Anti-Virus Till the End
将反病毒进行到底
在病毒肆虐日益严重的今天,臭名昭著的蠕虫病毒、“木马”病毒、黑色星期五……一个个让人闻之色变的病毒使广大的个人网络用户和企业面临威胁,却也同时看到了反病毒服务的重要性。
双语时尚和金山毒霸联合为大家推出的计算机病毒专题,让你看透病毒,做到有备而战!
可怜的Josie工作的时候被病毒袭击,只得惨兮兮地请人来修理。和朋友聊天时才发现,那个可恶的病毒竟是一个18岁男孩的“作品”……
As Josie gets off the phone with her last customer, her coworker (also her best friend) Rob comes over to ① check up on her.
Rob: So, how did it go?
Josie: Great! I contacted everyone and introduced myself, and I think I even got a new lead.
Rob: You are so lucky today!
Josie: Now, I just have to organize these names and phone numbers!
Rob: There should be some software on your computer that will do that for you.
Josie: Fantastic! Let me try to find it…
Rob: You could also download information from your computer onto a PDA, like mine.
Josie: What a neat gadget!
Rob: It"s more than that. For instance, if I"m out ② on the road with a client, I can get Internet access with this.
Josie: I need to consider getting one of these. Hey, what just happened to my computer? It suddenly froze and then came back on again!
Rob: Oh, It seems that the computer has been attacked by the "Blaster" virus! Looks like it crashed. The most common reaction following an attack by the "Blaster" virus is that a minute after starting the computer it will turn itself off and then on again. You"ll have to restart it. I"ll ask a technician to look at it.
Josie: Thanks, Rob. You know, I know I sound like a broken record, but I really appreciate all your help.
Rob: Don"t mention it.
At night, Rob and Josie go online again to chat with each other. Thorin, their close friend, is also on the Internet.
Thorin:Hi everybody!
Rob: Hey, Thorin.
Josie: WB, Thorin.
Thorin: So, what"s going on?
Rob: We were just talking about the big movie Harry Potter. Josie has ③ fallen in love with Harry!.
Josie: It"s not that serious. But it"s a great film. I"ve got all the Harry Potter books so far.
Thorin: Ah… I haven"t seen it yet. Maybe I should go and watch it. BTW, how much do movies cost in your area?
Rob: About RMB 80.
Josie: RMB 70.
Thorin: About the same here.
Josie: Don"t talk about the movie again. Thorin, my computer was attacked by virus today. Be careful.
Thorin: Mentioning the virus, I just heard that there have been a lot of viruses lately, and there has also been a new virus called "Blaster" that attacks holes in the system.
Rob: Yes, it has infected over 500,000 computers around the world. And the virus researchers also discovered a message hidden inside the infection that appeared to taunt Microsoft Chairman Bill Gates, "Bill Gates why do you make this possible? Stop making money and fix your software!" I think Josie"s computer was attacked by the "Blaster" virus.
Thorin: Cool! It seems that the FBI has arrested an 18-year-old boy. He is the suspected creator of the Blaster virus.
Rob: Wow, what talent. Anyway, I"m lucky that my computer hasn"t ④ broken down yet.
Josie: You are joking, aren"t you? ⑤ You"d better go online at once and download a program to treat the virus. Don"t be careless.
在乔西和最后一个客户讲完电话时,她的同事(兼好朋友)罗伯过来看看她的情况。
罗伯: 情况如何?
乔西: 很好!我联络了每位客户并向他们自我介绍,我想我甚至谈成了一笔新生意。
罗伯: 你今天运气真好!
乔西: 现在,我只要把这些名字和电话号码都整理清楚就好了!
罗伯: 你的电脑里应该有某个软体可以帮你整理。
乔西: 太好了,让我找找看……
罗伯: 你也可以把资料从你的电脑下载到掌上型电脑上,就像我用的这种。
乔西: 好炫的小机器。
罗伯: 它的功能可不只这样。举例来说,如果我和客户在外面谈生意,我还可以用它来上网。
乔西: 我应该考虑买一台。嘿,我的电脑怎么了?突然死机然后自动重启!
