专门名词索引
| ActiveX 控制项可供 Web 开发人员建立含有功能更丰富的互动式动态 Web 网页,例如 HouseCall,趋势科技的免费线上扫瞄程式。ActiveX 控制项是一种内嵌在 Web 网页的元件物件,当使用者检视网页时便会被启动。在许多情况中,可将 Web 浏览器的浏览器安全设定设成 "高",来停止执行这些 ActiveX 控制项。不过,骇客或病毒作者以及其他恶意人士可能会使用 ActiveX 恶意程式码当作武器来攻击电脑。您必须删除它们,才能够移除恶意 ActiveX 控制项。 |
Adware is a software application that displays advertising banners while the program is running. Adware often contains spyware in order for the program to know which advertisements to display based on the current user’s preference. |
| Denial of Service, or DoS, is a Trojan routine that interrupts or inhibits the normal flow of data into and out of a system. Most DoS attacks consume system resources, such that, in a short period of time, the target is rendered useless. Another form of DoS attack happens when a Web service is accessed massively and repeatedly from different locations, preventing other systems from accessing the service and from retrieving data from it. |
Dialers are Trojans that, upon execution, connect the system to a pay-per-call location in which the unsuspecting user is billed for the call without his/her knowledge. Dialers often arrive in porn-related or other enticing service-related applications. |
A dropper is malware that drops other malware into a system. Some droppers just drop viruses or Trojans, while others are viruses or Trojans that - after performing their payload - also drop copies of other malware into the system. |
An exploit is a Trojan that abuses certain vulnerabilities on existing systems or services. Exploits typically utilize a known flaw, which allows it to execute an otherwise difficult routine, such as running an arbitrary program on the target machine. |
| ELF就是Executable and Link Format,有就是指可在Linux/UNIX系统上执行的档案,趋势科技的防毒产品具有侦测这些Linux/UNIX上的恶性程式"ELF_病毒名称."的功能。 |
| Java applet可供 Web 开发人员建立含有功能更丰富的互动式动态 Web 网页。Java applet 是一种内嵌在 HTML 网页的可携式 Java 小程式。它们会在使用者检视网页时被执行。不过、骇客、病毒作者或其他恶意人士可能会使用 Java 恶意程式码当作武器攻击使用者的系统。在许多情况中,可将浏览器安全设定设成 "高",来停止执行这些 applet。 |
Keyloggers are Trojans that, upon execution, log every keystroke or activity in a system. Although similar to third-party parenting/monitoring software, some malware actually employ the same technique to gather valuable data from unsuspecting users. |
Kits are malware-producing applications that give the user the option to create customized malware. A kit can often produce multiple variations of a virus or a worm depending on the number of options offerred in the kit. An antivirus scanner should be capable of detecting the source (kit application) and its spawn. |
| 恶性产物一般统称指一些不在预期内、恶性程式码、手机码如:病毒、特洛依木马程式、电脑蠕虫、或是恶作剧程式等。 |
Multi-partite viruses have characteristics of both boot sector viruses and file infecting viruses. |
| 指New Executable,也就是一般Windows 16位元 可执行档案格式。这种病毒可以被趋势科技产品侦测为"NE_Virusname"。 |
| 指Portable Executable,也就是一般标准Windows 32位元 可执行档案格式。这种病毒可以被趋势科技产品侦测为"PE_病毒名称"。 |
Polymorphic viruses indicate that the virus code contains a special routine that changes the other parts of the virus code on each replication to evade detection by antivirus software. Trend Micro’s antivirus products have the ability to decrypt the virus and detect such viruses. |
| A proof of concept virus or Trojan indicates that something is new or that it has never seen before. For example, VBS_Bubbleboy was a proof of concept worm, as it was the first email worm to automatically execute without requiring a user to double-click on an attachment. Most proof of concept viruses are never seen in-the-wild. However, virus writers will often take the idea (and code) from a proof of concept virus and implement it in future viruses. |
