ESET Smart Security 7, ITA, 2U, 1Y User's Guide

ESET SMART SECURITY 7User Guide(intended for product version 7.0 and higher)Microsoft Windows 8.1 / 8 / 7 / Vista / XP / Home Server 2003 / Home Ser

102.2.1 Advanced settingsAfter selecting Advanced settings, you will be prompted to select a location for the installation. By default, theprogram i

100Any comparative log can be saved to a file and opened at a later time.ExampleGenerate and save a log, recording original information about the syst

1015.6.4 Service ScriptService script is a tool that provides help to customers that use ESET SysInspector by easily removing unwantedobjects from t

102Example:02) Loaded modules:- c:\windows\system32\svchost.exe- c:\windows\system32\kernel32.dll+ c:\windows\system32\khbekhb.dll- c:\windows\system3

103Example:06) Important registry entries:* Category: Standard Autostart (3 items) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run- HotKeysCmds = C

104Example:09) Critical files:* File: win.ini- [fonts]- [extensions]- [files]- MAPI=1[...]* File: system.ini- [386Enh]- woafont=dosapp.fon- EGA80WOA.F

105Is a specification available for the log file format? What about an SDK ?At the current time, neither a specification for the log file or an SDK ar

1065.6.6 ESET SysInspector as part of ESET Smart SecurityTo open the ESET SysInspector section in ESET Smart Security, click Tools > ESET SysInsp

107Windows.Windows AIK supports:Windows 7Windows VistaWindows XP Service Pack 2 with KB926044Windows XP Service Pack 35.7.2 How to create rescue CDT

1085.7.4.1 FoldersTemporary folder is a working directory for files required during ESET SysRescue compilation.ISO folder is a folder, where the res

1095.7.4.4 Internet protocolThis section allows you to configure basic network information and set up predefined connections after runningESET SysRe

11If you would like to evaluate ESET Smart Security before making a purchase, select Activate Trial License. Fill in youremail address and country to

1105.7.5.1 Using ESET SysRescueSuppose that computers in the network have been infected by a virus which modifies executable (.exe) files. ESETSecu

111/no-mailboxdo not scan mailboxes/sfxscan self-extracting archives (default)/no-sfxdo not scan self-extracting archives/rtpscan runtime packers (def

1126. Glossary6.1 Types of infiltrationAn Infiltration is a piece of malicious software trying to enter and/or damage a user’s computer.6.1.1 Viru

113If a file on your computer is detected as a Trojan, it is advisable to delete it, since it most likely contains nothing butmalicious code.6.1.4 R

1146.1.7 PackersPacker is a runtime self-extracting executable that rolls up several kinds of malware into a single package.The most common packers

1156.2.3 Worm attacksA computer worm is a program containing malicious code that attacks host computers and spreads via a network.Network worms expl

116To avoid attacks, we recommend that you use authentication passwords or keys.6.2.7 ICMP attacksThe ICMP (Internet Control Message Protocol) is a

117clean and also flagged to be excluded from future scans. If it is on the blacklist, appropriate actions are taken basedon the nature of the threat.

1186.4.3 PhishingThe term phishing defines a criminal activity which uses techniques of social engineering (manipulating users inorder to obtain con

1196.4.4.2 WhitelistIn general, a whitelist is a list of items or persons who are accepted, or have been granted permission. The term“email whitelis

122.6 First scan after installationAfter installing ESET Smart Security, a computer scan will start 20 minutes after installation or computer restar

133. Beginner's guideThis chapter provides an initial overview of ESET Smart Security and its basic settings.3.1 The main program windowThe mai

14What to do if the program doesn't work properly?If the modules enabled are working properly, the Protection status icon will be green. A red ex

15Phantom account does not exist initially, but is a security feature that is triggered automatically when youmark a device as missing. You may need t

16The Advanced setup window (click Setup in the main menu and then click Enter advanced setup..., or press F5 onyour keyboard) contains additional upd

17NOTE: By default, workstations from a Trusted zone are granted access to shared files and printers, have incomingRPC communication enabled and have

184. Work with ESET Smart SecurityThe ESET Smart Security setup options allow you to adjust the protection levels of your computer and network.The Set

19Web and Email protection setup allows you to enable or disable the following components:Web access protection – If enabled, all traffic through HTTP

ESET SMART SECURITYCopyright 2014 by ESET, spol. s r. o.ESET Smart Security was developed by ESET, spol. s r. o.For more information visit www.eset.c

204.1.1 Antivirus and antispywareAntivirus and antispyware protection guards against malicious system attacks by controlling file, email and Interne

21Media to scanBy default, all types of media are scanned for potential threats:Local drives – Controls all system hard drives.Device control – CD/DVD

22Additional ThreatSense parameters for executed filesAdvanced heuristics on file execution – By default, Advanced heuristics is used when files are e

234.1.1.1.3 When to modify real-time protection configurationReal-time protection is the most essential component of maintaining a secure system. Al

24Smart scanSmart scan allows you to quickly launch a computer scan and clean infected files with no need for user intervention.The advantage of Smart

25Infected items are not cleaned automatically. Scanning without cleaning can be used to obtain an overview of thecurrent protection status. If you ar

26After all scans computer takes no action – Triggers a scheduled shutdown or reboot when the computer scanfinishes. Once the scan has finished, a shu

274.1.1.3.1 Automatic startup file checkWhen creating a System startup file check scheduled task, you have several options to adjust the followingpa

28an asterisk (*) represents a variable string of zero or more characters.ExamplesIf you wish to exclude all files in a folder, type the path to the f

294.1.1.6 ThreatSense engine parameters setupThreatSense is technology comprised of many complex threat detection methods. This technology is proact

Contents...5ESET Smart Security1...

