Eset Ess 6 Userguide Tha
Transcript of Eset Ess 6 Userguide Tha
-
ESET Smart Security 6 .............................................................................................................................................................. 6
............................................................................................................................................................................................ 6 ............................................................................................................................................................................... 7 ............................................................................................................................................................................................ 7
..................................................................................................................................................................................... 8
...................................................................................................................................................................... 8 ............................................................................................................................................................................... 9
.................................................................................................................................................................................. 11 ...................................................................................................................................................................... 11
............................................................................................................................................................................ 12 ........................................................................................................................................................................ 12 ...................................................................................................................................................................... 13 .............................................................................................................................................................................. 14
....................................................................................................................................................................... 14
............................................................................................................................................................. 14 .......................................................................................................................................................................................... 17 ................................................................................................................................................................................... 18 ............................................................................................................................................................................ 19 ......................................................................................................................................................................... 20
ESET Smart Security ................................................................................................................................................... 20
......................................................................................................................................................................................... 22
................................................................................................................................................................. 23 ............................................................................................................................................................................. 36 (HIPS) .................................................................................................................................................... 39
............................................................................................................................................................................................ 41
.................................................................................................................................................................................. 42 ........................................................................................................................................................................... 43 .................................................................................................................................................................... 44 .............................................................................................................................................................................. 47 - ......................................................................................................................................................... 50 ....................................................................................................................................................................................... 51 ............................................................................................................................................................................ 52
........................................................................................................................................................................................ 52
...................................................................................................................................................................... 53 ....................................................................................................................................................................... 58 ............................................................................................................................................................................ 60 ........................................................................................................................................................................... 64
.................................................................................................................................................................................. 65
.................................................................................................................................................................... 67
-
................................................................................................................................................................... 68
................................................................................................................................................................................ 69
............................................................................................................................................................................ 72 ......................................................................................................................................................................... 76
............................................................................................................................................................................................ 77
...................................................................................................................................................................................... 78 ........................................................................................................................................................................ 79 ................................................................................................................................................................................. 80 .............................................................................................................................................................................. 81 ESET SysInspector ..................................................................................................................................................................... 82 ESET Live Grid ........................................................................................................................................................................... 82 ........................................................................................................................................................................ 83 ........................................................................................................................................................................... 85 .......................................................................................................................................................................................... 86 ..................................................................................................................................................................... 87 ..................................................................................................................................................................... 88 ........................................................................................................................................................................ 89 ................................................................................................................................................................................ 90
...................................................................................................................................................................................... 90
........................................................................................................................................................................................ 91 ..................................................................................................................................................................... 91 .................................................................................................................................................................... 92 ................................................................................................................................................................................. 92 ................................................................................................................................................................................... 92 ....................................................................................................................................................................................... 93 .................................................................................................................................................................................. 94
.................................................................................................................................................................................. 94
............................................................................................................................................................................ 94 ........................................................................................................................................................................................ 95 .......................................................................................................................................................................................... 95 ......................................................................................................................................................................... 96 ........................................................................................................................................................................ 96 ESET SysInspector ......................................................................................................................................................................... 96
ESET SysInspector ................................................................................................................................................ 96 .................................................................................................................................................... 97 ................................................................................................................................................................. 103 ................................................................................................................................................................................ 104 .............................................................................................................................................................................. 107 ESET SysInspector ESET Smart Security ............................................................................................................... 109
ESET SysRescue ........................................................................................................................................................................... 109
........................................................................................................................................................................... 109 ............................................................................................................................................................................... 110 ........................................................................................................................................................................... 110 ..................................................................................................................................................................................... 110
-
ESET SysRescue ....................................................................................................................................................... 112
...................................................................................................................................................................................... 113
............................................................................................................................................................................. 115
........................................................................................................................................................................... 115
.......................................................................................................................................................................................... 115 .......................................................................................................................................................................................... 116 ........................................................................................................................................................................................ 116 ......................................................................................................................................................................................... 116 ....................................................................................................................................................................................... 117 ..................................................................................................................................................................................... 117 ..................................................................................................................................................................................... 117 ............................................................................................................................................................... 117 ............................................................................................................................................................. 118
................................................................................................................................................................... 118
DoS ......................................................................................................................................................................... 118 DNS Poisoning ........................................................................................................................................................................ 118 ............................................................................................................................................................................ 118 ............................................................................................................................................................................... 118 TCP Desynchronization........................................................................................................................................................... 119 SMB .................................................................................................................................................................................. 119 ICMP ............................................................................................................................................................................ 119
.............................................................................................................................................................................................. 119
....................................................................................................................................................................................... 120 ................................................................................................................................................................................. 120 ..................................................................................................................................................................................... 120 .................................................................................................................................................................................... 121
-
ESET Smart Security 6 ESET Smart Security 6 ThreatSense
ESET Smart Security 6
( SSL) POP3
IMAP
ESET Live Grid ()
ESET Smart Security
USB, /
HIPS
ESET Smart Security
ESET 80
ESET Smart Security ESET Smart Security
ESET Smart Security 6
ESET Smart Security ESET ()
6
-
(IDS)
ESET Smart Security 6
ESET Smart Security ESET
ESET Smart Security 6
ESET
ESET ESET Smart Security 6 ( )
6
ESET Smart Security :
Microsoft Windows XP
400 MHz 32 (x86) / 64 (x64) RAM 128 320
Super VGA (800 x 600)
Microsoft Windows 7, 8, Vista, Home Server
1 GHz 32 (x86) / 64 (x64) RAM 512 320
Super VGA (800 x 600)
. :
7
-
ESET Live Grid ESET
Microsoft Windows Internet Explorer
- :
/
ESET Smart Security :
ESET () ESET Smart Security
- / .msi
: ESET Smart Security ESET ( )
:
8
-
ESET Live Grid ESET Live Grid ESET ESET
ESET Smart Security ESET Smart Security
...
