一、帮小红伞去广告
小红伞是网友们对AntiVir Personal Edition Classic的亲切爱称,因为它图标就是一把表示防护的小红伞。
AntiVir Personal Edition Classic是一套来自德国的免费杀毒软件,防毒能力不逊于《卡巴斯基》等国外大牌杀毒软件,而且占用资源较少,可是它的免费版不时会弹出一些广告窗 口,让人心烦……本文介绍一种方法,只需几个步骤,就可以消灭它的广告窗口。
Step1:依次单击“开始”→“设置”→“控制面板”,在控制面板窗口依次双击“管理工具”→“本地安全策略”。
Step2:在“ 本地安全设置”窗口左边选择“软件限制策略”,依次单击窗口菜单“操作”→“创建新策略”。然后在“其他规则”上单击鼠标右键选择“新路径规则”,在弹出 窗口中单击“浏览”按钮,选择“C:\Program Files\AntiVir
PersonalEdition Classic\avnotify.dll”,在“安全级别”下拉列表中选择“不允许”(表示不让这个dll文件执行,图1),“应用”并“确定”。
Step3:按照Step2的操作,在“软件限制策略”中将“C:\Program Files\AntiVirPersonalEdition Classic\avnotify.exe”的安全级别设置为“不允许”。
全部设置后之后,在“本地安全策略”可以看到两个新增的软件限制策略(图2),确定无误即可。
这样设置以后,AntiVir就再不会弹出烦人的广告窗口了,我们就可以安静地使用小红伞了。
二、去除小红伞的启动画面
小红伞本身没有一个设置可以去除其开机启动画面。下面的方法已经经过本人的测试,安全有效:
在注册表中找到HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run下 面的 avgnt项并修改为"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min 后面加了个 /nosplash
注销后没有看到小红伞的启动画面。升级小红伞,更新后重启也没有了小红伞的启动画面了。
2010年5月25日星期二
让小红伞C版(免费版)监控到病毒“自动处理”
小红伞C版相对P版最为人诟病的地方就是1、监控不能自动处理,进毒网卡死 2、升级容易遇到障碍
第二个缺点暂时没办法,除非红伞升级服务器或者 我们自己看能不能民间出钱在中国架个升级服务器
对于第一点,今天看到那个帖子后突然有点想法
红伞的提示窗口是调用 guardgui.exe,如果阻止这个程序启动会怎么样?隐约记得似乎点这个程序窗口右上角的叉后会对病毒文件Access Deny……
那 么启动Windows的组策略编辑器(gpedit.msc),展开计算机配置→Windows 设置→安全设置→软件限制策略→其它规则,在右边点右键,选择新路径规则,然后填入guardgui.exe,安全级 别设为不允许的,当然也可以把guardgui.exe的全路径填进去
OK,测试一下,从样 本区随便找个毒下下来。
解压到我的文档目录下,什么都没有,再看红伞的日志:
病毒被自动 Access Deny了~目的顺利达到
不过用这种方法的话连报警声都没有了~可能红伞帮着拦截N个病毒你都还不知道 。
当 然对要求“装上就不管”来说是无所谓的。
屏蔽了guardgui.exe以后需要把扫描也改成自动处理~否则扫描的时候红 伞是不会帮你清毒的。
个人建议如下设置(P版,C版的话把
overwrite and delete
改 成
delete
就 够了)。
第二个缺点暂时没办法,除非红伞升级服务器或者 我们自己看能不能民间出钱在中国架个升级服务器
对于第一点,今天看到那个帖子后突然有点想法
红伞的提示窗口是调用 guardgui.exe,如果阻止这个程序启动会怎么样?隐约记得似乎点这个程序窗口右上角的叉后会对病毒文件Access Deny……
那 么启动Windows的组策略编辑器(gpedit.msc),展开计算机配置→Windows 设置→安全设置→软件限制策略→其它规则,在右边点右键,选择新路径规则,然后填入guardgui.exe,安全级 别设为不允许的,当然也可以把guardgui.exe的全路径填进去
OK,测试一下,从样 本区随便找个毒下下来。
解压到我的文档目录下,什么都没有,再看红伞的日志:
病毒被自动 Access Deny了~目的顺利达到
不过用这种方法的话连报警声都没有了~可能红伞帮着拦截N个病毒你都还不知道 。
当 然对要求“装上就不管”来说是无所谓的。
屏蔽了guardgui.exe以后需要把扫描也改成自动处理~否则扫描的时候红 伞是不会帮你清毒的。
个人建议如下设置(P版,C版的话把
overwrite and delete
改 成
delete
就 够了)。
知名防火墙CheckPoint等未通过 VB100认证
据国外媒体报道,本周,著名安全软件评测机构VB100发布了最新一期的评测报告。在参加测试的60款产品中,有20款被判失败未能获得最终认证,其中不 乏不乏大牌厂商,比如知名防火墙CheckPoint、Norman等就在其中。
据VB反恶意软件测试小组专家乔恩·霍维斯介绍,那些那些未能通过测试的产品最大的缺陷在于以下3点:
1. 误报率太高:常常把Adobe、Office等软件中的合法文件识别为非法;
2、其次是拦截率不高:对于上百万个病毒库而言,即使有效拦截率达到99%,那也意味着漏掉上万个恶意软件;
3. 杀毒软件的稳定性和兼容性:安装后电脑速度明显变慢或者出现异常需要关闭的现象。
卡巴警告用户:AV终结者强制关闭反病毒软件
最近卡巴斯基警告用户,提防一种新型的“AV终结者”(Trojan.Win32.AntiAV.asq)的木马程 序,该木马可以通过“特工”木马释放到用户计算机系统。它本身进行了加壳和加密,这使得它不容易被反病毒软件检测到。感染用户计算机后,AV终结者会自动 搜索计算机上启动的反病毒软件并强行将他们关闭,同时修改注册表建立映像劫持注册表项,使大多数杀毒软件不能启动。所以其主要功能就是协同其他恶意程序共 同入侵计算机,保护这些恶意程序不被杀毒软件所查杀。 这样,这些被释放的恶意程序就可以在用户计算机上为所欲为,伺机窃取用户的数据和密码信息,给用户造成巨大的经济或数据损失。
目前,卡巴斯基已可以成功查杀该病毒,笔者建议用户尽快更新病毒库进行查杀以避免不必要的损失。
开源安全技术:反病毒 从来就没有救世主
反病毒技术是一个庞大的体系,要求商用反病毒厂商要维护比反病毒体 系庞大得多的病毒捕获体系。民间开源组织缺少系统的技术积累,更无法推出成熟的反病毒软件。
反病毒要有快速的响应、完善的支持体制、及时的病毒分析与升级等配套措施,这些都是不以盈利为目的的民间开源组织无法承担的。
开源运动是信息世界的一大力量,它崇尚的自由、开放的精神成为早期网络发展的动力。从某种意义上来讲,开源运动极大地推动了IT技术的发展。开源界也从不缺少能够商用的重磅级炸 弹,如面向网页开发的PHP、 面向数据库的MySQL等。 但是这并不说明,开源可以面向任何领域的任何应用,可以解决所有的问题。在某些领域,开源还难以承担商用的需求,比如反病毒。
失败的开源“教父”
提到反病毒,就不能不提Clamav。 它是一个开源的反病毒引擎,它是基于Linux,却面向Windows病毒的文件扫描引擎。它能够检测4万种病毒、蠕虫以及木马,比普通的杀毒软件的杀毒能力还要强;能够支持检测多种压缩文件;对邮件病毒的扫描能力强。应该说,它是商 用反病毒理想的选择。
然而现在却并没有一家反病毒公司采用该引擎进行产品的开发,也没有一家共享反病毒软件作者用该开源项目进行软件开发。据悉,有企图使用该引擎进行开发 的某家安全公司也正在积极寻找有商用反病毒引擎的公司进行合作。
事实证明,Clamav引擎在反病毒商 用领域并不是一个成功的应用,也看不到有将来应用的可能性。而到目前为止,除了一些民间安全组织在推崇之外,更多看到的是Clamav只是作为反病毒爱好者研究的工具。
反病毒不是简单的杀毒
就以上事实,并不能说Clamav做得 不好,但究其原因,正是反病毒领域的特殊性导致了反病毒开源无法商用的结果。
首先,反病毒技术是一个庞大的体系,它产生时间久远,可以追溯到20年前。在病毒产生伊始,少数认识到病毒发展趋势的技术人员,都自己开发了商用软件,而这些人后来都成了反病毒大师,如开创AVP的卡巴斯基、后来成为Macfee的所罗门等。随后,由于病毒的发展速度, 使得反病毒体系迅速成熟,成为一个庞大的体系。
其次,反病毒还需要一个庞大的支撑体系。它要求每一个商用反病毒厂商要维护一个比反病毒体系庞大得多的一个病毒捕获体系。据拥有巨大病毒样本库的安天 公司介绍,他们的病毒捕获体系包括分布式蜜罐、诱饵信箱、邮件服务代管、VDS
当然,反病毒还有一些特殊的限制。比如,病毒一开始只是民间技术研究的一个方面,但随着病毒危害性的扩大而越来越受到国家的重视,许多国家政府都出面 进行管制。商用反病毒公司站在反病毒的前沿,它们能够接触到第一手的病毒资料和第一手的反病毒需求,而民间团体没有这样的环境,因此也不可能设计出一个好 的开源产品。
反病毒并不是一个简单的技术,它是工程化的技术,并不是只要把病毒找出来,杀掉就完成了工作。而要考虑诸如:查杀大量的文件时,如何让时间更短;如何 更小地占用系统资源;如何让误报产生的可能性变小等问题。这些问题是有一定的用户群之后,才会出现的,而开源项目的初衷是技术实现,很难会考虑到这些问 题。总之,反病毒的开源之路还远。
卡巴斯基2010 反病毒 半年激活码 赠送
TM1H1-31D6D-3JXYU-VDQ2N
PMMHU-VZGTV-X9VF2-ZGXST
8YXUR-A3NQ4-VP7GT-MU15Z
C7EFT-XXYXY-C1YQM-C8B5P
FU387-C77FT-DAFX7-GFM99
8M8EQ-DA1MA-P2N6G-2XK4M
834RV-HD8NH-2P274-WF3HS
UCJRR-G9HV9-V2VAB-TKRDX
使用说明:
(1)、卡巴斯基反病毒软件2010(KAV)半年版激活码自兑换之日起30日内激活有效。
(2)、从激活之日起可以免费获得卡巴斯基反病毒软件2010长达6个月的使用时间。
(3)、本激活码只能用于没有安装过卡巴斯基反病毒软件2010的计算机。
(4)、无论您的计算机之前使用何种激活码或授权许可文件(包括30天的试用模式)安装并激活过卡巴斯基反病毒软件2010,都将无法再使用本激活码激 活。
杀毒软件不能启动的解决方法
在江民2007、360安全卫士等安全工具在启动的时候显示如下提示:
启动时提示初始化失败
即便重新安装了程序,可能依旧未能解决。
出现该故障目前主要认定的可能是:ws2_32.dll文件或者MFC42.dll导致的应用程序正常初始化失败。这两个文件都属于系统文件,也会被很多 程序所调用,但是也正因为这样,一些黑客、木马就会利用这个文件进行破坏活动。不过这两个文件的隐蔽性不大,其危险性也几乎可以忽略不计,一般在遇到有破 坏行为的时候只要能认证对待并不会造成系统的瘫痪。
ws2_32.dll是什么?
ws2_32.dll是Windows Sockets应用程序接口,用于支持Internet和网络应用程序。程序运行时会自动调用ws2_32.dll文件,ws2_32.dll是个动态链 接库文件,位于系统文件夹中。Windows在查找动态链接库文件时会先在应用程序当前目录搜索,如果没有找到然后搜索Windows所在目录;如果还是 没有会搜索system32和system目录。
什么是mfc42.dll?
mfc42.dll是微软microsoft MFC程序库文件。
同样,一些病毒利用此原理在杀毒软件或者360目录中建立伪"ws2_32.dll"的文件或文件夹,在杀毒软件、360等清理软件看来这是程序运行需要 的文件而调用,这个所谓的“文件”又不具备系统"ws2_32.dll"文件的功能,所以杀毒软件等就会无法运行并提示:应用程序正常初始化 (0xc00000ba)失败!
解决方法:
1.到霏凡软件站下载“冰刃”,安装
2.把安全工具安装目录的隐藏属性去除,如果在文件夹属性里不能设置,请按以下步骤进行:开始——运行——cmd——切换到安全软件安装目录—— attrib -h -a /s /d
3.用冰刃把你安全工具安装目录下的ws2_32和MFC42文件夹强制删除
4.重启电脑就好了
傅盛重回安全领域 可牛25日发杀毒软件
5月24日,可牛科技傅盛宣布重新进入安全领域,并将于5月25日凌晨发布免费杀毒软件“可牛杀毒”Beta版。
傅介绍称,该产品与“其他安全产品”相比具有两大特点:1,“可以和所有软件共存”;2,查杀率再国内最高。傅表示,“技术不兼容”的问题早已被解决,类 似于“卸载门”等事件,完全属于不正当竞争。
目前该公司拥有员工100余名,其中60%左右员工负责“可牛杀毒”项目。
傅盛表示,据该杀毒软件原计划于6月上线,目前正在进行融资。“可牛杀毒”实际上比新闻报的更有料,但是由于保密协议,因此无法过多透露。
傅盛称,近期的业界传闻严重影响了其产品开发计划及融资计划,属于竞争对手的恶意商业竞争行为。
傅盛称,其截图及泄露版本属于“不完全版本”,有损于其产品口碑,泄露可能缘于两个方面:其兼容性测试过程中的种子用户;该公司内部的信息泄露。
据了解, 傅盛于2008年8月离开奇虎360,离职时与该公司签订了18个月的竞业禁止协议,该协议于2010年2月已结束。
实际上,自从傅离开奇虎后即被“盯牢”。自傅盛年初与合作伙伴开始商业洽谈的时候,既有竞争对后开始对其进行恶意“报料”及商业攻击。傅举例称,自年初传 出可牛杀软计划,即接到竞争对手的恐吓信息称将可牛影像作为“流氓软件”加以屏蔽。
傅盛表示,对于用户庞大的奇虎360,有信心获取一定的市场份额,因为目前杀软市场并未被满足,同时“产品为王”,对自己的产品有足够信心。
杀毒!- 难道非要用软件?
预防篇
一、98?ME?2K?XP?Vista!?
操作系统是最需要得到重视的,我估计至少有90%以上的病毒是通过各类操作系统漏洞而感染机器的,因此要想从根源上断掉病毒的根,务必从操作系统入手。我 更情愿将机器抵抗病毒的能力比喻为人的免疫系统,而操作系统正像人类免疫系统的第一级——皮肤,因此选择一款安全的操作系统是非常重要的,下面是我对MS 各操作系统的看法。98和ME已被我列入黑名单,MS实际上已经放弃了对它们的支持,不会再对其安全性做大的升级了,我想它们对于大家来说也没有什么值得 留恋的,正如盖茨曾说的“一晃二十年,形式变了!”但如果你必须要使用,最好的防毒办法就是“物理断开”。网线是一定要拨掉的,光盘、软盘、MP3、移动 硬盘……还是少插为妙。有人要问了,什么都不能用,我还用98/ME干嘛呀?是啊,我也不知道您非要用98/ME干嘛!我推荐使用2K和XP,尤其是 XP。对于目前来讲,XP的安全性还是最高的,微软出任何补丁也是先给XP出。虽然XP有正版验证的问题,但总有办法破解的,下面我会提到。对于新出的 vista,我抱有一定的期望。这一次它的发布又跳票到2007年的1月,可见MS对于其安全性之重视程度。希望在未来的几年,我们会过上高枕无忧,藐视 病毒的日子。要想了解关于各操作系统的安全性的详细介绍,Google一下!不过我们下面还是来说现实的事吧。
二、更新•更新•再更新
如果windows的自动更新它总是跳出来,恭喜你,你的机器中毒的机率已经很小了!让机器的自动更新功能打开,时刻与微软保持一致,你将几乎不可能遭受 到来自互联网的病毒攻击。如果您是新装的操作系统,强烈建议在安装任何程序,访问任何网站之前访问http://www.windowsupdate.com/, 并按照提示安装各类更新,可能在安装的过程中重起,重起后需要再次访问,直到它报告你的机器暂时没有任何可用的更新。这时你的操作系统就是安全的了。但 MS动用的正版优势计划无疑对于我们这些用D版的人来说是严重的打击,然而道高一尺魔高一丈,对于2K来说,正版验证实同虚设,根本不予正视。而XP就比 较讨厌了,前几天MS又强化了验证的有效性,使得靠修改data.dat文件来更新的人一下子手足无措。但令人惊奇的是,MS依然没有封掉JS的调用,我 们依然可以通过调用JS函数的方法来绕过正版验证。方法是先进入更新站点,停在第一个页面应该是有“快速”和“自定义”两个按钮,此时将下面的语法输入地 址栏:java script:void(window.g_sDisableWGACheck='all'),然后按回车,你回惊奇的发现——什么也没有发生。但此时您 应当仰天大笑了,直接点“自定义”看看,根本就没有验证那回事了!另外有些朋友问我,为什么总是不能更新,开始我也觉得很奇怪,因为一切都对路,但总是提 示没有打开那两个讨厌的服务——AutoUpdate&BackTrans——实际上服务正运行着。后来我才发现服务光开着是不行的,还需要将启 动类型设为自动。设定后一切问题都立即烟消云散了。下面我们将面临一个是鸡生蛋还是蛋生鸡的问题,我们所面临的情况是每天都有上百种新病毒或其变种问世, 每一秒种无数的病毒都在伺机对任何可能的端口发动攻击,然而我们才装的机子就像刚出生的小孩,没有任何抵抗能力,想直接去MS更新谈何容易,在更新期间中 毒是再正常不过的事!幸好对于XP和2K来讲都有强大的更新合集,简称SP。希望大家在电脑正常的时候未雨绸缪,从官方下载之,约有一二百兆,可能对于网 速慢的朋友来说比较大,但当您需要重装系统的时候,这是您唯一的“还魂丹”!XP目前是SP2,2K是SP4,注意版本。除了SP,随时下载小更新也是很 必要的,如果你不清楚近期你的机器自动安装了什么更新,可以到控制面版的“添加删除程序”里查一下(注意,XP要点上面那个“显示更新”)。要下载的话, 先记下它们的编号,一般是KBXXXXXX或QXXXXXX,然后到http://www.microsoft.com去搜索这个号就可以得到下载的地址了。这也许对英文有点抱歉的朋友来说是比较麻 烦的事,但国内也有一些网站提供了定期的更新合集下载,可以一试。Google一下!
