I often hear some "professional" IT staff say, "even if the user installs anti-virus software, there is no concept of anti-virus at all. Do you think this will not cause viruses ?"
To avoid viruses, it is more important to have a better understanding of the operating principles of viruses and the preservation of antivirus software. Here, we hope that computer users in general enterprises can provide enough anti-virus concepts ". Maybe you cannot "guarantee" anything, but at least you can have a brief understanding of what happens on the computer!
Exquisite and fragile boot program
To use a computer, you have to turn on the machine first, from power on to the operating system load, this is commonly known as the "boot program ". Because most viruses will try to make themselves part of the "Boot Program" (so that they can be parasitic and infected), you must first know the steps of this program:
1. Power on. If the hardware works properly, proceed to the next step.
2. BIOS (Basic Input/Output System) performs a routine Boot Check and takes over the boot program with a preset storage device
3. According to industry-recognized specifications, the preset boot device (usually a hard drive) starts the software boot program and loads the core and driver of the operating system in sequence ......
4. After the core of the operating system is loaded, various resident programs (anti-virus software, IM software, etc.) specified by the user can be loaded according to the settings ......)
In each of the above boot procedures, a "Hook Point" will be left when this step is switched to the next step ". For example, the BIOS system on the motherboard needs to execute the boot program for storing media. It will execute the boot command from a fixed position. Where is the fixed position? We do not need to know, but this location must be a public specification.
Therefore, the people who write the OS know the location where the storage media is started, the people who write the disk maintenance program, the people who write the tool program, and the people who write the virus ...... Of course, we also know that there is a so-called "launch model virus ".
However, the "launch model virus" is rare in the modern era, mainly because the loaded operating systems are very large and complex after the boot, it is difficult for such viruses to operate normally under such complicated boot conditions. Most of the current viruses are damaged by the operating system.
Abstract: I often hear some "professional" IT staff say, "even if the user has installed anti-virus software, there is no concept of anti-virus at all. Do they think they will not be poisoned in this way ?" To avoid viruses, it is more important to have a better understanding of the operating principles of viruses and the preservation of antivirus software. Here, we hope that computer users in general enterprises can provide enough anti-virus concepts ". Maybe you cannot "guarantee" anything, but at least you can have a brief understanding of what happens on the computer!
Keywords:
Prize survey:
Network Optimization and Management 2010
Internet newspaper and Internet community network once again organized the "Network Optimization and Management Application Index 2010" prize survey. The survey results will be published at the "third network optimization and Management Forum 2010" meeting. Friends who have filled out the complete questionnaire will have the opportunity to draw the exquisite souvenirs we provide for you.
The possibility of failure to boot ......
Whether it is Windows, Mac OS, Linux or BSD, the initial loading of the operating system is composed of exquisite sequential steps. The operating system usually needs to set the operating mode of the processor, load the system core, driver and drawing interface, load the resident program, and finally give the user the right to use. If this series of "exquisite" but "fragile" processes make a small mistake, the system cannot be loaded, the user will say, "Ah, my computer has crashed/cannot be turned on/died ...... All kinds of arguments are different:
● The driver has a problem.
● Problems with the core program
● An error occurred while storing the disk of the OS core program.
● The user's resident program has encountered a problem.
As long as there is a small error, the operating system may not be loaded properly-fortunately, this situation does not often happen.
So far, the above concepts seem very simple?
Please introduce the "Memory" Concept
Regardless of the operating system, the user can execute various applications after the boot program is completed. For example, you can execute browsers, file processing programs, and video playing programs ......, The specific action is to move the mouse over the application icon and press the left mouse button twice in a row. Yes, that's easy ".
What people often forget is that a computer has an important "component" called "Memory ". When the user presses the power to run the boot program, an important step of this program is to load the core of the operating system from the storage media to the memory ".
After the core of the operating system is loaded into the memory, according to the design of the Development vendor, the core of the operating system and the normal operation of the user application will be constantly maintained. This process is also exquisite and fragile. In addition, because the program is written by "people", if it is written by "people" (whether intentionally or unintentionally ), applications may cause the core program of the operating system to be damaged, resulting in a crash.
Abstract: I often hear some "professional" IT staff say, "even if the user has installed anti-virus software, there is no concept of anti-virus at all. Do they think they will not be poisoned in this way ?" To avoid viruses, it is more important to have a better understanding of the operating principles of viruses and the preservation of antivirus software. Here, we hope that computer users in general enterprises can provide enough anti-virus concepts ". Maybe you cannot "guarantee" anything, but at least you can have a brief understanding of what happens on the computer!
