有關(guān)電腦病毒英文文獻(xiàn)
下面這篇是下面是學(xué)習(xí)啦小編給大家?guī)淼囊环蓐P(guān)于計(jì)算機(jī)病毒的英文文獻(xiàn)和中文翻譯,希望對(duì)你有幫助。
COMPUTER VIRUSES
What are computer viruses?
According to Fred Cohen‟s well-known definition, a computer virus is a computer program that can infect other computer programs by modifying them in such a way as to include a (possibly evolved) copy of itself. Note that a program does not have to perform outright damage (such as deleting or corrupting files) in order to be called a “virus”. However, Cohen uses the terms within his definition (e.g. “program” and “modify”) a bit differently from the way most anti-virus researchers use them, and classifies as viruses some things which most of us would not consider viruses.
Computer viruses are bits of code that damage or erase information, files, or software programs in your computer, much like viruses that infect humans, computer viruses can spread, and your computer can catch a virus when you download an infected file from the Internet or copy an infected file from a diskette. Once the viruses is embedded into your computer‟s files, it can immediately start to damage or destroy information, or it can wait for a particular date or event to trigger its activity. What are the main types of viruses?
Generally, there are two main classes of viruses. The first class consists of the file Infectors which attach themselves to ordinary program files. These usually infect arbitrary .COM and/or .EXE programs, though some can infect any program for which execution is requested, such as .SYS,.OVL,.PRG,&.MNU files.
File infectors can be either direct action or resident. A direct-action virus selects one or more other programs to infect each other time the program which contains it is executed ,and thereafter infects other programs when “they” are executed (as in the case of the Jerusalem) or when certain other conditions are fulfilled. The Vienna is an example of a direct-action virus. Most other viruses are resident.
The second class is system or boot-record infectors: those viruses, which infect executable code, found in certain system areas on a disk that are not ordinary files. On DOS systems, there are ordinary boot-sector viruses, which infect only the DOS boot sector on diskettes. Examples include Brain, Stoned, Empire, Azusa, and Michelangelo. Such viruses are always resident viruses.
Finally, a few viruses are able to infect both (the Tequila virus is one example). There are often called “multipartite” viruses, though there has been criticism of this name; another name is “boot-and -file” virus.
File system or cluster viruses (e.g. Dir-II) are those that modify directory table entries so that the virus is loaded and executed before the desired program is. Note that the program itself is not physically altered; only the directory entry is. Some consider these infectors to be a third category of viruses, while others consider them to be a sub-category of the file infectors. What are macro viruses?
Many applications provide the functionality to create macros. A macro is a series of commands to perform some application-specific task. Macros are designed to makelife easier, for example, to perform some everyday tasks like text-formatting or spreadsheet calculations.
Macros can be saved as a series of keystrokes (the application record what keys you press); or they can be written in special macro languages (usually based on real programming languages like C and BASIC). Modern applications combine both approaches; and their advanced macro languages are as complex as general purpose programming languages. When the macro language allows files to be modified, it becomes possible to create macros that copy themselves from one file to another. Such self-replicating macros are called macro viruses.
Most macro viruses run under Word for Windows. Since this is a very popular word processor, it provides an effective means for viruses to spread. Most macro viruses are written using the macro language WordBasic. WordBasic is based on the good old BASIC programming language. However, it has many (hundreds of) extensions (for example, to deal with documents: edit, replace string, obtain the name of the current document, open new window, move cursor, etc.). What is a Trojan horse program?
A type of program that is often confused with viruses is a „Trojan horse‟ program. This is not a virus, but simply a program (often harmful) that pretends to be something else.
For example, you might download what you think is a new game; but when you run it, it deletes files on your hard drive. Or the third time you start the game, the program E-mail your saved passwords to another person.
Note: simply download a file to your computer won‟t activate a virus or Trojan horse; you have to execute the code in the file to trigger it. This could mean running a program file, or opening a Word/Excel document in a program (such as Word or Excel) that can execute any macros in the document. What kind of files can spread viruses?
Viruses have the potential to infect any type of executable code, not just the files that are commonly called “program files”. For example, some viruses infect executable code in the boot sector of floppy disk or in system areas of hard drives. Another type of virus, known as a “macro” virus, can infect word processing and spreadsheet documents that use macros. And it‟s possible for HTML documents containing JavaScript or other types of executable code to spread viruses or other malicious code. Since viruses code must be executed to have any effect, files that the computer treats as pure data are safe. This includes graphics and sound files such as .gif, .jpg, .mp3, .wav, .etc., as well as plain text in .txt files. For example, just viewing picture files won‟t infect your computer with a virus. The virus code has to be in a form, such as an .exe program file or a Word .doc file which the computer will actually try to execute. How do viruses spread?
