Computer Virus
Virus Introduction
Viruses will cause much confusion,Even some virus,experts” will misinform the cause of the virus,Let's define what we mean by virus.
A virus is a program that reproduces its own code by attaching itself to other executable files,so the virus code is executed when the infected executable file is executed,Here,the program (COM or EXE file) refers to an executable file,To attach might mean physically adding to the end of a file,inserting into the middle of a file,or simply placing a pointer to a different location on the disk somewhere where the virus can find it.
Most viruses place self-replicating codes in other programs,so that when those other programs are executed,even more programs are "infected" with the self-replicating codes,These self-replicating codes,when caused by some event,may do a potentially harmful act to your computer.
The macro portion of a data file maybe much more critical (e.g.,a Microsoft Word document),but less obvious,More recently,scripts written for Internet web sites and/or included in E-mail can also be executed and infected,Similar to viruses,you can also find malicious codes in Trojan Horses,worms,and logic bombs.
参考译文计算机病毒介绍病毒是导致很多问题产生的一个原因,甚至有些专家也会对病毒的产生产生误解。首先让我们定义一下我们所说的病毒:
病毒就是一个能够通过把自身附加到可执行文件之后来复制其自身代码的程序,通过这种方式可以使得被感染的可执行文件执行时,病毒代码也能够被执行。这里的“程序”(COM或EXE文件)指的是一个可执行文件。附加可能指的是物理地添加到一个文件的尾部,插入到一个文件的中间,或者只是简单地将指针放置到病毒可以在磁盘中找到的某处的不同位置。
许多病毒将可自复制的代码放置到其他程序。这样当被感染的程序被执行时,更多的程序就被这些可自复制的代码感染了。当这些自复制代码被一些事件触发时,或许会做出一些对你的计算机有潜在危害的行为。数据文件的宏部分(如微软的word文件)可能是更具危害性但不易被发现的病毒。现在,为网站编写的或者包括在E-mail中的脚本也能够被执行和感染。与病毒相似,你可以从特洛伊木马、蠕虫和逻辑炸弹中找到恶意代码。
Virus Behavior-Infection Phase
Viruses have many different forms,but they all potentially have two phases to their execution,the infection phase and the attack phase,Now we firstly discuss the infection phase.
When the virus executes it can infect other programs,Some viruses infect other programs each time they are executed; other viruses infect only upon a certain cause,This cause could be anything,a day or time,an external event on your PC,a counter within the virus,etc,Virus writers want their programs to spread as far as possible before anyone notices them.
Many viruses go resident in the memory of your PC (like TSR),The virus may silently resident in memory waiting for you to access a diskette,copy a file,or execute a program,before it infects anything,Because the cause condition they use for their infection is hard to guess,viruses are more difficult to analyze,
Resident viruses frequently take over portions of the system software on the PC to hide their existence,This technique is called stealth,Polymorphic techniques also help viruses to infect yet avoid detection.
Note that worms often take the opposite approach and spread as fast as possible,While this makes their detection virtually certain,it also has the effect of slowing networks and denying access.
参考译文病毒的行为——感染阶段病毒有很多不同的形式,但在它们执行的过程中都有两个阶段:感染阶段和攻击阶段。首先,我们先来讨论感染阶段。
病毒在执行时,能够感染其他程序。一些病毒会在每次被执行时,都感染其他程序;另一些病毒只是在一些特定的触发原因下才能感染其他程序。这个触发原因可能是任何事件,一个日期或时间,一个计算机的外部事件,一个病毒内部的计数器等。病毒的编写者想让他的程序在其他人发现之前尽可能地广泛传播。
许多病毒像终止驻留程序那样驻留在PC的内存中。病毒能够在它感染其他程序前潜伏在内存中,等待你存取磁盘,拷贝文件或执行一个程序。很难判断什么是它的触发条件,因此也很难分析它。
驻留内存病毒常常代替PC系统文件的一部分来掩饰它的存在,这种技术叫做隐藏。多态技术也能够帮助病毒进行感染而不被检测到。
蠕虫病毒采用相反的方法尽可能快速地传播。虽然能够检测到它的存在,但它依然能使上网速度下降并且能拒绝访问。
Virus Behavior-Attack Phase
Many viruses do unpleasant things such as deleting files or changing random data on your disk,simulating typewriting or merely slowing your PC down; some viruses do less harmful things such as playing music or creating messages or animation on your screen,Just as the infection phase can be caused by some event,the attack phase also has its own cause.