30writers. Its latest version introduces a completely new way of code emulation based on binary translation. This newbinary translator helps to bypass

314.1.1.6.6 OtherYou can configure the following options in the Other section:Log all objects – If this option is selected, the log file will show a

32Cleaning and deletingIf there is no predefined action to take for Real-time file system protection, you will be prompted to select anoption in the a

334.1.1.8 Document protectionThe Document protection feature scans Microsoft Office documents before they are opened, as well as filesdownloaded aut

34If the inserted external device applies an existing rule that performs the Block action, a notification window willpop-up in the lower right corner

354.1.3.2 Adding Device control rulesA Device control rule defines the action that will be taken when a device meeting the rule criteria is connecte

36number of the given media, not the CD drive.Note: If the above three descriptors are empty, the rule will ignore these fields while matching. Filter

371. Name the rule and select Block from the Action drop-down menu.2. Open the Target applications tab. Leave the Source applications tab blank to app

38the exact parameters for your new rule. Rules created this way are considered equal to rules created manually, so arule created from a dialog window

394.2 NetworkThe Personal firewall controls all network traffic to and from the system. This is accomplished by allowing ordenying individual networ

...74Update rollback4.5.2...

40Advanced Personal firewall setup... – Allows you to access the advanced firewall setup options.4.2.1 Filtering modesFour filtering modes are avail

414.2.1.1 Learning modeThe Learning mode feature in ESET Smart Security's Personal firewall automatically creates and saves a rule for eachcomm

424.2.2 Firewall profilesProfiles can be used to control the behavior of the ESET Smart Security Personal firewall. When creating or editing aPerson

43Select what type of rules will be displayed in the Rules setup section using the Rules to display list:Only user defined rules – Displays only those

444.2.3.1.1 Detailed view of all rulesTo see the following information in the Zone and rule setup window, click Toggle detailed view of all rules.Na

454.2.3.2 Editing rulesModification is required each time any of the monitored parameters are changed. In this case, the rule cannot fulfillthe cond

464.2.4.1 Network authenticationFor mobile computers, it is recommended that you verify the network credibility of the network that you areconnectin

47The public key can be a file of one of the following types:PEM encrypted public key (.pem)This key can be generated using the ESET Authentication Se

484.2.4.1.2 Zone authentication - Server configurationThe authentication process can be executed by any computer/server connected to the network tha

494.2.5 Establishing connection - detectionThe Personal firewall detects each newly-created network connection. The active firewall mode determines

51. ESET Smart SecurityESET Smart Security represents a new approach to truly integrated computer security. The most recent version ofthe ThreatSense®

504.2.6 LoggingThe ESET Smart Security Personal firewall saves all important events in a log file, which can be viewed directly fromthe main menu. C

514.3 Web and emailWeb and email configuration can be found in the Setup pane by clicking on Web and email. From here you canaccess more detailed se

524.3.1 Email client protectionEmail protection provides control of email communication received through the POP3 and IMAP protocols. Usingthe plug-

534.3.1.1.1 Email client protection configurationThe Email client protection module supports the following email clients: Microsoft Outlook, Outlook

544.3.1.3 POP3, POP3S filterThe POP3 protocol is the most widespread protocol used to receive email communication in an email clientapplication. ESE

554.3.1.4 Antispam protectionUnsolicited email, called spam, ranks among the greatest problems of electronic communication. Spam representsup to 80

56Spam score loggingThe ESET Smart Security Antispam engine assigns a spam score to every scanned message. The message will berecorded in the antispam

574.3.2 Web access protectionInternet connectivity is a standard feature in a personal computer. Unfortunately, it has also become the mainmedium fo

584.3.2.2 URL address managementThe URL address management section enables you to specify HTTP addresses to block, allow or exclude fromchecking. Ad

594.3.3 Protocol filteringAntivirus protection for the application protocols is provided by the ThreatSense scanning engine, which seamlesslyintegra

61.1 What's new in version 7ESET Smart Security version 7 features many small improvements:Device control – A replacement of Removable media co

604.3.3.2 Excluded applicationsTo exclude communication of specific network-aware applications from content filtering, select them in the list.HTTP/

614.3.3.3 Excluded IP addressesThe entries in the list will be excluded from protocol content filtering. HTTP/POP3/IMAP communication from/tothe sel