The methodology of virus infection was pretty straightforward when first computer viruses such as Lehigh and Jerusalem started appearing. A virus is a small piece of computer code, usually form several bytes to a few tens of bytes, that can do, well, something unexpected. Such viruses attach themselves to executable files— programs,
so that the infected program, before proceeding with whatever tasks it is supposed to do, calls the virus code. One of the simplest ways to accomplish that is to append the virus code to the end of the file, and insert a command to the beginning of the program file that would jump right to the beginning of the virus code. After the virus is finished, it jumps back to the point of origination in the program. Such viruses were very popular in the late eighties. The earlier ones only knew how to attach themselves to .Com files, since structure of a .COM file is much simpler than that of an .EXE file—yet another executable file format invented for MS-DOS operating system. The first virus to be closely studied was the Lehigh virus. It attached itself to the file that was loaded by the system at boot time—COMMAND.COM. the virus did a lot of damage to its host, so after three-four replications it was no longer usable. For that reason, the virus never managed to escape the university network.
When you execute program code that‟s infected by a virus, the virus code will also run and try to infect other programs, either on the same computer or on other computers connected to it over a network. And the newly infected programs will try to infect yet more programs.
When you share a copy of an infected file with other computer users, running the file may also infect their computer; and files from those computers may spread the infection to yet more computers.
If your computer if infected with a boot sector virus, the virus tries to write copies of itself to the system areas of floppy disks and hard disks. Then the infected floppy disks may infect other computers that boot from them, and the virus copy on the hard disk will try to infect still more floppies.
Some viruses, known as „multipartite‟ viruses, and spread both by infecting files and by infecting the boot areas of floppy disks. What do viruses do to computers?
Viruses are software programs, and they can do the same things as any other program running on a computer. The accrual effect of any particular virus depends on how it was programmed by the person who wrote the virus.
Some viruses are deliberately designed to damage files or otherwise interfere with your computer‟s operation, while other don‟t do anything but try to spread themselves around. But even the ones that just spread themselves are harmful, since they damage files and may cause other problems in the process of spreading.
Note that viruses can‟t do any damage to hardware: they won‟t melt down your CPU, burn out your hard drive, cause your monitor to explode, etc. warnings about viruses that will physically destroy your computer are usually hoaxes, not legitimate virus warnings.
Modern viruses can exist on any system form MS DOS and Window 3.1 to MacOS, UNIX, OS/2, Windows NT. Some are harmless, though hard to catch. They can play a jingle on Christmas or reboot your computer occasionally. Other are more dangerous. They can delete or corrupt your files, format hard drives, or do something of that sort. There are some deadly ones that can spread over networks with or without a host, transmit sensitive information over the network to a third party, or even mess with financial data on-line.
What‟s the story on viruses and E-mail? You can‟t get a virus just by reading a plain-text E-mail message or Usenet post. What you have to watch out for are encoded message containing embedded executable code (i.e., JavaScript in HTML message) or message that include an executable file attachment (i.e., an encoded program file or a Word document containing macros). In order to activate a virus or Trojan horse program, you computer has to execute some type of code .This could be a program attached to an E-mail, a Word document you downloaded from the Internet, or something received on a floppy disk. There‟s no special hazard in files attached to Usenet posts or E-mail messages: they‟re no more dangerous than any other file. What can I do to reduce the chance of getting viruses from E-mail?Treat any file attachments that might contain executable code as carefully as you would any other new files: save the attachment to disk and then check it with an up-to-date virus scanner before opening the file. If you E-mail or news software has the ability to automatically execute JavaScript, Word macros, or other executable code contained in or attached to a message, I strongly recommend that you disable this feature. My personal feeling is that if an executable file shows up unexpectedly attached to an E-mail, you should delete it unless you can positively verify what it is, Who it came from, and why it was sent to you. The recent outbreak of the Melissa virus was a vivid demonstration of the need to be extremely careful when you receive E-mail with attached files or documents. Just because an E-mail appears to come from someone you trust, this does NOT mean the file is safe or that the supposed sender had anything to do with it. Some General Tips on Avoiding Virus Infections Install anti-virus software from a well-known, reputable company. UPDATE it regularly, and USE it regularly. New viruses come out every single day; an a-v program that hasn‟t been updated for several months will not provide much protection against current viruses. In addition to scanning for viruses on a regular basis, install an „on access‟ scanner (included in most good a-v