Does this mean a virus without an attack phase is benign? No,Most viruses have bugs in them and these bugs often cause unintended negative side effects,In addition,even if the virus is perfect,it still steals system resources,
Viruses often delay revealing their presence by launching their attack only after they have had enough opportunity to spread,This means the attack could be delayed for days,weeks,months,or even years after the initial infection.
The attack phase is optional,many viruses simply reproduce and have no cause for an attack phase,Does this mean that these are "good" viruses? No! Anything that writes itself to your disk without your permission is stealing storage and CPU cycles,
This is made worse since viruses that "just infect," with no attack phase,often damage the programs or disks they infect,This is not an intentional act of the virus,but simply a result of the fact that many viruses contain extremely poor quality code.
An example,one of the most common past viruses,Stoned,is not intentionally harmful,Unfortunately,the author did not anticipate the use of anything other than 360KB floppy disks,The original virus tried to hide its own code in an area of 1.2MB diskettes that resulted in corruption of the entire diskette (this bug was fixed in later versions of the virus).
参考译文病毒的行为——攻击阶段许多病毒会做一些不太令人愉快的事情,比如删除文件或者改变磁盘上的随机数据,冒充打字稿或者只是降低PC的速度;一些病毒做一些不太有害的事情,比如播放音乐或在屏幕上显示一些信息或动画。如同感染阶段需要一些事件触发一样,攻击阶段也有它自己的触发条件。
这是否就意味着一个没有攻击阶段的病毒就是良性的呢?不。许多病毒其自身都有bug,这些bug会产生一些未知的消极影响。此外,即使病毒设计完美,它仍会盗用系统资源。
病毒可以通过当它们拥有充足条件时才开始传播的方法来推迟暴露它们的存在。这意味着攻击可能会被推迟到最初感染后的几天,几星期,几个月甚至几年才会发生。
攻击阶段是可选择性的,许多病毒的攻击只是简单地进行复制并且没有触发因素。是否这就可以说这些是“好”病毒呢?不!任何不经过你允许而在你磁盘上复制自己的东西都会盗用内存和CPU资源。
有些病毒只会“感染”而没有攻击阶段,但它们会破坏被它们感染的程序或磁盘,这反而更有害。这并不是这些病毒想要做的事情,而是因为它们中含有很差的代码所带来的后果。
举一个例子,一个过去最普通的病毒——Stoned——并没有明确的破坏性。但不幸的是,病毒的编写者并没有预见到不同于360KB软盘的其他磁盘的使用。最初的病毒试图把它自身隐藏在1.2MB的磁盘中从而导致整张磁盘变坏(在这个病毒后来的版本中,这个bug已经修复)。
Number of Viruses
In 1990,estimates ranged from 200 to 500; then in 1991 estimates ranged from 600 to 1,000 different viruses,In late 1992,estimates were ranging from 1,000 to 2,300 viruses,In mid-1994,the numbers vary from 4,500 to over 7,500 viruses,In 1996 the number climbed over 10,000,1998 saw 20,000 and 2000 topped 50,000,It's easy to say there are more now.
The confusion exists partly because it's difficult to agree on how to count viruses,New viruses frequently arise from someone taking an existing virus that does something like put a message out on your screen saying "Your PC is now stoned" and changing it to say something like "Donald Duck is a liar!",Is this a new virus? Most experts say yes,But,this is a trivial change that can be done in less than two minutes resulting in yet another "new" virus.
Another problem comes from viruses that try to conceal themselves from scanners by mutating,In other words,every time the virus infects another file,it will try to use a different version of itself,These viruses are known as polymorphic viruses.
One example,the Whale (a huge clumsy 10,000 byte virus),creates 33 different versions of itself when it infects files,At least one person counts this as 33 different viruses on their list,Many of the large number of viruses known to exist have not been detected in the wild but probably exist only in someone's virus collection.
David M,Chess of IBM's High Integrity Computing Laboratory reported in the November 1991 Virus Bulletin that "about 30 different viruses and variants account for nearly all of the actual infections that we see in day-to-day operation." Now,about 180 different viruses (and some of these are members of a single family) account for all the viruses that actually spread in the wild.
How can there be so few viruses active when some experts report such high numbers? This is probably because most viruses are poorly written and cannot spread at all or cannot spread without betraying their presence,Although the actual number of viruses will probably continue to be hotly debated,what is clear is that the total number of viruses is increasing.
