.6 SMB Relay
SMBRelay SMBRelay2 ,
. SMB, NetBIOS.
- ,
SMB.
- .
SMBRelay UDP 139 445, ,
, . .
SMBRelay IP-. : net use
\\192.168.1.1. Windows. SMBRelay
, .
IP-, .
SMBRelay2 , SMBRelay, NetBIOS IP. .
, ,
.
.
,
.
6.2.7 ICMP
ICMP .
.
ICMP. ICMP
.
DoS- ( ) ,
.
ICMP ping-, - ICMP
smurf-. , ICMP,
( , ),
.

123

6.3
, .
,
90- .
,
, .
, ,
. - ,
,
. , .
, , ,
. , .
.
, .
, ( ,
).
.
- ( ,
).
(, ,
..).
.
- .
6.3.1
.
.
, .

.
,
.
.
, .
,
. .
6.3.2
, .
, ICQ Skype.
.
, ,
, ,
, - .
, ,
. ,
, , ,
- , . .
,
. -, ,
. , ,
.

124

6.3.3
,
( , ).
,
, PIN- ..

( ).
, ,
. ( ,
) - ,
, , .. ,
.
,
.
6.3.4
, ( )
. , ,
, .
.
, .
( , ) -
, , , ..
.
, .
, ,
(, ).
, . ,
..
6.3.4.1

. :
1. (, );
2. (, , ).
.
( ). .
1. : ,
.
2. : .
1. : .exe.
2. : .
1. : , .
2. : .
,
.

125

6.3.4.2
,
.

.
. .
( 200
200). , ,
,
.
, ,
.
. ,
, ,
, .
, ,
, .
, .
6.3.4.3
,
. "" ,
.
, IP-.
, , IP . ,
, - .
.
, , .
, .
6.3.4.4
.
, , ,
.
. , ,
,
, .
,
, . ,
, .
6.3.4.5

.
, .
. ,
.
, .
( ),
.
. ,
, .

126