software packages) and configure it to start automatically each time you boot your system. This will protect your system by checking for viruses each time your computer accesses an executable file. Virus scans any new programs or other files that may contain executable code before you run or open them, no matter where they come from. There have been cases of commercially distributed floppy disks and CD-ROMs spreading virus infections. Anti-virus programs aren‟t very good at detecting Trojan horse programs, so be extremely careful about opening binary files and Word/Excel documents from unknown or „dubious‟ sources. This includes posts in binary newsgroups, downloads from web/ftp sites that aren‟t well-known or don‟t have a good reputation, and executable files unexpectedly received as attachments to E-mail. Be extremely careful about accepting programs or other flies during on-line chat sessions: this seems to be one of the more common means that people wind up with virus or Trojan horse problems. And if any other family members (especially younger
What‟s the story on viruses and E-mail? You can‟t get a virus just by reading a plain-text E-mail message or Usenet post. What you have to watch out for are encoded message containing embedded executable code (i.e., JavaScript in HTML message) or message that include an executable file attachment (i.e., an encoded program file or a Word document containing macros). In order to activate a virus or Trojan horse program, you computer has to execute some type of code .This could be a program attached to an E-mail, a Word document you downloaded from the Internet, or something received on a floppy disk. There‟s no special hazard in files attached to Usenet posts or E-mail messages: they‟re no more dangerous than any other file. What can I do to reduce the chance of getting viruses from E-mail?Treat any file attachments that might contain executable code as carefully as you would any other new files: save the attachment to disk and then check it with an up-to-date virus scanner before opening the file. If you E-mail or news software has the ability to automatically execute JavaScript, Word macros, or other executable code contained in or attached to a message, I strongly recommend that you disable this feature. My personal feeling is that if an executable file shows up unexpectedly attached to an E-mail, you should delete it unless you can positively verify what it is, Who it came from, and why it was sent to you. The recent outbreak of the Melissa virus was a vivid demonstration of the need to be extremely careful when you receive E-mail with attached files or documents. Just because an E-mail appears to come from someone you trust, this does NOT mean the file is safe or that the supposed sender had anything to do with it. Some General Tips on Avoiding Virus Infections Install anti-virus software from a well-known, reputable company. UPDATE it regularly, and USE it regularly. New viruses come out every single day; an a-v program that hasn‟t been updated for several months will not provide much protection against current viruses. In addition to scanning for viruses on a regular basis, install an „on access‟ scanner (included in most good a-v software packages) and configure it to start automatically each time you boot your system. This will protect your system by checking for viruses each time your computer accesses an executable file. Virus scans any new programs or other files that may contain executable code before you run or open them, no matter where they come from. There have been cases of commercially distributed floppy disks and CD-ROMs spreading virus infections. Anti-virus programs aren‟t very good at detecting Trojan horse programs, so be extremely careful about opening binary files and Word/Excel documents from unknown or „dubious‟ sources. This includes posts in binary newsgroups, downloads from web/ftp sites that aren‟t well-known or don‟t have a good reputation, and executable files unexpectedly received as attachments to E-mail. Be extremely careful about accepting programs or other flies during on-line chat sessions: this seems to be one of the more common means that people wind up with virus or Trojan horse problems. And if any other family members (especially younger
What‟s the story on viruses and E-mail? You can‟t get a virus just by reading a plain-text E-mail message or Usenet post. What you have to watch out for are encoded message containing embedded executable code (i.e., JavaScript in HTML message) or message that include an executable file attachment (i.e., an encoded program file or a Word document containing macros). In order to activate a virus or Trojan horse program, you computer has to execute some type of code .This could be a program attached to an E-mail, a Word document you downloaded from the Internet, or something received on a floppy disk. There‟s no special hazard in files attached to Usenet posts or E-mail messages: they‟re no more dangerous than any other file. What can I do to reduce the chance of getting viruses from E-mail?Treat any file attachments that might contain executable code as carefully as you would any other new files: save the attachment to disk and then check it with an up-to-date virus scanner before opening the file. If you E-mail or news software has the ability to automatically execute JavaScript, Word macros, or other executable code contained in or attached to a message, I strongly recommend that you disable this feature. My personal feeling is that if an executable file shows up unexpectedly attached to an E-mail, you should delete it unless you can positively verify what it is, Who it came from, and why it was sent to you. The recent outbreak of