罗伯: 噢,电脑像是遭到“冲击波”袭击了!被“冲击波”攻击后的电脑最频繁的一个现象就是系统在启动一分钟后反复重启。你必须重新开机。我会请技术人员来看一下。
乔西: 谢谢你,罗伯。我知道我就像唱片跳针一样一直重复这句话,但是我真的很感谢你一直帮我忙。
罗伯: 不客气。
晚上,罗伯和乔西照常上网聊天,一同加入的还有他们的铁网友索林。
索林: 大家安安啊!
罗伯: 嘿,索林。
乔西: 再安,索林。
索林: 你们在聊些什么呀?
罗伯: 我们刚说到电影《哈里波特》。我猜乔西都爱上哈里波特了。
乔西: 才没那么严重呢。不过,的确是很好看哦。我还有哈里波特系列书呢。
索林: 喔……我还没看过耶。看来我也得去瞧瞧哟。顺便问一下,你们那里看电影要多少钱?
罗伯: 大概80块钱。
乔西: 70块。
索林: 我们这里大概也是这个价格。
乔西: 别再说那部电影了。索林,今天我的电脑被病毒击中了。你要小心一点。
索林: 提到病毒,我听说最近网络病毒又猖狂起来了,出现了一种叫“冲击波”的新病毒,专门攻击系统漏洞。
罗伯: 是的,它已感染了全世界50多万台电脑。研究人员还发现了病毒内藏有一条挖苦微软创始人Bill Gates的信息: “比尔·盖茨,你为什么要使这种攻击成为可能?不要再挣更多的钱了,好好修正你发行的软件吧。”我认为乔西的电脑就是被“冲击波”病毒给袭击的。
索林: 酷呆了!好像FBI刚刚逮捕了一个18岁的男孩,他被怀疑是冲击波病毒的制造者。
罗伯: 哇,完全一个天才型人物。真庆幸,我的电脑至今还未崩溃。
乔西: 你不是在开玩笑吧。你们最好是马上到网上下载一个补丁程序来防御病毒。可别大意哦。
关键词
implant /im`pl3nt/ v. 移植
associated /9`s9uHieitid/ adj. 相关的
trigger /`triG9/ v. 激发
whammy /`w2mi/ n. 致命的一击
glitch /GlitH/ v. 小故障; 小毛病
self-replicating /`self`replikeitiM/ adj. 自我复制
vandal /`v2nd9/ n. 恶意破坏者
病毒种类大公开
各类形形色色的病毒是如何被分类的?那些不同种类的病毒是怎么搞破坏的呢?
Boot Sector Virus: Replaces or implants itself in the boot sector---an area of the hard drive (or any other disk) accessed when you first turn on your computer. This kind of virus can prevent you from being able to boot your hard disk.
File Virus
File Virus: Infects applications. These executables then spread the virus by infecting associated documents and other applications whenever they"re opened or run.
Macro Virus
Macro Virus: Written using a simplified macro programming language, these viruses affect Microsoft Office applications, such as Word and Excel, and account for about 75 percent of viruses found in the wild. A document infected with a macro virus generally modifies a pre-existing, commonly used command (such as Save) to trigger its payload upon execution of that command.
Multipartite Virus
Multipartite Virus:Infects both files and the boot sector--a double whammy that can reinfect your system dozens of times before it"s caught.
Polymorphic Virus
Polymorphic Virus: Changes code whenever it passes to another machine; in theory these viruses should be more difficult for antivirus scanners to detect, but in practice they"re usually not that well written.
Stealth Virus
Stealth Virus: Hides its presence by making an infected file not appear infected, but doesn"t usually stand up to antivirus software.
