译>ESET SysInspector/系统检查员 功能、下载、FAQ

翻译:endurer,2008-05-06 第1版


ESET SysInspector is a new, free utility program from ESET, the developer of ESET Smart Security and ESET NOD32 Antivirus.  While not an anti-malware program, per se, it can be used to examine malware-affected systems as well as for troubleshooting a variety of issues.
ESET SysInspector(ESET系统检查员)是一个新的、免费的工具程序,源自ESET Smart Security(ESET NOD32 安全套装) 和 ESET NOD32 反病毒程序的开发者——ESET。然而该软件本身不是一个反恶意软件程序,它可用于检验被恶意软件感染的系统,用以排除各种各样的故障问题。
Currently, ESET SysInspector functions as a "read-only" program.  It is designed to collect information only and does not make any changes to the computer on which it is running.
目前,ESET SysInspector为“只读”程序。它设计只用于收集信息,并不对运行它的电脑作任何改变。
Each time ESET SysInspector is run, it examines the system to precisely determine its configuration.  This process may take several minutes, depending upon the speed of your computer and the software installed on it. When ESET SysInspector has completed cataloging the system, it displays this information in its graphical user interface.
ESET SysInspector每次运行时,检验系统以精确地判断其配置。该过程可能需要几分钟,取决于你的电脑的速度和所安装的软件。当ESET SysInspector完成编目系统,它会在其图形用户界面上显示这方面的信息。

ESET SysInspector is available for Microsoft Windows 2000 and newer. Both 32-bit (x86) and 64-bit (x64) versions of Windows are supported.
ESET SysInspector可用于微软视窗2000及后续系统。同时支持32位和64位版本的视窗系统。


ESET SysInspector has finished its beta test cycle and is now available for download here.
ESET SysInspector已完成了beta测试周期,现在可以从这里(http://www.eset.com/download/sysinspector.php)下载。


ESET SysInspector Questions
关于ESET SysInspector/SysInspector的问题

Q1: What is ESET SysInspector?
A1: ESET SysInspector is a free tool designed to collect information about your computer's operating environment.
Q1:ESET SysInspector/SysInspector是什么?
A1:ESET SysInspector是一个免费工具,设计用于收集计算机的操作环境信息。

Q2: Does ESET SysInspector remove malware?
A2: Currently, ESET SysInspector does not have any ability to make any changes to computers. It is "read-only" in that it is designed for analysis, not malware remediation. If you need an anti-malware program, you can download a trial version of our software from here or use the free ESET Online Scanner program.
Q2:ESET SysInspector移除恶意软件吗?
A2:目前,ESET SysInspector不具备修改电脑的能力。它“只读”是指它设计用于分析,非恶意软件移除。如果你需要一个反恶意软件程序,你可以从这里(http://www.eset.com/download/)下载我们的软件的测试版或使用免费ESET在线扫描程序(http://www.esetonlinescanner.com/)。

Q3: What is operating systems does ESET SysInspector support?
A3: ESET SysInspector works with Microsoft Windows 2000 and higher. Both 32-bit (x86) and 64-bit (x64) operating systems are supported. ESET SysInspector has not been tested with earlier versions of Microsoft Windows.
Q3:ESET SysInspector支持哪些操作系统?
A3:ESET SysInspector可工作于微软视窗2000或更高版本。同时支持32位和64位版本的视窗系统。ESET SysInspector未在更早版本的微软视窗系统上做测试。

Q4: Does ESET SysInspector require Administrator privileges to run?
A4: While ESET SysInspector does not require Administrator privileges to run, some of the information in collects can only be accessed from an Administrator account. Running it as a Standard User or a Restricted User will result in it collecting less information about your operating environment.
Q4:ESET SysInspector要求以管理员权限来运行吗?
A4:尽管ESET SysInspector不要求以管理员权限来运行,然而有一些待收集的信息只有管理员帐号才能访问。以标准用户或受限用户运行它会导致收集较少有关您的操作环境的信息。