(.msi)
9
-
ESET Smart Security :
1. ESET Smart Security
2. ESET Smart Security ()
10
-
ESET Live Grid ( " ")
:
C:\Program Files\ESET\ESET Smart Security\
()
Internet Explorer ()
IP URL (3128 ) Internet Explorer
11
-
...
:
ESET Smart Security
ESET Live Grid ( " ")
ESET ESET Smart Security
(/ ESET )
ESET Smart Security ESET Smart Security
ESET
ESET Smart Security ESET Smart Security
...
12
-
... ESET
:
L ( (1) ) '0' (0) 'o' o
ESET Smart Security :
1.
2. /
3.
13
-
ESET Smart Security
ESET Smart Security
ESET Smart Security
:
- ESET Smart Security
-
-
- .
- ESET SysInspector
ESET SysRescue
14
-
- ESET ESET
ESET Smart Security
15
-
- :
( )
- () ESET Smart Security ...
- ()
- "i"
ESET - ()
-
-
16
-
ESET ESET ESET
ESET Smart Security
17
-
( ... F5 ) LAN ... .
> > ...
18
-
ESET Smart Security
:
: RPC
1.
19
-
2. ESET Smart Security
3.
.
ESET Smart Security
ESET Smart Security ESET Smart Security .
20
-
:
:
- - Microsoft Office Internet Explorer
Microsoft ActiveX - /
(//USB...) HIPS - HIPS - - ()
-
40 140
21
-
:
- HTTP HTTPS - POP3 IMAP - -
: ( ... (F5) > > > > )
:
... ESET ( ) .xml ...
> ... ...
...
22
-
- ..
... - ()
( ) :
(PUA)
()
ThreatSense ( ThreatSense)
() F5 > > ... ThreatSense
23
-
( )
:
- - / USB -
()
:
- - - -
> > >
ThreatSense - (.sfx)
24
-
() 10
ThreatSense - ( ) (USB) ...
( ... )
-
- ( )
-
: ()
25
-
ESET Smart Security ( > >
> )
eicar.com EICAR (European Institute for Computer Antivirus Research) http://www.eicar.org/download/eicar.com
:
(F5) > >
ESET
( ) ESET
26
-
- ( //USB) USB
>
>
( )
- - USB / - - -
()
27
-
... >
ThreatSense ...
UAC
: ( pagefile.sys )
...
-
-
28
-
- 60
( )
(F5) > > > ... ThreatSense
: ... :
29
-
> ... ()
:
:
() ()
:
- ( , , winlogon, Windows, dlls )
- ( HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run)
- :
- - - -
> > ( )
()
( >
)
ThreatSense ... ( )
30
-
:
1. ... 2.
(?) (*)
"*.*" "D:\*" doc "*.doc" () ( "D") : "D????.exe"
()
:
-
- ( ) >
... -
... -
31
-
-
ThreatSense ThreatSense ( ) ThreatSense
ThreatSense :
... ThreatSense () ThreatSense :
ThreatSense ( ) ThreatSense
-
-
- : DBX (Outlook Express) EML
- : ARJ, BZ2, CAB, CHM, DBX, GZIP, ISO/BIN/NRG, LHA, MIME, NSIS, RAR, SIS, TAR, TNEF, UUE, WISE, ZIP, ACE
- (SFX)
- () (UPX, yoda, ASPack, FSG ) ()
:
32
-
- ()
/DNA/ - ESET ()
ESET Live Grid - ESET ESET Live Grid
3 :
-
- ( )
-
: ()
ThreatSense
.edb, .eml .tmp Microsoft Exchange
* () ? () * ?