the Melissa virus was a vivid demonstration of the need to be extremely careful when you receive E-mail with attached files or documents. Just because an E-mail appears to come from someone you trust, this does NOT mean the file is safe or that the supposed sender had anything to do with it. Some General Tips on Avoiding Virus Infections Install anti-virus software from a well-known, reputable company. UPDATE it regularly, and USE it regularly. New viruses come out every single day; an a-v program that hasn‟t been updated for several months will not provide much protection against current viruses. In addition to scanning for viruses on a regular basis, install an „on access‟ scanner (included in most good a-v software packages) and configure it to start automatically each time you boot your system. This will protect your system by checking for viruses each time your computer accesses an executable file. Virus scans any new programs or other files that may contain executable code before you run or open them, no matter where they come from. There have been cases of commercially distributed floppy disks and CD-ROMs spreading virus infections. Anti-virus programs aren‟t very good at detecting Trojan horse programs, so be extremely careful about opening binary files and Word/Excel documents from unknown or „dubious‟ sources. This includes posts in binary newsgroups, downloads from web/ftp sites that aren‟t well-known or don‟t have a good reputation, and executable files unexpectedly received as attachments to E-mail. Be extremely careful about accepting programs or other flies during on-line chat sessions: this seems to be one of the more common means that people wind up with virus or Trojan horse problems. And if any other family members (especially younger What‟s the story on viruses and E-mail?
You can‟t get a virus just by reading a plain-text E-mail message or Usenet post. What you have to watch out for are encoded message containing embedded executable code (i.e., JavaScript in HTML message) or message that include an executable file attachment (i.e., an encoded program file or a Word document containing macros). In order to activate a virus or Trojan horse program, you computer has to execute some type of code .This could be a program attached to an E-mail, a Word document you downloaded from the Internet, or something received on a floppy disk. There‟s no special hazard in files attached to Usenet posts or E-mail messages: they‟re no more dangerous than any other file.
What can I do to reduce the chance of getting viruses from E-mail?
Treat any file attachments that might contain executable code as carefully as you would any other new files: save the attachment to disk and then check it with an up-to-date virus scanner before opening the file.
If you E-mail or news software has the ability to automatically execute JavaScript, Word macros, or other executable code contained in or attached to a message, I strongly recommend that you disable this feature.
My personal feeling is that if an executable file shows up unexpectedly attached to an E-mail, you should delete it unless you can positively verify what it is, Who it came from, and why it was sent to you.
The recent outbreak of the Melissa virus was a vivid demonstration of the need to be extremely careful when you receive E-mail with attached files or documents. Just because an E-mail appears to come from someone you trust, this does NOT mean the file is safe or that the supposed sender had anything to do with it. Some General Tips on Avoiding Virus Infections
Install anti-virus software from a well-known, reputable company. UPDATE it regularly, and USE it regularly.
New viruses come out every single day; an a-v program that hasn‟t been updated for several months will not provide much protection against current viruses.
In addition to scanning for viruses on a regular basis, install an „on access‟ scanner (included in most good a-v software packages) and configure it to start automatically each time you boot your system. This will protect your system by checking for viruses each time your computer accesses an executable file.
Virus scans any new programs or other files that may contain executable code before you run or open them, no matter where they come from. There have been cases of commercially distributed floppy disks and CD-ROMs spreading virus infections.
Anti-virus programs aren‟t very good at detecting Trojan horse programs, so be extremely careful about opening binary files and Word/Excel documents from unknown or „dubious‟ sources. This includes posts in binary newsgroups, downloads from web/ftp sites that aren‟t well-known or don‟t have a good reputation, and executable files unexpectedly received as attachments to E-mail.
Be extremely careful about accepting programs or other flies during on-line chat sessions: this seems to be one of the more common means that people wind up with virus or Trojan horse problems. And if any other family members (especially youngerones) use the computer, make sure they know not to accept any files while using chat. Do regular backups. Some viruses and Trojan horse programs will erase or corrupt files on your hard drive and a recent backup may be the only way to recover your data.
Ideally, you should back up your entire system on a regular basis. If this isn‟t practical, at least backup files you can‟t afford to lose or that would be difficult to replace: documents, bookmark files, address books, important E-mail, etc. Dealing with Virus Infections
First, keep in mind “Nick‟s First Law of Computer Virus Complaints”:
“Just because your computer is acting strangely or one of your programs doesn‟t work right, this does not mean that your computer has a virus.”