三、上网=中毒?
网页里经常暗藏杀机,对于机器来说,网页恶意程序是计算机的第二大杀手。我将它比喻为人类的呼吸系统,因为现在计算机不能停止上网就像人类不能停止呼吸一 样,而人类的每一次呼吸都意味着可能染上可怕的疾病,比如时髦的SARS和禽流感。但不知您注意到了没有,我并没有在这里提到病毒二字,因为我这里所说的 只是普通的网站网页,不包括网页上链接的程序,程序的问题下面会讲到。一般来讲网页能做的还没有那么多,顶多是各种脚本写成的恶意程序,并不具有传染性, 因此不能称之为病毒。但千万别小瞧它们,让你的IE病到生不如死还是比较轻松的,他可能会修改你的注册表,让你不能够访问IE的属性;也可能不时弹出/关 上你的光驱,让你惊恐万分;也可能将你在网上的信息散之天下;当然,最可怕的事就是只要你一开机就弹出无数的广告窗口让你无法使用。看到这里的朋友相信有 很多都在咬牙切齿,谁又不是从这一步走过来的呢?当我们有了Maxthon这样的软件,真的一切问题都搞定了,能禁止下载的全部禁止,能屏蔽的广告全部屏 蔽,我不相信单纯的网页又有多大的本事能够冲破Maxthon这个好卫兵的门关!
四、软件是可怕的寄主
如果您按照我上面所讲的内容将最基本的“皮肤”和呼吸这两关打好了预防针,其它的就比较好办了,因为我们致少可以保证在下面进行的查杀毒过程中不会二次中 毒。俗话说“病从口入”,计算机也是这样的,第三道免疫的重点关卡“口”就是我们常用的各类软件。机器装的软件越多越杂,中毒的可能性就越大,因为现在各 类软件就是病毒的最好寄主,尤其是从网页上下载的各种小软件。对于这类病毒攻击其实我也没有太好的办法,实际上,我的机器也常染上一些病毒,但一般的在发 作之前就被我干掉了,因为我清楚的知道我装的软件向我机器上写入的每一字节数据,而做到这一点则需要很多年的经验,对于大多数涉网未深的网友又该如何是好 呢?我想最好的办法还是自己谨慎。有几个原则要说明的,邮件里来的附件一律不要打开;你并没想下载什么而自动跳出来让你下载的一律不要下载;网页上弹出的 诱人的信息问你是否查看的一律要点“否”;凡是弹出来ActiveX要安装如果你不是非常的清楚并有安装的经验一律不要安装(Microsoft除外,那 是自动更新);没有被其它网友推荐过的软件一律不要下载。能做到上面这几个一律的话,我想你已经将机器的第三道免疫关把的很死了。还有一点是不得不提的, 那就是现在流行的一个新词汇——流氓软件。它们并非病毒,也非恶意程序,堂尔皇之的挂上官方的旗号,名正言顺的进驻您的机器,但它们从不干好事。无法干净 的卸载事小,上网经时经常受到骚扰就很讨厌了,它们唯一的目的就是令所谓的“官方”获益。3721、中文上网、百度工具条、网络猪之流正是如此,要获得完 整的流氓软件列表,请Google“流氓软件”。对于我本人来讲,因为业务需要,所以经常要试用一些陌生的软件,这也给病毒攻击带来了机会,然而对于大多 数网友来说,计算机只不过一是台“游戏机”或“家庭影院”,其它能用到的功能用的并不多,因此一份各类软件的推荐列表是很重要的。我会尽快出这样一份列 表,包括我能想得到的各类用途的软件,选出公认最好的一两种,附上官方下载地址,以帮助朋友们为机器把好免疫关。目前您要是想了解对于各类软件哪些是公认 最棒的,还是那句老话:Google一下!
五、光盘、软盘、MP3、移动硬盘……
这是病毒攻击你的最后机会了,因为这些都是硬性插入你的机器而使你的机器得病的,所以我实在不想用人的免疫系统来比喻了,原谅我吧,那太可怕了。如果你的 机器有最新的补丁,我想还是可以放心的打开它们的,只要不随意运行来历不明的程序。不过将所有的自动拨放都关掉还是很必要的!对于2K,自动拨放在设备管 理器中,查看光驱的属性就可以取消。对于XP,在盘符上点右键,进入属性就可以设置,具体操作我不想多说了,那不是本文的重点,请自行Google。另 外,如果你真的对机器的安全性要求很高,那么在你打开这些盘之前,最好还是先用命令提示符进入,看看根目录下有没有可疑的文件。这一步仅限有经验的朋友。
六、系统设置,无懈可击的境界
虽然免疫系统已经万无一失,但人的操作总会出现一些问题,导致病毒有可乘之机。那么从病毒攻击的手段上来讲,我们可以采取一些补救性的措施。将服务列表中 没用的服务全部禁用是非常好的做法,尤其是像Task、Message这类服务是一定要禁用的,因为它们常被病毒所利用!偶尔会用到的服务尽量采用手动启 动,这样会为将来的查毒提供方便。有关各服务的详细说明,网上到处都是,Google一下就可以得到。请朋友们根据自己的需要设定吧!我的服务列表里自动 运行的服务只有二十来个,这已经足够了。另外可能被病毒攻击的地方就是各种即时通讯软件。QQ这样有一定流氓性质的软件,用起来一定要小心,任何人发来的 信息中包括的链接不要随便点,实在要看的话,复制到Maxthon里,在所有屏蔽功能打开的状态下前往,这样您将会得到最有效的安全保障。其它可能会自动 上网更新的软件,尽量设置为不自动更新,有时他们的行为会令你摸不着头脑,甚至会被误判为病毒,为查毒操作带来相当大的干扰。定期去官网更新是最安全的方 式。
到此为止,预防的工作您已经作的很好了,任何的杀毒软件、防火墙(包括XP自带的)你都可以藐视之,并笑傲江湖。但天有不测风雨,再好的免疫系统也有失效 的时候,如果您真的由于操作不慎而导致不幸中招,那就请看下面的查杀篇。记得,查杀只能是一种补救措施,而且任何查杀的措施都只能在预防措施完善的情况下 进行,因此防患于未燃才是最重要的。
查 毒篇
一、 工具
虽然不用杀毒软件,但并不意味着不使用任何工具。要想有效的处理病毒,有两类软件是必不可少的,一是进程管理,二是安装监控。进程管理软件目前最好用的是 ProcessExplorer,Google一搜就有,它是完全免费的,请前往官方网站下载最新版。安装监控软件我并不想给大家推荐完美卸载之流的软 件,因为他们本身都有一定的缺陷,但这类软件对于新手来讲还是必要的,至少可以让你看到一个安装程序运行的每一个细节,以积累一些查毒经验。我推荐使用的 是RegMon软件,它也是完全免费的,并且功能强大,可以随时监控任何程序对注册表进行的任何读、写、创建等操作,这是我们将病毒清理干净的一把利刃, 请前往官方网站下载最新版。以上就是我仅仅推荐的两款软件,都是很小的绿色软件,大家放心使用吧!
二、半自动实时监控
我们对于病毒最大的问题是如何知道病毒程序正在运行,这也是电脑新手面临的最大难题,他们往往借助于各类杀毒软件。但这不仅于事无补,并且会导致你的机器 性能大幅下降。我做过测试,在同样的机器,上同样时长的网,开杀毒软件导致的用电量都将比不开杀毒软件高出30%左右,这太可怕了。众所周知,我国目前的 电能资源极度紧缺……。好,朋友们会问了,不用杀毒软件你怎么知道机器被病毒感染了?我想告诉你的是每一台计算机都有两套天生的病毒警报装置,一套就是机 箱上的HDD端口(硬盘)指示灯。学会观查指示灯状态,听辨硬盘的读盘声是非常重要的,也并不很难。首先我们要明确的知道我们现在正在机器上做什么,用到 的程序是否会大量的读写硬盘。显然,没有任何一种应用软件在使用的时候会从头到尾不停的读写硬盘(磁盘碎片整理程序等除外),事实上运行大多数程序时,绝 大多数时间硬盘也应该只是处于偶尔闪烁一下的状态,包括听歌、看电影、写文档、上网下载甚至是打游戏!但如果硬盘灯在不停的闪,并不断的发出“巨大”的响 声,而你并没有进行很复杂的操作,那你的机器就很可能有危险了。排除检测法是很必要的,当你发现机器的硬盘不正常的运作,请将所运行的程序一个个的关掉, 直到硬盘工作状态缓和下来。这样就很可能发现原来是某一个程序整在干“坏事”,不过当你把所有的程序都关掉时硬盘仍然在不停的运作就是令人感到非常不安的 信号,这时您就应该高度的警惕了!另外一套自动警报装置来自于系统的响应效率。如果你发现你并没有运行什么操作繁杂的程序,但机器却变的很慢,甚至连打开 “我的电脑”都要花一些时间的话,我将不幸的告诉您,您的机器八成是中毒了。效率低也可能分几种情况,比如时不时的顿一下,或着每次开机需要很长时间等, 这都应该引起我们的注意。当然很多病毒在潜伏期是很安静的,对于这种病毒我们又如何才能发现呢?这确实是一个问题,但很有经验的朋友并不会为此感到担心, 因为只要是病毒总会做出一些细小的动作,如果您对你的机算机上任何一个程序的运行过程都了如直掌的话,那病毒隐蔽的再好也不可能逃过你的眼睛。当然这需要 长期积累的经验,没有经验的朋友请看下面的内容吧,一台高效病毒监控仪将会成为病毒最残忍的克星!
三、每一个进程都是我们的朋友
孙子曰“知己知彼,百战不殆”,我们必须认清病毒的真实面目,才能够进行有效的应对措施。病毒也是一种程序,任何病毒的运行都无法脱离进程,因而进程将成 为我们了解病毒的第一手资料!现在要做的就是立即打开ProcessExplorer,它将会列出你机器上正在运行的每一个进程,与进程们做朋友吧,做到 将所有的系统进程的情况都了如直掌。天天打开ProcessExplorer看进程列表,不懂的进程上Google搜,用不了几天您就会达到对病毒一目了 然的境界。相信我,我就是这么过来的,Justdoit!还是说正事,病毒只有两种运行方式,第一种是比较弱的病毒,它会利用一个独立的进程,但有可能伪 装成正常的进程的名字,所以在你查看时一定要仔细核对每一个字母。将re写成er、将I写成l都是它们惯用的手法,不过再怎么伪装还是难逃我们的火眼!一 般CPU占用率很高的,而且你并不清楚的程序就应该被写入你的高危进程列表中。首先应立即对它进行Suspend操作,然后查看它的详细属性核实它所对应 的程序文件是不是你所知道的,如果不能确定就上网查询,这样就可以完全搞清楚它。另一种病毒就比较讨厌了,它并不是单独的进程,而是作为一个动态链接库, 挂到你系统的正常进程底下,这就非常隐蔽,但也是有办法的。对于利用rundll32.exe启动的病毒DLL还是比较容易发现的,只要利用 ProcessExplorer查看rundll32.exe进程到底调用了哪些DLL就可以掌握,最可怕的是挂在IE和Explorer这类进程底下的 DLL插件病毒,这就比较讨厌了。对于它们,我们只能在发现浏览器出现了一些莫名其妙的问题时才能想到去搜查病毒的底细,索性这类病毒比较罕见,并且危害 性并不很大,因为它们的调用依赖浏览器,将浏览器关闭后它们将无法运行。也许很多朋友会说现在浏览器插件到处都是,搞的机器满目狼藉,怎么还能说罕见呢? 注意,您说的那些是恶意程序或流氓软件,不是病毒,它们不具传染性,因为插件的自身的复制是没有意义也不容易用程序实现的。而干掉那些恶意程序和流氓软件 的方法,在后面的章节中我将会提到。
杀 毒篇
一、 屠杀,从进程开始
如果您已经了解了病毒的基本信息,那么查杀他将不是难事。开刀的地方当然还是进程,对病毒进程处以Suspend操作而非简单的Kill是非常必要的,因 为挂起后它将不能执行任何计算机指令,对于您的机算机暂时是完全安全的。Suspend还有另一个好处,那就是彻底干掉再生型病毒。我曾见过一些病毒有两 个或多个进程,相互守望,当一个被关掉,另一个马上又会把它启动起来,和您打时间差的游戏,但这对于Suspend操作就是完全没有效果的了。 ProcessExplorer提供批处理的供能,我们全给他Suspend掉,看他还能怎么样!之后呢您就可以安心地泡上一杯咖啡,然后有条不紊的打开 进程属性,对这个被您完全制服的病毒进行彻底解剖。先看看它调用了那些DLL,这里就很有可能存在它的同伙。有时您可能很难辨认到底哪些DLL是系统的, 哪些是病毒,这里我给您提供两个方法:第一,查看DLL的属性,着重查看版本信息。如果是系统DLL,公司一定会是Microsoft,并且会有详细的版 本信息,不过有些病毒DLL也会用这些东西来伪装,那就得用下面第二种方法了,那就是上Google搜索DLL的文件名,如果那是系统DLL一定可以搜 到,并且你可以得到关于这个DLL的详细信息。但如果搜不到您就要小心了,它很有可能是问题DLL,尤其是在Windows目录下或System32目录 下的DLL,那十有八九都是病毒!如果确认了DLL,您可能需要将这些DLL和EXE的文件名在ProcessExplorer的FindHandel功 能里搜索一下,看看还有没有正藏在其它系统进程后面正偷偷注视着你一举一动的奸细。当你将病毒进程及其同伙的所有信息都掌握,并记录下来后,此时就可以来 个批处理,把进程中的病毒统统杀死。这时您的电脑的内存中就暂时是无毒的了。有一部分病毒进程并不是普通的进程而是系统服务,这时您杀掉它后,还是务必去 服务里禁用它。但要注意,偶尔有些病毒是附加在Explorer的进程中的,作为Explorer的插件,这就稍有些麻烦;还有更麻烦的,那就是病毒附加 在系统服务的进程上,因为这些服务并不能随便关停,这会令我们感到非常苦恼,不过请相信病毒永远是人而不是神编写出来的,有我们这一群为计算机安全执着奋 斗着的人在,胜利永远属于正义的一边!对于处理起来比较麻烦的病毒,我在后文会提到,下面是将比较简单的病毒赶尽杀绝的事。
二、让病毒从目录中滚蛋
我们先得从病毒所在的目录入手,如果病毒像正常的软件一样有自己独立的目录,那么我们可以略微的笑笑了——这个病毒比较弱。检查目录的创建时间就可以知道 您是什么时候染的毒,并可能发现毒从何来。如果它没有自己单独的目录,而是存在于系统目录,那也比较好办,这种病毒的破坏性一般不是很大,您就直接查看它 的属性就可以了解到一切必要的信息。如果它存在于您计算机上的每个目录,那这时候Windows自带的文件搜索功能就派上用场了。尽管它复制的到处都是, 但这种病毒都只有一个主程序文件,且都是一个娘胎生的,文件大小必然一致。打开文件搜索的高级功能,填入EXE文件类型并把文件的大小输入,然后按下回车 键,接着藏在您硬盘每个角落的病毒就会被暴露无疑。利用创建时建排序,您可以发现第一个攻击您机器的病毒了。现在所有的病毒数据文件几本都在眼前了,至少 是病毒能对你发动攻击的主要成分,那么就请大开杀戒吧,把您找到的与任何与病毒相关的EXE、DLL、数据全部删除。不过别做的太绝,留上至少一个EXE 作为标本,将其扩展名改为DAT并用RAR打包,我们以后还用的上。另外还是请您非常的小心谨慎,别把不是病毒的文件给误删了,那可是致命的错误!在处理 完硬盘病毒后,千万不要重起计算机,那可能会导致前功尽弃,因为有的病毒的正身我们并不能如此轻易的找到。如果有些病毒不以EXE的身份出现,而是其它的 比如COM、RAR等,我们的文件尺寸搜索法一样适用,换个扩展名就行了。不过我还是要告诉您一件不幸的事,主程序文件尺寸不一样的病毒现在还没有但并不 代表以后不会有,到那时我们只能用关键数据匹配搜索了。然而Windows的搜索在内容匹配这一块是相当的弱,所以我打算在下一步编写一个这样的小程序, 可以根据关键数据来搜索文件……扯的有点远了,必竟我们现在的形势还是一片大好,病毒还没有想象中的那么强不是吗?最终的胜利就在眼前!
