manualshive.com logo in svg

ESET SMART SECURITY, Руководство пользователя, Страница: 17 / 38

Поделиться
Скачать
ESET SMART SECURITY Скачать руководство пользователя страница 17

17

in concert to significantly enhance system security. The scanning 
engine is capable of controlling several data streams simultaneously, 

maximizing the efficiency and detection rate. ThreatSense technology 
also successfully eliminates rootkits. 

The ThreatSense technology setup options allow the user to specify 

several scan parameters: 

▪ 

File types and extensions that are to be scanned 

▪ 

The combination of various detection methods 

▪ 

Levels of cleaning, etc. 

To enter the setup window, click the 

Setup...

 button located in 

any module‘s setup window which uses ThreatSense technology 
(see below). Different security scenarios could require different 

configurations. With this in mind, ThreatSense is individually 

configurable for the following protection modules:

▪ 

Real‑time file system protection 

▪ 

System startup file check 

▪ 

Email protection 

▪ 

Web access protection 

▪ 

On‑demand computer scan 

The ThreatSense parameters are highly optimized for each module, 
and their modification can significantly influence system operation. 
For example, changing parameters to always scan runtime packers, 
or enabling advanced heuristics in the real‑time file system 
protection module could result in a system slow‑down (normally, 
only newly‑created files are scanned using these methods). Therefore, 
we recommend that you leave the default ThreatSense parameters 
unchanged for all modules except Computer scan.

4.1.5.1 

Objects setup

The 

Objects

 section allows you to define which computer 

components and files will be scanned for infiltrations.

Operating memory

 

 

Scans for threats that attack the operating 

memory of the system. 

Boot sectors

 

 

Scans boot sectors for the presence of viruses in the 

master boot record 

Files

 

 

Provides scanning of all common file types (programs, pictures, 

audio, video files, database files, etc.) 

Email files

 

 

Scans special files where email messages are contained 

Archives

 

 

Provides scanning of files compressed in archives  

(.rar, .zip, .arj, .tar, etc.) 

Self‑extracting archives

 

 

Scans files which are contained in 

self‑extracting archive files, but typically presented with a .exe 
extension 

Runtime packers

  –

 runtime packers (unlike standard archive types) 

decompress in memory, in addition to standard static packers 

(UPX, yoda, ASPack, FGS, etc.).

4.1.5.2 

Options

In the 

Options

 section, the user can select the methods to be used when 

scanning the system for infiltrations. The following options are available: 

Signatures

 –

 Signatures can exactly and reliably detect and identify 

infiltrations by their name using virus signatures. 

Heuristics

 

– 

Heuristics is an algorithm that analyzes the (malicious) 

activity of programs. The main advantage of heuristic detection is 

the ability to detect new malicious software which did not previously 

exist, or was not included in the list of known viruses (virus signatures 
database).

Advanced heuristics

 

 

Advanced heuristics comprise a unique 

heuristic algorithm developed by ESET optimized for detecting 
computer worms and trojan horses written in high level programming 

languages. Due to advanced heuristics, the detection intelligence 

of the program is significantly higher. 

Adware/Spyware/Riskware

 

 

This category includes software which 

collects various sensitive information about users without their 
informed consent. This category also includes software which displays 
advertising material. 

Potentially unsafe applications

 

 

Potentially unsafe applications is 

the classification used for commercial, legitimate software. It includes 
programs such as remote access tools, which is why this option is 
disabled by default. 

Potentially unwanted applications

 

 

Potentially unwanted 

applications are not necessarily intended to be malicious, but they 
may affect the performance of your computer in a negative way. 
Such applications usually require consent for installation. If they are 

present on your computer, your system behaves differently (compared 
to the state before their installation). The most significant changes 
include unwanted pop‑up windows, activation and running of hidden 

processes, increased usage of system resources, changes in search 
results, and applications communicating with remote servers.

Содержание SMART SECURITY

Страница 1: ...Integrated components ESET NOD32 Antivirus ESET NOD32 Antispyware ESET Personal Firewall ESET Antispam New generation of NOD32 technology User Guide ...