If you haven‟t used a good, up-to-date anti-virus program on your computer, do that first. Many problems blamed on viruses are actually caused by software configuration errors or other problems that have nothing to do with a virus.
If you do get infected by a virus, follow the direction in your anti-virus program for cleaning it. If you have backup copies of the infected files, use those to restore the files. Check the files you restore to make sure your backups weren‟t infected. for assistance, check the web site and support service for your anti-virus software. Note: in general, drastic measures such as formatting your hard drive or using FDISK should be avoided. They are frequently useless at cleaning a virus infection, and may do more harm than good unless you‟ re very knowledgeable about the effects of the particular virus you‟re dealing with.
中文翻譯:
計(jì)算機(jī)病毒
什么是計(jì)算機(jī)病毒?按照Fred Cohen的廣為流傳的定義,計(jì)算機(jī)病毒是一種侵入其他計(jì)算機(jī)程序中的計(jì)算機(jī)程序,他通過修改其他的程序從而將(也可能是自身的變形)的復(fù)制品嵌入其中。注意一個(gè)程序之所以成為“病毒”,并非一定要起徹底的破壞作用(如刪除或毀壞文件)。然而,Cohen在他的定義(即“程序”和“修改”)中使用的“病毒”這個(gè)術(shù)語與大多數(shù)反病毒研究人員使用的“病毒”術(shù)語有些差別,他把一些我們多數(shù)人認(rèn)為不是病毒的東西也歸類為病毒。計(jì)算機(jī)病毒是一些能破壞或刪除計(jì)算機(jī)中的信息、文件或程序的代碼。正如感染人體的病毒一樣,計(jì)算機(jī)病毒能夠擴(kuò)散。當(dāng)你的計(jì)算機(jī)從互聯(lián)網(wǎng)上下載一個(gè)被感染的文件,或者從磁盤上復(fù)制一個(gè)被感染的文件時(shí),你的計(jì)算機(jī)就會(huì)染上病毒。而一旦病毒進(jìn)入到你的計(jì)算機(jī)文件中,它就能馬上破壞或摧毀其中的信息,或者等到某個(gè)特殊的日期或事件來臨時(shí)才觸發(fā)其破壞活動(dòng)。個(gè)人計(jì)算機(jī)病毒主要有哪些類型?一般來說,主要存在著兩類計(jì)算機(jī)病毒。第一類由文件感染型病毒組成,他們將自身依附在普通的程序文件上。這些病毒通常感染任意的.COM和/或EXE文件,盡管有些也感染具有執(zhí)行功能的文件,如.SYS,.OVL,.PRG和.MNU文件. 文件感染型病毒又可分為“立即執(zhí)行型”和“駐留型”。立即執(zhí)行型病毒在含有它的程序每次執(zhí)行是都對(duì)其他的一個(gè)或多個(gè)文件進(jìn)行感染,而駐留型病毒在被感染的程序第一次執(zhí)行時(shí)先將自己隱藏在內(nèi)存中的某個(gè)地方,以后當(dāng)其他程序執(zhí)行或當(dāng)某些其他程序特定條件滿足時(shí)就對(duì)它們進(jìn)行感染(就像耶路撒冷病毒一樣)。維也納病毒是立即執(zhí)行型病毒的一個(gè)例子,大多數(shù)其他病毒則是駐留型病毒。