三、对病毒最后的阵地发动总攻
硬盘上的病毒虽然已被我们斩草除根,但更麻烦的事还在等着我们,要知道负隅顽抗的敌人才是最可怕的。病毒的最后阵地在哪呢?无疑就是那传说中的注册表。因 为系统服务的信息都存储在注册表理,我就把服务的内容归类在这一节了。首先应该做的事是仔细检查你的服务列表,仔细核对每一个没有描述的服务,看是否和你 刚结束掉的进程有关。对于中文版Windows的用户来说,查出病毒服务是有一定优势的,原因说来比较可笑,那就是国外写病毒的程序员不懂中文,因此他们 不会用中文的描述来将自己伪装成系统服务。因此对于一切英文描述的服务也应该格外注意。我还见过更狠的病毒,它将系统正常的进程干掉,然后将那个进程的描 述、名称等信息套用在自己身上,伪装的真是天衣无缝。但最终还是露出了马脚,它所对应的EXE文件是完全不对路的。当确保进程是安全的,那我们就可以直接 进入注册表了,先检查系统起动时自动运行的注册项,看有没有可疑的程序。我的经验是在系统启动时基本不运任何程序,真的要运行就放在开始菜单的启动项里, 这样不仅安全,而且可以为你发现病毒带来极大的便利。事实上,长期以来的无数次实践证明,将所有的自动启动项都删除对于机器是没有任何不良影响的。系统本 身不会把关键的启动程序放在那里,对于系统运行最关键的其实是服务。不过当你在这里发现病毒时先不要急于删除键值,您应该将它记录下来,看看它对应的程序 是否已被你备案。然后将病毒程序可能的名字都复制下来,逐个在注册表中搜索,把找到的所有的匹配项全部删掉。不过这样做还是有一定的危险性,我强烈建议您 在删除前导出键值以做备份。在注册表的查杀和扫描工作结束后,我们终于可以长嘘一口气了,因为病毒及其家人很可能已经被我们残忍的屠杀净了。在您再次检查 进程列表确保无误后,就可以重起计算机看看病毒是否会再次发作了。应该不会,呵呵。
四,真正可怕的对手
还记得上面的内容中层经提到过的寄生在浏览器进程或系统服务进程中的病毒吗?它们当之无愧是我们最可怕的敌人,因为一般的杀毒软件对这类病毒根本无效,甚 至它们会将您机器上安装的杀毒软件自动防护系统关闭。然而随着您将他们藏在注册表里的信息清除掉,它们中的大多数在您重起机器后就不会再附加在系统进程上 了,这时就可以按照上面的方法将它们清除,这听起来并不很复杂是吗?但更加令人恐怖的病毒还在后面,那就是病毒在运行的时候对注册表实施了监控,一旦发现 它在注册表里的注册信息被破坏,将会立即复原,使你对注册表的操作无效。对于这样的病毒,我们只能用干净的DOS启动盘启动机器,然后将它的程序文件删 掉,再启动进入Windows,删除它在注册表里的信息。有的朋友会问,为什么不进入安全模式杀毒。当然,在安全模式下绝大多数无用的服务和进程不会被启 动,然而这对于那些丧心病狂的特殊病毒这是无效的,甚至于当它们发现您的机器进入了安全模式后会立即发动最后猛攻,使您的机器彻底瘫痪。虽然这么狠的病毒 对于一般的朋友来说是百年难遇的,但一张多功能的DOS启动光盘必竟会为我们的机器提供多一层的保障,还是常备一张吧!想得到它的话 Google+Nero就可以了。
最后下面一些操作供你参考,怎么去做呢,其实很简单。
1,按装什么东西都要做监控记录。安装软件时用专门的软件对电脑、系统、注册表的每一个更改都被记
录下来。那你还怕什么?
2、对系统作一个快照,随时比较。就是进来一个蚂蚁,都能立刻发现。
3、养成随时查看进程的良好习惯,遇到可疑的家伙,结束它。看看可疑的进程究竟调用了那些模块,确
认无误后删除它。在注册表内搜索到后,一并删除它。注意要确认无误。还要记住备份哦。你也可能说,
我搜索不到啊,或者删除不了啊,怎么办?那么就用冰刃吧,没有什么解决不了的。
4、上网要记得经常清理那些垃圾哦,网上的病毒也可能存在于那里。
做个病毒猎手教你捕获电脑病毒样本
做个病毒猎手教你捕获电脑病毒样本
一、引导型Boot病毒的捕获
引导区类型的病毒提取很简单,首先利用Format A: /S将引导系统文件复制到软盘中,然后再将的硬盘中的一些系统执行文件一同拷贝到软盘中。具体步骤如下:进入MS-DOS方式,格式化一张系统 盘,Format A: /s ,针对不同的系统,请将如下文件拷贝到这同一张软盘之中:
对于Windows3.x:拷贝WindowsSystem下的gdi.exe?rnl286.exe、progman.exe三个文件。
对于Windows 95/98/ME:拷贝WindowsSystem下的gdi.exe、krnl386.exe、progman.exe三个文件。
对于Windows NT、Windows 2000:拷贝WindowsSystem32下的gdi.exe、krnl386.exe、progman.exe三个文件。
如果格式化软盘时出现死机,请按下列步骤提取:请在该软盘的标签上写明“damaged during infected format as boot disk”。针对不同的系统的上列文件,拷贝到不同的软盘中,方法同上。
二、文件型File/Macro病毒的捕获
如果你怀疑病毒是文件型,将C盘根目录下的command.com文件拷贝到软盘上,取名为command,即去掉扩展名。
如果你怀疑病毒是MS Word宏病毒,将C:Program FilesMicrosoft OfficeTemplates目录下的 “normal.dot”文件和C:Program FilesMicrosoft OfficeOfficeStartup 目录内的所有文件拷贝到软盘。
如果你怀疑病毒是MS Excel宏病毒,将XLSTART目录内的所有文件拷贝到软盘。XLSTART位于计算机的多个地方,用Windows搜索功能查找“XLSTART” 找到所有的目录,然后将这些目录下的文件全部拷贝到软盘。
如果你怀疑病毒是PowerPoint宏病毒,做以下操作:打开一个空的Power Point文件,然后把它另存为一个文件,保存类型选为“演示文稿设计模板”,然后将此扩展名为.pot文件拷贝到软盘。
请在该软盘的标签上写明“contains infected files”,并尽量让软盘存入尽可能多的带毒文件。将软盘做成一个影像文件。
三、Trojans病毒的捕获
运行regedit.exe文件打开注册表编辑器。记录下来下面注册项中涉及到的文件。
HKEY_LOCAL_MACHINESoftwareMicrosoft
HKEY_LOCAL_MACHINESoftwareMicrosoft
打开Win.INI文件,将文件中“load=”和“run=”行中涉及的文件记录下来。
按如上信息确定文件名和它们所在的目录,并将这些文件压缩到一个zip文件中。
四、介绍几款病毒工具软件
ClrText.zip:当你提交的病毒是Word或Excel宏病毒时,这个工具软件可以将你的感染文件的内容清除,而只保留宏,从而可以避免你的保密 信息泄露。
SaveMBR.zip:这个工具软件可以将你的感染硬盘的MBR读到一个文件中,然后把文件发送到NAI进行病毒分析。
RWFLOPY.zip:RWFloppy软件可以恢复或生成软盘影像文件。它的作用是当你不想通过邮寄软盘的方式发送病毒样品时,可以用它生成一个影像 文件通过电子邮件发送。特别是对于引导区病毒,由于它隐藏在软盘的80、81扇区,而一般的软件无法读取这两个扇区。
Readt80.zip:为了正确检测BOOT区病毒,我们需要一张包含病毒的软盘。可以通过DOS状态下格式化一张系统软盘来得到:FORMAT /S A:
需要软盘的原因是:引导区病毒通常把自己隐藏在一般DOS软件不能读取的地方(对于1.44M软盘有80个扇区,从0到79,引导区病毒把病毒代码隐藏在 80、81扇区)
如果你用一般的软件来生成一个软盘影像文件,这个影像文件不包含80和81扇区,所以也就无法进行分析病毒。这个软件就是用来把软盘中包含病毒代码的 80、81扇区读出来写到一个文件中去。
SYSU.zip:这个软件用来恢复被多种宏病毒感染的系统。什么是宏?什么是宏病毒?
到底什么是宏呢? 我们把那些能自动执行某种操作的命令统称为“宏”。
宏也是一种操作命令,它和菜单操作命令都是一样的,只是它们对数据库施加作用的时间有所不同,作用时的条件也有所不同。菜单命令一般用在数据库的设计 过程中,而宏命令则用在数据库的执行过程中。菜单命令必须由使用者来施加这个操作,而宏命令则可以在数据库中自动执行。
在ACCESS中,一共有五十三种基本宏操作,这些基本操作还可以组合成很多其他的“宏组”操作。在使用中,我们很少单独使用这个或那个基本宏命令, 常常是将这些命令排成一组,按照顺序执行,以完成一种特定任务。这些命令可以通过窗体中控件的某个事件操作来实现,或在数据库的运行过程中自动来实现。
事件操作即像“单击”按钮、“双击”列表选项这些行为都是对控件的事件操作。所以我们常常会听到别人说“单击‘某某’按钮执行‘某某宏命令’”,就是 这个意思。
什么是宏病毒
宏,译自英文单词Macro。宏是微软公司为其OFFICE软件包设计的一个特殊功能,软件设计者为了让人们在使用软件进行工作时,避免一再地重复相同的 动作而设计出来的一种工具,它利用简单的语法,把常用的动作写成宏,当在工作时,就可以直接利用事先编好的宏自动运行,去完成某项特定的任务,而不必再重 复相同的动作,目的是让用户文档中的一些任务自动化。
OFFICE中的WORD和EXCEL都有宏。Word便为大众事先定义一个共用的通用模板(Normal.dot),里面包含了基本的宏。只要一启动 Word,就会自动运行Normal.dot文件。如果在Word中重复进行某项工作,可用宏使其自动执行。Word提供了两种创建宏的方法:宏录制器和 Visual Basic编辑器。宏将一系列的Word命令和指令组合在一起,形成一个命令,以实现任务执行的自动化。在默认的情况下,Word将宏存贮在 Normal模板中,以便所有的Word文档均能使用,这一特点几乎为所有的宏病毒所利用。
如果撰写了有问题的宏,感染了通用模板(Normal.dot),那么只要一执行Word,这个受感染的通用模板便会传播到之后所编辑的文档中去,如果其 他用户打开了感染病毒的文档,宏病毒又会转移到他的计算机上。
这就是我们日常所说的寄存在文档或模板的宏中的计算机宏病毒。
一般宏病毒具有传播极快,制作、变种方便,破坏可能性极大,宏病毒的兼容性不高等特点,目前的杀毒软件都能有效的防治和清除宏病毒。
一、怎样进行宏设置 Excel2000一般已将宏的安全性初始设置为“中”,但Excel2003却设置为“高”。我们的软件应在设为“中”的情况下才能正常使用。如果您在 打开(启动)我们的软件时,没有出现“是否启用宏”的提示
一、怎样进行宏设置
Excel2000一般已将宏的安全性初始设置为“中”,但Excel2003却设置为“高”。我们的软件应在设为“中”的情况下才能正常使用。如果您在 打开(启动)我们的软件时,没有出现“是否启用宏”的提示,说明您的Excel已将宏的安全性设置为“高”,应改为“中”,更改方法是:
1.打开Excel,点“工具”>;“宏”>;“安全性”(见下图):
2.点选“中”(见下图):
遇到病毒/木马等恶意程序时常要的操作[给新手]
1.如何清空IE临时文件
首先 打开IE浏览器,选择[工具]展开菜单,单击[Internet 选项],单击[删除文件],就可以顺利删除IE临时文件.
2.如何显示所有文件和文件夹?
双击[我的电脑],选择[工具]展开菜单,单击[文件夹选项],单击[查看],勾上[显示所有文件和文件 夹],把[隐藏受保护的操作系统文件(推荐)]去掉勾.再按[确定]按钮即可.
3.如何禁用/关闭[系统还原]功能?
[我的电脑]右键单击,展开菜单单击[属性],单击[系统还原]按钮,把[在所有驱动器上关闭系统还原]勾上,再按 [确定]按钮即可.
4.如何进入安全模式?
开启计算机(如果计算机正在运行,就请重新启动计算机)
Windows Xp 进入安全模式方法:
在计算机开启BIOS加载完之后,迅速按下F8键,在出现的WindowsXP高级选项菜单中回车按下[安全模式].
Windows 2000 进入安全模式方法:
启动Windows2000时,当看到白色箭头的进度条,按下F8键,出现Windows2000高级选项菜单中回车按下[安全模式].
Windows98/Me 进入安全模式方法:
启动Windows98/Me时,当出现[Starting Windows 98]的时候,迅速按下F8键,按下启动菜单中选择第三项[Safe Mode].
5.如何修复文件关联?
http://www.dougknox.com/xp/file_assoc.htm
在以上的网站,下载所需要修复关联的 reg,下载后双击导入,即可修复该关联.
6.如何禁用某个Windows 服务?
双击[我的电脑],双击[控制面板],双击[管理工具],双击[服务],即可看见所有WINDOWS的服 务,双击某个需要禁用的服务, 把[启动类型]设置为[已禁用],把[服务状态]设置为[停止],即可.
如果在服务列表看不见所要禁用的服务(某些病毒的服务是看不到的).
我们可以在[开始],[运行],输入[regedit],打开注册表编辑器,展开HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Services
找到服务的名称,单击,看右边,修改:ErrorControl,修改键值为1(0是允许).
7.如何删除一些不能删除的文件?
有时候,清除病毒的时候,会遇到删除不到的文件,这时候就需要利用一些软件来删除,或者进入安全模式直接删除,这里介 绍一下软件删除.我们利用到的软件就是killbox.
http://download.pchome.net/utility/antivirus/others/19347.html
这里下载killbox,解压缩,双击打开运行,
确认了要删除的文件,再填上文件的完整路径,或通过游览选中此文件,然后在单击旁边的红x.(某些文件可能需要重启电脑)
8.如何简单快捷使用 HijackThis 扫描系统?
1.下载最新官方版本HijackThis 1.99.1:
http://www.merijn.org/files/hijackthis.zip
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
2.解开hijackthis.zip,运行HijackThis.exe
3.点击 Do a system scan and save a logfile
4.扫瞄完成后,一个记事本弹出来,你可以把里面的Log发上来,供高手分析.
9.如何简单快捷使用 System Repair Engineer 扫描系统?
下载 最新官方版本 System Repair Engineer 2.0.12.350:
http://www.kztechs.com/sreng/download.html
使用方法: 解压到随意文件夹,运行SREng.exe,点击"智能扫描"->"扫描"->"保存报告".然后把报告发上来供高手分析.
10.如何快捷查看启动项目?
[开始]--->[运行]--->输入"msconfig",不带引号--->点击[启 动]--->即可查看启动项目.[通过这步操作,也可以查看服务项目,以及其它]
11. 如何快捷查看服务项目?