Страница 2: ...body 14 4 1 2 3 Removing infiltrations 14 4 1 3 Web access protection 14 4 1 3 1 HTTP 14 4 1 3 1 1 Blocked excluded addresses 15 4 1 3 1 2 Web browsers 15 4 1 4 Computer scan 15 4 1 4 1 Type of scan 16 4 1 4 1 1 Standard scan 16 4 1 4 1 2 Custom scan 16 4 1 4 2 Scan targets 16 4 1 4 3 Scan profiles 16 4 1 5 ThreatSense engine parameters setup 16 4 1 5 1 Objects setup 17 4 1 5 2 Options 17 4 1 5 3 ...

Страница 3: ...28 4 8 1 Alerts and notifications 29 4 9 ThreatSense Net 29 4 9 1 Suspicious files 30 4 9 2 Statistics 30 4 9 3 Submission 31 4 10 Remote administration 31 4 11 License 32 5 Advanced user 33 5 1 Proxy server setup 33 5 2 Export import settings 33 5 2 1 Export settings 33 5 2 2 Import settings 33 5 3 Command Line 33 6 Glossary 35 6 1 Types of infiltrations 35 6 1 1 Viruses 35 6 1 2 Worms 35 6 1 3 T...

Страница 4: ...rk communication scanning on the Data Link Layer enables ESET Personal firewall to overcome a variety of attacks that would otherwise be undetectable IPv6 support ESET Personal firewall displays IPv6 addresses and allows users to create rules for them Executable file monitoring Monitoring changes in executable files in order to overcome infection It is possible to allow file modification of signed...

Страница 5: ...rs later option Authentication data can be inserted at any time later on directly from the program The next step in the installation is configuration of the ThreatSense Net Early Warning System The ThreatSense Net Early Warning System helps to ensure that ESET is immediately and continuously informed about new infiltrations in order to quickly protect its customers The system allows for submission...

Страница 6: ...e a proxy server it must be correctly configured in order for virus signature updates to work properly If you don t know whether you use a proxy server to connect to the Internet leave the default setting I am unsure if my Internet connection uses a proxy server Use the same settings as Internet Explorer and click Next If you do not use a proxy server select the corresponding option To configure y...

Страница 7: ...rd you wish to protect the program with Retype the password to confirm The steps Configuration of the ThreatSense Net Early Warning System and Detection of potentially unwanted applications are the same as for a Typical installation and are not shown here see page 5 The last step in Custom mode is to select the ESET Personal firewall filtering mode Three modes are available Automatic Interactive P...

Страница 8: ...tically updated This is only possible if the correct user name and password are entered in the update setup If you did not enter your user name and password during the installation you can do so now In the main program window click Update and then click User name and Password Setup Enter the data you received with your product license into the License details window 2 5 On demand computer scan Aft...

Страница 9: ...T Knowledgebase ESET s web site and access a Customer Care support request The ESET Smart Security user interface allows users to toggle Standard and Advanced modes To toggle between modes see the Display link located in the bottom left corner of the main ESET Smart Security window Click this button to select the desired display mode The Standard mode provides access to features required for commo...

Страница 10: ... time of purchase should be entered If the User name and Password were entered during the installation of ESET Smart Security you will not be prompted for them at this point The Advanced Setup window to access press F5 contains other detailed update options The Update server drop down menu should be set to Choose automatically To configure advanced update options such as the update mode proxy serv...

Страница 11: ...a If this information is not available you can attempt to automatically detect proxy server settings for ESET Smart Security by clicking the Detect proxy server button NOTE Proxy server options for various update profiles may differ If this is the case configure the proxy server in the advanced update setup 3 5 Settings protection ESET Smart Security Settings can be very important from the perspec...

Страница 12: ...y created files The probability of infection in newly created files is comparatively higher than in existing files This is why the program checks these files with additional scanning parameters Along with common signature based scanning methods advanced heuristics are used which greatly improves detection rates In addition to newly created files scanning is also performed on self extracting files ...

