If you have experience in Internet cafes or data center management, you must know that virus is a headache. Most of the current viruses have strong replication capabilities and can be transmitted over the LAN, A large amount of system resources are consumed. If there is a virus in one machine in a LAN, other machines will soon be infected with viruses if they are not immediately antivirus and isolated. How can they prevent viruses, and quick anti-virus has become an urgent concern for every network administrator.
I have been working in an Internet cafe for two years and have been dealing with viruses for countless times. I am exhausted every time, but I finally ended up winning. In fact, there are two common viruses in Internet cafes. One is a highly destructive virus similar to CIH, which cannot be started after the virus is completed. This virus is the most harmful, however, the probability of virus poisoning is relatively small; the other is script virus. These viruses won't make the machine unable to start after they are done. Instead, they consume system resources and only crash to the system. Compared with the CIH virus, they seem very inconspicuous, this virus is the biggest headache.
Let me first talk about my experience in fighting against the script virus. When an internet cafe is about to open, it usually needs to create a model hard disk. After installing all the software and games, it will clone it to other hosts with GHOST. However, when creating a template disk, make sure that the virus is not infected at all stages. Otherwise, if you use a template disk with a virus and then clone all the machines, in the future, it will certainly take more time to kill viruses, which will not only affect normal business operations, but will also be very troublesome to kill viruses. In this case, we should not be afraid to take time to create a model disk, and carefully think about every step before doing it.
First, when installing the system, use a CD to start the hard disk. Make sure that the disc has never been used to carry viruses, and the hard disk must have no files, otherwise, the remaining files may be infected with viruses, and these 1.1 files must be heartless. Do not back up a driver or software and do not delete it. Otherwise, you may regret the virus after installing the system.
Second, after installing the system and then installing the driver, it is best to install anti-virus software first. Anti-virus software must first ensure that it does not have a virus. In fact, you can install WIN98 files, anti-virus software, and so on, put the drivers of Internet cafes together and use EasyBoot as the boot disc. With this disk, you can ensure that the master disk is not infected with viruses before installing other software and games.
Third, install the driver, first update the anti-virus software to the latest version, and then enable the virus firewall, engage in the installation files of software and games on prepared machines to install the necessary software and games for Internet cafes. After everything is done, test the games and software, then, create an ADMIN folder under the directory c, and put the kill toolkit, hard disk toolkit, network cloning tool, and backup registry in it for backup. It is good to make a general template disk. Of course, if the system configuration is not high, in order not to affect the speed of playing the game, the virus Firewall should be automatically started and canceled after cloning. Installing anti-virus software doesn't keep it on the firewall, because it consumes system resources. Second, it usually installs the recovery genie, And it just needs to restart the virus, it is mainly used in the future to upgrade the game or call files to open the firewall to Prevent Virus Infection in the calling file system. What's more, it is not a secret, and even careful people will not guarantee that there will be no virus in the future, therefore, you must install the anti-virus tool on each server, but you do not need to enable its protection function at ordinary times.
I think everyone must be in love Forest, happy new times, and so on. Especially in the LAN, all machines are often infected with viruses, each machine can generate hundreds to thousands of viruses. I have used rising to generate more than 8000 viruses on one machine. These viruses are very bad. Generally, they are not easy to clean in WINDOWS. After each virus is killed, you will find that the anti-virus software itself has EXPLOR. EXE and other processes are still infected with viruses, and you can also clean them no matter how they are killed. In this case, it is best to restart to secure mode and then kill the virus. Do not open any window during antivirus, some viruses will be activated as long as you open the window, and it will be difficult to clear the virus if it occupies the memory. After the attack is completed, restart and then enter the security mode to kill the virus. Generally, the virus will be cleared several times. If the problem persists, it is necessary to go to DOS to check and kill. General anti-virus software has its DOS version. When you restart to pure DOS mode, you will be prompted to jump to the installation directory and run the program. However, the virus removal speed is generally very slow. It is worth noting that if all the machines are infected with viruses, you must disable one of the switches and kill them. After the removal, back up the drive C and use a protection card to protect them.
For the above script virus, it will be okay after virus removal, but for CIH and other viruses, in addition to restoring the virus after virus removal, in general, it destroys the partition table and the primary boot program, and seriously damages the BIOS. We can treat them separately. If the damage is only the primary Boot Record, you can use a clean boot floppy disk or a CD to start the system and run fdisk/mbr. You can also use DISKMAN, DISKGEN and other gadgets to recreate the Master Boot Record. If the partition table is damaged, the first consideration is to use DISKMAN to restore the partition table. If the damage is not serious, it can be recovered. If you are not familiar with the disk structure, partition table, I/O table, and FAT table, you are advised to ask a professional. But in most cases it is fixed like this.