[开始]--->[运 行]--->输入"services.msc",不带引号.便可查看服务列表,指导服务启动关闭状态,对服务的启动,停止,手动等操作.
13.如何快捷打开注册表编辑器?
[开始]--->[运行]--->输入"regedit",不带引号,便可对注册表进行写,删除,添加等 动作,如果不熟悉,请别乱操作,否则可能会导致Windows崩溃!
“灰鸽子”病毒发布新品 所有应用软件恐变后门
近日,瑞星反病毒实验室发现一类全新的 “灰鸽子”后门病毒——“灰鸽子2010”。该类病毒一改植入病毒服务的传统手 段,通过替换常用应用软件的文件, 将所有应用软件变成病毒挡箭牌,使用户在打开貌 似正常的软件时运行后门,从而使电脑成为黑客 手中肉鸡,丢失全部隐私。近段时间利用“艳照”传播的大部分病毒都是最新“灰鸽子2010”及其变种。
“灰鸽子2010”与传统的“灰鸽子家族”病毒最大区别在于:传统“灰鸽子”病毒主要手段是在用户电脑中安装病毒服务然后进行远程控制,而最新“灰鸽 子2010”则是通过替换用户电脑中的所有软件文件,并且复制正常软件图标进行伪装,当用户点击仿冒软件图标时病毒便自动启动,从而获取用户信息。目前, 瑞星杀毒软件的木马行为防御功能,可提前查杀“灰鸽子2010”的各类变种,保护用户电脑安全。
病毒运行后,首先会检查电脑当前正在执行的常用软件进程,随后将这些进程重命名为“原名称+空格.exe”或者去掉.exe的扩展名,同时将病毒复制 成正常软件名称,并使用原程的图标,使用户无法分辨。用户运行被篡改的程序时,病毒随即启动,为加强伪装,病毒还会打开正常软件,使用户感觉不到异常。
瑞星安全专家介绍,“灰鸽子2010”运行后,会连接黑客远程 服务器, 接受黑客指令,下载盗号木马、感染型病毒或其他恶意程序,盗取用户账号密码信息、用户隐私信息、记录键盘输入、屏幕截图、进程列表等信息,将其发送到黑客 指定地址。将用户隐私完全曝光在互联网上, 成为一台肉鸡。
瑞星安全专家提醒用户, 上网时一定要 开启专业级的杀毒软件。瑞星杀毒软件2010版中的“防挂马”和“木马行为防御”功能可有拦截、查杀此类病毒。瑞星最新产品下载试用:http://rsdownload.rising.com.cn/for_down/rsfree10/rav1471771.exe
附:灰鸽子后门简介。
灰鸽子是国内一款著名后门。比起前辈冰河、黑洞来,灰鸽子可以说是国内后门的集大成者。其丰富而强大的功能、灵活多变的操作、良好的隐藏性使其他后门 都相形见绌。 客 户端简易便捷的操作使刚入门的初学者都能充当黑客。当使用在合法情况下时,灰鸽子是一款优秀的远程控制软件。但如果拿它做一些非法的事,灰 鸽子就成了很强大的黑客工具。这就好比火药,用在不同的场合,给人类带来不同的影响。
“灰鸽子2010”与传统的“灰鸽子家族”病毒最大区别在于:传统“灰鸽子”病毒主要手段是在用户电脑中安装病毒服务然后进行远程控制,而最新“灰鸽 子2010”则是通过替换用户电脑中的所有软件文件,并且复制正常软件图标进行伪装,当用户点击仿冒软件图标时病毒便自动启动,从而获取用户信息。目前, 瑞星杀毒软件的木马行为防御功能,可提前查杀“灰鸽子2010”的各类变种,保护用户电脑安全。
病毒运行后,首先会检查电脑当前正在执行的常用软件进程,随后将这些进程重命名为“原名称+空格.exe”或者去掉.exe的扩展名,同时将病毒复制 成正常软件名称,并使用原程的图标,使用户无法分辨。用户运行被篡改的程序时,病毒随即启动,为加强伪装,病毒还会打开正常软件,使用户感觉不到异常。
瑞星安全专家介绍,“灰鸽子2010”运行后,会连接黑客远程 服务器, 接受黑客指令,下载盗号木马、感染型病毒或其他恶意程序,盗取用户账号密码信息、用户隐私信息、记录键盘输入、屏幕截图、进程列表等信息,将其发送到黑客 指定地址。将用户隐私完全曝光在互联网上, 成为一台肉鸡。
瑞星安全专家提醒用户, 上网时一定要 开启专业级的杀毒软件。瑞星杀毒软件2010版中的“防挂马”和“木马行为防御”功能可有拦截、查杀此类病毒。瑞星最新产品下载试用:http://rsdownload.rising.com.cn/for_down/rsfree10/rav1471771.exe
附:灰鸽子后门简介。
灰鸽子是国内一款著名后门。比起前辈冰河、黑洞来,灰鸽子可以说是国内后门的集大成者。其丰富而强大的功能、灵活多变的操作、良好的隐藏性使其他后门 都相形见绌。 客 户端简易便捷的操作使刚入门的初学者都能充当黑客。当使用在合法情况下时,灰鸽子是一款优秀的远程控制软件。但如果拿它做一些非法的事,灰 鸽子就成了很强大的黑客工具。这就好比火药,用在不同的场合,给人类带来不同的影响。
桌面的快捷方式中病毒的解决方法
1、清除桌面快捷方式:
点开始菜单->运行 cd 桌面”,然后输入attrib –h –r –s *.lnk,将所有快捷方式文件属性改为可读写(这样快捷方式才可以修改。), 退出dos窗口 ,针对IE图标的快捷方式可以直接删除,
HKEY_CLASSES_ROOT\lnkfile\shellopencommand,然后将整个lnkfile处按delete删除。
3、删除病毒文件:需要经验。
巧妙从进程中判断出病毒和木马
任何病毒和木马存在于系统中,都无法彻底和进程脱离关系,即使采用了隐藏技术,也还是能够从进程中找到蛛丝马迹,因此,查看系统中活动的进程成为我们检测病毒木马最直接的方法。但是系统中同时运行的进程那么多,哪些是正常的系统进程,哪些是木马的进程,而经常被病毒木马假冒的系统进程在系统中又扮演着什么角色呢?请看本文。
病毒进程隐藏三法
当我们确认系统中存在病毒,但是通过“任务管理器”查看系统中的进程时又找不出异样的进程,这说明病毒采用了一些隐藏措施,总结出来有三法:
1.以假乱真
系统中的正常进程有:svchost.exe、explorer.exe、iexplore.exe、winlogon.exe等,可能你发现过系统中存在这样的进程:svch0st.exe、explore.exe、iexplorer.exe、winlogin.exe。对比一下,发现区别了么?这是病毒经常使用的伎俩,目的就是迷惑用户的眼睛。通常它们会将系统中正常进程名的o改为0,l改为i,i改为j,然后成为自己的进程名,仅仅一字之差,意义却完全不同。又或者多一个字母或少一个字母,例如explorer.exe和iexplore.exe本来就容易搞混,再出现个 iexplorer.exe就更加混乱了。如果用户不仔细,一般就忽略了,病毒的进程就逃过了一劫。
2.偷梁换柱
如果用户比较心细,那么上面这招就没用了,病毒会被就地正法。于是乎,病毒也学聪明了,懂得了偷梁换柱这一招。如果一个进程的名字为 svchost.exe,和正常的系统进程名分毫不差。那么这个进程是不是就安全了呢?非也,其实它只是利用了“任务管理器”无法查看进程对应可执行文件这一缺陷。我们知道svchost.exe进程对应的可执行文件位于“C:\WINDOWS\system32”目录下(Windows2000则是C: \WINNT\system32目录),如果病毒将自身复制到“C:\WINDOWS\”中,并改名为svchost.exe,运行后,我们在“任务管理器”中看到的也是svchost.exe,和正常的系统进程无异。你能辨别出其中哪一个是病毒的进程吗?
3.借尸还魂
除了上文中的两种方法外,病毒还有一招终极大法——借尸还魂。所谓的借尸还魂就是病毒采用了进程插入技术,将病毒运行所需的dll文件插入正常的系统进程中,表面上看无任何可疑情况,实质上系统进程已经被病毒控制了,除非我们借助专业的进程检测工具,否则要想发现隐藏在其中的病毒是很困难的。
系统进程解惑
上文中提到了很多系统进程,这些系统进程到底有何作用,其运行原理又是什么?下面我们将对这些系统进程进行逐一讲解,相信在熟知这些系统进程后,就能成功破解病毒的“以假乱真”和“偷梁换柱”了。
svchost.exe
常被病毒冒充的进程名有:svch0st.exe、schvost.exe、scvhost.exe。随着Windows系统服务不断增多,为了节省系统资源,微软把很多服务做成共享方式,交由svchost.exe进程来启动。而系统服务是以动态链接库(DLL)形式实现的,它们把可执行程序指向 scvhost,由cvhost调用相应服务的动态链接库来启动服务。我们可以打开“控制面板”→“管理工具”→服务,双击其中“ClipBook”服务,在其属性面板中可以发现对应的可执行文件路径为“C:\WINDOWS\system32\clipsrv.exe”。再双击“Alerter”服务,可以发现其可执行文件路径为“C:\WINDOWS\system32\svchost.exe -k LocalService”,而“Server”服务的可执行文件路径为“C:\WINDOWS\system32\svchost.exe -k netsvcs”。正是通过这种调用,可以省下不少系统资源,因此系统中出现多个svchost.exe,其实只是系统的服务而已。
在Windows2000系统中一般存在2个svchost.exe进程,一个是RPCSSRemoteProcedureCall)服务进程,另外一个则是由很多服务共享的一个svchost.exe;而在WindowsXP中,则一般有4个以上的svchost.exe服务进程。如果 svchost.exe进程的数量多于5个,就要小心了,很可能是病毒假冒的,检测方法也很简单,使用一些进程管理工具,例如Windows优化大师的进程管理功能,查看svchost.exe的可执行文件路径,如果在“C:\WINDOWS\system32”目录外,那么就可以判定是病毒了。
explorer.exe
常被病毒冒充的进程名有:iexplorer.exe、expiorer.exe、explore.exe。explorer.exe就是我们经常会用到的“资源管理器”。如果在“任务管理器”中将explorer.exe进程结束,那么包括任务栏、桌面、以及打开的文件都会统统消失,单击“任务管理器”→“文件”→“新建任务”,输入“explorer.exe”后,消失的东西又重新回来了。explorer.exe进程的作用就是让我们管理计算机中的资源。
explorer.exe进程默认是和系统一起启动的,其对应可执行文件的路径为“C:\Windows”目录,除此之外则为病毒。
iexplore.exe
常被病毒冒充的进程名有:iexplorer.exe、iexploer.exeiexplorer.exe进程和上文中的explorer.exe 进程名很相像,因此比较容易搞混,其实iexplorer.exe是Microsoft Internet Explorer所产生的进程,也就是我们平时使用的IE浏览器。知道作用后辨认起来应该就比较容易了,iexplorer.exe进程名的开头为 “ie”,就是IE浏览器的意思。
iexplore.exe进程对应的可执行程序位于C:\ProgramFiles\InternetExplorer目录中,存在于其他目录则为病毒,除非你将该文件夹进行了转移。此外,有时我们会发现没有打开IE浏览器的情况下,系统中仍然存在iexplore.exe进程,这要分两种情况:1. 病毒假冒iexplore.exe进程名。2.病毒偷偷在后台通过iexplore.exe干坏事。因此出现这种情况还是赶快用杀毒软件进行查杀吧。
rundll32.exe
常被病毒冒充的进程名有:rundl132.exe、rundl32.exe。rundll32.exe在系统中的作用是执行DLL文件中的内部函数,系统中存在多少个Rundll32.exe进程,就表示Rundll32.exe启动了多少个的DLL文件。其实rundll32.exe我们是会经常用到的,他可以控制系统中的一些dll文件,举个例子,在“命令提示符”中输入“rundll32.exe user32.dll,LockWorkStation”,回车后,系统就会快速切换到登录界面了。rundll32.exe的路径为 “C:\Windows\system32”,在别的目录则可以判定是病毒。
spoolsv.exe
常被病毒冒充的进程名有:spoo1sv.exe、spolsv.exe。spoolsv.exe是系统服务“Print Spooler”所对应的可执行程序,其作用是管理所有本地和网络打印队列及控制所有打印工作。如果此服务被停用,计算机上的打印将不可用,同时 spoolsv.exe进程也会从计算机上消失。如果你不存在打印机设备,那么就把这项服务关闭吧,可以节省系统资源。停止并关闭服务后,如果系统中还存在spoolsv.exe进程,这就一定是病毒伪装的了。
限于篇幅,关于常见进程的介绍就到这里,我们平时在检查进程的时候如果发现有可疑,只要根据两点来判断:
1.仔细检查进程的文件名;
2.检查其路径。
通过这两点,一般的病毒进程肯定会露出马脚。
找个管理进程的好帮手
系统内置的“任务管理器”功能太弱,肯定不适合查杀病毒。因此我们可以使用专业的进程管理工具,例如Procexp。Procexp可以区分系统进程和一般进程,并且以不同的颜色进行区分,让假冒系统进程的病毒进程无处可藏。
运行Procexp后,进程会被分为两大块,“System Idle Process”下属的进程属于系统进程,
explorer.exe”下属的进程属于一般进程。我们介绍过的系统进程svchost.exe、winlogon.exe等都隶属于 “System Idle Process”,如果你在“explorer.exe”中发现了svchost.exe,那么不用说,肯定是病毒冒充的。
病毒进程隐藏三法
当我们确认系统中存在病毒,但是通过“任务管理器”查看系统中的进程时又找不出异样的进程,这说明病毒采用了一些隐藏措施,总结出来有三法:
1.以假乱真
系统中的正常进程有:svchost.exe、explorer.exe、iexplore.exe、winlogon.exe等,可能你发现过系统中存在这样的进程:svch0st.exe、explore.exe、iexplorer.exe、winlogin.exe。对比一下,发现区别了么?这是病毒经常使用的伎俩,目的就是迷惑用户的眼睛。通常它们会将系统中正常进程名的o改为0,l改为i,i改为j,然后成为自己的进程名,仅仅一字之差,意义却完全不同。又或者多一个字母或少一个字母,例如explorer.exe和iexplore.exe本来就容易搞混,再出现个 iexplorer.exe就更加混乱了。如果用户不仔细,一般就忽略了,病毒的进程就逃过了一劫。
2.偷梁换柱
如果用户比较心细,那么上面这招就没用了,病毒会被就地正法。于是乎,病毒也学聪明了,懂得了偷梁换柱这一招。如果一个进程的名字为 svchost.exe,和正常的系统进程名分毫不差。那么这个进程是不是就安全了呢?非也,其实它只是利用了“任务管理器”无法查看进程对应可执行文件这一缺陷。我们知道svchost.exe进程对应的可执行文件位于“C:\WINDOWS\system32”目录下(Windows2000则是C: \WINNT\system32目录),如果病毒将自身复制到“C:\WINDOWS\”中,并改名为svchost.exe,运行后,我们在“任务管理器”中看到的也是svchost.exe,和正常的系统进程无异。你能辨别出其中哪一个是病毒的进程吗?