624.3.3.4 SSL protocol checkingESET Smart Security enables you to check protocols encapsulated in SSL protocol. You can use various scanningmodes fo

634.3.3.4.1.2 Excluded certificatesThe Excluded certificates section contains certificates that are considered safe. The content of encryptedcommuni

64NOTE: Potential phishing websites that have been whitelisted will expire after several hours by default. To allow awebsite permanently, you can use

65that do not match a category, click the Blocked and allowed web pages tab.If you click Parental control in the Setup pane from the main product wind

661. Open User Accounts by clicking the Start button (located at the bottom left side of your desktop), clicking ControlPanel and then clicking User A

674.4.1 Web page content filteringIf the check box next to a category is selected, it is allowed. Deselect the check box next to a specific category

684.4.2 Blocked and allowed web pagesEnter a URL address into the blank field under the list, select Allow or Block and click Add to add it to the l

69Last successful update – The date of the last update. If you do not see a recent date, your virus signature databasemay not be current.Virus signatu

71.3 PreventionWhen you work with your computer, and especially when you browse the Internet, please keep in mind that noantivirus system in the wor

70necessary – Virus signature database is up to date will appear in the Update window. If this is not the case, theprogram is out of date and more vul

714.5.1 Update settingsUpdate setup options are available from the Advanced setup tree (F5 key) by clicking Update > Settings. This sectionspecif

724.5.1.1 Update profilesUpdate profiles can be created for various update configurations and tasks. Creating update profiles is especiallyuseful fo

734.5.1.2.2 Proxy serverTo access the proxy server setup options for a given update profile, click Update in the Advanced setup tree (F5)and then cl

744.5.2 Update rollbackIf you suspect that a new update of the virus database and/or program modules may be unstable or corrupt, you canroll back to

754.5.3 How to create update tasksUpdates can be triggered manually by clicking Update virus signature database in the primary window displayedafter

76This menu includes the following tools:Log filesProtection statisticsWatch activityRunning processes (if ESET Live Grid is enabled in ESET Smart Sec

77Parental control – Shows web pages blocked or allowed by Parental control. The Match type and Match valuescolumns tell you how the filtering rules w

78checkboxes at the beginning of each entry to activate/deactivate the tasks.By default, the following scheduled tasks are displayed in Scheduler:Log

794.6.3 Protection statisticsTo view a graph of statistical data related to ESET Smart Security's protection modules, click Tools > Protecti

82. InstallationThere are several methods for installing ESET Smart Security on your computer. Installation methods may varydepending on country and m

80You can also select Network activity from the Activity drop-down menu. The graph display and options for Filesystem activity and Network activity ar

81Do not submit statistics – Select this option if you do not want to submit anonymous information gathered by ESETLive Grid about your computer. This

824.6.7 Running processesRunning processes displays the running programs or processes on your computer and keeps ESET immediately andcontinuously in

83By clicking a given application at the bottom, the following information will appear at the bottom of the window:File – Location of an application o

84The Configure connection view... option in the Network connections screen enters the advanced setup structure forthis section, enabling you to modif

854.6.9 QuarantineThe main function of the quarantine is to safely store infected files. Files should be quarantined if they cannot becleaned, if it

86the context menu.4.6.10 Proxy server setupIn large LAN networks, the connection of your computer to the Internet can be mediated by a proxy server

87Sender address – This field specifies the sender address which will be displayed in the header of notificationemails.Recipient address – This field

884.6.12 Submission of samples for analysisThe file submission dialog enables you to send a file or a site to ESET for analysis and can be found in

89The Context menu is displayed after right-clicking an object. Use this tool to integrate ESET Smart Security controlelements into the context menu.4

92.2 Offline installationOnce you launch the offline installation (.msi) package, the installation wizard will guide you through the setupprocess.Fi

90would be a system or network administrator. This option is especially useful for terminal servers, provided that allsystem notifications are sent to

91protection, which guards against malicious system attacks by controlling file, web and email communication. SelectDo not ask again to avoid this mes

925. Advanced user5.1 Profile managerProfile manager is used in two places within ESET Smart Security – in the On-demand computer scan section and i

93-collapses Advanced setup tree nodesTABmoves the cursor in a windowEsccloses the active dialog window5.3 DiagnosticsDiagnostics provides applicati

945.5 Idle state detectionIdle state detection settings can be configured in Advanced setup under Tools > Idle state detection. These settingsspe

955.6.2 User Interface and application usageFor clarity the main program window is divided into four major sections – Program Controls located on th

96HelpContains information about the application and its functions.DetailThis setting influences the information displayed in the main program window

97Description window you may find additional details for each process such as dynamic libraries used by the processand their location in the system, t

985.6.2.2.1 Keyboard shortcutsKey shortcuts that can be used when working with the ESET SysInspector include:FileCtrl+Oopens existing logCtrl+Ssaves

99ComparingCtrl+Alt+Oopens original / comparative logCtrl+Alt+Rcancels comparisonCtrl+Alt+1displays all itemsCtrl+Alt+2displays only added items, log