33
-
:
- :
() - :
- : 10.
- () :
:
:
-
- ThreatSense
ThreatSense :
(ADS) - NTFS
-
- ( )
- /
(USB, , , , )
ESET Smart Security
34
-
,
"" ()
( ) ()
35
-
:
ESET Smart Security ( )
Microsoft Office Internet Explorer Microsoft ActiveX Microsoft Office
F5 > > ESET Smart Security >
Microsoft Antivirus API ( Microsoft Office 2000 Microsoft Internet Explorer 5.0 )
ESET Smart Security (//USB/...) /
//Blu-ray USB USB FireWire
36
-
- (//USB) :
- - ... -
-
...
- (//USB...)
-
-
37
-
-
-
(Del) -
- (//USB) - / - - () - - ( ) ( )
: (*, ?) ... /
- - -
- : -
38
-
(HIPS) (HIPS) HIPS HIPS
HIPS (F5) > HIPS HIPS (/) ESET Smart Security
HIPS (F5) HIPS > HIPS HIPS (/) ESET Smart Security
: HIPS
ESET Smart Security
HIPS Windows HIPS
:
- - - -
X 14
HIPS ... HIPS
:
1. 2.
3. ( F1). 4. 5. 6.
39
-
HIPS
40
-
( / ) HIPS
HTTP, POP3 IMAP
:
:
:
- ... -
41
-
:
-
... -
... -
... -
ESET Smart Security (F5) >
:
-
( ) -
-
-
- ESET Smart Security
ESET Smart Security
ESET Smart Security ESET Smart Security
> > > :
:
42
-
- :
-
- - -
-
-
- ( )
- (HTTP - 80, POP3 - 110 )
IP / - IP /
- IP
X - ESET Smart Security
ESET Smart Security ()
... ( ) ,
:
- ()
() - ( - ) ()
- ( )
43
-
(F5) > >
>
... ...
:
... () (Del)
:
- -
:
- - ( ) -
44
-
/ (+/-) /
/ -
/ -
():
- - - - IP
( )
45
-
-
-
-
-
-
-
-
-
-
/ -
-
-
46
-
(Del) -
:
- - - () IP
...
...
,
( > ( ))
:
TCP UDP ( Internet Explorer iexplore.exe) 80
( - )
IP
IPv4/IPv6
IP IP
47
-
- IPv4
( IP ) /
IP/... ...
/ / () () ...
:
1) ESET
(RSA) ... ( - ) IP, DNS NetBios ( server_name_/directory1/directory2/authentication)
48
-
:
PEM (.pem) ESET ( - )
(.crt)
:
/ IP /
( - )
IP IP
2)
49
-
- / ESET / ESET ESET
ESET ( Start > Programs > ESET >
ESET Authentication Server)
( 80)
-
50
-
( ) ()
:
- - - ( - 80)
ESET Smart Security > ESET
51
-
ESET :
:
ESET Smart Security :
-
- - (HTTP, POP3, IMAP
) - -
-
52
-
POP3 IMAP ESET Smart Security (POP3, MAPI, IMAP, HTTP)
//
... - //
-
-
-
POP3 IMAP Microsoft Outlook ESET Smart Security (POP3, MAPI, IMAP, HTTP) ThreatSense POP3 IMAP
> >
53
-
ThreatSense - ...
