ESET Endpoint Antivirus

( 6.5 )

ESET, spol. s.r.o. ESET Endpoint Antivirus ESET, spol. s r.o. www.eset.com ESET, spol. s r.o. www.eset.com/support 10/13/2017

目錄 1. ES ET...5 End p oint Antivirus 7.1.5.4 排除...21 7.1.5.5 限制...21...21 7.1.5.6 其他...5 1.1 第 6 版 中 的 新 增 功 能...22 7.1.6 偵測到入侵...5 1.2 系 統 需 求...22 7.2 Web 和 電 子 郵 件 防 護 2. 透過 ES ET Rem ote Ad m inistrator...6 連線的使用者...6 2.1 ESET Rem ote Adm inistrator Server...7 2.2 Web Console...7 2.3 Proxy 7.2.1 Web 存取防護...22 7.2.1.1 連接埠...22 7.2.1.2 URL 清單...22...23 7.2.2 電子郵件防護 7.2.2.1 POP3 通訊協定檢查...23 7.2.2.2 IMAP 通訊協定檢查...23...8 2.4 代 理 程 式...23 7.3 網 路 釣 魚 防 護...8 2.5 RD Sensor 3. 安裝...9 8. 裝置控制...24...24 8.1 規 則 編 輯 器...9 3.1 一 般 安 裝 9. 工具...26...10 3.2 自 訂 安 裝...10 3.3 遠 端 安 裝...26 9.1 防 護 記 錄 檔 案 3.3.1 建立遠端安裝套件...10 9.1.1 防護記錄維護...26 3.3.2...11 目標電腦的遠端安裝 9.1.2 防護記錄過濾...26 3.3.3 遠端解除安裝...11 3.3.4 遠端升級...11...27 9.2 排 程 器 4. 產品啟動...12...27 9.2.1 建立新工作 9.2.2...28 建立使用者定義的工作...28 9.3 L ive Grid 5. 解除安裝...13 9.3.1 可疑檔案...29...29 9.4 隔 離 區 6. 基本概觀...14 9.4.1 隔離檔案...29 9.4.2 還原隔離的檔案...29...14 6.1 鍵 盤 快 捷 鍵 9.4.3 從隔離區提交檔案...30...15 6.2 檢 查 系 統 的 作 業...30 9.5 權 限...15 6.3 如 果 程 式 運 作 不 正 常 怎 麼 辦...30 9.6 簡 報 模 式 7. 電腦防護...16...30 9.7 執 行 中 的 處 理 程 序...16 7.1 病 毒 及 間 諜 程 式 防 護...16 10.使用者介面...32 7.1.1 一般 7.1.1.1 排除 7.1.2 啟動防護...16 10.1.1 顯示警告...32 7.1.3 即時檔案系統防護...17 10.1.2 防護狀態...32...16...32 10.1 警 告 及 通 知...17...33 10.2 7.1.3.1 進階選項 7.1.3.2...17 何時修改即時防護配置 7.1.3.3 檢查即時防護 7.1.3.4...18 即時防護無法運作時怎麼辦...34 11.1 更 新 設 定 7.1.4 指定電腦掃描 7.1.4.1 掃描類型 7.1.4.1.1 智慧型掃描 7.1.4.1.2 自訂掃描 7.1.4.2 掃描目標...19 7.1.4.3 掃描設定檔...19 7.1.5 ThreatSense 引擎參數設定...20 7.1.5.1 物件...20 7.1.5.2 選項...20 7.1.5.3 清除...21 內容功能表...17...18 11.更新...34 11.1.1 進階選項...35...19...35 11.2 如何建立更新工作...35 11.3 升 級 為 新 組 建...19...36 11.4 系 統 更 新...19 12.其他選項...37...37 12.1 匯 入 及 匯 出 設 定...37 12.2 Proxy 伺 服 器 設 定...37 12.3 共 用 本 機 快 取

1. ESET Endpoint A ntivirus ESET Endpoint Antivirus 6 ThreatSense ESET Endpoint Antivirus 6 rootkit ESET Remote Administrator 6 1.1 6 ESET Endpoint Antivirus 6 Web - Web - POP3 IMAP - - 6.1 - ESET Endpoint Antivirus [ ] - 1.2 ESET Endpoint Antivirus Intel 32 64 macos 10.9 macos Server 10.7 300 MB 200 MB 5