3.借尸还魂
除了上文中的两种方法外,病毒还有一招终极大法——借尸还魂。所谓的借尸还魂就是病毒采用了进程插入技术,将病毒运行所需的dll文件插入正常的系统进程中,表面上看无任何可疑情况,实质上系统进程已经被病毒控制了,除非我们借助专业的进程检测工具,否则要想发现隐藏在其中的病毒是很困难的。
系统进程解惑
上文中提到了很多系统进程,这些系统进程到底有何作用,其运行原理又是什么?下面我们将对这些系统进程进行逐一讲解,相信在熟知这些系统进程后,就能成功破解病毒的“以假乱真”和“偷梁换柱”了。
svchost.exe
常被病毒冒充的进程名有:svch0st.exe、schvost.exe、scvhost.exe。随着Windows系统服务不断增多,为了节省系统资源,微软把很多服务做成共享方式,交由svchost.exe进程来启动。而系统服务是以动态链接库(DLL)形式实现的,它们把可执行程序指向 scvhost,由cvhost调用相应服务的动态链接库来启动服务。我们可以打开“控制面板”→“管理工具”→服务,双击其中“ClipBook”服务,在其属性面板中可以发现对应的可执行文件路径为“C:\WINDOWS\system32\clipsrv.exe”。再双击“Alerter”服务,可以发现其可执行文件路径为“C:\WINDOWS\system32\svchost.exe -k LocalService”,而“Server”服务的可执行文件路径为“C:\WINDOWS\system32\svchost.exe -k netsvcs”。正是通过这种调用,可以省下不少系统资源,因此系统中出现多个svchost.exe,其实只是系统的服务而已。
在Windows2000系统中一般存在2个svchost.exe进程,一个是RPCSSRemoteProcedureCall)服务进程,另外一个则是由很多服务共享的一个svchost.exe;而在WindowsXP中,则一般有4个以上的svchost.exe服务进程。如果 svchost.exe进程的数量多于5个,就要小心了,很可能是病毒假冒的,检测方法也很简单,使用一些进程管理工具,例如Windows优化大师的进程管理功能,查看svchost.exe的可执行文件路径,如果在“C:\WINDOWS\system32”目录外,那么就可以判定是病毒了。
explorer.exe
常被病毒冒充的进程名有:iexplorer.exe、expiorer.exe、explore.exe。explorer.exe就是我们经常会用到的“资源管理器”。如果在“任务管理器”中将explorer.exe进程结束,那么包括任务栏、桌面、以及打开的文件都会统统消失,单击“任务管理器”→“文件”→“新建任务”,输入“explorer.exe”后,消失的东西又重新回来了。explorer.exe进程的作用就是让我们管理计算机中的资源。
explorer.exe进程默认是和系统一起启动的,其对应可执行文件的路径为“C:\Windows”目录,除此之外则为病毒。
iexplore.exe
常被病毒冒充的进程名有:iexplorer.exe、iexploer.exeiexplorer.exe进程和上文中的explorer.exe 进程名很相像,因此比较容易搞混,其实iexplorer.exe是Microsoft Internet Explorer所产生的进程,也就是我们平时使用的IE浏览器。知道作用后辨认起来应该就比较容易了,iexplorer.exe进程名的开头为 “ie”,就是IE浏览器的意思。
iexplore.exe进程对应的可执行程序位于C:\ProgramFiles\InternetExplorer目录中,存在于其他目录则为病毒,除非你将该文件夹进行了转移。此外,有时我们会发现没有打开IE浏览器的情况下,系统中仍然存在iexplore.exe进程,这要分两种情况:1. 病毒假冒iexplore.exe进程名。2.病毒偷偷在后台通过iexplore.exe干坏事。因此出现这种情况还是赶快用杀毒软件进行查杀吧。
rundll32.exe
常被病毒冒充的进程名有:rundl132.exe、rundl32.exe。rundll32.exe在系统中的作用是执行DLL文件中的内部函数,系统中存在多少个Rundll32.exe进程,就表示Rundll32.exe启动了多少个的DLL文件。其实rundll32.exe我们是会经常用到的,他可以控制系统中的一些dll文件,举个例子,在“命令提示符”中输入“rundll32.exe user32.dll,LockWorkStation”,回车后,系统就会快速切换到登录界面了。rundll32.exe的路径为 “C:\Windows\system32”,在别的目录则可以判定是病毒。
spoolsv.exe
常被病毒冒充的进程名有:spoo1sv.exe、spolsv.exe。spoolsv.exe是系统服务“Print Spooler”所对应的可执行程序,其作用是管理所有本地和网络打印队列及控制所有打印工作。如果此服务被停用,计算机上的打印将不可用,同时 spoolsv.exe进程也会从计算机上消失。如果你不存在打印机设备,那么就把这项服务关闭吧,可以节省系统资源。停止并关闭服务后,如果系统中还存在spoolsv.exe进程,这就一定是病毒伪装的了。
限于篇幅,关于常见进程的介绍就到这里,我们平时在检查进程的时候如果发现有可疑,只要根据两点来判断:
1.仔细检查进程的文件名;
2.检查其路径。
通过这两点,一般的病毒进程肯定会露出马脚。
找个管理进程的好帮手
系统内置的“任务管理器”功能太弱,肯定不适合查杀病毒。因此我们可以使用专业的进程管理工具,例如Procexp。Procexp可以区分系统进程和一般进程,并且以不同的颜色进行区分,让假冒系统进程的病毒进程无处可藏。
运行Procexp后,进程会被分为两大块,“System Idle Process”下属的进程属于系统进程,
explorer.exe”下属的进程属于一般进程。我们介绍过的系统进程svchost.exe、winlogon.exe等都隶属于 “System Idle Process”,如果你在“explorer.exe”中发现了svchost.exe,那么不用说,肯定是病毒冒充的。
2010年5月17日星期一
May 14 Kaspersky KEY (KIS9.0)
Give you updates to this, I hope you download the happy Oh, what our proposals also please leave a message oh message bar.
File download Address:
http://code.google.com/p/ahong5188/downloads/detail?name=Kaspersky-KEY-KIS9.rar&can=2&q=#makechanges
File download Address:
http://code.google.com/p/ahong5188/downloads/detail?name=Kaspersky-KEY-KIS9.rar&can=2&q=#makechanges
2010, the latest ranking of Antivirus Software
1. G-Data Antivirus 2010
2. Symantec Norton Antivirus 2010(诺顿)
3. Kaspersky Lab Anti-Virus 2010(卡巴斯基)
4. BitDefender Antivirus 2010
5. Panda Antivirus Pro 2010(熊猫卫士)
6. F-Secure Anti-Virus 2010
7. Avira AntiVir Premium(小红伞)
8. Trend Micro AntiVirus Plus AntiSpyware 2010(趋势科技)
9. Eset Nod32 Antivirus 4
10. McAfee Antivirus Plus 2010
11. Alwil Avast! 4.8 Professional Edition
2. Symantec Norton Antivirus 2010(诺顿)
3. Kaspersky Lab Anti-Virus 2010(卡巴斯基)
4. BitDefender Antivirus 2010
5. Panda Antivirus Pro 2010(熊猫卫士)
6. F-Secure Anti-Virus 2010
7. Avira AntiVir Premium(小红伞)
8. Trend Micro AntiVirus Plus AntiSpyware 2010(趋势科技)
9. Eset Nod32 Antivirus 4
10. McAfee Antivirus Plus 2010
11. Alwil Avast! 4.8 Professional Edition
"Cup with the desktop," Trojan horses wreaked havoc
Recently, a number of the user's computer desktop problems have emerged. According to computer analysis of anti-virus experts, this is a recently named "Cup with the desktop," the Trojan horse virus caused.
Rising through "cloud security" virus samples library depth analysis of this virus was found, the user describes the phenomenon is Trojan.Script.VBS.StartPage.gu ("Cup with Desktop" Trojan) trace the ghost, the user may be in the downloaded some pirated games or software, infected with the virus. Virus running, load the virus script file using the system, tamper with all the shortcuts on the desktop, allowing users to click the icon looks like a normal, run the virus, to visit a malicious hacker designated site navigation. Security experts suggest that users not to download unknown unsolicited information, timely anti-virus software upgrade to the latest version.
Rising through "cloud security" virus samples library depth analysis of this virus was found, the user describes the phenomenon is Trojan.Script.VBS.StartPage.gu ("Cup with Desktop" Trojan) trace the ghost, the user may be in the downloaded some pirated games or software, infected with the virus. Virus running, load the virus script file using the system, tamper with all the shortcuts on the desktop, allowing users to click the icon looks like a normal, run the virus, to visit a malicious hacker designated site navigation. Security experts suggest that users not to download unknown unsolicited information, timely anti-virus software upgrade to the latest version.
Bai Yujia entrance site was implanted Trojan
360 Security Center yesterday disclosed a malicious web page monitoring data shows that with the entrance into the countdown, hackers take the opportunity to spread Trojans. According to the 11th day of monitoring, the domestic horse's entrance was implanted over 122 sites, involving online entrance counseling, review the information on the page. This trend is expected to share Malaysia will continue hanging, candidates and parents must be open while browsing Anti-Trojan.
Microblogging into new ways to spread the virus hacker
As the latest Internet communication, microblogging to a highly open, randomness, real-time sharing of the characteristics of concern. With the rapid growth of micro-Bo user, network hackers sniffed inside the enormous business opportunities to black hands toward the beginning of this emerging online media.
Currently several micro-Bo on the portal, there have been varying degrees of both hackers release fishing sites, linked to the phenomenon of horse links, hackers use microblogging huge popularity, luring those who fall into the trap of concern, take the opportunity to steal the microblogging accounts password and personal information related to privacy, in order to gain illegal benefits. Even hackers use to steal account login microblogging to bloggers as profit from the publication of false news.
Anti-virus experts have warned that the general micro-Bo user, visit the micro-Bouche Do not click on unknown sites and links, gullible unknown information, be sure to click on exit button in the security exit. Regular cleaning Internet history traces, clear log automatically records when the micro-Bo the user name and password, do not give hackers an opportunity.
Currently several micro-Bo on the portal, there have been varying degrees of both hackers release fishing sites, linked to the phenomenon of horse links, hackers use microblogging huge popularity, luring those who fall into the trap of concern, take the opportunity to steal the microblogging accounts password and personal information related to privacy, in order to gain illegal benefits. Even hackers use to steal account login microblogging to bloggers as profit from the publication of false news.
Anti-virus experts have warned that the general micro-Bo user, visit the micro-Bouche Do not click on unknown sites and links, gullible unknown information, be sure to click on exit button in the security exit. Regular cleaning Internet history traces, clear log automatically records when the micro-Bo the user name and password, do not give hackers an opportunity.
"Picture" back door the temptation to be careful Big Figure
Virus broadcast
According to anti-virus experts, was intercepted in a recent use of "image" spread the hacker back door, because the virus uses tempting to lure users to click on the name, together with ordinary users that the "image" files generally will not cause the virus, the virus can lead to infection of a large area, Enables users to remotely control the computer by hackers constantly "taking" personal privacy and the account password and other information.
It is reported that "picture backdoor" virus sends itself disguised as a picture file, confuse the user clicks. User opens the "image", the virus is activated, will start the IE browser, computer background, hidden IE window so users can not detect, then the virus will be injected into IE process, enabling users to remotely control the computer hackers to accept instructions. As the virus is camouflaged image file icon, it may allow users to decrease vigilance
According to anti-virus experts, was intercepted in a recent use of "image" spread the hacker back door, because the virus uses tempting to lure users to click on the name, together with ordinary users that the "image" files generally will not cause the virus, the virus can lead to infection of a large area, Enables users to remotely control the computer by hackers constantly "taking" personal privacy and the account password and other information.
It is reported that "picture backdoor" virus sends itself disguised as a picture file, confuse the user clicks. User opens the "image", the virus is activated, will start the IE browser, computer background, hidden IE window so users can not detect, then the virus will be injected into IE process, enabling users to remotely control the computer hackers to accept instructions. As the virus is camouflaged image file icon, it may allow users to decrease vigilance
Guard against viruses masquerading picture files
Time :2010-5-17 9:06:03 Author: Source: Beijing Times
Rising With the recent interception of a "picture" the spread of hacker back door, because the virus uses very tempting to lure users to click on the name, resulting in a large area infected with the virus.
Concerned about the virus this week: "Picture the back door (Backdoor.Win32.ECode.rp)". The virus is written in easy language hacker back door, the virus will itself disguised as a picture file, confuse the user clicks. User opens the "image", the virus is activated, then the virus will be injected into the IE process, enabling users to computer hackers remote control instructions received.
Prevention: 1. Use the "Rising full-featured security software 2010", effectively preventing the dissemination through the website linked to horse virus; 2. Kaka Internet Security Assistant 6.2 installed automatically fix vulnerabilities; 3. Can call Customer Service Hotline 400-660-8866 consultation, visit http://csc.rising.com.cn for help.
Rising With the recent interception of a "picture" the spread of hacker back door, because the virus uses very tempting to lure users to click on the name, resulting in a large area infected with the virus.
Concerned about the virus this week: "Picture the back door (Backdoor.Win32.ECode.rp)". The virus is written in easy language hacker back door, the virus will itself disguised as a picture file, confuse the user clicks. User opens the "image", the virus is activated, then the virus will be injected into the IE process, enabling users to computer hackers remote control instructions received.
Prevention: 1. Use the "Rising full-featured security software 2010", effectively preventing the dissemination through the website linked to horse virus; 2. Kaka Internet Security Assistant 6.2 installed automatically fix vulnerabilities; 3. Can call Customer Service Hotline 400-660-8866 consultation, visit http://csc.rising.com.cn for help.
2010年5月15日星期六
Security experts: malicious virus started to target the network infrastructure equipment
Compared to the situation ten years ago, today's Internet users, such as Do not click on unfamiliar links, Do not open e-mail attachment, do not make random strangers on Facebook and so on so-called security measures have been considered quite familiar. However, just to educate Internet users so that they can do these fluff on the Internet become more secure? This regard, the security company Whitehat CTO Jeremiah Grossman said that different views, in his view, in the maintenance of desktop security, campaign, people have been defeated. He believes that in today's large-scale high-profit enterprises, almost all of the security policy for each of the company regarded as a possible risk birthplace of the computer, he said "appears to abandon the party just in desktop security win the battle of faith. "In Grossman seems to give up feeling that the root cause and not just PC-related vulnerabilities in the security status of prevention, and malicious virus recently has a new target." Botnets are starting to cats and routers for broadband equipment aimed attack. Think about how horrible the attack. If such large-scale attacks began to start, even if we replace the virus infected PC, and replace iPad them less vulnerable to attacks such compilation of portable devices, but because of the underlying network has been lawless elements control These measures would be futile. In contrast, for the security of routers and broadband cats rarely have introduced preventive measures, which would give the security of desktop systems has brought new challenges. "
BitDefender: Nail Magic Song Shin Mukaiya virus Chrome
With the Chrome browser, the user gradually increase the amount of computer criminals have black hands toward the Chrome browser users, Chrome opportunistic spread viruses and steal user information, Google Chrome browser plug-in could be hiding viruses. BitDefender anti-virus product makers that this virus is through a plug-in commercial e-mail discovered this threat. E-mail said: "You want to better organize your incoming e-mail document?" Message given link directly leading to a false Google Chrome browser plug-ins page. In fact, the page does not Chrome plug-in (suffix name. Crx), Chrome users can only download to the suffix name. Exe Trojan horse virus. Trojan modifies the Windows HOSTS file to prevent users from Yahoo and Google login page. Chrome infected user will be redirected to fake Web sites similar. BitDefender has already identified the Trojan as Trojan.Agent.20577. In addition, the last Thursday of a worm spreading in the Yahoo Messenger on a large number, many users believe that they download the photos from friends, but in fact this is a malicious software, It will automatically install the Windows system, and Yahoo Messenger through the infected user's friends automatic transmission.
Yahoo Messenger worm seems to send a picture from a friend sent a link to the spread of the worm is sent through an automated message, the message content contains the "image", "photo" Such words and a smiley face icon, the link is and a Facebook or MySpace this link to a similar photo sharing websites. If users are using Apple's system, then click on the link, the worm will not automatically run, click on will be canceled. However, if users are using Windows, then after the user clicks on the link to download an executable file, and run automatically, the user's computer will be infected with malicious information sources, and automatically to Yahoo Messenger contacts in the spread. "Once run, the worm will copy itself to the '% WinDir% infocard.exe', and will add to its own Windows Firewall filter white list. It will modify the registry, and stop the Windows Automatic Updates service.
If you see this message, please do not click on "Run (Run)" BitDefender was the first discovered the virus last week. The virus is named Worm.P2P.Palevo.DP. BitDefender anti-virus laboratory according to the latest monitoring data, Palevo has produced a new variant, the latest variant will be a large number of automatically sending a lot of the spam to other Yahoo users. When the user receives a message, if not careful to click with the smiley face, the face will link the user to a picture gallery on the site, to lure users to click on view image, the user would have got up after clicking. In fact, not open pictures, appears to be JPG format, in fact it is a virus - Worm.P2P.Palevo.DP. When the virus is activated, the virus will be in C: Windows folder, create multiple hidden files, such as mds.sys, mdt.sys, winbrd.jpg and infocard.exe, and the key will be to modify the system registry key to undermine the security of the operating system line of defense. As with other similar, Palevo.DP with backdoor that allows unauthorized remote attacker to obtain complete control of a computer, and then do whatever they want. Such as installing malicious software, modify system account passwords stolen information, and even turned into a "zombie" computers controlled the virus completely. Palevo variants can also penetrate into Mozilla Firefox and Microsoft Internet Explorer browser to steal account information, online banking or online shopping services, users face great danger. Palevo variants within the network will be infected through the LAN to other computers infected removable disk, etc., and then spread to the wider network. Similar Conflicker worm, Palevo worm also uses a P2P network communication, for example, Ares, BearShare, iMesh, Shareza, Kazaa, DC + +, eMule, and LimeWire, and many other P2P networks. The virus will automatically add the code to the shared document, when the remote P2P client to download the document to be infected after, Palevo worm infected more than one computer will. BitDefender Senior Fellow Catalin Cosoi said, "We recommend that users maintain a high degree of caution. Check the website prior to the sender, do not click on any instant messaging software client links sent by unknown sources. "" Palevo highly aggressive attack. The initial outbreak, we have witnessed Palevo infection rate, it can easily Romania, Mongolia, Indonesia and other countries, or over 500% growth per hour spread. "At present, countries with the highest infection rates were: Romania, Mongolia, Vietnam, Indonesia, Australia, Malaysia, Thailand, France, the United States, Kuwait.