HTML :
- - () -
/ - ()
- "" "[]" : "[] " %VIRUSNAME%
ESET Smart Security ESET Smart Security ESET Smart Security > ... > > >
Microsoft Outlook, Outlook Express, Windows Mail, Windows Live Mail Mozilla Thunderbird ESET
Kerio Outlook Connector Store
(POP3, IMAP)
: Microsoft Outlook, Outlook Express, Windows Mail, Windows Live Mail Mozilla Thunderbird
- - -
54
-
- - - -
- -
IMAP, IMAPS Internet Message Access Protocol (IMAP) IMAP POP3 ESET Smart Security
IMAP 143
SSL > > SSL SSL
POP3, POP3S POP3 ESET Smart Security
55
-
POP3 110
SSL > > SSL SSL
POP3 POP3S
POP3 - POP3
POP3 - POP3 (110 )
ESET Smart Security POP3S ESET Smart Security SSL (Secure Socket Layer) TLS (Transport Layer Security)
POP3S -
POP3S - POP3S
POP3S
POP3S - POP3S (995 )
80
() ()
56
-
(, )
ESET Smart Security :
- /
- "[SPAM]"
-
-
- ""
- ""
ESET Smart Security (ESET
Smart Security > > > )
- - -
-
-
ESET Smart Security Microsoft Outlook, Outlook Express, Windows Mail, Windows Live Mail
Mozilla Thunderbird
ESET Smart Security > ESET Smart Security
ESET Smart Security > ESET Smart Security
""
57
-
HTTP (Hypertext Transfer Protocol) HTTPS ()
ESET Smart Security > >
HTTP, HTTPs ESET Smart Security HTTP (F5) > > > HTTP, HTTPS HTTP/HTTPS HTTP HTTP 80 (HTTP), 8080 3128 ()
ESET Smart Security HTTPS HTTPS ESET Smart Security SSL (Secure Socket Layer) TLS (Transport Layer Security) HTTPS :
HTTPS -
HTTPS - HTTPS HTTPS
58
-
HTTPS - HTTPS 443
SSL > > SSL SSL
ESET Smart Security
( )
: ESET Smart Security
URL URL HTTP , , URL HTTP
URL ... / HTTP URL HTTPS SSL
* () ? () * ?
59
-
.../ - ( ) ( ) / URL
... - ("*" "?")
/ -
... -
ThreatSense (SSL) > SSL
- HTTP(S), POP3(S) IMAP(S)
: Windows Vista Service Pack 1, Windows 7 Windows Server 2008 Windows Filtering Platform (WFP) WFP :
HTTP POP3 - HTTP POP3 -
( >
> ) - HTTP POP3
60
-
: Windows Vista Service Pack 1 Windows Server 2008 Windows Filtering Platform (WFP) WFP
ESET Smart Security :
- - ( )
HTTP/POP3/IMAP
...
IP HTTP/POP3/IMAP /
IPv4/IPv6 - IP//
-
61
-
IPv4 IP// 4
- IP ( 192.168.0.10)
- IP IP () ( 192.168.0.1 192.168.0.99)
- () IP
255.255.255.0 192.168.1.0/24 192.168.1.1 192.168.1.254
IPv6 / IPv6 4
- IP ( 2001:718:1c01:16:214:22ff:fec9:ca5)
- () IP (: 2002:c0a8:6301:1::1/64)
SSL ESET Smart Security SSL SSL SSL
SSL - SSL ()
62
-
( ) - SSL () SSL
SSL - SSL
- SSL
SSL
SSL v2 - SSL
SSL / ESET ( ) ESET ( Opera, Firefox) ( Internet Explorer) > > ...
Trusted Root Certification Authorities ( VeriSign) ( ) ( ) TRCA () TRCA TRCA
Trusted Root Certification Authorities ESET Smart Security (F5) > > > SSL > > ESET Smart Security
( )
( )
SSL SSL () :
63
-
Trusted Root Certification Authorities
:
- -
- -
- -
- -
() PIN ESET Smart Security
ESET Smart Security (F5) >
ESET
()
: URL (F5) > > URL URL
64
-
/ ESET
: ESET : [email protected] ( )
40 140
:
1. ESET Smart Security :
F5
2. >
65
-
ESET Smart Security
1.
ESET Smart Security - ...
HTTPS (SSL) https:// (HTTPS) SSL > >
> SSL
: , HTTP
2. Windows
...
: ( ) Windows 7 Windows Vista:
66
-
1. Start () Control Panel User Accounts 2. Manage another account 3. Create a new account 4. Create Account 5. ESET Smart Security >
3.
... - URL URL
- ( ) ...
67
-
() :
- IP () , 127.0.0.0/8, 192.168.0.0/16 403 404
- - - ()
-
URL URL
68
-
URL * () ? () TLD (examplepage.com, examplepage.sk, ) ( sub.examplepage.com) URL
: /
ESET Smart Security
ESET
( ) ESET
: ESET ESET Smart Security
69
-
-
- ESET
ESET Smart Security
70
-
: :
-
1. / - ( ... F5 ) >
2. - () (ISP)
71
-
( F5) > ESET
( HTTP)
72
-
...
( ) > ESET Smart Security
...
-
... ...