参考译文病毒的数量在1990年,估计有200~500种病毒。到1991年,估计有600~1 000种不同的病毒。在1992年下半年,估计有1 000~2 300种病毒。1994年中期有4 500~7 500种病毒。1996年就超过了10 000种。1998年大概是20 000种,到2000年就达到50 000种。很明显,现在病毒越来越多了。
由于在怎样计算病毒上很难达成一致,所以现在还存在一些混乱。新病毒往往是由已经存在的病毒经过一些变化产生的。例如,把输出到屏幕上的信息由“你的PC现在被石化了”改为“Donald Duck是个骗子!”这是一种新的病毒么?大部分病毒专家会说是。但是,一个在两分钟内可以完成的细微的改动就产生了一种“新”病毒。
另一个问题是由于一些病毒是通过变异的方式试图使它不被病毒扫描器发现而产生的。换句话说,每次这个病毒感染了另一个文件,就会产生一个不同的版本。这些病毒被认为是多态性病毒。
举一个例子,病毒Whale(一个巨大笨拙的10 000字节的病毒),当它感染文件时能够产生33种不同的版本。有人就将这作为33种不同的病毒列在他的病毒列表里了。很多病毒虽然还没有被公众检测到,但可能已经在某个人的病毒收集夹中了。
IBM高集成计算机实验室的David M,Chess在1991年11月发表的病毒公告上说:“大概30种不同的病毒及其变种就能够说明几乎所有我们所见的实际的病毒感染。”现在,大概180种病毒(这些当中的一部分属于一个病毒家族)就可以概括所有现在实际传播中的病毒。
为什么有些专家报道如此巨大的数字而只有这么少的病毒在活动呢?很可能是因为大部分病毒编写差劲,导致其根本不能传播,或者在不暴露自己存在的情况下不能传播。虽然关于病毒的实际数量可能会继续进行激烈的争论,但一个很清楚的事实就是病毒的总数在增加。
How Serious are Viruses?
While serious if you have one,viruses are only one way your data can be damaged,You must be prepared for all threats; many of which are more likely to strike than viruses.
It's important to keep viruses in perspective,A well-known anti-virus researcher once said that you have more to fear from a cup of coffee (which may spill) than from viruses,While the growth in number of viruses and introduction of the Microsoft Word macro viruses and Visual Basic Script worms now puts this statement into question (even though you can avoid these by just not clicking on them to open them!),it's still clear that there are many dangerous occurrences of data corruption from causes other than from viruses.
So,does this mean that viruses are nothing to worry about? Emphatically,no! It just means that it's foolish to spend much money and time on addressing the threat of viruses if you've done nothing about the other more likely threats to your files,Because viruses and worms are deliberately written to invade and possibly damage your PC,they are the most difficult threat to guard against,It's pretty easy to understand the threat that disk failure represents and what to do about it (although surprisingly few people even address this threat),The threat of viruses is much more difficult to deal with,There are no "cures" for the virus problems,One just has to take protective steps with anti-virus software and use some common sense when dealing with unknown files.
参考译文病毒真的很可怕么?
虽然如果你的机器被病毒感染会许多威协带来很严重的后果,但那只是你的数据被破坏的其中一种方式。你必须准备应对所有的威胁,许多威协比病毒的威力还要大。
正确对待病毒是很重要的。一位著名的反病毒专家说过,“也许一杯咖啡(可能会洒)会带来比病毒更大的威胁。”虽然病毒的数量在增加,并且现在微软Word宏病毒和Visual Basic脚本蠕虫的出现对这一说法产生了质疑(即使你可以不去点击它们来避免感染!),但很明显,仍有很多其他的原因导致数据崩溃。
那么,是否说病毒并不值得忧虑啊?大声地说,不!只是说,如果没有防范其他会对你文件造成的威胁,而花费过多的时间和金钱来忙于防范病毒的威胁是不明智的。因为病毒和蠕虫是专门写来入侵和破坏你的PC的,所以最难防范;而我们能够很容易地知道磁盘出错并且知道怎样去处理它(虽然令人惊奇的是很少有人从事这方面的研究)。病毒带来的威胁相比较而言很难处理,没有“治疗”病毒的方法,只能使用杀毒软件采取一些保护措施,或对一些未知类型文件采用一些常规的处理方法。
Virus Introduction
Viruses will cause much confusion,Even some virus,experts” will misinform the cause of the virus,Let's define what we mean by virus.