开机型病毒
开机型病毒是藏匿在磁盘片或硬盘的第一个扇区。使得病毒可以在每次开机时, 在操作系统还没被加载之前就被加载到内存中,这个特性使得病毒可以针对DOS的各类中断得到完全的控制, 并且拥有更大的能力进行传染与破坏。
文件型病毒
文件型病毒通常寄生在可执行文件中。当这些文件被执行时, 病毒的程序就跟着被执行。
宏病毒
宏病毒主要是利用软件本身所提供的宏能力来设计病毒,所以凡是具有写宏能力的软件都有宏病毒存在的可能。
复合型病毒
复合型病毒兼具开机型病毒以及文件型病毒的特性。由于这个特性, 使得这种病毒具有相当程度的传染力。一旦发病,可以使计算机不断重启,破坏的程度非常可观。
千面人病毒
千面人病毒可怕的地方, 在于每当它们繁殖一次, 就会以不同的病毒码传染到别的地方去。每一个中毒的文件中, 所含的病毒码都不一样, 扫描固定病毒码的防毒软件很难检测到,不过实际上那些病毒写得不是很好。
隐型飞机式病毒
隐型飞机式病毒又称作中断截取者(Interrupt Interceptors)。顾名思义, 它通过控制DOS的中断向量,把所有受其感染的文件"假还原",再把"看似跟原来一模一样"的文件丢回给 DOS。
病毒本源
人们常问的问题就是:什么是计算机病毒,它究竟为什么有那么大的威力?近来,特洛依木马猖獗,那么这么一个历史性的名字怎么会安到这种病毒的头上呢?
What is a Computer Virus?
A computer virus is a program that requires a host in order to make copies of itself on computer disks. Viruses may infect program files, programs in disk sectors, and files that use macros. The ability to self-replicate distinguishes viruses from programs that do not, and this parasitic nature is neither an accident, nor a computer glitch. All viruses are created by people who know how to write computer programs.
Why are they called Viruses?
The first theories about the possibility of creating a self-replicating program date back to 1949, and experimental viruses were first programmed and tested in the 1960s. They got their name when a university professor used the term "virus" to describe them 1984, because like a biological virus, a computer virus is small, makes copies of itself, and cannot exist without a host. When personal computers became popular, PC viruses began to appear (in 1986-1987), at first intended as jokes, or developed for research or demonstration purposes.
What is a Trojan horse?
Trojan horse programs are named for the giant wooden horse that concealed Greek soldiers who used it to invade the ancient city of Troy. Like that famous trick, a Trojan horse program conceals hidden programming. The hidden function may just be a joke, or something annoying, but vandals often use Trojan horse programs to destroy other people"s data, knowing that some people will run any program that has an interesting file name, or promises to perform a useful function.
什么是计算机病毒?
所谓电脑病毒在技术上来说,是一种会自我复制的可执行程序。病毒会感染程序文件,硬盘和有宏的文件。自我复写的能力让病毒不同于没有这种能力的程序,而且病毒所具有的寄生性并非偶然,也并非机器故障。所有的病毒都是由会写程序的人制造出来的。
为什么叫病毒?
制造病毒的可能性始于1949年,试验性病毒的程序于十九世纪六十年代写出,并试运行。1984年,一位大学教授为之命名为“病毒”,因为它就像一个生物病毒,计算机病毒很小,能自我复制,要寄主才行。个人计算机流行开来后,病毒开始出现(在1986-1987),初始为玩笑,或者做为研究和演示用。
特洛依木马病毒是什么?
特洛依木马是从希腊战士用特洛依木马攻入古城特洛依而来的。同那个著名的点子一样,特洛依算是一种骗子程序,提供某些功能作为诱饵,背地里破坏别人的数据。
关键词
implant /im`pl3nt/ v. 移植
associated /9`s9uHieitid/ adj. 相关的
trigger /`triG9/ v. 激发
whammy /`w2mi/ n. 致命的一击
glitch /GlitH/ v. 小故障; 小毛病
self-replicating /`self`replikeitiM/ adj. 自我复制
vandal /`v2nd9/ n. 恶意破坏者
病毒种类大汇总
病毒太多了!虽然很想做得很全,但在技术乃至病毒种类的发展极其快速的今天,恐怕只有挑选代表性的病毒予以展示,希望大家警醒。
W32/Klez-H
Overview: Detected since March 2002. It"s very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic, most common AV software can"t detect or clean it. W32/Klez-H may also spread to remote shares on other machines using random filenames. It can delete the programmes and antivirus file which may kill it.