第二類病毒是系統(tǒng)病毒或引導(dǎo)區(qū)記錄感染型病毒,這些感染可執(zhí)行代碼的病毒出現(xiàn)在磁盤的某些系統(tǒng)區(qū)中,而不是普通文件中。在DOS系統(tǒng)中,常見的引導(dǎo)扇區(qū)病毒和主引導(dǎo)記錄病毒,前者只感染DOS引導(dǎo)扇區(qū),后者感染硬盤的主引導(dǎo)記錄和軟盤的DOS引導(dǎo)扇區(qū)。第二類病毒的例子包括大腦病毒、大麻病毒、帝國(guó)病毒、Azusa以及米開郎基羅病毒等,此類病毒通常為駐留型病毒。另外,有些病毒能感染上述兩種對(duì)象(如蒸餾酒病毒就是一個(gè)例子),這些病毒常稱為“多成分”病毒(盡管這個(gè)名字曾遭到過批評(píng)),它們的另一個(gè)名字是“引導(dǎo)區(qū)和文件型”病毒。文件系統(tǒng)型病毒或“簇”病毒(如Dir-II病毒)是那種修改文件目錄表項(xiàng)并且在文件裝入、執(zhí)行前就被裝入和執(zhí)行的病毒。注意,程序本身實(shí)際上并沒有被修改,只是目錄項(xiàng)被修改。有些人把這種感染型病毒看作是第三類病毒,而另一些人把它看作是文件感染型病毒的子類。什么是宏病毒?許多應(yīng)用程序都提供了創(chuàng)建宏的功能。宏是一個(gè)完成特定應(yīng)用任務(wù)的命令序列。設(shè)計(jì)宏的目的是使諸如文本格式化或電子表格計(jì)算這樣的日常工作更為簡(jiǎn)單。宏可以保存成一系列擊鍵(即應(yīng)用程序記錄你按了哪些鍵),或者它們能夠用某些特殊的宏語言像通用程序設(shè)計(jì)語言一樣復(fù)雜。當(dāng)宏語言允許文件被修改時(shí),就有可能建立能將自身從一個(gè)文件復(fù)制到另一個(gè)文件上的宏。這種具有自復(fù)制功能的宏稱作宏病毒。
大多數(shù)的宏病毒都是在Windows的Word軟件中運(yùn)行的,因?yàn)閃ord是一種流行的字處理器,它為病毒的擴(kuò)散提供了有效的途徑。大部分的宏病毒是用WordBasic宏語言編寫的。WordBasic基于以前的性能良好的BASIC編程語言,然而它有很多(幾百種)擴(kuò)展功能(如下列文件處理功能:編輯、替換字符串、獲取當(dāng)前文檔的名字、打開一個(gè)新的窗口、移動(dòng)光標(biāo)等)。 什么是特洛伊木馬程序?
通常與病毒想混淆的一種程序是特洛伊木馬程序.。它不是病毒,僅僅是扮作其他東西的程序(常常是有害的)。
例如,你可能下載了你認(rèn)為是新游戲的東西,但當(dāng)你運(yùn)行它時(shí),它刪除了你硬盤上的文件?;蛘弋?dāng)你第三次運(yùn)行該游戲時(shí),該程序把你保存了的密碼發(fā)送給其他人。 注意:僅僅把一個(gè)文件下載到你計(jì)算機(jī)不會(huì)激活病毒或特洛伊木馬程序。你必須執(zhí)行文件中的代碼才能出觸發(fā)它。這意味著運(yùn)行一個(gè)程序文件或打開一個(gè)可以執(zhí)行文檔中的宏的程序(如Word或Excel)中的Word/Excel文檔。 哪些文件可以傳播計(jì)算機(jī)病毒?
計(jì)算機(jī)病毒有感染任何可執(zhí)行代碼的潛力,不僅僅是通常叫做“程序文件”的文件。例如,某些計(jì)算機(jī)病毒感染軟盤引導(dǎo)區(qū)或硬盤系統(tǒng)區(qū)域的可執(zhí)行代碼。另外有一種叫做“宏”
的計(jì)算機(jī)病毒,可以感染使用宏的字處理程序和電子表格程序。包括JavaScript和其他可執(zhí)行類型代碼的HTML文檔也可能傳播計(jì)算機(jī)病毒或其他惡意代碼。 因?yàn)橛?jì)算機(jī)病毒代碼必須被執(zhí)行才能實(shí)現(xiàn)任何感染,所以被計(jì)算機(jī)當(dāng)作純數(shù)據(jù)的文件是安全的。這包括.gif、.jpg、.mp3、.wav等圖形和聲音文件,也包括以.txt為擴(kuò)展名的簡(jiǎn)單文本文件。例如,只查看圖片不會(huì)使計(jì)算機(jī)感染病毒。病毒代碼必須存在于一個(gè)形式中,像計(jì)算機(jī)實(shí)際上可執(zhí)行的.exe程序文件或Word和.doc文件。
計(jì)算機(jī)病毒是如何傳播的?