A virus is a program that reproduces its own code by attaching itself to other executable files,so the virus code is executed when the infected executable file is executed,Here,the program (COM or EXE file) refers to an executable file,To attach might mean physically adding to the end of a file,inserting into the middle of a file,or simply placing a pointer to a different location on the disk somewhere where the virus can find it.
Most viruses place self-replicating codes in other programs,so that when those other programs are executed,even more programs are "infected" with the self-replicating codes,These self-replicating codes,when caused by some event,may do a potentially harmful act to your computer.
The macro portion of a data file maybe much more critical (e.g.,a Microsoft Word document),but less obvious,More recently,scripts written for Internet web sites and/or included in E-mail can also be executed and infected,Similar to viruses,you can also find malicious codes in Trojan Horses,worms,and logic bombs.
参考译文计算机病毒介绍病毒是导致很多问题产生的一个原因,甚至有些专家也会对病毒的产生产生误解。首先让我们定义一下我们所说的病毒:
病毒就是一个能够通过把自身附加到可执行文件之后来复制其自身代码的程序,通过这种方式可以使得被感染的可执行文件执行时,病毒代码也能够被执行。这里的“程序”(COM或EXE文件)指的是一个可执行文件。附加可能指的是物理地添加到一个文件的尾部,插入到一个文件的中间,或者只是简单地将指针放置到病毒可以在磁盘中找到的某处的不同位置。
许多病毒将可自复制的代码放置到其他程序。这样当被感染的程序被执行时,更多的程序就被这些可自复制的代码感染了。当这些自复制代码被一些事件触发时,或许会做出一些对你的计算机有潜在危害的行为。数据文件的宏部分(如微软的word文件)可能是更具危害性但不易被发现的病毒。现在,为网站编写的或者包括在E-mail中的脚本也能够被执行和感染。与病毒相似,你可以从特洛伊木马、蠕虫和逻辑炸弹中找到恶意代码。
Virus Behavior-Infection Phase
Viruses have many different forms,but they all potentially have two phases to their execution,the infection phase and the attack phase,Now we firstly discuss the infection phase.
When the virus executes it can infect other programs,Some viruses infect other programs each time they are executed; other viruses infect only upon a certain cause,This cause could be anything,a day or time,an external event on your PC,a counter within the virus,etc,Virus writers want their programs to spread as far as possible before anyone notices them.
Many viruses go resident in the memory of your PC (like TSR),The virus may silently resident in memory waiting for you to access a diskette,copy a file,or execute a program,before it infects anything,Because the cause condition they use for their infection is hard to guess,viruses are more difficult to analyze,
Resident viruses frequently take over portions of the system software on the PC to hide their existence,This technique is called stealth,Polymorphic techniques also help viruses to infect yet avoid detection.
Note that worms often take the opposite approach and spread as fast as possible,While this makes their detection virtually certain,it also has the effect of slowing networks and denying access.
参考译文病毒的行为——感染阶段病毒有很多不同的形式,但在它们执行的过程中都有两个阶段:感染阶段和攻击阶段。首先,我们先来讨论感染阶段。
病毒在执行时,能够感染其他程序。一些病毒会在每次被执行时,都感染其他程序;另一些病毒只是在一些特定的触发原因下才能感染其他程序。这个触发原因可能是任何事件,一个日期或时间,一个计算机的外部事件,一个病毒内部的计数器等。病毒的编写者想让他的程序在其他人发现之前尽可能地广泛传播。
许多病毒像终止驻留程序那样驻留在PC的内存中。病毒能够在它感染其他程序前潜伏在内存中,等待你存取磁盘,拷贝文件或执行一个程序。很难判断什么是它的触发条件,因此也很难分析它。
驻留内存病毒常常代替PC系统文件的一部分来掩饰它的存在,这种技术叫做隐藏。多态技术也能够帮助病毒进行感染而不被检测到。
蠕虫病毒采用相反的方法尽可能快速地传播。虽然能够检测到它的存在,但它依然能使上网速度下降并且能拒绝访问。
Virus Behavior-Attack Phase
Many viruses do unpleasant things such as deleting files or changing random data on your disk,simulating typewriting or merely slowing your PC down; some viruses do less harmful things such as playing music or creating messages or animation on your screen,Just as the infection phase can be caused by some event,the attack phase also has its own cause.