Friday 13th virus
Overview: it"s from South Africa, and first appeared in November 1987. The original Friday 13th COM virus first appeared in South Africa in 1987. Unlike the Jerusalem (Friday 13th) viruses, this virus is not memory resident, nor does it hook any interrupts. It deletes every file you want to run, and it spreads extremely fast. The signal of its outbreak is: the light of the floppy won"t be off. The virus is usually transmitted by booting a computer with an infected disk. It is triggered on every 13th (Friday).
Michelangelo Virus
Overview: With its Origin of Sweden (or Taiwan), Michelangelo virus first appeared in April 1991.This virus infects the Master Boot Record on hard disks and Boot sector under floppies. The virus infects the computer when booted with an infected disk. Michelangelo carries a payload, which is triggered on March 6th. The payload on this day is to delete the files present on the infected system.
Nimda worm
Overview: On September 2001, it was discovered. It is one of the first few which infect both client and server computers, making it highly effective in spreading out fast, and almost automatically, without the need for interaction from the user"s part. It makes use of 2 security vulnerabilities in Microsoft products.
W32/Sobig-F
Overview: W32/Sobig-F is a worm that spreads via email. W32/Sobig-F also attempts to spread by copying itself to Windows network shares.
求职信及其变种
病症:2002年3月发现。病毒运行后,首先提升自身的运行级别,然后将自己复制到Windows系统目录下,同时会放出一个小的系统病毒体(Win32.Foroux.exe),感染计算机中的所有可执行文件,大部分不可被删除或清除。另外病毒有很强的局域网传播特性,而且还会模拟用户来向外界发送大量可变标题的病毒邮件,病毒发作时会杀掉威胁它的程序和删除一些著名杀毒软件的数据文件。
黑色(13号)星期五病毒
病征:产于南非,于1987年被发现。不同于耶路撒冷病毒,它不占内存不产生任何停顿。十三号星期五来临时,黑色星期五病毒会将任何一支你想执行的中毒文件删除。该病毒感染速度相当快,其发病的唯一征兆是A:磁盘驱动器的灯会一直亮着。它通常由被感染的软盘感染。每逢13号(星期五)发病。
米开朗基罗病毒
病征:发病日3月6日,1991年4月被发现,产地是瑞典(也有一说为台湾)。米开朗基罗是一只典型的开机型病毒。它感染硬盘的主导区以及软盘的开机区。米开朗基罗病毒感染的途径,就是使用被感染的磁盘开机。它于3月6日爆发,删除所感染系统的所有文件。
尼姆达病毒
病症:于2001年9月被发现。计算机病毒与黑客并肩挑衅,首创猛爆型感染先例,不需通过潜伏期一台计算机一台计算机感染,瞬间让网络上的计算机几乎零时差地被病毒攻击。它利用微软的2个安全漏洞。
大无极变种F病毒
病症:这是种蠕虫病毒。邮件传播能力非常强。病毒的局域网传播能力很强。病毒具有自我升级能力,通过网络直接将自身升级。
关键词
stealth /stelF/ n. 秘密活动; 暗中进行
transmit /tr2ns`mit/ v. 传送
vulnerability /`v7ln9r9`biliti/ n. 易受攻击的地方;脆弱的地方
大部分人的计算机肯定都遭受过各种类型病毒的袭击,网络病毒实在是一个很令人头疼的问题。怎样对付令大家感到深恶痛绝的网络病毒?听听我们对金山股份有限公司SUG市场总监冯鑫的专访吧,你肯定能从中得到不少启示。
Question 1:
What"s your opinion on the spread of the "Blaster virus" recently?
Answer:
The spread of this virus resulted from a hole in Windows" Rpc service programme and, although Microsoft had already publicized this hole and provided a remedy programme, from a majority of users not downloading this remedy. The universally low security consciousness among users was a major cause of the large-scale spread of the virus. Because there was no software for the security hole whatsoever the system did not exist.
Question 2:
How can the average computer user prevent their computers being attacked by different kinds of virus?