Страница 13: ... are enabled at the same time they may conflict with each other We recommend that you uninstall any other antivirus programs on your system Real time protection does not start If real time protection is not initiated at system startup and the Automatic real time file system protection startup option is enabled it may be due to conflicts with other programs If this is the case please consult ESET s...

Страница 14: ... protection Email protection The program can Append tag messages to received and read mail as well as Append tag messages to sent mail Users also have the ability to decide whether tag messages should be appended to all email to infected email only or not at all ESET Smart Security also allows the user to append messages to the original subject of infected messages To enable appending to the subje...

Страница 15: ...application is monitored regardless of the port numbers involved in the communication The Web browsers feature complements the HTTP checking feature as HTTP checking only takes place on predefined ports However many Internet services utilize dynamically changing or unknown port numbers To account for this the Web browser feature can establish control of port communications regardless of the connec...

Страница 16: ...s The Scan targets drop down menu allows you to select files folders and devices disks to be scanned for viruses Using the quick scan targets menu option you can select the following targets Local drives controls all system hard drives Removable media diskettes USB storage devices CD DVD Network drives all mapped drives A scan target can also be more precisely specified by entering the path to the...

Страница 17: ...rchives Scans files which are contained in self extracting archive files but typically presented with a exe extension Runtime packers runtime packers unlike standard archive types decompress in memory in addition to standard static packers UPX yoda ASPack FGS etc 4 1 5 2 Options In the Options section the user can select the methods to be used when scanning the system for infiltrations The followi...

Страница 18: ...f files with no extension select the Scan extensionless files option Excluding files from scanning has its purpose if the scanning of certain file types prevents the program using the extensions to run properly For example it may be advisable to exclude the edb eml and tmp extensions when using the MS Exchange server 4 1 6 An infiltration is detected Infiltrations can reach the system from various...

Страница 19: ... gives the option of allowing or denying the communication and the decision to allow or deny can be remembered as a new rule for the Personal firewall If the user chooses to create a new rule at this time all future connections of this type will be allowed or blocked according to the rule Policy based mode blocks all connections which are not defined by a specific rule that allows them This mode a...

Страница 20: ...on about the remote port port range It also allows the user to define a list of remote IP addresses or zones for a given rule A good example of adding a new rule is allowing your Internet browser to access the network The following must be provided in this case On the General tab enable outgoing communication via the TCP UDP protocol Add the process representing your browser application for Intern...

Страница 21: ...t ESET Personal firewall log from the Log drop down menu The log files are an invaluable tool for detecting errors and revealing intrusions into the system and should be given appropriate attention ESET Personal firewall logs contain the following data Date and time of event Name of event Source and target network address Network communication protocol Rule applied or name of worm if identified Ap...

Страница 22: ...ssify selected messages as spam or click Spam from the ESET Smart Security Antispam toolbar located in your email client Reclassified messages are automatically moved to the SPAM folder but the sender email address is not added to blacklist Similarly messages can be classified as not spam If messages from the Junk E mail folder are classified as not spam they are moved to their original folder Mar...

Страница 23: ...vanced update setup click the Setup button Advanced update setup options include configuration of Update Mode HTTP Proxy LAN and Mirror 4 4 1 2 1 Update mode The Update mode tab contains options related to the program component update In the Program component update section three options are available Never update program components Always update program components Ask before downloading program c...

Страница 24: ...ng system authentication for each network connection is required by default In most cases a local system account doesn t have sufficient rights to access the Mirror folder the Mirror folder contains copies of update files If this is the case enter the user name and password in the update setup section or specify an existing account under which the program will enter the update server Mirror To con...

Страница 25: ...ion used by the HTTP server By default the Server port is set to the value 2221 The Authentication option defines the method of authentication used for accessing the update files The following options are available NONE Basic and NTLM Select Basic to use the base64 encoding with basic user name and password authentication The NTLM option provides encoding using a safe encoding method For authentic...

