ESET SMART SECURITY Betriebsanweisung

ESET SMART SECURITY 8User Guide(intended for product version 8.0 and higher)Microsoft Windows 8.1 / 8 / 7 / Vista / XP / Home Server 2003 / Home Ser

102.2.1 Advanced settingsAfter selecting Advanced settings, you will be prompted to select a location for the installation. By default, theprogram i

100Ctrl+Alt+Rcancels comparisonCtrl+Alt+1displays all itemsCtrl+Alt+2displays only added items, log will show items present in current logCtrl+Alt+3di

101ExampleGenerate and save a log, recording original information about the system, to a file named previous.xml. Afterchanges to the system have been

1025.6.4.1 Generating Service scriptTo generate a script, right-click any item from the menu tree (in the left pane) in the ESET SysInspector mainwi

10304) UDP endpointsThis section contains information about existing UDP endpoints.Example:04) UDP endpoints:- 0.0.0.0, port 123 (ntp)+ 0.0.0.0, port

104Example:08) Drivers:- Name: Microsoft ACPI Driver, exe path: c:\windows\system32\drivers\acpi.sys, state: Running,startup: Boot- Name: ADI UAA Func

1055.6.5 FAQDoes ESET SysInspector require Administrator privileges to run ?While ESET SysInspector does not require Administrator privileges to run

106the digital signature of that CAT file will be applied in the validation process of the executable.This is why there are sometimes files marked as

107Windows ADK supports:Windows 8Windows 7Windows VistaWindows Vista Service Pack 1Windows Vista Service Pack 2Note: ESET SysRescue may not be availab

108The Create option is inactive if no MSI installation package is specified, or if no ESET Security solution is installed onthe computer. To select a

1095.7.4.4 Internet protocolThis section allows you to configure basic network information and set up predefined connections after runningESET SysRe

11If you would like to evaluate ESET Smart Security before making a purchase, select Activate Trial License. Fill in youremail address and country to

1105.7.5.1 Using ESET SysRescueSuppose that computers in the network have been infected by a virus which modifies executable (.exe) files. ESETSecu

111/sfxscan self-extracting archives (default)/no-sfxdo not scan self-extracting archives/rtpscan runtime packers (default)/no-rtpdo not scan runtime

1126. Glossary6.1 Types of infiltrationAn Infiltration is a piece of malicious software trying to enter and/or damage a user’s computer.6.1.1 Viru

113If a file on your computer is detected as a Trojan, it is advisable to delete it, since it most likely contains nothing butmalicious code.6.1.4 R

1146.1.7 PackersPacker is a runtime self-extracting executable that rolls up several kinds of malware into a single package.The most common packers

1156.2.1 DoS attacksDoS, or Denial of Service, is an attempt to make a computer or network unavailable for its intended users. Thecommunication betw

1166.2.6 SMB RelaySMB Relay and SMB Relay 2 are special programs that are capable of carrying out attacks against remote computers.The programs take

1176.3.3 Vulnerability ShieldVulnerability shield is an extension of the Personal firewall that improves the detection of known vulnerabilities onth

1186.4 EmailEmail, or electronic mail, is a modern form of communication with many advantages. It is flexible, fast and direct,and played a crucial

1196.4.3 PhishingThe term phishing defines a criminal activity which uses techniques of social engineering (manipulating users inorder to obtain con

122.6 First scan after installationAfter installing ESET Smart Security, a computer scan will start 20 minutes after installation or computer restar

1206.4.4.2 WhitelistIn general, a whitelist is a list of items or persons who are accepted, or have been granted permission. The term“email whitelis

133. Beginner's guideThis chapter provides an initial overview of ESET Smart Security and its basic settings.3.1 The main program windowThe mai

14What to do if the program doesn't work properly?If the modules enabled are working properly, the Protection status icon will be green. A red ex

15Phantom account does not exist initially, but is a security feature that is triggered automatically when youmark a device as missing. You may need t

16The Advanced setup window (click Setup in the main menu and then click Enter advanced setup..., or press F5 onyour keyboard) contains additional upd

17NOTE: By default, workstations from a Trusted zone are granted access to shared files and printers, have incomingRPC communication enabled and have

184. Work with ESET Smart SecurityThe ESET Smart Security setup options allow you to adjust the protection levels of your computer and network.The Set

19Web and Email protection setup allows you to enable or disable the following components:Web access protection – If enabled, all traffic through HTTP

ESET SMART SECURITYCopyright 2015 by ESET, spol. s r. o.ESET Smart Security was developed by ESET, spol. s r. o.For more information visit www.eset.c

20Computer scan setup... – Click to adjust the parameters of the on-demand scanner (manually executed scan).4.1.1 Antivirus and antispywareAntivirus

21Media to scanBy default, all types of media are scanned for potential threats:Local drives – Controls all system hard drives.Device control – Disk S

22Additional ThreatSense parameters for executed filesAdvanced heuristics on file execution – By default, Advanced heuristics is used when files are e