Answer:
Some simple tips: Timely correction of software holes; keep up to date with the newest anti-virus software; use of passwords (because there exist a large number of viruses that can penetrate users passwords, simple passwords can be attacked even more easily); use caution in handling emails with attachments; do not click on suspicious links that any friends have sent you (of course update your Internet Explorer browser to the most recent version, the level of security should be set at more than mid-level to avoid attack); when viewing web pages do nor install ueliable certification; definitely use genuine virus-scan software, and update your anti-virus software regularly; improve your individual security awareness, visit a few anti-virus software companies advice websites, and gain more understanding about computer security.
Question3:
Whenever a new virus appears, how do the research and development staff deal with it?
Answer:
We set up some supervision points on the internet that can detect suspicious things. When new viruses occur we can identify their nature then Kingsoft"s anti-virus center will, within a short time, draw up a solution and immediately publicise it. On the one hand we will go through the media to report information about the new virus to computer users, at the same time we will develop a specific tool for treating that virus. All computer users can directly download our new virus solution plan for free, in this way we can effectively and promptly help even more people avoid intrusion by this new virus.
问: 你对近来冲击波病毒的大肆传播有什么看法?
答:该病毒的传播是由于windows的Rpc服务漏洞引起的,尽管microsoft已经公布了相关的漏洞,并提供了修补程序,但是由于多数用户并未下载修补。用户的安全意识普遍很低是病毒大范围传播的重要原因。因为完全没有安全漏洞的软件系统是不存在的。
问: 一般用户平时应该如何预防计算机遭到各种病毒的攻击?
答: 很简单的几条:及时修补软件漏洞;及时更新杀毒软件;使用安全的口令(因存在大量能破解用户口令的病毒,简单口令更容易受攻击);谨慎处理带附件的电子邮件;对网友发来的可疑链接不要尝试去点击(当然IE浏览器升级到最新的,安全级别设置为中级以上的可以避免受攻击);浏览网页时,不安装来不可靠的证书 ;一定要使用正版的杀毒软件,及时升级的自己的杀毒软件;要提高个人的安全意识,多到一些杀毒软件公司的资讯网站看看,了解相关安全方面的知识。
问: 每一次新的病毒出现的时候,贵公司的研发人员是如何应对的?
答: 我们在网络中设置了一些捕获可疑攻击的监测点,在新病毒出现时,我们能够及时获取样本,金山反病毒中心会在数小时内拿出解决方案并在第一时间向外界公布。我们一方面通过媒体向广大电脑用户报道相关新病毒信息,同时我们对新病毒都会做相应的专杀工具,所有的电脑用户都可以直接免费下载我们的新病毒解决方案,这样能及时有效地帮助更多的人免受病毒的侵扰。
关键词
remedy /`remidi/ n. 补救措施
penetrate /`penitreit/ v. 渗透
certification/`s8tifi`keiH9n/n. 证书
genuine/`_enTin/adj. 纯粹的
supervision/`sjup9`viE9n/n. 监督,管理
intrusion/in`tr6E9n/n. 侵入
打包9月双语俱乐部活动
秋风送爽,带来金色的收获。9月的双语俱乐部可谓热力四溢,一鼓作气举办了四场大型活动,这可忙坏了杂志社的各位同仁和双语俱乐部的会员朋友们。在此特别感谢所有帮助和支持“双语时代”的朋友们。闲话少说,让我们一起再次回到快乐的活动现场吧。
Ⅰ“双语时代校园行”活动已于9月19日晚在北京大学揭开了序幕,本次活动将在北京、上海等地的各大校园内开展,通过双语俱乐部主题式英语讨论活动以及校园间的英语联谊活动,努力为校园营造活泼的英语听说环境,增强同学们之间的交流和沟通。有关北京各高校活动的具体时间,敬请留意“双语时代”最新消息。
Ⅱ 关心“双语时代”的读者一定知道,8月份的时尚话题是“酒吧英语——寻找你的双语情人”。此专场活动已于8月份在上海举行,那么北京的专场活动进行得如何呢?请看9月20日晚什刹海边的“兰莲花酒吧约会”吧。
Ⅲ 9月的强档主题是“健身英语”,共举办了两场活动,分别在上海第一健身俱乐部(9月13日)和北京中体倍力俱乐部(9月20日)举行。轻松热力的内容吸引了众多朋友们一大早就赶到健身中心,笑声、欢呼声、音乐声,萦绕在健身俱乐部里。