Keywords:
Prize survey:
Network Optimization and Management 2010
Internet newspaper and Internet community network once again organized the "Network Optimization and Management Application Index 2010" prize survey. The survey results will be published at the "third network optimization and Management Forum 2010" meeting. Friends who have filled out the complete questionnaire will have the opportunity to draw the exquisite souvenirs we provide for you.
What about viruses?
The virus wants to have the following capabilities:
● Resident in the memory, disguise yourself as a part of the operating system
● In the process of disguise, it is best to make no one or any software discover it
● Do not interfere with the operation of the original program as much as possible, so as not to be noticed by yourself
● Try your best to attach yourself (viruses) to others (other computers)
● If necessary, you can do something useful (or fun) to the author, including stealing assets and causing damages ......
Multiple executable files
Well, if the virus wants to hide itself into the memory, it must first let you "execute" it.
The problem is, which one will perform the virus silly-if the virus says "I am a virus, come here, execute me" on the forehead, will you touch it? Definitely not!
Therefore, the writers of viruses will try their best to let users execute it without knowing it, so as to achieve the goal of "infection.
Therefore, "executable files" have become the main targets of most viruses "Parasitic.
The so-called executable files are what we call "programs" and "software". Usually such software is composed of one (or several) file. As mentioned above, software must be loaded into the memory before it can be executed and used by users, therefore, the author of the software will use development tools to compile the "original program" into "executable files", and then deliver the files to the user so that the user can execute them.
In the past, the executable files had only fixed formats:. COM,. EXE, And. BAT extensions, all of which were executable files. This remains unchanged in the Windows 7 era. However, Windows later introduced many "rare" executable file formats. For example ,. DLL is a "Dynamic Link Library" and an executable file that "must be attached to the main program ;. SCR is a screen saver and an executable file with special functions ;. MSI (Windows Installer Package) is usually seen in "Installer", ...... It is also an executable file; some narration files, such as. VBS,. JS ......, They are also executable files.
Abstract: I often hear some "professional" IT staff say, "even if the user has installed anti-virus software, there is no concept of anti-virus at all. Do they think they will not be poisoned in this way ?" To avoid viruses, it is more important to have a better understanding of the operating principles of viruses and the preservation of antivirus software. Here, we hope that computer users in general enterprises can provide enough anti-virus concepts ". Maybe you cannot "guarantee" anything, but at least you can have a brief understanding of what happens on the computer!
Keywords:
Prize survey:
Network Optimization and Management 2010
Internet newspaper and Internet community network once again organized the "Network Optimization and Management Application Index 2010" prize survey. The survey results will be published at the "third network optimization and Management Forum 2010" meeting. Friends who have filled out the complete questionnaire will have the opportunity to draw the exquisite souvenirs we provide for you.
Execution is the most dangerous thing.
The problem is that Windows presets hide the file extensions it recognizes, so to be honest, you don't know what you actually execute.
It doesn't matter either. You just need to think: When you press the left mouse button twice on an icon-what are you sure you want to execute.
When executing something -- you must remember: This is our "Red Flag" signal that users must pay attention ". If you need to be alert about anything, you can do the other thing except "someone asks you the password.
Therefore, you must remember:
"Be careful when executing something ."
That's simple.
Because many viruses are attached to executable files, and you are "poisoned when executed ". Not only that, until the computer infected with viruses is cleared, they will constantly infect the computer files, send virus letters, or infect other files on the server ...... In addition, these viruses modify system settings to make it difficult for users to clean up even if they are not correct-sometimes almost impossible.
Therefore, sometimes the computer that has been poisoned must be reinstalled, because all executable files are infected and cannot be recovered.
The Internet is also the gate of hell"
However, I'm afraid there is something really hard to defend against-that is, web pages!
When you use a browser to connect to any webpage, honestly ...... The portal to hell opens. Because web pages allow you to do a lot of things and perform many functions-and most of them are automated, but you don't know. Of course, normal Web pages won't affect you, or make you poisoned ...... However, there are still many abnormal webpages!
As a matter of fact, you must know that the browser itself is a "performer" and it is designed as a tool to "execute various functions. In addition, the operating system still has the so-called "compatibility" problem, but the browser itself is designed as the so-called "cross-platform". It is best that all browsers have the same capabilities, so that web developers can write a function -- so that all users in the world can use it -- gosh! The implementation of World Datong is nothing more than this. However, this also gives webpage virus writers the opportunity ...... Is there any way to make these virus writers easier? Of course, it's a cross-platform universal virus!
There are many forms of webpage viruses. Some will use the so-called "narration" (JavaScript) to continuously bounce annoying windows, and some will secretly plug the virus into your computer, some will directly execute some damn actions ...... To be honest, this type of problem is more troublesome than Executable File poisoning because users cannot know it at all. <
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