2. ESET Remote Administrator ESET Remote Administrator (ERA) 6 ESET ESET Remote Administrator ESET ESET Remote Administrator ESET ESET ( ) Microsoft Linux macos ESET ERA ESET Remote Administrator 2.1 ES ET Remote Administrator S erver ESET Remote Administrator Server ESET Remote Administrator ( ERA 8 ) ERA ( ) ERA ERA ERA ERA Agent/Proxy/RD Sensor ERA ERA Web Console 7 ESET 6

2.2 Web C onsole ERA Web Console ERA 6 Web ESET Web Console ESET Web ESET Remote Administrator Web Console [ ] Web Console [ ] IPv4/IPv6 [ ] Enter [ ] 2.3 Prox y ERA Proxy ESET Remote Administrator ( 10,000 ) ERA Proxy ERA Proxy ERA 6 ERA Proxy ERA Proxy ERA ERA Proxy ( ) ERA ERA Proxy ERA ERA ( ERA Proxy) ERA Proxy ERA Proxy ERA ERA Proxy ERA Proxy ESET ( ERA ERA Proxy) 7

2.4 [ERA ] ESET Remote Administrator ESET ( ESET Endpoint Antivirus) ERA ESET ERA Proxy ESET 1. 2. Proxy 3. Proxy ESET ESET ESET Proxy Proxy 2.5 RD S ensor RD (Rogue Detection) Sensor ESET Remote Administrator ESET Remote Administrator Web Console [ ] RD Sensor ERA ERA PC PC PC 8

3. ESET Endpoint Antivirus CD/DVD CD/DVD-ROM ESET Endpoint Antivirus 9 10 10 3.1 ESET Live Grid ESET Live Grid ESET ESET [ ] Live Grid 28 [ ] ESET Endpoint Antivirus [ ] [ ] 18 9

3.2 ESET Endpoint Antivirus ( Web ) Proxy Proxy [ Proxy ] Proxy IP URL [ ] [ ] Proxy (3128 ) Proxy [ ] [ ] Proxy Proxy [ Proxy ] Proxy [ ( )] [ ] [ ] [ ] [ ] ESET Live Grid ESET Live Grid ESET ESET [ ] Live Grid 28 [ ] ESET Endpoint Antivirus [ ] [ ] 18 3.3 ESET Remote Administrator ESET Endpoint Antivirus 1. ESET 10 2. 11 ESET Remote Administrator 6 macos ( ) 3.3.1 ESET Endpoint Antivirus ( Web ) Proxy Proxy [ Proxy ] Proxy IP URL [ ] [ ] Proxy (3128 ) Proxy [ ] [ ] Proxy Proxy [ Proxy ] Proxy [ ( )] 10

[ ] [ ] [ ] [ ] ESET Live Grid ESET Live Grid ESET ESET [ ] Live Grid 28 [ ] (esets_remote_install.pkg) shell (esets_setup.sh) shell (esets_remote_uninstall.sh) 3.3.2 Apple Remote Desktop macos (.pkg) shell ESET Endpoint Antivirus Apple Remote Desktop ESET Endpoint Antivirus 1. Apple Remote Desktop [ ] 2. + shell (esets_setup.sh) 3. [ ] /tmp [ ] 4. [ ] ESET Remote Administrator ESET Remote Administrator 3.3.3 ESET Endpoint Antivirus 1. Apple Remote Desktop [ ] shell ( esets_remote_uninstall.sh - ) shell /tmp ( /tmp/esets_remote_uninstall.sh ) 2. [ ] [ ] [ ] root 3. [ ] 3.3.4 Apple Remote Desktop [ ] ESET Endpoint Antivirus 11

4. (CD/DVD ESET ) ESET Endpoint Antivirus macos ( ) ESET Endpoint Antivirus [ ] [ ] > [ ] [ ] > [ ] ESET Endpoint Antivirus - XXXX-XXXX-XXXX-XXXX-XXXX - ESET License Administrator ( ) - ESET ESET License Administrator ESET Remote Administrator ESET Remote Administrator ESET Endpoint Antivirus 6.3.85.0 ( ) sudo./esets_daemon --wait-respond --activate key=xxxx-xxxx-xxxx-xxxx-xxxx XXXX-XXXX-XXXX-XXXX-XXXX ESET Endpoint Antivirus ESET License Administrator 12