... , HTTP LAN
73
-
:
-
- -
:
-
- - ()
:
( )
(F5) ... HTTP :
>
ESET Smart Security
74
-
:
ESET Smart Security ( > ) : ,
ESET Smart Security Internet Explorer
( ISP) HTTP
: / ESET Smart Security
LAN NT
LAN LAN ()
()
: LAN : \ ( \) HTTP
/
ESET Smart Security
75
-
( (F5) > > )
: 6871 6870 6868 6869 6869 2 ( ) 6868 ESET Smart Security
76
-
> ESET
Smart Security:
:
ESET SysInspector
- ESET
77
-
ESET SysRescue - ESET SysRescue
ESET Social Media Scanner - ( Facebook) ESET
ESET Smart Security
> :
- ESET Smart Security
- ESET Smart Security
-
HIPS - HIPS ()
-
- , URL,
-
-
( Ctrl + C) CTRL SHIFT
:
- ( ) .../... - - () - / - - XML -
78
-
ESET Smart Security > ... > > :
X
-
(%)
-
- - - - "" - ( )
...
ESET Smart Security >
: ( ... ) : /
:
( ) () ()
( ) ... ...
1.
2.
79
-
3. :
- - () - - -
4. :
- - - -
5. :
--
6.
ESET Smart Security >
80
-
:
- - - - -
> : 1...
:
: 1 (10 ) - 10 : 1 (24 ) - 24 : 1 () - : 1 () - X
( ) () KB ()/MB/GB
81
-
() ( )
ESET SysInspector ESET SysInspector
SysInspector :
- - - -
:
- ... - ESET SysInspector ( ) -
:
- ESET SysInspector ( ) - ... - .xml .xml
ESET Live Grid ESET Live Grid(ESET ThreatSense.Net ) ESET ESET Live Grid :
1. ESET Live Grid 2. ESET Live Grid ESET
ESET
ESET Live Grid
ESET Smart Security ESET .doc .xls
82
-
ESET Live Grid / ESET Live Grid ESET >
ESET Live Grid
ESET Live Grid () - / ESET Live Grid
ESET
- ESET Live Grid ESET Smart Security ESET
- ESET ESET Live Grid
... - ESET Live Grid
ESET Live Grid ESET
ESET Live Grid ESET
- / ESET (.doc )
() - ESET
ESET ESET Smart Security ESET Live Grid
83
-
- Windows Ctrl+Shift+Esc
- ESET Smart Security ESET Live Grid ( ) 1 - () 9 - ()
: () ()
- ESET Live Grid
- ESET Live Grid
: () ESET
-
-
84
-
:
- - B () - - - -
: / -
> ESET Live Grid
() +
85
-
/IP - IP
IP - IP
-
/ -
/ -
-
... :
- DNS IP
TCP - TCP
-
- localhost
:
-
-
-
-
:
-
-
ESET Smart Security
ESET
86
-
( ) ( )
ESET Smart Security ( ) .. ...
...
: ESET
( ) ESET
LAN ESET Smart Security
87
-
> ESET Smart Security
Internet Explorer
: ( )
( )
ESET Smart Security
SMTP - SMTP
: SMTP SSL/TLS ESET Smart Security
SMTP - SMTP SMTP
-
-
88
-
LAN - LAN
Windows
() - Windows
() - LAN
-
... - LAN ( Windows) - ...
( )
( %) :
%TimeStamp% - %Scanner% - %ComputerName% - %ProgramName% - %InfectedObject% - %VirusName% - %ErrorDescription% -
%InfectedObject% %VirusName% %ErrorDescription%
- ANSI Windows Regional ( windows-1250) ACSII 7 ( "" "a" "?")
- Quoted-printable (QP) ASCII 8 ()
ESET > ESET
WinRAR/ZIP "infected" [email protected] ( )
89
-
: ESET :
: ()
-
- ESET ESET
Windows Microsoft Windows ESET Smart Security :
- - - - - - - -
(GUI)
ESET Smart Security
90
-
ESET Smart Security
ESET Smart Security
( ) ESET Smart Security ( )
()
()
- - - - "" - ( )
91
-
()
-
-
ESET Smart Security > ... > >
- () ( User Account Control (UAC) Windows Vista Windows 7) Windows XP UAC ( UAC)
- ESET Smart Security >
92
-
- ESET Smart Security
-
- /
-
... - F5 > ...