Yahoo Messenger worm seems to send a picture from a friend sent a link to the spread of the worm is sent through an automated message, the message content contains the "image", "photo" Such words and a smiley face icon, the link is and a Facebook or MySpace this link to a similar photo sharing websites. If users are using Apple's system, then click on the link, the worm will not automatically run, click on will be canceled. However, if users are using Windows, then after the user clicks on the link to download an executable file, and run automatically, the user's computer will be infected with malicious information sources, and automatically to Yahoo Messenger contacts in the spread. "Once run, the worm will copy itself to the '% WinDir% infocard.exe', and will add to its own Windows Firewall filter white list. It will modify the registry, and stop the Windows Automatic Updates service.
If you see this message, please do not click on "Run (Run)" BitDefender was the first discovered the virus last week. The virus is named Worm.P2P.Palevo.DP. BitDefender anti-virus laboratory according to the latest monitoring data, Palevo has produced a new variant, the latest variant will be a large number of automatically sending a lot of the spam to other Yahoo users. When the user receives a message, if not careful to click with the smiley face, the face will link the user to a picture gallery on the site, to lure users to click on view image, the user would have got up after clicking. In fact, not open pictures, appears to be JPG format, in fact it is a virus - Worm.P2P.Palevo.DP. When the virus is activated, the virus will be in C: Windows folder, create multiple hidden files, such as mds.sys, mdt.sys, winbrd.jpg and infocard.exe, and the key will be to modify the system registry key to undermine the security of the operating system line of defense. As with other similar, Palevo.DP with backdoor that allows unauthorized remote attacker to obtain complete control of a computer, and then do whatever they want. Such as installing malicious software, modify system account passwords stolen information, and even turned into a "zombie" computers controlled the virus completely. Palevo variants can also penetrate into Mozilla Firefox and Microsoft Internet Explorer browser to steal account information, online banking or online shopping services, users face great danger. Palevo variants within the network will be infected through the LAN to other computers infected removable disk, etc., and then spread to the wider network. Similar Conflicker worm, Palevo worm also uses a P2P network communication, for example, Ares, BearShare, iMesh, Shareza, Kazaa, DC + +, eMule, and LimeWire, and many other P2P networks. The virus will automatically add the code to the shared document, when the remote P2P client to download the document to be infected after, Palevo worm infected more than one computer will. BitDefender Senior Fellow Catalin Cosoi said, "We recommend that users maintain a high degree of caution. Check the website prior to the sender, do not click on any instant messaging software client links sent by unknown sources. "" Palevo highly aggressive attack. The initial outbreak, we have witnessed Palevo infection rate, it can easily Romania, Mongolia, Indonesia and other countries, or over 500% growth per hour spread. "At present, countries with the highest infection rates were: Romania, Mongolia, Vietnam, Indonesia, Australia, Malaysia, Thailand, France, the United States, Kuwait.
"AV Terminator" re-appeared nearly a thousand variants of porn sites
Kingsoft Internet Security Lab May 13-to-date virus warning, and was named the top ten viruses in 2008, one of AV and then a new Terminator virus variants - "AV Terminator 2010." Compared with before, "AV Terminator 2010" ghost using a similar technique to break through the security virus protection software, while downloading a few popular games Daohao 20 Trojan, while the desktop shortcut appears Taobao, Home is also virus locks, regular users is almost impossible to remove.
Li Tiejun Kingsoft Anti-virus experts said the recent killing nets intercepted, ghosting, and other new viruses, without exception, are the first from pornographic websites. "Deep pockets", flow stability, and full of temptations of porn sites have become the platform for a new type of virus release. According to statistical data security lab Duba, Recently a new virus appears, almost 80% were from pornographic websites. <Br> Li Tiejun said the new bad virus "AV Terminator 2010" from a porn site, it will lure users to download a file called "I Miss the whole process of open house av. Exe" file, Once innocent users double-click the file, the mainstream computer can not install antivirus software will run, and kill all the previous post can not be installed, an operation was directly removed. <Br> of the victims of the virus infection process, Duba anti-virus expert Li Tiejun said that when the user clicks on the video playback time, Web site will pop up a page prompts you to "install Qvodplayer player", click on download later you will get a name very tempting av. Exe files, when users click on the file of this very tempting, when the virus is automatically user computers.
According to AV Terminator Recently virus virus characteristics and the trend, Jinshan security lab proposal to develop good majority of Internet users surfing habits, to avoid the log number of bad sites, and open the file to download Kingsoft Internet Security 2010 defense function monitoring and cloud. To have been infected with "AV 2010 Terminator," the user can use Kingsoft Internet Security 2010 Zhuanshagongju av Terminator, killing and follow the prompts to restart the system processing.
Li Tiejun Kingsoft Anti-virus experts said the recent killing nets intercepted, ghosting, and other new viruses, without exception, are the first from pornographic websites. "Deep pockets", flow stability, and full of temptations of porn sites have become the platform for a new type of virus release. According to statistical data security lab Duba, Recently a new virus appears, almost 80% were from pornographic websites. <Br> Li Tiejun said the new bad virus "AV Terminator 2010" from a porn site, it will lure users to download a file called "I Miss the whole process of open house av. Exe" file, Once innocent users double-click the file, the mainstream computer can not install antivirus software will run, and kill all the previous post can not be installed, an operation was directly removed. <Br> of the victims of the virus infection process, Duba anti-virus expert Li Tiejun said that when the user clicks on the video playback time, Web site will pop up a page prompts you to "install Qvodplayer player", click on download later you will get a name very tempting av. Exe files, when users click on the file of this very tempting, when the virus is automatically user computers.
According to AV Terminator Recently virus virus characteristics and the trend, Jinshan security lab proposal to develop good majority of Internet users surfing habits, to avoid the log number of bad sites, and open the file to download Kingsoft Internet Security 2010 defense function monitoring and cloud. To have been infected with "AV 2010 Terminator," the user can use Kingsoft Internet Security 2010 Zhuanshagongju av Terminator, killing and follow the prompts to restart the system processing.
Ten Mistakes of free antivirus software
Kaspersky on May 11 in Beijing released can be installed on three computers on the team full-featured version of security products, the introduction of the team version of the standard price of 498 yuan boxed version. Kaspersky side said that the future will be more flexible for users to marketing.
As Kaspersky Partner, Digital Star CEO Liu Jianhua hope that opinion leaders in all walks of life can be the first to use the "Team Edition." Conference, Kaspersky side also put forward the "boss are using Kaspersky" slogan.
For the controversial topic of the free antivirus software, Liu Jianhua point out that the existence of free software users in the top ten errors in the so-called "free antivirus software to the user to save 10 billion," saying simply, "eyes closed nonsense." Liu Jianhua that is not what people can do anti-virus software, free software has captured the eye to kill, but it does not mean the best choice for users, free does not mean that innovation does not mean free to kill soft kill a powerful and professional Soft.
Liu Jianhua that free soft kill soft kill for the professional and not much impact, but not all professional antivirus software free of charge, and free soft kill soft kill for the professional view is unable to survive errors.
Following is a briefing, Liu Jianhua point out that the existence of the security software market Ten Mistakes of the following is his view:
Misunderstanding 1: The anti-virus software, many people think that free anti-virus is more important than the can.
Anti-virus software is not in charge or the most critical free, but it is not anti-virus. A lot of free antivirus software is almost no anti-virus, which has become a common sense. Free word is indeed a more eyeballs, attract enough attention. But can not be free to attract customers when. We can not forget the industry's fundamental: first, to be able to antivirus software antivirus.
Misunderstanding 2: Is it really permanent free antivirus software.
"Permanent free" in terms of logical sense. When you have free time to do a permanent, there are several assumptions: The first assumption is that a permanent presence for your business, in fact, the average age of Chinese Internet companies are not more than 10 years, many companies not in the 1 ½ years. Therefore, the concept of free anti-virus itself has no logical basis.
Where to permanent income for free? If your income is now supported by VC, then a lot of trouble, can not support the VC next month you do not know. "I think there is not really a permanent free anti-virus software, in fact, there is not really a permanent presence in the software, there will not be."
Misunderstanding 3: free antivirus software to save 100 million users.
This misunderstanding greater is the closed eyes lie and why, because you do not know. I can tell you a historical data: in the antivirus industry when business is very good, one year does not add up to more than 10 million, we ignore the present, when business is bad, so that the free antivirus software for Internet users save 100 million have no idea where to start. This is ignoring the industry, saying the status quo. The original so good, one year we also add up to 10 million, so I do not know that another 90 million came from. <Br> I want to say is that free anti-virus software is not a single cent for the user Province, Why? Free anti-virus software has never been a new, anti-virus software market in China overall is a free market, Good time before our legitimate business is no more than 15%, meaning that 85% of people already have been using the free antivirus software <br> called for Internet users to save money is the basic stand. These words who is the most do not believe it is the users themselves, and why? I did not think to save money for their pockets: the first, before I do not spend money Second, it is you say I buy a genuine anti-virus software is now very cheap, Kaspersky version only 200 years.
Mistakes 4: Free anti-virus software is powerful antivirus software, even 比卡巴斯基 also cattle.
Over the past 10 years, free anti-virus software very much. In recent years, there is free antivirus software features:
Generally, it is not the first own engine, because you have to develop the engine to not that simple. This is not by boasting, but need solid technology accumulation; second, because you do not have their own core technology, you can get over things at best is a professional software vendor what the most low-end, basically they do not speak of the core technology .
Misunderstanding 5: Free anti-virus software, anti-virus software no way to make professional life.
Now, I could get still rely on wages or Kabbah, and I have not heard of now Which professional security software maker closed down, said did not sound good: I have a network of stand-alone version are no longer marketable, let alone stand-alone version of my or sell the move, I will rely on stand-alone alive.
Misunderstanding 6: Free anti-virus software to Internet users more secure.
Free anti-virus software to Internet users more dangerous. First, free antivirus software does is to allow many of our regular users, especially new users that had him on it. However, if, free soft kill also insist that you not do it OK, then to the user very unfortunate. This is the Internet is very dangerous. A consensus that the greatest threat to the Internet is not a virus, is a free anti-virus software, in particular the promotion of free advertising. I object to is not you out for free, I object to is that you insist that you secure your safety.
Misunderstanding 7: Free anti-virus software makes all the professional anti-virus software free of charge.
Unless the bank, play games, or advertising, and the antivirus software into a great flow of advertising software, Fouze professional kill soft, particularly in leading the world's professional security software vendors, I personally think that no one would choose free. The reason is simply that technology is a cost, to do a very powerful anti-virus software, as far as I know, Kaspersky has more than 600 R & D personnel, and high income. You have to pay low wages, high-tech talent and ran to the hacker group.
Mistakes 8: Many people think that free anti-virus software is a great innovation.
Free is not innovation. Free to kill those who do often lack the soft core technology, and can not have any real innovation. Those who engage in free, if you do charge a dead man, so it only can do for free to try. "If you said, Free is a great innovation, or perhaps there is no activation code is also innovation, or no engine is innovation, and that this finished." Wan Quan departure from Zhege nature of the industry, I would like to tell you that free anti-virus software have Renhe Bu innovative.
Misunderstanding 9: Free antivirus software users is the best.
On the surface, you do not receive my money is best for me, others do not charge you money received secretly do not know. First you do not accept the money that I could make you into working for me, and the user into a flow, this time the user is given the so-called security software vendors to employees, so usually free to use antivirus software users, because ultimately it is to be profitable. So we tell the users to understand and correct, free antivirus software, a little bad for you, except that the moment you do not pay it (you secretly bundled to induce the installation, install additional profit cheating software).
Misunderstanding 10: What people can do anti-virus software.
This is the biggest misunderstanding. In addition to the high cost of the security industry, the company's responsibility is also important. Security industry with banks, enterprises demanding responsibility. Such as banks, if a bank's CEO in the moral worth mentioning, basically it will be multiplied month deposits fell, security industry more so. So, I think everyone can do this anti-virus software child, only a brief appearance in China.
As Kaspersky Partner, Digital Star CEO Liu Jianhua hope that opinion leaders in all walks of life can be the first to use the "Team Edition." Conference, Kaspersky side also put forward the "boss are using Kaspersky" slogan.
For the controversial topic of the free antivirus software, Liu Jianhua point out that the existence of free software users in the top ten errors in the so-called "free antivirus software to the user to save 10 billion," saying simply, "eyes closed nonsense." Liu Jianhua that is not what people can do anti-virus software, free software has captured the eye to kill, but it does not mean the best choice for users, free does not mean that innovation does not mean free to kill soft kill a powerful and professional Soft.
Liu Jianhua that free soft kill soft kill for the professional and not much impact, but not all professional antivirus software free of charge, and free soft kill soft kill for the professional view is unable to survive errors.
Following is a briefing, Liu Jianhua point out that the existence of the security software market Ten Mistakes of the following is his view:
Misunderstanding 1: The anti-virus software, many people think that free anti-virus is more important than the can.
Anti-virus software is not in charge or the most critical free, but it is not anti-virus. A lot of free antivirus software is almost no anti-virus, which has become a common sense. Free word is indeed a more eyeballs, attract enough attention. But can not be free to attract customers when. We can not forget the industry's fundamental: first, to be able to antivirus software antivirus.
Misunderstanding 2: Is it really permanent free antivirus software.
"Permanent free" in terms of logical sense. When you have free time to do a permanent, there are several assumptions: The first assumption is that a permanent presence for your business, in fact, the average age of Chinese Internet companies are not more than 10 years, many companies not in the 1 ½ years. Therefore, the concept of free anti-virus itself has no logical basis.
Where to permanent income for free? If your income is now supported by VC, then a lot of trouble, can not support the VC next month you do not know. "I think there is not really a permanent free anti-virus software, in fact, there is not really a permanent presence in the software, there will not be."
Misunderstanding 3: free antivirus software to save 100 million users.
This misunderstanding greater is the closed eyes lie and why, because you do not know. I can tell you a historical data: in the antivirus industry when business is very good, one year does not add up to more than 10 million, we ignore the present, when business is bad, so that the free antivirus software for Internet users save 100 million have no idea where to start. This is ignoring the industry, saying the status quo. The original so good, one year we also add up to 10 million, so I do not know that another 90 million came from. <Br> I want to say is that free anti-virus software is not a single cent for the user Province, Why? Free anti-virus software has never been a new, anti-virus software market in China overall is a free market, Good time before our legitimate business is no more than 15%, meaning that 85% of people already have been using the free antivirus software <br> called for Internet users to save money is the basic stand. These words who is the most do not believe it is the users themselves, and why? I did not think to save money for their pockets: the first, before I do not spend money Second, it is you say I buy a genuine anti-virus software is now very cheap, Kaspersky version only 200 years.
Mistakes 4: Free anti-virus software is powerful antivirus software, even 比卡巴斯基 also cattle.
Over the past 10 years, free anti-virus software very much. In recent years, there is free antivirus software features:
Generally, it is not the first own engine, because you have to develop the engine to not that simple. This is not by boasting, but need solid technology accumulation; second, because you do not have their own core technology, you can get over things at best is a professional software vendor what the most low-end, basically they do not speak of the core technology .
Misunderstanding 5: Free anti-virus software, anti-virus software no way to make professional life.
Now, I could get still rely on wages or Kabbah, and I have not heard of now Which professional security software maker closed down, said did not sound good: I have a network of stand-alone version are no longer marketable, let alone stand-alone version of my or sell the move, I will rely on stand-alone alive.
Misunderstanding 6: Free anti-virus software to Internet users more secure.
Free anti-virus software to Internet users more dangerous. First, free antivirus software does is to allow many of our regular users, especially new users that had him on it. However, if, free soft kill also insist that you not do it OK, then to the user very unfortunate. This is the Internet is very dangerous. A consensus that the greatest threat to the Internet is not a virus, is a free anti-virus software, in particular the promotion of free advertising. I object to is not you out for free, I object to is that you insist that you secure your safety.
Misunderstanding 7: Free anti-virus software makes all the professional anti-virus software free of charge.
Unless the bank, play games, or advertising, and the antivirus software into a great flow of advertising software, Fouze professional kill soft, particularly in leading the world's professional security software vendors, I personally think that no one would choose free. The reason is simply that technology is a cost, to do a very powerful anti-virus software, as far as I know, Kaspersky has more than 600 R & D personnel, and high income. You have to pay low wages, high-tech talent and ran to the hacker group.