當(dāng)初的病毒(如Lehigh and Jerusalem病毒)開始出現(xiàn)的時(shí)候,病毒感染的的方法是非常直截了當(dāng)?shù)?。一個(gè)病毒是一小段計(jì)算機(jī)代碼,通常是幾個(gè)到幾十個(gè)字節(jié),它們能做一些意想不到的事情。比如,這些病毒將自身依附到可執(zhí)行文件(即程序)上面,這樣,被感染的程序在執(zhí)行它自身的任務(wù)前首先調(diào)用病毒代碼。實(shí)現(xiàn)這種目的的一個(gè)最簡(jiǎn)單的方法是將病毒代碼附加文件的尾部,并且在程序文件的開頭處插入一條命令,使得控制正好能跳到病毒代碼的開始處,在病毒代碼被執(zhí)行完以后,控制又跳回到程序的初始點(diǎn)。這種病毒在80年代后期很常見。早期的病毒只知道附加到.COM文件上,因?yàn)樗慕Y(jié)構(gòu)比MS-DOS操作系統(tǒng)的另一種可執(zhí)行文件格式——.EXE文件更簡(jiǎn)單。第一個(gè)被人們深入研究的病毒是Lehigh病毒,它把自身附加到啟動(dòng)時(shí)由系統(tǒng)裝入的文件COMMAND.COM中。病毒對(duì)宿主程序能帶來很多破壞,因?yàn)檫@些程序在經(jīng)過三、四次復(fù)制以后就不可再使用。正因如此,病毒無法從大學(xué)的網(wǎng)絡(luò)上消除干凈。 當(dāng)你執(zhí)行一個(gè)感染了病毒的程序代碼時(shí),病毒程序也將進(jìn)行并試圖感染本計(jì)算機(jī)過通過網(wǎng)絡(luò)相連的其他計(jì)算機(jī)上的其他程序。最新感染的程序?qū)⒃噲D感染更多的程序。
當(dāng)你與其他計(jì)算機(jī)用戶共享一個(gè)感染文件的拷貝時(shí),運(yùn)行該文件也可以感染他們的計(jì)算機(jī)。并且,這些計(jì)算機(jī)中的文件也可能把病毒傳染給更多的計(jì)算機(jī)。 如果你的餓計(jì)算機(jī)已經(jīng)感染了引導(dǎo)區(qū)病毒,該病毒試圖把自身的拷貝寫到軟盤的
系統(tǒng)區(qū)域。然后,感染了的軟盤可能感染用它們引導(dǎo)的其他計(jì)算機(jī),而硬盤上的病毒拷貝將試圖感染更多的軟盤。一些病毒,也叫做“多部分”病毒,既可以通過感染可以通過感染軟盤的引導(dǎo)扇區(qū)來傳播。計(jì)算機(jī)病毒對(duì)計(jì)算機(jī)做什么?病毒是軟件程序,它所做的事情與計(jì)算機(jī)上運(yùn)行的任何其他程序所做的事情相同。任何一個(gè)特別病毒的實(shí)際效果取決于編寫病毒的程序員是如何編寫的。有些病毒有意設(shè)計(jì)為損壞文件和妨礙計(jì)算機(jī)的運(yùn)行,也有一些病毒只傳播自己而不做其他任何事情。但即便只傳播自己的病毒也是有害的,因?yàn)樗鼈冊(cè)趥鞑ミ^程中損壞文件,還可能引起其他問題。注意病毒不會(huì)對(duì)硬件造成任何損壞:它們不會(huì)徹底損壞你的CPU,也不會(huì)燒壞你的硬盤,引起你的顯示器爆炸等。關(guān)于病毒將物理上破壞你的計(jì)算機(jī)的警告通常是惡作劇,不是合理的病毒警告?,F(xiàn)代病毒能夠存在于從MS DOS 、Windows 3.1到MacOS、UNIX、OS/2、Windows NT等各種系統(tǒng)上。有些盡管難以發(fā)現(xiàn),但卻是無害的,它們知識(shí)偶爾在圣誕節(jié)產(chǎn)生叮當(dāng)聲或重新啟動(dòng)你的系統(tǒng);另一些病毒卻是有害的,它們能夠刪除或破壞你的文件、格式化硬盤或者做一些其他的事情;還有一些是致命的病毒,它們能隨或不隨宿主程序在網(wǎng)上傳播,通過網(wǎng)絡(luò)向第三方式從敏感的信息,或者甚至搞亂即時(shí)財(cái)經(jīng)數(shù)據(jù)。關(guān)于病毒和電子郵件有什么誤解?僅僅閱讀一個(gè)純文本的電子郵件或Usenet郵件不可能得到一個(gè)病毒。