-
- ESET Smart Security
... - ESET
- ESET Smart Security
ESET Smart Security
>
- ESET Smart Security
93
-
:
() - ESET Smart Security () - ESET Smart Security - ESET Smart Security - ESET Smart Security
CPU
> (F5)
X ( 1 )
: ()
ESET Smart Security
( )
(F5) > > > ... ThreatSense
: ... :
94
-
( )
- - ESET () : ESET >
-
... -
ESET Smart Security :
Ctrl+G GUI
Ctrl+I ESET SysInspector
Ctrl+L
Ctrl+S
Ctrl+Q
Ctrl+U
Ctrl+R
ESET :
F1
F5
Up/Down
*
-
TAB
Esc
ESET ( ekrn) ESET Smart Security :
-
-
()
95
-
- ... Windows explorer
.xml ESET Smart Security
ESET Smart Security ESET Smart Security .xml
> ... ...
> ... ( export.xml)
:
> :
ESET SysInspector ESET SysInspector ESET SysInspector
96
-
ESET SysInspector : ESET Security (SysInspector.exe) ESET .xml > ESET SysInspector ( ESET Remote Administrator) ESET SysInspector ESET Smart Security
ESET SysInspector 10
ESET SysInspector ESET SysInspector SysInspector.exe ESET ESET Security ESET SysInspector Start ( > ESET > ESET Smart Security)
- ( )
ESET SysInspector
97
-
( )
: ESET SysInspector
" " "" "" ESET SysInspector
( 1)
6 9 ESET ESET Online Scanner ESET SysInspector ESET Online Scanner
:
Backspace
:
ESET SysInspector ESET SysInspector
98
-
: ESET SysInspector \??\
(TCP UDP) IP DNS
(BHO)
Windows Services
Microsoft Windows
Windows /
Program Files
ESET SysInspector
99
-
ESET SysInspector :
100
-
Ctrl+O
Ctrl+S
Ctrl+G
Ctrl+H
1, O , 1-9
2 , 2-9
3 , 3-9
4, U , 4-9
5 , 5-9
6 , 6-9
7, B , 7-9
8 , 8-9
9 , 9
-
+
Ctrl+9 ,
Ctrl+0 ,
Ctrl+5 ,
Ctrl+6 , Microsoft
Ctrl+7 ,
Ctrl+3
Ctrl+2
Ctrl+1
BackSpace
Ctrl+W
Ctrl+Q
Ctrl+T
Ctrl+P
Ctrl+A
Ctrl+C
Ctrl+X
Ctrl+B
Ctrl+L
Ctrl+R
Ctrl+Z ( )
101
-
Ctrl+F
Ctrl+D
Ctrl+E
Ctrl+Alt+O /
Ctrl+Alt+R
Ctrl+Alt+1
Ctrl+Alt+2
Ctrl+Alt+3
Ctrl+Alt+4 ()
Ctrl+Alt+5
Ctrl+Alt+C
Ctrl+Alt+N
Ctrl+Alt+P
F1
Alt+F4
Alt+Shift+F4
Ctrl+I
> > ESET SysInspector
>
: > ZIP
ESET SysInspector
102
-
:
/ / / /
previous.xml ESET SysInspector current.xml
>
:
SysIsnpector.exe current.xml previous.xml
ESET SysInspector :
103
-
/gen GUI
/privacy
/zip
/silent
/help, /?
: SysInspector.exe "c:\clientlog.xml" : SysInspector.exe /gen : SysInspector.exe /gen="c:\folder\" / : SysInspector.exe /gen="c:\folder\mynewlog.xml" : SysInspector.exe /gen="c:\mynewlog.zip" /privacy /zip : SysInspector.exe "current.xml" "original.xml"
: /
ESET SysInspector
ESET SysInspector
:
1. ESET SysInspector 2. () Shift 3. 4. 5. : - +
/ 6. ESET SysInspector > 7.
() ESET SysInspector
:
104
-
(ev) GUI (gv) (lv) .xml
( ) "-" "+"
01)
UNC CRC16 (*)
:
01) Running processes: - \SystemRoot\System32\smss.exe *4725* - C:\Windows\system32\svchost.exe *FD08* + C:\Windows\system32\module32.exe *CF8A* [...]
module32.exe ( "+")
02)
:
02) Loaded modules: - c:\windows\system32\svchost.exe - c:\windows\system32\kernel32.dll + c:\windows\system32\khbekhb.dll - c:\windows\system32\advapi32.dll [...]
khbekhb.dll "+"
03) TCP
TCP
:
03) TCP connections: - Active connection: 127.0.0.1:30606 -> 127.0.0.1:55320, owner: ekrn.exe - Active connection: 127.0.0.1:50007 -> 127.0.0.1:50006, - Active connection: 127.0.0.1:55320 -> 127.0.0.1:30606, owner: OUTLOOK.EXE - Listening on *, port 135 (epmap), owner: svchost.exe + Listening on *, port 2401, owner: fservice.exe Listening on *, port 445 (microsoft-ds), owner: System [...]