5. ESET Endpoint Antivirus ESET Endpoint Antivirus CD/DVD Finder [ ] ESET Endpoint Antivirus (.dmg ) [ ] Finder [ ] CTRL ESET Endpoint Antivirus [ ] Contents > Helpers Uninstaller 13

6. ESET Endpoint Antivirus Web 18 26 27 29 30 6.1 ESET Endpoint Antivirus cmd+, - ESET Endpoint Antivirus cmd+o - ESET Endpoint Antivirus GUI cmd+q - ESET Endpoint Antivirus GUI macos ( ) ESET Endpoint Antivirus cmd+w - ESET Endpoint Antivirus GUI [ ] > [ ] [ ] > [ ] cmd+alt+l - [ ] cmd+alt+s - [ ] cmd+alt+q - [ ] 14

6.2 [ ] ESET Endpoint Antivirus 6.3 ESET ESET ESET Endpoint Antivirus 15

7. [ ] > [ ] [ ] [ ] [ ] 7.1 7.1.1 [ ] ([ ] > [ ]> [ ]) - ( ) - [ ] - Packer Protector Protector Packer Runtime Packer UPX PE_Compact PKLite ASPack Packer Packer Web 16 [ ] 7.1.1.1 [ ] IP/IPv6 [ ] ( ) - - - ( *?) - - [Web ] [ ] [IP/IPv6 ] 7.1.2 ThreatSense [ ] 20 ThreatSense 16

7.1.3 ThreatSense ( ThreatSense 20 ) [ ] [ ] [ ] ( ) ( ) ESET Endpoint Antivirus [ ] ( [ ] > [ ] [ ] [ ]) Real-time [ ] - [ ] - CD DVD USB [ ] - [ ] > [ ]( cmd+, ) > [ ] [ ] [ ] ( 17 ) 7.1.3.1 ThreatSense [ ] [ ] [ ] ThreatSense 20 [ ] [ ThreatSense ] - [ ] ESET Live Grid [ ] - OS X 10.10 Microsoft Word 2011 Word 2016 7.1.3.2 ESET Endpoint Antivirus [ ] [ ] [ ] [ ] > [ ]> [ ]) 7.1.3.3 eicar.com EICAR (European Institute for Computer Antivirus Research) ESET Remote Administrator [ ] /Applications/.esets/Contents/MacOS/esets_daemon --status RTPStatus=Enabled RTPStatus=Disabled 17

bash ESET Endpoint Antivirus 7.1.3.4 [ ] > [ ] [ ] [ ] [ ] [ ] ESET 7.1.4 ( ) [ ] [ ] > [ ] [Finder] ESET Endpoint Antivirus Dock ( ) ( /Applications ) 18

7.1.4.1 [ ] [ ] 7.1.4.1.1 21 7.1.4.1.2 [ ] [ ] > [ ] [ ] [ ] [ ]> [ ] 7.1.4.2 7.1.4.3 ( ) [ ] > [ ]( cmd+, ) > [ ] [ ] 19

ThreatSense 20 : [ ] [ ] [ ] [ThreatSense ] [ ] [ ] 7.1.5 ThreatSense ThreatSense ESET ( ) ThreatSense Rootkit ThreatSense [ ] > [ ]( cmd+, ) [ ] [ ] [ ] ThreatSense [ ] ThreatSense ( ) ThreatSense [ ] - [ ] - [ ] - Web ThreatSense ThreatSense 7.1.5.1 [ ] [ ] - ( ) [ ] - ( ) [ ] - ( ) [ ] - ( ) (.rar zip arj tar ) [ ] - ( ) - ( ) UPX yoda ASPack FGS 7.1.5.2 [ ] ( ) ESET 20

7.1.5.3 3 - - - ( ) : 7.1.5.4 ThreatSense log, cfg tmp log cfg tmp 7.1.5.5 [ ] : 10 ( ) 7.1.5.6 ESET ESET Endpoint Antivirus ThreatSense [ ] ( ) ( ) 21