Mistakes 8: Many people think that free anti-virus software is a great innovation.
Free is not innovation. Free to kill those who do often lack the soft core technology, and can not have any real innovation. Those who engage in free, if you do charge a dead man, so it only can do for free to try. "If you said, Free is a great innovation, or perhaps there is no activation code is also innovation, or no engine is innovation, and that this finished." Wan Quan departure from Zhege nature of the industry, I would like to tell you that free anti-virus software have Renhe Bu innovative.
Misunderstanding 9: Free antivirus software users is the best.
On the surface, you do not receive my money is best for me, others do not charge you money received secretly do not know. First you do not accept the money that I could make you into working for me, and the user into a flow, this time the user is given the so-called security software vendors to employees, so usually free to use antivirus software users, because ultimately it is to be profitable. So we tell the users to understand and correct, free antivirus software, a little bad for you, except that the moment you do not pay it (you secretly bundled to induce the installation, install additional profit cheating software).
Misunderstanding 10: What people can do anti-virus software.
This is the biggest misunderstanding. In addition to the high cost of the security industry, the company's responsibility is also important. Security industry with banks, enterprises demanding responsibility. Such as banks, if a bank's CEO in the moral worth mentioning, basically it will be multiplied month deposits fell, security industry more so. So, I think everyone can do this anti-virus software child, only a brief appearance in China.
Chuan Fu Sheng Rising 5 million investment may push cattle free antivirus software
May 13, sources said the security company Rising has "360" father can be created by Fu Sheng Niu invest 50 million yuan software company, and launched the "free anti-virus software can cow." Both sides declined to comment on the matter at present. It is understood that Zhou Hongyi Fu Sheng as the old unit, also the founder of 360 security guards, after the trade has been rumored to want to reappear Fu. According to reliable sources, the software can beef conference will be held next week, released a new version of software, said "将有大动作." Some analysts said that investment in Fu Sheng Rising "very credible" because Rising free anti-virus software in recent years, the pressure forced the market share decline, so a Rising hope to build their new free security software. On the Rising, the search for an independent software company, cost, lower risk. Department of Fu Sheng Zhou Hongyi while the old unit, and built the 360 security guards, described as "Rising the best choice." Some analysts said the rumor is just "a cover", in fact, investors are not Rising. Fu Sheng had news that security cooperation with Kingsoft. Rising beef with the software can be said in an interview, they declined to make a relevant comment on rumors.
Powerful filtering shield Jinshan Network release 3.5.2
Recently, by the user favorite Jinshan net shield released the latest 3.5.2 version, while continuing to provide various types of Trojan horse virus site Fishing website provides comprehensive fraud protection, and effective identification of all types of malicious URLs to prevent browser hijacking and other core functions, the enhanced network Jinshan ad filtering shield and a key system error repair. And the script and product ease of use for a number of improvements.
Deteriorating security situation in the Internet's current, the user is confronted with many threats online. In this regard, Jinshan Network Shield products, through constant technology updates, through more practical features to protect users of Internet security. Through more innovative features to allow users to better experience the superior protection Jinshan security products. Meanwhile, the new Web Shield "professional anti-virus" module, still provide users with Kingsoft Internet Security 2011 one year free service, user synchronization to enjoy based on "credible cloud security" antivirus software, excellent service.
Kingsoft Anti-virus engineer Li Tiejun introduction, the Jinshan Network Shield 3.5.2 version released, provides the user experience even better online protection. Enhanced repair, and include a collection of ad filtering, but also allows us to shield the process in the online advertising code all tired. Including "Disturb" mode and other details change, but also to see Jinshan net shield continually innovate to provide users with the best online protection products in good faith.
Core functions: advertising Filter Function: Peak Net Shield 3.5.2 version of the new ad filtering, can help you block ads do not like the web page so that you can not bother to read novels, watch the video. Very simple to use, in the feature page, subscription package for its own rules can be realized. The rules package is prepared by the enthusiastic experienced users to share to you after the free, permanent free.
You no longer have to endure ads frequently pop-up pages, whether in fiction website to read novels, watch movies or video site, as long as you have Jinshan net shield, the world will be from clean. <Br> core functions: a key repair <br> Jinshan security lab found Recently a large number of online games for crossing the line of fire and other large Trojan virus, intrusion by way of infected files the user machine, the traditional anti-virus software trojan virus is found, use mechanical methods to delete the virus, a side effect is to remove the normal documents , the customer can not normal game. Jinshan net shield repair specifically for this phenomenon.
New script: Fix dsound.dll (Related topics: http://labs.duba.net/zt/news_article_008.html)
Daohao trojan infection DriX through the relevant documents, in order to achieve the purpose of running their own once the antivirus software to delete the infected file, it will lead to lack of related components, such as popular games and browser software is not up and running. At this point if the user does not download a version of the file manually repair is not very safe, best to use the authority of the security software fixes this problem.
User issued a plug of a DNF, Shortly after that the machine is running point card, antivirus software reported drug, and automatically deleted, I thought okay this killing soft enough N, no longer care, who knows the game and found error while opening , 'not found dsound.dll', the game could not open the.
Important improvements: Added part on the Yahoo search engine to protect the Chinese website.
Improved ease of use:
New full-screen mode to avoid disturbing: the user full-screen video games, watching video cases, completely silent, to ensure users do not bother <br> default browser: Open the main interface in the network link shield using the system default browser opens <br> Mouse dart functions: by a large number of user feedback on the "mouse dart" feature to adjust the appearance of the scene, reducing its users disturb the normal operation, simultaneous detection of more real-time, comprehensive protection <br> Tray: tray right click menu to increase the "Settings" entrance, you can quickly set up on the web shield personalized adjustment
Deteriorating security situation in the Internet's current, the user is confronted with many threats online. In this regard, Jinshan Network Shield products, through constant technology updates, through more practical features to protect users of Internet security. Through more innovative features to allow users to better experience the superior protection Jinshan security products. Meanwhile, the new Web Shield "professional anti-virus" module, still provide users with Kingsoft Internet Security 2011 one year free service, user synchronization to enjoy based on "credible cloud security" antivirus software, excellent service.
Kingsoft Anti-virus engineer Li Tiejun introduction, the Jinshan Network Shield 3.5.2 version released, provides the user experience even better online protection. Enhanced repair, and include a collection of ad filtering, but also allows us to shield the process in the online advertising code all tired. Including "Disturb" mode and other details change, but also to see Jinshan net shield continually innovate to provide users with the best online protection products in good faith.
Core functions: advertising Filter Function: Peak Net Shield 3.5.2 version of the new ad filtering, can help you block ads do not like the web page so that you can not bother to read novels, watch the video. Very simple to use, in the feature page, subscription package for its own rules can be realized. The rules package is prepared by the enthusiastic experienced users to share to you after the free, permanent free.
You no longer have to endure ads frequently pop-up pages, whether in fiction website to read novels, watch movies or video site, as long as you have Jinshan net shield, the world will be from clean. <Br> core functions: a key repair <br> Jinshan security lab found Recently a large number of online games for crossing the line of fire and other large Trojan virus, intrusion by way of infected files the user machine, the traditional anti-virus software trojan virus is found, use mechanical methods to delete the virus, a side effect is to remove the normal documents , the customer can not normal game. Jinshan net shield repair specifically for this phenomenon.
New script: Fix dsound.dll (Related topics: http://labs.duba.net/zt/news_article_008.html)
Daohao trojan infection DriX through the relevant documents, in order to achieve the purpose of running their own once the antivirus software to delete the infected file, it will lead to lack of related components, such as popular games and browser software is not up and running. At this point if the user does not download a version of the file manually repair is not very safe, best to use the authority of the security software fixes this problem.
User issued a plug of a DNF, Shortly after that the machine is running point card, antivirus software reported drug, and automatically deleted, I thought okay this killing soft enough N, no longer care, who knows the game and found error while opening , 'not found dsound.dll', the game could not open the.
Important improvements: Added part on the Yahoo search engine to protect the Chinese website.
Improved ease of use:
New full-screen mode to avoid disturbing: the user full-screen video games, watching video cases, completely silent, to ensure users do not bother <br> default browser: Open the main interface in the network link shield using the system default browser opens <br> Mouse dart functions: by a large number of user feedback on the "mouse dart" feature to adjust the appearance of the scene, reducing its users disturb the normal operation, simultaneous detection of more real-time, comprehensive protection <br> Tray: tray right click menu to increase the "Settings" entrance, you can quickly set up on the web shield personalized adjustment
C version for AntiVir (free version) to monitor the virus "automatic processing"
AntiVir version C version of the most criticized relative P is a place, monitoring can not be processed automatically into the poisoning death of two network cards, upgrading is easy obstacles second drawback for the time being no way, unless the red umbrella, looking to upgrade the server or we can own can not frame a civil money to upgrade servers in China, the first point, Today saw the post, the idea suddenly a little red umbrella prompt window is invoked guardgui. Exe, stop this procedure if the start date? Seems to point vaguely remember the top right corner of this window will be the virus file after the fork Access Deny ... ... then start the Windows Group Policy Editor (gpedit. Msc), expand Computer Configuration → Windows Settings → Security Settings → Software Restriction Policies → other rules, right click on the right, select the new path rule, and then fill guardgui. Exe, security level set to not allow, of course, can also guardgui. Exe the full path to fill in. OK, test, easily find a drug from the sample area under the down. Extract to My Documents directory, nothing, look at the log red umbrella: the virus is automatically Access Deny the ~ purpose achieved by this method, however, then do not even sound the alarm may be red umbrella helped intercept ~ N a virus, you still do not know. Of course requirements "installed on the matter," it does not matter. After screening the guardgui.exe also need to change the automatic processing of scan or scan time ~ red umbrella will not help you clear toxicity. Personal recommendations are set (P version, C version of the words changed to delete the overwrite and delete enough).
2010年5月14日星期五
Kaspersky was "Annual CEO" to create the legendary anti-virus industry
He is the world's leading anti-virus experts to serve 20 years of diligent field of information security; he led the corporate team of more than 100 countries around the world, dedicated to protecting the world's more than 300 million users of network security, and the worldwide four-rong Information security solutions provider account; He has received the Russian Federation State Science and Technology Award The Chinese government issued China's State Award of friendship and many honor; Not only is he a highly respected celebrity, it is a brand, a symbol of the strict security terminology. Yes, he is the Kaspersky Lab founder and CEO - Mr. 尤金卡巴斯基.
Recently, the British magazine "SC" issued "Annual CEO" awards gala was released 尤金卡巴斯基 with its information security field in the achievements of successful titles and captured, and received the unanimous endorsement of the guests on site.
IT security industry as a high-profile event, the 2010 SC Awards Europe that year industry emerged on the outstanding figures, events, and products for recognition. This year's award ceremony at the Wyndham Grand London Lunduichexi Hong Kong Hotel held there on the 100 internationally renowned IT security experts gathered in the scene.
For this award, 尤金卡巴斯基 said: "I am very lucky because I have a good and diligent team, we have in the past period has created excellent results, and today received this honor I want to share with my team. Kaspersky Lab's success can be extended to today because of all the hard work is that we create a more secure space for the permanent International Network adhere to be able to manage such an excellent team, I feel honored. "
It is worth mentioning that 尤金卡巴斯基 just a week ago and Merlin, Lord Erroll, Buckley, Managing Director of Bank Information Risk Management Stephen Bonner, PwC Legal, Head of Technical Services Edward Gibson appeared in 2010, the common European International Computer Information System Security Exhibition Hall of Fame, recently he won the heavyweight awards, so frequent exposure, the field of information security at the global level can be seen favored.
It is understood that Kaspersky child is a "child prodigy", and has very prominent mathematical genius, was only 16 years old to skip the password to enter Russia, Telecommunications and Computer Science student. Since 1989, he was detected on your computer Cascade virus, they start to turn on the computer virology research, develop the auspices of the structure and properties of excellent anti-virus software. Between 1991 and 1997, Kaspersky KAMI Information Technology Centre in leading a group of aides developed a 'AVP' anti-virus program (in November 2000 was renamed Kaspersky reg; Anti-Virus software), and in 1997 Kaspersky Lab was officially created a restricted stock company.
We know that in life many people like to collect stamps, antiques, while Mr. 尤金卡巴斯基 is keen to collect samples of malicious code removal tool to develop, which to some extent, reflects the hard work of his serious . It is in this spirit philosophy, after a long period of time, they launched a number of evaluation products in the world and in the event, were all able to shine with outstanding performance. Now, the anti-virus database has become the world's most complete anti-virus database, and Kaspersky Lab has successfully among the four major information security solutions provider list.
Recently, the British magazine "SC" issued "Annual CEO" awards gala was released 尤金卡巴斯基 with its information security field in the achievements of successful titles and captured, and received the unanimous endorsement of the guests on site.
IT security industry as a high-profile event, the 2010 SC Awards Europe that year industry emerged on the outstanding figures, events, and products for recognition. This year's award ceremony at the Wyndham Grand London Lunduichexi Hong Kong Hotel held there on the 100 internationally renowned IT security experts gathered in the scene.
For this award, 尤金卡巴斯基 said: "I am very lucky because I have a good and diligent team, we have in the past period has created excellent results, and today received this honor I want to share with my team. Kaspersky Lab's success can be extended to today because of all the hard work is that we create a more secure space for the permanent International Network adhere to be able to manage such an excellent team, I feel honored. "
It is worth mentioning that 尤金卡巴斯基 just a week ago and Merlin, Lord Erroll, Buckley, Managing Director of Bank Information Risk Management Stephen Bonner, PwC Legal, Head of Technical Services Edward Gibson appeared in 2010, the common European International Computer Information System Security Exhibition Hall of Fame, recently he won the heavyweight awards, so frequent exposure, the field of information security at the global level can be seen favored.
It is understood that Kaspersky child is a "child prodigy", and has very prominent mathematical genius, was only 16 years old to skip the password to enter Russia, Telecommunications and Computer Science student. Since 1989, he was detected on your computer Cascade virus, they start to turn on the computer virology research, develop the auspices of the structure and properties of excellent anti-virus software. Between 1991 and 1997, Kaspersky KAMI Information Technology Centre in leading a group of aides developed a 'AVP' anti-virus program (in November 2000 was renamed Kaspersky reg; Anti-Virus software), and in 1997 Kaspersky Lab was officially created a restricted stock company.
We know that in life many people like to collect stamps, antiques, while Mr. 尤金卡巴斯基 is keen to collect samples of malicious code removal tool to develop, which to some extent, reflects the hard work of his serious . It is in this spirit philosophy, after a long period of time, they launched a number of evaluation products in the world and in the event, were all able to shine with outstanding performance. Now, the anti-virus database has become the world's most complete anti-virus database, and Kaspersky Lab has successfully among the four major information security solutions provider list.
Jiangmin Technology founder Wang Jiangmin died of illness
Jiangmin Science and Technology, founder of the anti-virus expert Wang Jiangmin IDG Beijing on April 5, according to Jiangmin Science and Technology confirmed that the company founder Wang Jiangmin recently passed away at the age of 59 years. Jiangmin Science and Technology will then release announcement. The following is Wang Jiangmin Life: Wang Jiangmin, Jiangmin Technology chairman and general manager. Born in Shanghai in 1951. Year-old suffering from polio and leg disability, life seemed to give him a possible way of success; junior high school after graduation, returned to his hometown in Shandong Yantai Wang Jiangmin street from a factory apprentice dry, the hard self-study, grown to have a variety of inventions over 20 categories of machinery and photovoltaic experts. In 1979, as were a number of laser products, advanced level of scientific research, Wang Jiangmin been selected as the National Long udarnik first model 105 new one. In 1985, received the "national model of youth self-taught" title; in 1989, Wang Jiangmin 38 years old to start learning computer; in a few years, he became China's first anti-virus experts. 1991, was named "National self-reliance model." In 1996, Wang Jiangmin hit a yellow "face" to Beijing Zhongguancun, started his own. In 2003, Wang Jiangmin justified by his anti-virus software, among the "Top 50 China IT Rich List"; become the new century "knowledge-hero" of the model.