Does this mean a virus without an attack phase is benign? No,Most viruses have bugs in them and these bugs often cause unintended negative side effects,In addition,even if the virus is perfect,it still steals system resources,
Viruses often delay revealing their presence by launching their attack only after they have had enough opportunity to spread,This means the attack could be delayed for days,weeks,months,or even years after the initial infection.
The attack phase is optional,many viruses simply reproduce and have no cause for an attack phase,Does this mean that these are "good" viruses? No! Anything that writes itself to your disk without your permission is stealing storage and CPU cycles,
This is made worse since viruses that "just infect," with no attack phase,often damage the programs or disks they infect,This is not an intentional act of the virus,but simply a result of the fact that many viruses contain extremely poor quality code.
An example,one of the most common past viruses,Stoned,is not intentionally harmful,Unfortunately,the author did not anticipate the use of anything other than 360KB floppy disks,The original virus tried to hide its own code in an area of 1.2MB diskettes that resulted in corruption of the entire diskette (this bug was fixed in later versions of the virus).
参考译文病毒的行为——攻击阶段许多病毒会做一些不太令人愉快的事情,比如删除文件或者改变磁盘上的随机数据,冒充打字稿或者只是降低PC的速度;一些病毒做一些不太有害的事情,比如播放音乐或在屏幕上显示一些信息或动画。如同感染阶段需要一些事件触发一样,攻击阶段也有它自己的触发条件。
这是否就意味着一个没有攻击阶段的病毒就是良性的呢?不。许多病毒其自身都有bug,这些bug会产生一些未知的消极影响。此外,即使病毒设计完美,它仍会盗用系统资源。
病毒可以通过当它们拥有充足条件时才开始传播的方法来推迟暴露它们的存在。这意味着攻击可能会被推迟到最初感染后的几天,几星期,几个月甚至几年才会发生。
攻击阶段是可选择性的,许多病毒的攻击只是简单地进行复制并且没有触发因素。是否这就可以说这些是“好”病毒呢?不!任何不经过你允许而在你磁盘上复制自己的东西都会盗用内存和CPU资源。
有些病毒只会“感染”而没有攻击阶段,但它们会破坏被它们感染的程序或磁盘,这反而更有害。这并不是这些病毒想要做的事情,而是因为它们中含有很差的代码所带来的后果。
举一个例子,一个过去最普通的病毒——Stoned——并没有明确的破坏性。但不幸的是,病毒的编写者并没有预见到不同于360KB软盘的其他磁盘的使用。最初的病毒试图把它自身隐藏在1.2MB的磁盘中从而导致整张磁盘变坏(在这个病毒后来的版本中,这个bug已经修复)。
Number of Viruses
In 1990,estimates ranged from 200 to 500; then in 1991 estimates ranged from 600 to 1,000 different viruses,In late 1992,estimates were ranging from 1,000 to 2,300 viruses,In mid-1994,the numbers vary from 4,500 to over 7,500 viruses,In 1996 the number climbed over 10,000,1998 saw 20,000 and 2000 topped 50,000,It's easy to say there are more now.
The confusion exists partly because it's difficult to agree on how to count viruses,New viruses frequently arise from someone taking an existing virus that does something like put a message out on your screen saying "Your PC is now stoned" and changing it to say something like "Donald Duck is a liar!",Is this a new virus? Most experts say yes,But,this is a trivial change that can be done in less than two minutes resulting in yet another "new" virus.
Another problem comes from viruses that try to conceal themselves from scanners by mutating,In other words,every time the virus infects another file,it will try to use a different version of itself,These viruses are known as polymorphic viruses.
One example,the Whale (a huge clumsy 10,000 byte virus),creates 33 different versions of itself when it infects files,At least one person counts this as 33 different viruses on their list,Many of the large number of viruses known to exist have not been detected in the wild but probably exist only in someone's virus collection.
David M,Chess of IBM's High Integrity Computing Laboratory reported in the November 1991 Virus Bulletin that "about 30 different viruses and variants account for nearly all of the actual infections that we see in day-to-day operation." Now,about 180 different viruses (and some of these are members of a single family) account for all the viruses that actually spread in the wild.
How can there be so few viruses active when some experts report such high numbers? This is probably because most viruses are poorly written and cannot spread at all or cannot spread without betraying their presence,Although the actual number of viruses will probably continue to be hotly debated,what is clear is that the total number of viruses is increasing.