234.1.1.1.3 When to modify real-time protection configurationReal-time protection is the most essential component of maintaining a secure system. Al

24Smart scanSmart scan allows you to quickly launch a computer scan and clean infected files with no need for user intervention.The advantage of Smart

25Infected items are not cleaned automatically. Scanning without cleaning can be used to obtain an overview of thecurrent protection status. If you ar

26After all scans computer takes no action – Triggers a scheduled shutdown or reboot when the computer scanfinishes. Once the scan has finished, a shu

274.1.1.3.1 Automatic startup file checkWhen creating a System startup file check scheduled task, you have several options to adjust the followingpa

28an asterisk (*) represents a variable string of zero or more characters.ExamplesIf you wish to exclude all files in a folder, type the path to the f

294.1.1.6 ThreatSense engine parameters setupThreatSense is technology comprised of many complex threat detection methods. This technology is proact

Contents...5ESET Smart Security1...

30writers. Its latest version introduces a completely new way of code emulation based on binary translation. This newbinary translator helps to bypass

314.1.1.6.6 OtherYou can configure the following options in the Other section:Log all objects – If this option is selected, the log file will show a

32Cleaning and deletingIf there is no predefined action to take for Real-time file system protection, you will be prompted to select anoption in the a

334.1.1.8 Document protectionThe Document protection feature scans Microsoft Office documents before they are opened, as well as filesdownloaded aut

34pop-up in the lower right corner and access to the device will not be granted.4.1.3.1 Device control rulesThe Device control rules editor window d

354.1.3.2 Adding Device control rulesA Device control rule defines the action that will be taken when a device meeting the rule criteria is connecte

36as delivered by the vendor.Tip: In order to figure out the parameters of a device, create an allowing rule for the appropriate type of devices,conne

371. Name the rule and select Block from the Action drop-down menu.2. Open the Target applications tab. Leave the Source applications tab blank to app

38manually, so a rule created from a dialog window can be less specific than the rule that triggered that dialogwindow. This means that after creating

394.2 NetworkThe Personal firewall controls all network traffic to and from the system. This is accomplished by allowing ordenying individual networ

...74Update rollback4.5.2...

40Network attack protection (IDS) – Analyses the content of network traffic and protects from network attacks. Anytraffic which is considered harmful

41Firewall user profilesProfiles are a tool to control the behavior of the ESET Smart Security Personal firewall.Advanced protection featuresEnable Ne

42Notify about learning mode expiration in X days – Specifies the number of days after which ESET Smart Security willnotify the user that Learning mod

43Display information about application allows you to define how applications will be displayed in the list of rules.The following options are availab

444.2.3.1.1 Detailed view of all rulesTo see the following information in the Zone and rule setup window, click Toggle detailed view of all rules.Na

454.2.3.2 Editing rulesModification is required each time any of the monitored parameters are changed. In this case, the rule cannot fulfillthe cond

464.2.4.1 Network authenticationFor mobile computers, it is recommended that you verify the network credibility of the network that you areconnectin

47authenticate the server. The authentication process is repeated for each network your computer connects to. Click Setup... and specify a server name

484.2.4.1.2 Zone authentication - Server configurationThe authentication process can be executed by any computer/server connected to the network tha

494.2.5 Establishing connection - detectionThe Personal firewall detects each newly-created network connection. The active firewall mode determines

51. ESET Smart SecurityESET Smart Security represents a new approach to truly integrated computer security. The most recent version ofthe ThreatSense®

504.2.6 LoggingThe ESET Smart Security Personal firewall saves all important events in a log file, which can be viewed directly fromthe main menu. C

514.3 Web and emailWeb and email configuration can be found in the Setup pane by clicking on Web and email. From here you canaccess more detailed se

524.3.1 Email client protectionEmail protection provides control of email communication received through the POP3 and IMAP protocols. Using theplug-

534.3.1.1.1 Email client protection configurationThe Email client protection module supports the following email clients: Microsoft Outlook, Outlook

544.3.1.3 POP3, POP3S filterThe POP3 protocol is the most widespread protocol used to receive email communication in an email clientapplication. ESE

554.3.1.4 Antispam protectionUnsolicited email, called spam, ranks among the greatest problems of electronic communication. Spam representsup to 80

56Spam score loggingThe ESET Smart Security Antispam engine assigns a spam score to every scanned message. The message will berecorded in the antispam

574.3.2 Web access protectionInternet connectivity is a standard feature in a personal computer. Unfortunately, it has also become the mainmedium fo

584.3.2.2 URL address managementThe URL address management section enables you to specify HTTP addresses to block, allow or exclude fromchecking. Ad

594.3.3 Protocol filteringAntivirus protection for the application protocols is provided by the ThreatSense scanning engine, which seamlesslyintegra

61.1 What's new in version 8ESET Smart Security version 8 features many small improvements:A new Smart mode for HIPS – is placed between Automa

604.3.3.2 Excluded applicationsTo exclude communication of specific network-aware applications from content filtering, select them in the list.HTTP/