| Script 病毒是以 script 程式语言如 VBScript 以及 JavaScript 撰写而成。VBScript(Visual Basic Script)以及 Java Script 病毒必须透过 Microsoft 的 Windows Scripting Host(WSH) 才能够启动执行以及感染其他档案。WSH 只可用于 Windows 98 以及 Windows 2000,您只要在 Windows 档案总管按两下 *.vbs 或 *.js 档便可以启动病毒。 HTML 病毒使用内嵌在 HTML 档中的 script 来进行破坏。当使用者从具备 script 功能的浏览器检视 HTML 网页时,内嵌 script 便会自动执行。 |
Spyware is a software applications that monitors a user’s computing habits and personal information and sends this information to third parties without the user’s authorization or knowledge. |
| A stealer is a Trojan that gathers information from a system. The most common form of stealers are those that gather logon information, like usernames and passwords, and then send the information to another system either via email or over a network. Other stealers, called key loggers, log user keystrokes which may reveal sensitive information. |
| This table displays the relative rate of infection in each region. While the "number of computers infected" table reflects the larger numbers of Internet users in North America, Asia and Europe, the "rate of infection" is useful as an estimate of how quickly a virus is spreading in each region. An infection rate of 5%, for example, means that approximately 5 out of 100 computers are infected. Please note that these rates are based only on HouseCall users who have scanned their PC in the last 24 hours. See Trend Micro's Virus Map for additional information. |
| The Virus Map is a tool for measuring virus infections around the world. All virus infection data comes from HouseCall, Trend Micro's free, online virus scanner for PCs. Trend Micro has been collecting real-time virus infection statistics since November 1999, therefore statistics for viruses discovered before this date are limited to the timeframe from November 1999 to the present. Visit the Virus Map at wtc.trendmicro.com. |
| 目前尚无公认的病毒以及恶意程式码的命名规则。每一个病毒可能有多种不同的名称或别名。请参阅病毒种类中趋势科技病毒命名规则的说明。 |
| This table displays the number of infected computers in each of the top 10 countries where this virus has been detected, since detection first became available. See World Virus Tracking Center for additional information. |
| 指病毒含有特殊的程式可将病毒码本身加密来避开防毒软体的侦测。Trend Micro 的防毒产品具有病毒码本身解密以及侦测这种病毒的能力。 |
| 启动磁区型病毒会感染磁碟的启动磁区或分割区表格。电脑系统最容易受到启动磁区型病毒攻击,如果您使用中毒的磁片开机的话 -- 即使开机不成功也会使病毒感染硬碟。另外,有少数病毒可以从执行档感染启动磁区 -- 这些病毒称为复合式病毒,但不多见。系统一旦感染后,启动磁区型病毒会企图感染该电脑上使用的每一个磁碟。通常,磁区型病毒大部份都可以完全清除。 |
| 在外散播病毒清单含有目前已经发现之广泛感染使用者电脑的病毒的清单。这个清单是由防毒研究者 Joe Wells 维护并更新。Wells 除了定期更新这个清单外,并和世界各地的防毒研究团体密切合作,其中包括 Trend Micro。当 ICSA (国际电脑安全协会)指导防毒产品的病毒测试时,会使用「在外散播」清单当作比较分析的基本。详细资讯:http://www.wildlist.org |
| 执行档型病毒会感染执行档(通常是指副档名为 .com 或 .exe 的档案)。这种病毒大部份都只是企图以感染其他主机程式的方式进行复制散播 -- 不过有些会因为覆盖原始程式码而导致原始程式被破坏。这种病毒有一小部份非常具有破坏性,会在预设的时间企图将硬碟格式化或执行一些其他恶意动作。在许多情况下,执行档病毒可完全从中毒档案清除。如果病毒已经覆盖一部份程式码,则原始档案将无法复原。 |
| 有些病毒在感染文件时会对文件设定密码。病毒设定密码的用意是使文件变成无法被存取。这个密码可能是一个字,也可能是随机产生的号码。 |
| 指病毒的大小(位元组)。有时候大小会被当作名称的一部份,用来区别它的变体。 |
| 巨集病毒是一种透过其他应用程式之巨集语言来散播本身的病毒。它们会感染 MS Word 或 MS Excel 的文件。和其它病毒不一样,巨集病毒不会感染程式或启动磁区 -- 不过,它们有一些可能会在使用者的硬碟留下程式。留下的程式可能感染执行档或启动磁区。可使用Trend Micro的防毒产品将巨集病毒成功地从感染文件中清除。 注意事项: 有时候,您清除完 Word 巨集病毒而重新启动 Microsoft Word 时,可能会看到 "illegal operation"(操作不合法) 的错误讯息。如果出现这种现象,请找出 "normal.dot" 档并将它更名为 "normaldot.bak"。MS Word 会在下一次启动时产生一个新的干净的 "normal.dot"。这是因为有些病毒会留下 MS Word 无法正确读取的无害程式码而造成的错误动作。趋势科技防毒软体只会移除恶意病毒码但不会删除使用者建立的巨集。 |
| 指病毒可以执行或进行感染的电脑作业系统或应用程式。通常,有些病毒需要特定的作业系统,有些巨集病毒则需要特定的程式才能够执行。 |
| 后门程式会偷偷开启进出用户电脑系统的管道,通常被运用来盗入安全系统。后门程式不会感染其他主要档案,但是几乎所有的后门程式会更改注册机值。如果要进一步了解如何移除,请看病毒描述。 |
| 恶作剧病毒程式通常都是执行程式。将它们加到侦测清单的理由是它们会造成困扰而且可能含有色情影像。恶作剧程式如果不是刻意散播,通常没有自我散播能力。清除恶作剧程式的方法是直接从电脑删除它们。 |