7.1.6 (USB CD DVD ) 1. [ ] 2. [ ] ( 19 ) 3. [ ] ESET Endpoint Antivirus [ ] [ ] [ ] [ ] - - [ ] 7.2 Web Web [ ] > [Web ] [ ] Web - Web HTTP - POP3 IMAP - ESET 7.2.1 Web Web Web HTTP ( ) HTTP 22 URL 22 Web 7.2.1.1 [ ] HTTP 80 8080 3128 7.2.1.2 URL [URL ] HTTP [ URL] URL [ URL ] [ ] [ ] URL * ( )?( )? 22

7.2.2 POP3 IMAP ThreatSense POP3 IMAP ThreatSense [ ] [ ] HTML [ ] [ ] [ ] [ ] [ ] POP3 IMAP POP3 23 IMAP 23 7.2.2.1 POP3 POP3 ESET Endpoint Antivirus POP3 110 [ POP3 ] POP3 7.2.2.2 IMAP (IMAP) IMAP POP3 ( ) ESET Endpoint Antivirus IMAP IMAP 143 [ IMAP ] IMAP 7.3 ( ) PIN ([ ] > [ ]> ) ESET 23

8. ESET Endpoint Antivirus (HDD USB ) CD/DVD USB [ ] > [ ] 26 ESET Endpoint Antivirus 8.1 [ ] > [ ]> [ ] [ ] ESET Endpoint Antivirus ESET Endpoint Antivirus ( ) [ ] [ ] [ ] [ ] USB FireWire - - - [ ] [ ] - ID - - CD/DVD CD 24

(*?) 26 - - - - - [ ] - [ ] [ ] [ ] [ ] [ ] [ ] ( ) 25

9. [ ] 9.1 ESET Endpoint Antivirus ESET Endpoint Antivirus [ ] > [ ] [ ] 1. 2. ESET Endpoint Antivirus 3. 4. ( ) 5. Web 22 URL IP [ ] 9.1.1 ESET Endpoint Antivirus [ ] > [ ] > [ ] > [ ] CSV ( ) [ ] [ ] [ ] [ : ] eventslog.txt threatslog.txt scanlog. NUMBER.txt devctllog.txt [ ] [ ] 26 9.1.2 - ( ) - - - - 26

9.2 [ ] ESET Endpoint Antivirus [ ] [ ] ( ) ( [ ] ) ( ) CTRL [ ] [ ] 9.2.1 [ ] [ ] Ctrl [ ] [ ] nobody macos 27

1. [ ] [ ] 2. [ ] 3. [ ] [ ] cron ( 28 ) 4. 5. [ ] ESET Endpoint Antivirus [ ] > [ ] > [ ] [ ] 9.2.2 [ ] [ ] [ ] cron ( 6 ) (0-59) (0-23) (1-31) (1-12) (1970-2099) (0-7)( = 0 7) 30 6 22 3 2012 4 cron (*) - 3 ( ) (-) - 3-9 (,) - 1,3,7,8 (/) - 3-28/5 3 ( ) 3 5 (Monday-Sunday) (January-December) 9.3 L ive Grid Live Grid ESET Live Grid Live Grid 1. Live Grid ESET Endpoint Antivirus 2. Live Grid ESET ESET Live Grid ( ) ESET Live Grid [ ] > [ ] > [Live Grid] [ ESET Live Grid ( )] Live Grid [ ] [ ] 28

9.3.1 ESET Endpoint Antivirus ESET [ ]([ ] > [ ] > [Live Grid]> [ ]) [ ] > [ ] [ ] ESET Live Grid ESET ESET # utc_time=2005-04-14 07:21:28 # country= Slovakia # language= ENGLISH # osver=9.5.0 # engine=5417 # components=2.50.2 # moduleid=0x4e4f4d41 # filesize=28368 # filename=users/userone/documents/incoming/rdgfr1463[1].zip [ ] (.doc,.rtf ) ( ) ESET 9.4 ESET Endpoint Antivirus ESET ( ) ( ) ( /Library/Application Support/Eset/esets/cache/quarantine ) ESET Endpoint Antivirus ESET Endpoint Antivirus 9.4.1 ESET Endpoint Antivirus ( ) [ ] [ ] Ctrl [ ] > [ESET Endpoint Antivirus - ] 9.4.2 [ ] CTRL [ ] [ ] [ ] 29