Q5: Does ESET SysInspector create a log file?
A5: ESET SysInspector can create a log file of your computer's configuration. To save one, select File→Save Log from the main menu. Logs are saved in XML or zipped XML format. By default, files are saved to the %USERPROFILE%/My Documents/ directory, with a file naming convention of "SysInpsector-%COMPUTERNAME%-YYMMDD-HHMM.XML" (or .ZIP). You may change the location and name of the log file to something else before saving, if you prefer.
Q5:ESET SysInspector可以创建一个日志文件吗?
A5:ESET SysInspector可以创建你的电脑配置的日志文件。要保存日志文件,从主菜单中选择File→Save。日志以XML或压缩的XML格式被保存。在默认情况下,文件被保存到%USERPROFILE%/My Documents/目录中,文件格式为“SysInpsector-%COMPUTERNAME%-YYMMDD-HHMM.XML”(或.ZIP)。如果您喜欢,您可以在保存前随时更改位置和日志文件的名称。

Q6: How do I view the ESET SysInspector log file?
A6: To view a log file created by ESET SysInspector, run the program and select File→Open Log from the main menu. You can also drag and drop log files onto the ESET SysInspector application. If you need to frequently view ESET SysInspector log files, we recommend creating a shortcut to the SYSINSPECTOR.EXE file on your Desktop; you can then drag and drop log files onto it for viewing.
Q6:我该怎样查看ESET SysInspector的日志文件?
A6:要查看ESET SysInspector创建的日志文件,运行ESET SysInspector并从主菜单中选择File→Open Log。你可以把日志文件拖放到ESET SysInspector应用程序中。如果你需要经常查看 ESET SysInspector日志文件,我们建议您在桌面上创建SYSINSPECTOR.EXE的快捷方式,你可以把把日志文件拖放到到这个快捷方式上进行查看。

Q7: Is a specification available for the log file format? What about an SDK?
A7: At the current time, neither a specification for the log file or an SDK are available since the program is still in development. After the program has been released, we may provide these based on customer feedback and demand.

Q8: What command-line options does ESET SysInspector support?
A8: The following command line options are currently recognized by ESET SysInspector:

/? or /HELP — displays the list of available command line options

/BLANK — starts ESET SysInspector without creating or loading a log file

/GEN={path specification} — saves an XML log file to the location specified by {path specification}

/PRIVACY — used with /GEN, collects information about system except for personally-identifiable information

/SILENT — surpressed the display of the progress bar during report generation

/ZIP — used with /GEN, saves XML log file in .ZIP archive format

{path specification 1} — loads a previously-saved log file from {path specification 1} into ESET SysInspector

{path specification 2} — if a second log file is listed on the command line, ESET SysInspector compares it against the first log file, {path specification 1}