TCP
04) UDP
UDP
105
-
:
04) UDP endpoints: - 0.0.0.0, port 123 (ntp) + 0.0.0.0, port 3702 - 0.0.0.0, port 4500 (ipsec-msft) - 0.0.0.0, port 500 (isakmp) [...]
UDP
05) DNS
DNS
:
05) DNS server entries: + 204.74.105.85 - 172.16.152.2 [...]
DNS
06)
:
06) Important registry entries: * Category: Standard Autostart (3 items) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run - HotKeysCmds = C:\Windows\system32\hkcmd.exe - IgfxTray = C:\Windows\system32\igfxtray.exe HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run - Google Update = "C:\Users\antoniak\AppData\Local\Google\Update\GoogleUpdate.exe" /c * Category: Internet Explorer (7 items) HKLM\Software\Microsoft\Internet Explorer\Main + Default_Page_URL = http://thatcrack.com/ [...]
0
07)
:
07) Services: - Name: Andrea ADI Filters Service, exe path: c:\windows\system32\aeadisrv.exe, state: Running, startup: Automatic - Name: Application Experience Service, exe path: c:\windows\system32\aelupsvc.dll, state: Running, startup: Automatic - Name: Application Layer Gateway Service, exe path: c:\windows\system32\alg.exe, state: Stopped, startup: Manual [...]
08)
:
08) Drivers: - Name: Microsoft ACPI Driver, exe path: c:\windows\system32\drivers\acpi.sys, state: Running, startup: Boot - Name: ADI UAA Function Driver for High Definition Audio Service, exe path:
106
-
c:\windows\system32\drivers\adihdaud.sys, state: Running, startup: Manual [...]
09)
:
09) Critical files: * File: win.ini - [fonts] - [extensions] - [files] - MAPI=1 [...] * File: system.ini - [386Enh] - woafont=dosapp.fon - EGA80WOA.FON=EGA80WOA.FON [...] * File: hosts - 127.0.0.1 localhost - ::1 localhost [...]
ESET SysInspector : "%Scriptname%"
:
: ( )
ESET SysInspector
ESET SysInspector
ESET SysInspector
ESET SysInspector > XML %USERPROFILE%\My Documents\ "SysInpsector-%COMPUTERNAME%-YYMMDD-HHMM.XML"
107
-
ESET SysInspector
ESET SysInspector > ESET SysInspector ESET SysInspector SYSINSPECTOR.EXE Windows Vista/7
SDK
SDK
ESET SysInspector
ESET SysInspector ( ) 1 - () 9 - ()
"6 - ()"
ESET SysInspector ESET SysInspector
ESET SysInspector
ESET SysInspector "" ESET
Microsoft Windows
" MS" ""
ESET SysInspector ESI CAT ( - %systemroot%\system32\catroot) CAT CAT
" MS" ""
:
Windows 2000 HyperTerminal C:\Program Files\Windows NT ESET SysInspector Microsoft C:\WINNT\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sp4.cat C:\Program Files\Windows NT\hypertrm.exe ( HyperTerminal ) sp4.cat Microsoft
108
-
ESET SysInspector ESET Smart Security ESET SysInspector ESET Smart Security > ESET SysInspector ESET SysInspector
ESET SysInspector
ESET SysInspector ...