30 9.4.3 ( ) ESET CTRL [ ] 9.5 ESET Endpoint Antivirus [ ] > [ ] > [ ] > [ ] [ ] [ ] [ ] [ ] [ ] 9.6 [ ] CPU [ ] > [ ]> [ ] > [ ] [ ] [ ] ( ) ESET Endpoint Antivirus 9.7 [ ] ESET Endpoint Antivirus ESET Live Grid [ ] - Activity Monitor ( /Applications/Utilities ) [ ] - ESET Endpoint Antivirus ESET Live Grid ( ) ( ) ( ) ESET [ ] - ESET Live Grid [ ] - ESET Live Grid [ ID] - [ ] - [ [] - [ [] - [ ID] -

[ ] - [ ] - 31

10. [ ] > [ ]> [ ] ESET Endpoint Antivirus [ ] [ Dock ] macos Dock ESET Endpoint Antivirus cmd+tab ESET Endpoint Antivirus ESET Endpoint Antivirus ( ) [ ] ( 14 ) macos ( ) ( ) [ ] ESET Endpoint Antivirus [ ] [ ] [ ] ESET Endpoint Antivirus macos ( ) [ ] ESET Endpoint Antivirus ( ) 10.1 [ ] ESET Endpoint Antivirus [ ] ( ) 32 [ ] ( ) [ X ] ( 5 ) ESET Endpoint Antivirus 6.2 ([ ] ) 32 10.1.1 ESET Endpoint Antivirus [ ] [ ] ( [ ] > [ ]> [ ] > [ : ] ) ESET Endpoint Antivirus [ ] [ ] 10.1.2 ESET Endpoint Antivirus [ ] > [ ]> [ ] > [ : ] ESET Endpoint Antivirus ([ ] ) Web 32

10.2 ESET Endpoint Antivirus [ ] > [ ] > [ ] [ ] CTRL Finder 33

11. ESET Endpoint Antivirus [ ] [ ] [ ] [ ] 34 12 37 [ ] ESET 11.1 [ ] [ ] ESET [ ] [ ] [ ] [ ] ESET Endpoint Antivirus [ ] [ ] [ ] ESET [ ] ESET Endpoint Antivirus 34

[Proxy ] Proxy ( HTTP Proxy) Proxy Proxy Proxy Proxy 37 Proxy 1. [ Proxy ] 2. [ ] ESET Endpoint Antivirus IP (3128 ) 3. Proxy [ ] [ ] ESET Endpoint Antivirus macos Proxy macos > [ ] > [ ] > [ ] > [Proxy] [ HTTP Proxy ] ESET Endpoint Antivirus Proxy MacBook [ ] 11.1.1 [ ] ESET Endpoint Antivirus [ ] [ ] ESET Endpoint Antivirus [ ] [ ] [ ] ( ) 7 11.2 [ ] > [ ] [ ] > [ ] ESET Endpoint Antivirus 27 11.3 ESET Endpoint Antivirus [ ] [ ] [ ] ( ) CD/DVD ESET Endpoint Antivirus 35

11.4 macos ESET Endpoint Antivirus [ ] > [ ] > [ ] > [ ] [ ] [ ] - - [ ] macos macos ESET Endpoint Antivirus [ ] [ ] ( ) [ ] [ ] - [ ] - [ ] - softwareupdate softwareupdate [ ] man softwareupdate softwareupdate 36

12. 12.1 ESET Endpoint Antivirus [ ] > [ ] ESET Endpoint Antivirus [ ] ESET Endpoint Antivirus [ ] [ ] [ ] 12.2 Prox y Proxy [ ] > [ ] > [Proxy ] Proxy ESET Endpoint Antivirus Proxy ESET Endpoint Antivirus Basic Access NTLM (NT LAN Manager) Proxy [ Proxy ] [Proxy ] Proxy IP URL [ ] Proxy (3128 ) [ ] Proxy [ ] [ ] 12.3 [ ] > [ ] > [ ] [ ESET ] ESET Endpoint Antivirus [ ] - IP [ ] - (3537 ) [ ] - ( ) ESET Shared Local Cache ESET Shared Local Cache ( ) 37