你必須警惕的是那些包含了可執(zhí)行代碼的編程消息(例如一個(gè)HTML消息中的JavaScript)或包含一個(gè)可執(zhí)行文件附件的消息(例如一個(gè)編碼程序文件或包含宏的Word文檔)。要激活病毒或特洛伊木馬程序,你的計(jì)算機(jī)必須執(zhí)行某種代碼。這可能是附在電子郵件的程序、從因特網(wǎng)下載的Word文檔或從軟盤上接受的某些東西。附加在Usenet郵件或電子郵件消息的文件并不特別危險(xiǎn):它們并不比其他文件更危險(xiǎn)。怎樣減少?gòu)碾娮余]件感染病毒的機(jī)會(huì)?像對(duì)待任何其他新文件一樣小心對(duì)待可能包含可執(zhí)行代碼的任一文件附件:把附件保存到磁盤上,在運(yùn)行該文件之前,先用更新過的病毒掃描檢查它。如果你的電子郵件或新軟件有能力自動(dòng)執(zhí)行JavaScript、Word宏或其他包括在消息中或附加在消息中的可執(zhí)行代碼,建議關(guān)閉這一功能。如果一個(gè)電子郵件令人意外地出現(xiàn)一個(gè)可執(zhí)行文件,除非你確實(shí)核實(shí)了它是什么、從誰那里來、為什么要發(fā)給你,否則刪除它。最近爆發(fā)的美麗殺病毒就是一個(gè)活生生的范例,說明當(dāng)你接收到帶附加文件過文檔時(shí)要特別小心。只因?yàn)橐粋€(gè)電子郵件來自你信任的某人,并不意味著該文件就是安全的或假定的發(fā)送者與此有任何關(guān)系。避免病毒感染的一些普通技巧?安裝著名公司的防病毒軟件,定期升級(jí)定期使用。新的計(jì)算機(jī)病毒每天都可能到來。幾個(gè)月不升級(jí)的病毒軟件面對(duì)當(dāng)前的病毒不能提供什么保護(hù)。要定期掃描病毒,除此之外安裝“訪問時(shí)”掃描程序(大部分好的防病毒軟件包中都有),并把它們配置為每次開機(jī)時(shí)自動(dòng)啟動(dòng)。這將通過每次訪問可執(zhí)行文件就自動(dòng)檢查病毒來保護(hù)你的系統(tǒng)。
在打開或執(zhí)行一個(gè)新程序或其他包含可執(zhí)行代碼的文件之前,先進(jìn)行病毒掃描,無論它們來自哪里。也有出售的軟盤和CD-ROM光盤傳播病毒的情況。防病毒程序不能很好地檢查特洛伊木馬程序,所以當(dāng)打開來自不知道的或“不確定的”源的二進(jìn)制文件和Word/Excel文檔是要特別小心。這包括:二進(jìn)制新聞組的郵件、來自不著名或良好聲譽(yù)的Web/ftp網(wǎng)站的下載、收到意外的作為電子郵件附件的可執(zhí)行文件。在聯(lián)網(wǎng)聊天時(shí)接收到的程序其他文件要特別小心:這似乎是人們感染計(jì)算機(jī)病毒或惹上特洛伊木馬麻煩的更普遍的途徑之一。如果任何一個(gè)家庭成員(特別是年輕人)使用了計(jì)算機(jī),一定要讓他們知道聊天時(shí)不能接收任何文件。定期備份。某些病毒或特洛伊木馬程序會(huì)刪除和破壞硬盤上的文件,而最近的備份也許是恢復(fù)數(shù)據(jù)的唯一途徑。理想的情況是,定期備份整個(gè)系統(tǒng)。如果做不到,至少要備份不能承受丟失或難以替代的文件:文檔、書簽文件、地址薄、重要的電子郵件等。處理病毒感染首先,謹(jǐn)記“計(jì)算機(jī)病毒癥的尼克第一定律”:“僅僅因?yàn)槟愕挠?jì)算機(jī)表現(xiàn)奇怪或一個(gè)程序不能正常工作,這并不意味著你的計(jì)算機(jī)有了病毒。”如果你的計(jì)算機(jī)沒有使用好的、升級(jí)過的防病毒程序,先做這件事吧。許多歸咎于病毒的問題實(shí)際上是由軟件配置錯(cuò)誤或其他與病毒無關(guān)的問題引起的。如果你被計(jì)算機(jī)病毒感染了,按照你恢復(fù)的文件的說明來清除它。如果備份了被感染的文件,用防病毒軟件來恢復(fù)它。檢查你恢復(fù)的文件確保你的備份沒有被感染。要尋求幫助,請(qǐng)查看網(wǎng)站及防病毒軟件的支持服務(wù)。注意:一般來說,應(yīng)該避免使用像格式化硬盤或用FDISK這樣的過激措施。這常常對(duì)清除病毒感染無效,并且弊大于利,除非你對(duì)處理的病毒非常了解。