:
-
... - ()
/ - ... - XML ()
ESET SysRescue ESET SysRescue ESET Security - ESET NOD32 Antivirus, ESET Smart Security ESET SysRescue ESET Security
ESET SysRescue Microsoft Windows Preinstallation Environment (Windows PE) 2.x Windows Vista
Windows PE Windows Automated Installation Kit (Windows AIK) Windows AIK ESET SysRescue (http://go.eset.eu/AIK) Windows PE 32 ESET Security 32 ESET SysRescue 64 ESET SysRescue Windows AIK 1.1
: Windows AIK 1
ESET SysRescue ESET Security 4.0
109
-
Windows 7 Windows Vista Windows Vista Service Pack 1 Windows Vista Service Pack 2 Windows Server 2008 Windows Server 2003 Service Pack 1 KB926044 Windows Server 2003 Service Pack 2 Windows XP Service Pack 2 KB926044 Windows XP Service Pack 3 ESET SysRescue Start > Programs > ESET > ESET Smart Security > ESET SysRescue
Windows AIK Windows AIK ( ) Windows AIK (http://go.eset.eu/AIK)
: Windows AIK 1
ESET SysRescue
//USB ESET SysRescue ISO ISO / ( VMware VirtualBox)
USB BIOS BIOS - ( Windows Vista) :
: \boot\bcd : 0xc000000e :
USB
ESET SysRescue ... :
ESET Antivirus USB ( USB ) (/)
110
-
MSI ESET Security ESET Antivirus ( > ESET Antivirus)
ESET SysRescue
ISO ISO
- ESET SysRescue
- ESET SysRescue
- ESET SysRescue
ESET Antivirus ESET SysRescue ESET :
ESS/EAV - ESET Security
MSI - MSI
(.nup) ESS/EAV/ MSI
:
ESS/EAV - ESET Security
-
: ESET Security ESET SysRescue ESET Security ESET SysRescue
ESET SysRescue 576 (RAM) 576 WinPE
( ) WinPE Windows Vista SP1 ESET SysRescue: ( ) ( ) .inf ( *.sys ) ESET SysRescue ESET SysRescue ESET SysRescue
111
-
ESET SysRescue
IP IP DHCP (Dynamic Host Configuration Protocol)
IP ( IP ) IP IP LAN DNS DNS DNS
USB USB USB USB ( USB )
ESET SysRescue
: USB ESET SysRescue
USB
/
ISO - ISO ESET SysRescue
-
-
: / /
/
- /
ESET SysRescue //USB ESET SysRescue BIOS F9 - F12 /BIOS
ESET Security ESET SysRescue ESET Security , ESET SysRescue
112
-
ESET SysRescue (.exe) ESET Security explorer.exe explorer.exe Windows ESET Security
ESET SysRescue ESET SysRescue (, )
ESET Smart Security ( "ecls") ("bat") ESET:
ecls [..] ..
113
-
:
/base-dir=FOLDER
/quar-dir=FOLDER
/exclude=MASK
/subdir ()
/no-subdir
/max-subdir-level=LEVEL
/symlink ()
/no-symlink
/ads ADS ()
/no-ads ADS
/log-file=FILE
/log-rewrite ( - )
/log-console ()
/no-log-console
/log-all
/no-log-all ()
/aind
/auto
/files ()
/no-files
/memory
/boots
/no-boots ()
/arch ()
/no-arch
/max-obj-size=SIZE SIZE ( 0 = )
/max-arch-level=LEVEL ()
/scan-timeout=LIMIT LIMIT
/max-arch-size=SIZE SIZE ( 0 = )
/max-sfx-size=SIZE SIZE ( 0 = )
/mail ()
/no-mail
/mailbox ()
/no-mailbox
/sfx ()
/no-sfx
/rtp ()
/no-rtp
114
-
/adware // ()
/no-adware //
/unsafe
/no-unsafe ()
/unwanted
/no-unwanted ()
/pattern ()
/no-pattern
/heur ()
/no-heur
/adv-heur ()
/no-adv-heur
/ext=EXTENSIONS EXTENSIONS
/ext-exclude=EXTENSIONS EXTENSIONS
/clean-mode=MODE : , (), , ,
/quarantine () ()
/no-quarantine
/help
/version
/preserve-time
0
1
10 ()
50
100
: 100
/
"" "" ()
115
-
:
ESET
()
: ""
()
:
- - - - () - -
() : Windows
:
1. : () 2. : ESET Smart Security
116
-
()
()
""
/
, PIN,
P2P (Peer-To-Peer) Spyfalcon Spy Sheriff ( )
UPX, PE_Compact, PKLite ASPack ""
ESET Smart Security
()
( )
117
-
(PUA) ( ) :
( )
DoS DoS DoS
DNS Poisoning DNS (Domain Name Server) poisoning DNS DNS IP
(Sasser, SqlSlammer)
118
-
TCP Desynchronization TCP Desynchronization TCP Hijacking ( )
Desynchronization
TCP Hijacking TCP
SMB SMBRelay SMBRelay2 NetBIOS LAN
SMBRelay UDP 139 445 SMBRelay IP "net use \\192.168.1.1" Windows SMBRelay SMB IP
SMBRelay2 SMBRelay NetBIOS IP ""
ICMP ICMP (Internet Control Message Protocol)
ICMP ICMP DoS ()
ICMP ping ICMP_ECHO smurf ICMP ( )
1990
119
-
:
" " ""
ICQ Skype
(FUD) ""
() PIN
( ) ( )
120
-
()
( ) ( ) "vaigra" "viagra"
:
1. ( ) 2. ( )
() :
1. : 2. :
1. : .exe 2. :
1. : 2. : ""
"" IP
"" IP
:
121
-
""
()
122