Distribution potential is derived from the characteristics of the malicious program. Fast-spreading network worms can spread across continents within just minutes. Some malicious programs also use numerous infection and spreading techniques – often referred to as blended threats or mixed threats. The Nimda virus, for example, was able to spread via email, network shares, infected Web sites, as well as Web traffic (http/port 80). As new systems are made and improved with added functionality, proof-of-concept malware often follows. This uniqueness, as well as the widespread implementation of a particular operating system or software, also influences the potential distribution of each malware. Many viruses written in the past do not run or spread on newer operating systems or operating systems that have all the latest security patches installed. High Medium Low |
Reported Infections, or real-time spread, is measured by reports coming in from the World Virus Tracking Center, as well as from Trend Micro business units around the world that are receiving threat reports and support inquiries in their areas. Reports from other antivirus industry vendors, and media attention, also contribute to this factor. High - reports indicate that the virus has been seen all over the world and with numerous infections per site. Medium - few reported incidents all over the world or numerous reports in certain regions. Low - no, or very few, infections reported. |
| 病毒百科全书档 "技术说明" 段落部份提供病毒在宿主系统上执行之动作的特定资讯。这项资讯可协助系统管理者移除及识别病毒。家庭用户应该使用自动化工具如 Trend PC-cillin 或 Trenda免费线上扫瞄程式HouseCall 来侦测以及清除电脑上的病毒。 |
| This chart displays the number of computers infected within the last 24 hours (1d), last 7 days (7d), last year (1y), or since detection first became available (All). See World Virus Tracking Center for additional information. |
| 特洛依木马型病毒是一种会执行非预期或未授权(恶意)之动作的程式,例如显示讯息、删除档案或将磁碟格式化。特洛依木马型病毒不会感染其他寄宿档案,因此不需要进行清除。清除特洛依木马型病毒的方法是直接删除受感染的程式。 |
| Joke programs are ordinary executable programs. They are added to the detection list because they are found to be very annoying and/or they contain pornographic images. Joke programs cannot spread unless someone deliberately distributes them. To get rid of a Joke program, delete the file from your system. |
| 指病毒会执行并产生破坏现象的条件或日期。请注意,日期启动型病毒一年 365 天都可能感染您的电脑。您的电脑可能在指示的日期之前已经被病毒感染。 |
| 电脑病毒是根据其档案种类以及感染方式来分类。Trend Micro 使用下列字首来区别这些病毒:
巨集病毒 - W2KM、W97M、X97M、P97M、A97M、WM、XM、V5M COM 及 EXE 档病毒 - PE 、 NE 或没有字首 后门程式 - BKDR 开机型病毒 - 没有字首 特洛依木马型病毒 - TROJ Executable and Link format - ELF 恶作剧程式 - JOKE Java 恶意程式码 - JAVA ActiveX 恶意程式码 - ATVX VBScript、JavaScript 或 HTML 病毒 - VBS、JS、HTML |
| 指病毒可能的发源地。 |
| 指某病毒第一次被发现(知道)的日期。 |
Damage potential and danger to systems is derived from the characteristics of the malicious program. Some malicious programs have been known to attack important operating system files, leaving the system unstable or unable to re-boot. High Medium |
| 除了自我复制外,有些病毒还具有将病毒传染出去的能力破坏现象。病毒具有破坏性的定义是指该病毒会对您的系统所执行的破坏现象,例如破坏或删除档案、将硬碟格式化以及进行拒绝服务等攻击。 |
| 病毒的破坏现象是指在中毒电脑上执行的动作。这些现象有些是无害的,例如显示讯息或退出光碟片,有些则是最具破坏性地删除整个硬碟资料。 |
| 电脑蠕虫病毒是一种自含程式(或一组程式),可将本身的功能或程式码的一部份散播到其他电脑。这种病毒通常是透过网路连线或电子邮件的附件散播。清除蠕虫病毒的方法是直接删除它们。 |
大部份的病毒都可以经由Trend 防毒软体从寄宿档案中被清除。会修改系统登录或留下档案的病毒或特洛依木马型病毒需要特定的清除指示。通常,删除特洛依木马型病毒或恶作剧程式的方法是直接删除感染的程式,不需要任何清除动作。 若要快速检查您的 PC 是否还含有病毒,请利用 HouseCall ─ 这是趋势科技的线上扫毒程式。这项工具可侦测出您的 PC 中潜藏的病毒。 若要在病毒感染您的 PC 或网路之前就将病毒扫除,维护您 PC 的健康,请即刻采用可能的防毒解决方案。趋势科技可针对家庭用户、企业用户以及ISP,提供病毒防护与内容保全解决方案。 |
| 指病毒执行平台的语言环境,例如英文版或中文版 MS Word。 |
| 这是列出在Trend 病毒百科全书中之病毒的简明摘要。按一下 "Tech Details"(技术说明)标签可取得某种病毒的技术性说明。 |
| This table displays the number of infected computers, by region, since detection first became available for this virus. See World Virus Tracking Center for additional information. |
| 指某种病毒潜在的危险性威胁。它是依据各种因素,包括(但不限于)潜在散播、破坏能力以及实际报告案例而定。 |