参考译文病毒的数量在1990年,估计有200~500种病毒。到1991年,估计有600~1 000种不同的病毒。在1992年下半年,估计有1 000~2 300种病毒。1994年中期有4 500~7 500种病毒。1996年就超过了10 000种。1998年大概是20 000种,到2000年就达到50 000种。很明显,现在病毒越来越多了。
由于在怎样计算病毒上很难达成一致,所以现在还存在一些混乱。新病毒往往是由已经存在的病毒经过一些变化产生的。例如,把输出到屏幕上的信息由“你的PC现在被石化了”改为“Donald Duck是个骗子!”这是一种新的病毒么?大部分病毒专家会说是。但是,一个在两分钟内可以完成的细微的改动就产生了一种“新”病毒。
另一个问题是由于一些病毒是通过变异的方式试图使它不被病毒扫描器发现而产生的。换句话说,每次这个病毒感染了另一个文件,就会产生一个不同的版本。这些病毒被认为是多态性病毒。
举一个例子,病毒Whale(一个巨大笨拙的10 000字节的病毒),当它感染文件时能够产生33种不同的版本。有人就将这作为33种不同的病毒列在他的病毒列表里了。很多病毒虽然还没有被公众检测到,但可能已经在某个人的病毒收集夹中了。
IBM高集成计算机实验室的David M,Chess在1991年11月发表的病毒公告上说:“大概30种不同的病毒及其变种就能够说明几乎所有我们所见的实际的病毒感染。”现在,大概180种病毒(这些当中的一部分属于一个病毒家族)就可以概括所有现在实际传播中的病毒。
为什么有些专家报道如此巨大的数字而只有这么少的病毒在活动呢?很可能是因为大部分病毒编写差劲,导致其根本不能传播,或者在不暴露自己存在的情况下不能传播。虽然关于病毒的实际数量可能会继续进行激烈的争论,但一个很清楚的事实就是病毒的总数在增加。
How Serious are Viruses?
While serious if you have one,viruses are only one way your data can be damaged,You must be prepared for all threats; many of which are more likely to strike than viruses.
It's important to keep viruses in perspective,A well-known anti-virus researcher once said that you have more to fear from a cup of coffee (which may spill) than from viruses,While the growth in number of viruses and introduction of the Microsoft Word macro viruses and Visual Basic Script worms now puts this statement into question (even though you can avoid these by just not clicking on them to open them!),it's still clear that there are many dangerous occurrences of data corruption from causes other than from viruses.
So,does this mean that viruses are nothing to worry about? Emphatically,no! It just means that it's foolish to spend much money and time on addressing the threat of viruses if you've done nothing about the other more likely threats to your files,Because viruses and worms are deliberately written to invade and possibly damage your PC,they are the most difficult threat to guard against,It's pretty easy to understand the threat that disk failure represents and what to do about it (although surprisingly few people even address this threat),The threat of viruses is much more difficult to deal with,There are no "cures" for the virus problems,One just has to take protective steps with anti-virus software and use some common sense when dealing with unknown files.
参考译文病毒真的很可怕么?
虽然如果你的机器被病毒感染会许多威协带来很严重的后果,但那只是你的数据被破坏的其中一种方式。你必须准备应对所有的威胁,许多威协比病毒的威力还要大。
正确对待病毒是很重要的。一位著名的反病毒专家说过,“也许一杯咖啡(可能会洒)会带来比病毒更大的威胁。”虽然病毒的数量在增加,并且现在微软Word宏病毒和Visual Basic脚本蠕虫的出现对这一说法产生了质疑(即使你可以不去点击它们来避免感染!),但很明显,仍有很多其他的原因导致数据崩溃。
那么,是否说病毒并不值得忧虑啊?大声地说,不!只是说,如果没有防范其他会对你文件造成的威胁,而花费过多的时间和金钱来忙于防范病毒的威胁是不明智的。因为病毒和蠕虫是专门写来入侵和破坏你的PC的,所以最难防范;而我们能够很容易地知道磁盘出错并且知道怎样去处理它(虽然令人惊奇的是很少有人从事这方面的研究)。病毒带来的威胁相比较而言很难处理,没有“治疗”病毒的方法,只能使用杀毒软件采取一些保护措施,或对一些未知类型文件采用一些常规的处理方法。