Free activation key for McAfee VirusScan SMB one year
1. First login Mcafee website hits
https://secure.nai.com/apps/downloads/my_products/login.asp?region=cn&segment=enterprise
2. In the "Authorization Number", enter "1759124-NAI", then click "Submit", you can download your desired product. Pro test site available
https://secure.nai.com/apps/downloads/my_products/login.asp?region=cn&segment=enterprise
2. In the "Authorization Number", enter "1759124-NAI", then click "Submit", you can download your desired product. Pro test site available
See active defense! AntiVir Avira V10 Beta evaluation
In the eyes of many users, the German red umbrella anti-virus software has a good reputation. Apart from its fantastic heuristic virus scanning, the software compared to other low resource consumption rate, also has won much attention. With the 2010 edition of similar products coming on stream, finally red umbrella also recently released its latest version of the first test version of V10. Regarding the new active defense, will undoubtedly become a new version of the biggest bright spot! First, install and initialize the test is the red umbrella avira premium security suite V10 Beta, is what we often say S version (personal security suite version), including AntiVir (anti-virus, Trojan), AntiSpam (anti- e-mail), AntiRootkit (Rootkit monitoring), Firewall (firewall), etc., all the modules. Installation package size 38.0 MB, a slight increase over the previous version. It is worth mentioning that the beginning of the little red umbrella to install a system will be automatically detected, suggesting that with Windows 7 module that comes with Windows Defender not compatible with the phenomenon occurs, the user take the initiative to shut down. Figure 1 prompted to close Windows Defender installation process basically followed the style of the old version, but a lot less unnecessary queries. Such as a firewall against the old version of tips, on by default in the V10 version removed a lot of refreshing the whole installation. In this test we use is the official release of the authorization is valid until May 1, 2010, so long the "lenient" and also be bonuses for the new version brings us now! Figure 2, the installation process simple and many still will be required to install the system after the reboot, but the old version of the classic configuration wizard but did not appear. In fact, for most users, the antivirus software's configuration wizard is necessary, after all, not every user has the patience to read that long list of menus. I hope the official version, this was "manslaughter" function can bye! Second, the new interface UI is interesting that red umbrella V10 seems to cancel the startup screen, I have not seen two consecutive starts Logo pop up. But there is no corresponding switch options, whether or otherwise intend to respond to user suggestions, I will not know. And the previous version of the new version of little red umbrella finally that "Aged face" to the landscape, although the structure still follows the old version of style, but does the new interface is more aesthetic, and this is especially in the red umbrella V9 more obvious when compared.
May 15, 2010 ESET NOD32 latest activation code, NOD32 free activation code, NOD32 24 位 activation code
May 15, 2010 ESET NOD32 latest activation code, NOD32 free activation code, NOD32 24 位 activation code, resources collected in the network, this site does not provide any cracked piracy and service, against piracy and crack ESET NOD32, this upgrade method only communication for learning purposes, not for any commercial purposes, are only available to NOD32 trial enthusiasts to experience the NOD32 antivirus capabilities Please delete in 24 hours If you feel like it, please NOD32 user support genuine, thank you! Free anti-virus stop QQ group No. group ③: 12501136 welcomes users like the free antivirus stations were additive group, with the exchange.
New NOD32 Activation Code applies to: EAV 3.0/4.0 version www.6806.net
For six months to November 17
V263-3033-4YM4-3M4B-N7NV-DSBG
V263-3033-4YM4-3MC9-L6QP-X9K4
V263-3033-4YM4-3ND7-J6HG-T9QF
V263-3033-4YM4-3NEQ-H8PG-PGB6
V263-3033-4YM4-3QE9-54VT-U57R
V263-3033-4YM4-3R5A-E3SW-7RNA
V263-3033-4YM4-3S8E-886S-MG7C
V263-3033-4YM4-3T4R-Y7J7-9JB5
V263-3033-4YM4-3TGQ-S87A-MTAT
V263-3033-4YM4-3U6E-S4M6-HQML
V263-3033-4YM4-3V5D-C5NF-MCTU
V263-3033-4YM4-3VPD-547M-VQRJ
V263-3033-4YM4-3VUF-F8KC-AMUN
V263-3033-4YM4-3WBU-B3AE-NU9N
V263-3033-4YM4-3YT4-B746-TW7S
V263-3033-4YM4-43QE-L8LU-GAHP
V263-3033-4YM4-43Y7-C6K8-DUQL
V263-3033-4YM4-447G-B3AR-K5L5
V263-3033-4YM4-45XH-F6YH-ECQM
V263-3033-4YM4-46MC-93LJ-D8DK
V263-3033-4YM4-47DE-T8TW-SVXD
V263-3033-4YM4-47YW-Y35E-KRJB
V263-3033-4YM4-4BD4-76FR-3833
V263-3033-4YM4-4BSR-R6AY-AJ3L
V263-3033-4YM4-4BWT-L6AV-ETJK
New NOD32 Activation Code applies to: EAV 3.0/4.0 version www.6806.net
For six months to November 17
M565-8233-53S3-RSSU-Q8RM-FJDD
M565-8233-53S3-RTMY-54CV-VA7R
M565-8233-53S3-RU86-J5UP-TMFH
M565-8233-53S3-RULR-H5QH-A34E
M565-8233-53S3-RUWS-846W-3U6S
M565-8233-53S3-RUXE-A5BD-5AT7
New NOD32 Activation Code applies to: EAV 3.0/4.0 version www.6806.net
For six months to November 17
V263-3033-4YM4-3M4B-N7NV-DSBG
V263-3033-4YM4-3MC9-L6QP-X9K4
V263-3033-4YM4-3ND7-J6HG-T9QF
V263-3033-4YM4-3NEQ-H8PG-PGB6
V263-3033-4YM4-3QE9-54VT-U57R
V263-3033-4YM4-3R5A-E3SW-7RNA
V263-3033-4YM4-3S8E-886S-MG7C
V263-3033-4YM4-3T4R-Y7J7-9JB5
V263-3033-4YM4-3TGQ-S87A-MTAT
V263-3033-4YM4-3U6E-S4M6-HQML
V263-3033-4YM4-3V5D-C5NF-MCTU
V263-3033-4YM4-3VPD-547M-VQRJ
V263-3033-4YM4-3VUF-F8KC-AMUN
V263-3033-4YM4-3WBU-B3AE-NU9N
V263-3033-4YM4-3YT4-B746-TW7S
V263-3033-4YM4-43QE-L8LU-GAHP
V263-3033-4YM4-43Y7-C6K8-DUQL
V263-3033-4YM4-447G-B3AR-K5L5
V263-3033-4YM4-45XH-F6YH-ECQM
V263-3033-4YM4-46MC-93LJ-D8DK
V263-3033-4YM4-47DE-T8TW-SVXD
V263-3033-4YM4-47YW-Y35E-KRJB
V263-3033-4YM4-4BD4-76FR-3833
V263-3033-4YM4-4BSR-R6AY-AJ3L
V263-3033-4YM4-4BWT-L6AV-ETJK
New NOD32 Activation Code applies to: EAV 3.0/4.0 version www.6806.net
For six months to November 17
M565-8233-53S3-RSSU-Q8RM-FJDD
M565-8233-53S3-RTMY-54CV-VA7R
M565-8233-53S3-RU86-J5UP-TMFH
M565-8233-53S3-RULR-H5QH-A34E
M565-8233-53S3-RUWS-846W-3U6S
M565-8233-53S3-RUXE-A5BD-5AT7
May 15, 2010 Kaspersky KAV, KIS (6.0/7.0/8.0/9.0/2010) KEY download activation code
May 15, 2010 the latest Kaspersky KAV, KIS 6.0, 7.0, 8.0 (2009), 9. (2010) KEY download, resources collected in the network, this site does not provide any cracked piracy and service, against piracy and crack Kaspersky, this upgrade method for learning communication purposes only, not for any commercial purposes, are only available to fans Kaspersky trial Ability to experience the Kaspersky antivirus, please delete in 24 hours If you feel like, please support the legitimate Kaspersky users, thank you! KEY is a complicated collection of things, if you have good friends who KEY, and would like to share it with other users, please send an email to KEY: lybuluo # qq. Com (# to @) 【I thank on behalf of online friends you! 】 Site can not guarantee the availability of all the KEY, but the release of the KEY package, this site is through a series of order, verify are available only release out. When you download the KEY package, and maybe some will not use, it is because Kaspersky was ever official censorship KEY. Remember the first step is to: first comes the Kaspersky blacklist to delete KEY ... ... If you think a good website, please recommend to friends around you, friends will thank you! Free antivirus Station
【Download 】
May 15, 2010 the latest Kaspersky KEY (www.6806.net). Rar
【Download 】
May 15, 2010 the latest Kaspersky KEY (www.6806.net). Rar
2010年5月13日星期四
Kaspersky key
Kaba may be really "mad", and have not updated there began two days, but fortunately found an immediate update immediately ^ _ ^
Just modify the online chat, and now the implementation of the speed class, even being downloaded movies, software, games, chat is not delayed, the previous version if the system flow is simply unable to take up the chat.
Go to the topic, recently there are many people began to ask key installation and use, a common problem is that these people do not like to see tutorials, key equipment is the key not say can not be used on! ! ! The following is a tutorial on the key:
KEY Installation Tutorial: http://www.china-virus.com/Article.Asp?ID=668
KEY can not be used: http://www.china-virus.com/Article.Asp?ID=625
Powered QQ Group Address: http://www.china-virus.com/Article.Asp?ID=80
The following are key documents available in the 7.0 8.0 9.0 version.
Click to download this file (size: 11KB)
1364
Just modify the online chat, and now the implementation of the speed class, even being downloaded movies, software, games, chat is not delayed, the previous version if the system flow is simply unable to take up the chat.
Go to the topic, recently there are many people began to ask key installation and use, a common problem is that these people do not like to see tutorials, key equipment is the key not say can not be used on! ! ! The following is a tutorial on the key:
KEY Installation Tutorial: http://www.china-virus.com/Article.Asp?ID=668
KEY can not be used: http://www.china-virus.com/Article.Asp?ID=625
Powered QQ Group Address: http://www.china-virus.com/Article.Asp?ID=80
The following are key documents available in the 7.0 8.0 9.0 version.
Click to download this file (size: 11KB)
1364
Kaspersky was "Annual CEO" to create the legendary anti-virus industry
He is the world's leading anti-virus experts to serve 20 years of diligent field of information security; he led corporate teams are spread across more than 100 countries, dedicated to protecting the world's more than 300 million users of network security, and the worldwide four-rong information security solutions provider of the list; he was awarded the Russian Federation State Science and Technology Award, issued by Chinese Government Chinese National Friendship Award, and many other honors; only is he a respected celebrity, it is a brand, a Xiangzheng a rigorous, security terminology. Yes, he is the Kaspersky Lab founder and CEO - Mr. 尤金卡巴斯基.
Recently, the British magazine "SC" issued "Annual CEO" awards gala was released 尤金卡巴斯基 with its information security field in the achievements of successful titles and captured, and received the unanimous endorsement of the guests on site.
IT security industry as a high-profile event, the 2010 SC Awards Europe that year industry emerged on the outstanding figures, events, and products for recognition. This year's award ceremony at the Wyndham Grand London Lunduichexi Hong Kong Hotel held there on the 100 internationally renowned IT security experts gathered in the scene.
For this award, 尤金卡巴斯基 said: "I am very lucky because I have a good and diligent team, we have in the past period has created excellent results, and today received this honor , I and my team to share. Kaspersky Lab's achievements would continue into today is the hard work of all people, is because we more secure international network of permanent Jianchi space to be able to manage such a good team and I feel honored. "
It is worth mentioning that 尤金卡巴斯基 just a week ago and Merlin, Lord Erroll, Barclays Bank managing director of Information Risk Management Stephen Bonner, PricewaterhouseCoopers Legal Edward Gibson, head of technical services to the common appearance in 2010 European International Computer Information System Security Exhibition Hall of Fame, recently he won the heavyweight awards, so frequent exposure, and its favored field of global information security, is evident.
It is understood that Kaspersky childhood is a "child prodigy", and has very prominent mathematical genius, was only 16 years old to skip the password to enter Russia, Telecommunications and Computer Science student. Since 1989, he in his Cascade virus was detected on the computer, they start to turn on the computer virology research, led the development of the structure and properties of excellent anti-virus software. 1991 to 1997, Kaspersky KAMI Information Technology Centre in leading a group of aides developed "AVP" anti-virus program (in November 2000 was renamed Kaspersky reg; anti-virus software), and in 1997 Kaspersky Lab was officially created a restricted stock company.
We know that in life many people like to collect stamps, antique when Mr. 尤金卡巴斯基 much interest in the collection of samples of malicious code removal tool development, which to some extent, reflects the attitude of his diligent work . It is in this spirit philosophy, after a long period of time, they launched a number of evaluation products in the world and in the event, were all able to shine with outstanding performance. Now, the anti-virus database has become the world's most complete anti-virus database, and Kaspersky Lab has successfully among the four major information security solutions provider list.
Recently, the British magazine "SC" issued "Annual CEO" awards gala was released 尤金卡巴斯基 with its information security field in the achievements of successful titles and captured, and received the unanimous endorsement of the guests on site.
IT security industry as a high-profile event, the 2010 SC Awards Europe that year industry emerged on the outstanding figures, events, and products for recognition. This year's award ceremony at the Wyndham Grand London Lunduichexi Hong Kong Hotel held there on the 100 internationally renowned IT security experts gathered in the scene.
For this award, 尤金卡巴斯基 said: "I am very lucky because I have a good and diligent team, we have in the past period has created excellent results, and today received this honor , I and my team to share. Kaspersky Lab's achievements would continue into today is the hard work of all people, is because we more secure international network of permanent Jianchi space to be able to manage such a good team and I feel honored. "
It is worth mentioning that 尤金卡巴斯基 just a week ago and Merlin, Lord Erroll, Barclays Bank managing director of Information Risk Management Stephen Bonner, PricewaterhouseCoopers Legal Edward Gibson, head of technical services to the common appearance in 2010 European International Computer Information System Security Exhibition Hall of Fame, recently he won the heavyweight awards, so frequent exposure, and its favored field of global information security, is evident.
It is understood that Kaspersky childhood is a "child prodigy", and has very prominent mathematical genius, was only 16 years old to skip the password to enter Russia, Telecommunications and Computer Science student. Since 1989, he in his Cascade virus was detected on the computer, they start to turn on the computer virology research, led the development of the structure and properties of excellent anti-virus software. 1991 to 1997, Kaspersky KAMI Information Technology Centre in leading a group of aides developed "AVP" anti-virus program (in November 2000 was renamed Kaspersky reg; anti-virus software), and in 1997 Kaspersky Lab was officially created a restricted stock company.
We know that in life many people like to collect stamps, antique when Mr. 尤金卡巴斯基 much interest in the collection of samples of malicious code removal tool development, which to some extent, reflects the attitude of his diligent work . It is in this spirit philosophy, after a long period of time, they launched a number of evaluation products in the world and in the event, were all able to shine with outstanding performance. Now, the anti-virus database has become the world's most complete anti-virus database, and Kaspersky Lab has successfully among the four major information security solutions provider list.
Kaspersky Internet Security & Anti-Virus 2010
The most advanced Internet security software with premium protection from viruses, spyware hackers and spam. Also includes comprehensive identity theft and phishing protection, parental and privacy controls, and superfast performance.
General Requirements:
375MB of the free space on the hard drive
CD-ROM drive (for installation via CD)
Microsoft Internet Explorer 6 or higher (to update the anti-virus database and application modules via the Internet)
Features comparison NEW Kaspersky Internet Security 2010 NEW Kaspersky Anti-Virus 2010
Core protection
Virus and vulnerability scanner yes yes
Proactive protection against programs based on their behavior Improved! yes yes
Restriction of access to private data by suspicious programs Improved! yes
Application control Improved! yes
Safe run mode (sandbox) to test questionable programs New! yes
Network protection
Two-way personal firewall yes
Secure wireless connections in public areas yes
Email protection
Real-time scanning of email yes yes
Anti-spam, Anti-phishing Improved! yes
Web protection
Virtual keyboard to safely enter sensitive data Improved! yes yes
Removal of Internet activity (history, cookies, etc) New! yes yes
Parental Control
General Requirements:
375MB of the free space on the hard drive
CD-ROM drive (for installation via CD)
Microsoft Internet Explorer 6 or higher (to update the anti-virus database and application modules via the Internet)
Features comparison NEW Kaspersky Internet Security 2010 NEW Kaspersky Anti-Virus 2010
Core protection
Virus and vulnerability scanner yes yes
Proactive protection against programs based on their behavior Improved! yes yes
Restriction of access to private data by suspicious programs Improved! yes
Application control Improved! yes
Safe run mode (sandbox) to test questionable programs New! yes
Network protection
Two-way personal firewall yes
Secure wireless connections in public areas yes
Email protection
Real-time scanning of email yes yes
Anti-spam, Anti-phishing Improved! yes
Web protection
Virtual keyboard to safely enter sensitive data Improved! yes yes
Removal of Internet activity (history, cookies, etc) New! yes yes
Parental Control
订阅:
博文 (Atom)
博文