614.3.3.3 Excluded IP addressesThe entries in the list will be excluded from protocol content filtering. HTTP/POP3/IMAP communication from/tothe sel

624.3.3.4 SSL protocol checkingESET Smart Security enables you to check protocols encapsulated in SSL protocol. You can use various scanningmodes fo

634.3.3.4.1.2 Excluded certificatesThe Excluded certificates section contains certificates that are considered safe. The content of encryptedcommuni

64NOTE: Potential phishing websites that have been whitelisted will expire after several hours by default. To allow awebsite permanently, you can use

652. Click Setup > Parental control from the main program window. Even though Enabled appears next to Parentalcontrol, you must configure Parental

66will toggle Parental control for the account. Under an active account, click Setup... to see the list of allowedcategories of web pages for this ac

674.4.1 Web page content filteringIf the check box next to a category is selected, it is allowed. Deselect the check box next to a specific category

684.4.2 Blocked and allowed web pagesEnter a URL address into the blank field under the list, select Allow or Block and click Add to add it to the l

69Last successful update – The date of the last update. If you do not see a recent date, your virus signature databasemay not be current.Virus signatu

71.3 PreventionWhen you work with your computer, and especially when you browse the Internet, please keep in mind that noantivirus system in the wor

70Important: Under normal circumstances, when updates are downloaded properly the message Update is notnecessary – the virus signature database is up

714.5.1 Update settingsUpdate setup options are available from the Advanced setup tree (F5 key) by clicking Update > Settings. This sectionspecif

72Authentication for update servers is based on the Username and Password generated and sent to you afterpurchase. By default, no verification is requ

73NOTE: Selecting the most appropriate option depends on the workstation where the settings will be applied. Pleasebe aware that there are differences

74and download updates.Warning: When either Current user or Specified user is selected, an error may occur when changing the identity ofthe program to

75Example: Let the number 6871 be the most recent version of virus signature database. 6870 and 6868 are stored as avirus signature database snapshots

764.6 ToolsThe Tools menu includes modules that help simplify program administration and offers additional options foradvanced users.This menu inclu

774.6.1 Log filesLog files contain information about all important program events that have occurred and provide an overview ofdetected threats. Log

78You can show the context menu by right-clicking a specific entry. The following options are available in the contextmenu:Filter records of the same

79By default, the following scheduled tasks are displayed in Scheduler:Log maintenanceRegular automatic updateAutomatic update after dial-up connectio

82. InstallationThere are several methods for installing ESET Smart Security on your computer. Installation methods may varydepending on country and m

804.6.3 Protection statisticsTo view a graph of statistical data related to ESET Smart Security's protection modules, click Tools > Protecti

81given in KB (kilobytes)/MB/GB. If you mouse over either read data or written data in the legend below the graph,the graph will only display data for

82The ESET Live Grid setup menu provides several options for enabling / disabling ESET Live Grid, which serves tosubmit suspicious files and anonymous

834.6.7 Running processesRunning processes displays the running programs or processes on your computer and keeps ESET immediately andcontinuously in

84By clicking a given application at the bottom, the following information will appear at the bottom of the window:File – Location of an application o

85Sent/Received – Amount of data exchanged within the connection.Open in a new window – Displays information in a separate window.The Configure connec

864.6.9 QuarantineThe main function of the quarantine is to safely store infected files. Files should be quarantined if they cannot becleaned, if it

87infected incorrectly (for example, by heuristic analysis of the code) and subsequently quarantined, please send thefile to the ESET Virus Lab. To su

88SMTP server requires authentication – If the SMTP server requires authentication, these fields should be filled inwith a valid username and password

894.6.12 Submission of samples for analysisThe file submission dialog enables you to send a file or a site to ESET for analysis and can be found in

92.2 Offline installationOnce you launch the offline installation (.msi) package, the installation wizard will guide you through the setupprocess.Fi

90The Context menu is displayed after right-clicking an object. Use this tool to integrate ESET Smart Security controlelements into the context menu.4

91would be a system or network administrator. This option is especially useful for terminal servers, provided that allsystem notifications are sent to

92Block network – Personal firewall will block all outgoing / incoming network and internet traffic.Temporarily disable firewall – Switches the firewa

935. Advanced user5.1 Profile managerProfile manager is used in two places within ESET Smart Security – in the On-demand computer scan section and i

94TABmoves the cursor in a windowEsccloses the active dialog window5.3 DiagnosticsDiagnostics provides application crash dumps of ESET processes (fo

955.5 Idle state detectionIdle state detection settings can be configured in Advanced setup under Tools > Idle state detection. These settingsspe

965.6.2 User Interface and application usageFor clarity the main program window is divided into four major sections – Program Controls located on th

97HelpContains information about the application and its functions.DetailThis setting influences the information displayed in the main program window

98Description window you may find additional details for each process such as dynamic libraries used by the processand their location in the system, t

995.6.2.2.1 Keyboard shortcutsKey shortcuts that can be used when working with the ESET SysInspector include:FileCtrl+Oopens existing logCtrl+Ssaves