Страница 26: ...veryone a domain user name and password will still need to be entered in the update setup section ESET Smart Security reports an error connecting to the Mirror server communication on the port defined for accessing the HTTP version of the Mirror is blocked 4 4 2 How to create update tasks Updates can be triggered manually by clicking Update virus signature database in the information window displa...

Страница 27: ... is to safely store infected files Files should be quarantined if they cannot be cleaned if it is not safe or advisable to delete them or if they are being falsely detected by ESET Smart Security The user can choose to quarantine any file he or she wants to This is advisable if a file behaves suspiciously but is not detected by the antivirus scanner Quarantined files can be submitted for analysis ...

Страница 28: ...ed to the clipboard by selecting the entry and clicking the Copy button To select multiple entries the CTRL and SHIFT keys can be used 4 7 1 Log maintenance The Logging configuration of ESET Smart Security is accessible from the main program window Click Setup Enter entire advanced setup tree Tools Log files You can specify the following options for log files Delete records automatically Log entri...

Страница 29: ...d To close pop up windows automatically after a certain period of time select the option Close messageboxes automatically after sec If they are not closed manually by the user alert windows are automatically closed after the specified time period has expired Notifications on the desktop and balloon tips are informative only and do not require or offer user interaction They are displayed in the not...

Страница 30: ...this option is selected suspicious files are sent in the background If you wish to know which files have been sent for analysis and confirm the submission select the Ask before submitting option If you don t want any files to be submitted select Do not submit for analysis Note that not submitting files for analysis does not affect submission of statistical information to ESET Statistical informati...

Страница 31: ...mission of a suspicious file or a piece of statistical information an entry in the event log is created 4 10 Remote administration Remote administration is a powerful tool for maintaining security policy and for obtaining an overview of the overall security management within the network It is especially useful when applied to larger networks Remote Administration not only increases the security le...

Страница 32: ...nse manager is accessible from the Advanced Setup tree under Miscellaneous Licenses The license key is a text file containing information about the purchased product its owner number of licenses and the expiry date The license manager window allows the user to upload and view the content of a license key using the Add button the information contained is displayed in the manager To delete license f...

Страница 33: ...he user Proxy server settings can also be established within the Advanced update setup Update branch of the Advanced Setup tree This setting applies for the given update profile and is recommended for laptops as they often receive virus signature updates from different locations For more information about this setting see Section 4 4 Updating the system 5 2 Export import settings Export and import...

Страница 34: ...lder nesting LEVEL default 0 unlimited symlink follow symbolic links default no symlink skip symbolic links ext remove EXTENSIONS ext exclude EXTENSIONS exclude EXTENSIONS delimited by colon from scanning Methods adware scan for Adware Spyware Riskware no adware do not scan for Adware Spyware Riskware unsafe scan for potentially unsafe applications no unsafe do not scan for potentially unsafe appl...

Страница 35: ... of well known worms are Lovsan Blaster Stration Warezov Bagle and Netsky 6 1 3 Trojan horses Historically computer trojan horses have been defined as a class of infiltrations which attempt to present themselves as useful programs thus tricking users into letting them run But it is important to note that this was true for trojan horses in the past today there is no longer a need for them to disgui...

Страница 36: ...usually require consent for installation If they are present on your computer your system behaves differently compared to the state before their installation The most significant changes are new windows you haven t seen previously are opened activation and running of hidden processes increased usage of system resources changes in search results application communicates with remote servers 6 2 Type...

Страница 37: ...nce and danger to the user is increased by the fact that the costs of sending are next to zero and authors of spam have many tools and sources available to acquire new email addresses In addition the volume and variety of spam makes it very difficult to regulate The longer you use your email address the higher the possibility of it ending up in a spam engine database Some hints for prevention If p...

Страница 38: ... categories and learns for example that spam usually contains words rolex or viagra and legitimate messages are sent by family members or from addresses in the user s contact list Provided that a greater number of messages was processed the Bayesian filter is able to assign a certain spam index to each message and thus decide on whether it is spam or not The main advantage is its flexibility If a ...

Отзывы:

Нет отзывов