Additional command line option functionality may be added based on customer feedback and demand.
Q8:ESET SysInspector支持什么命令行选项?
A8:下列命令行选项目前可以被ESET SysInspector识别:
/? or /HELP — 显示可用命令行选项清单
/BLANK — 启动 ESET SysInspector,不创建或装载日志文件
/GEN={路径说明符} — 保存XML日志文件到{路径说明符}指定的位置
/PRIVACY — 与/GEN一起使用, 收集除个人身份信息外的信息
/SILENT — 禁止在生成报告时显示进度条
/ZIP — 与/GEN一起使用, 以.ZIP文档格保存XML日志文件
{路径说明符 1} — 从{路径说明符 1} 指定位置将先前保存的日志文件装载到ESET SysInspector
{路径说明符 2} — 如果命令行列出了第2个日志文件, ESET SysInspector会将它与第1个日志文件进行比较
Q9: How does ESET SysInspector evaluate the risk posed by a particular object?
A9: In most cases, ESET SysInspector assigns risk levels to objects (files, processes, registry keys and so forth) using a series of heuristic rules that examine the characteristics of each object and then weight the potential for malicious activity. Based on these heuristics, objects are assigned a risk level from "1 - Fine (green)" to "9 - Risky (red)." In the left navigation pane, sections are colored based on the highest risk level of an object inside them.
Q9:ESET SysInspector如何评估特定对象所造成的风险?
A9:在大多数情况下, ESET SysInspector 将风险等级分配到对象(文件,进程,注册表项等等),使用一系列启发式规则,审查每一个对象的特征,然后估量潜在恶意活动的级别。基于这些启发式,对象被赋以一个风险水平,从“ 1 -好(绿色) ”到“ 9 -风险(红色)” 。在左边的导航窗格中,各部分标以一个对象内风险最高水平的颜色。
Q10: Does a risk level of "6 - Unknown (red)" mean an object is dangerous?
A10: ESET SysInspector's assessments do not guarantee that an object is malicious—that determination should be made by a security expert. What ESET SysInspector is designed for is to provide a quick assessment for security experts so that they know what objects on a system they may with to further examine for unusual behavior.
Q10:风险水平“6 - Unknown (red)”是否意味着一个对象是危险的呢?
A10:ESET SysInspector的赋值并不保证的对象就是恶意的——这需要安全专家来做判定。ESET SysInspector的设计目标是为安全专家提供一个快速赋值,这样他们知道系统中的什么对象可能需要对不寻常的行为做进一步研究。

Q11: Why does ESET SysInspector connect to the Internet when run?
A11: Like many applications, ESET SysInspector is signed with a digital signature "certificate" to help ensure the software was published ESET and has not been altered. In order to verify the certificate, the operating system contacts a certificate authority to verify the identity of the software publisher. This is normal behavior for all digitally-signed programs under Microsoft Windows.
Q11:为什么ESET SysInspector运行时需要连接到互联网?
A11:像一些应用程序一样,ESET SysInspector采用数字签名“证书”来确保软件是ESET发行的并且没有被替换。为了核实证书,操作系统连接证书授权中心以核实软件发行者的身份。这是微软视窗中所有带数字签名的程序的常规行为。

Q12: Can ESET SysInspector detect files, services and processes which are stealthed (cloaked), such as rootkits?
A12: ESET SysInspector contains a kernel mode anti-stealth driver to detect malicious objects which might be cloaked using various stealth mechanisms, including rootkits. Items which are stealthed show up with a risk level of "9 - Risky (red)" and are colored blue.
Q12:ESET SysInspector能检测诸如rootkits这样的秘密(被隐匿)的文件,服务和进程吗?
A12:ESET SysInspector包含了一个内核模式反隐匿驱动程序,用以检测可能被各种秘密机制隐匿的恶意对象,包括rootkits。这类被隐匿的项目会以 “9 - Risky (red)”风险水平显示并标以蓝色。

General Questions

Q1: How many beta test releases will there be?
A1: ESET does not have a public schedule for when new beta test builds will be released. New beta test builds will be released in response to feedback from bug reports and feature requests as well as to add additional functionality to the software.

Q3: For how long will the beta test program run?
A2: The beta test cycle for ESET SysInspector will run until the program reaches the necessary levels of quality, performance and reliability.
A2:ESET SysInspector的公测周期将持续至该程序达到必要的质量,性能和可靠性水平。

Q3: How do I provide feedback on ESET SysInspector?
A3: To contact ESET in order to report a bug, request a feature or ask a question regarding ESET SysInspector, write a message in the ESET Beta Forum or send email to betasupport@eset.sk. Please keep in mind that ESET may not respond to your report unless additional information is required in order to replicate the problem.
Q3:我该怎么提供ESET SysInspector的反馈表?
A3:婪联系ESET,以便就ESET SysInspector报告bug,提出新功能的要求或者答疑,请在ESET Beta论坛(http://www.wilderssecurity.com/forumdisplay.php?f=15)发信息或发送电子邮件到betasupport@eset.sk。请记住,ESET可能不响应您的报告,除非需要其他信息以重现该问题。


