Virus, no killer! Recognize the real face of a virus

1. What is the virus?

What is computer virus? The standard definition should refer to the compilation or insertion of computer commands or program code that damage computer functions or data and affect computer use. Computer viruses, like biological viruses, can spread, multiply, and attach to normal computer programs to cause damage. Therefore, we call it computer viruses. It is contagious, destructive, concealed, latent, and parasitic.

At present, there are more than 50 thousand types of viruses around the world, which can be divided into 5 categories by their basic types:

1. Boot virus: It is infected with the boot sector of a floppy disk, hard disk, or primary Boot Sector.

2. Executable File virus: Mainly infected with executable files.

3. macro virus: viruses compiled using macro languages, such as worms.

4. Hybrid virus: the combination of the above viruses can not only infect executable files, but also infect the Hard Drive boot area, if a system infected with the virus uses the Format command to Format the hard disk, the virus cannot be eliminated.

5. Trojan Horse, network worm, and Internet language virus: Some viruses written in Java, VB, ActiveX, etc, viruses can steal valuable personal confidential information through the network or reduce the utilization of computer system resources, resulting in a crash.

In particular, in recent years, viruses have emerged and are constantly evolving. Because computer data is highly mobile, as a common user, if you want to avoid computer virus infection, you must first prevent it. For example, some pirated discs, various software downloaded from the Internet, and received email attachments may all be the carriers of viruses. Currently, the best way to prevent viruses is to use virus detection software and install a specialized virus firewall to detect unknown programs. Currently, anti-virus software can basically achieve real-time anti-virus monitoring, prevent File compression viruses, and provide comprehensive protection and disaster recovery functions. However, in the face of a wide range of anti-virus software, users often have incorrect ideas. Of course, the virus detection and removal software and the virus firewall do not mean you can rest assured. Because new viruses are always at the forefront of virus detection and removal software and firewall, these software can still provide additional protection for your system.

2. Pull out the virus

The last time I sent an email with a virus, it caused great inconvenience and misunderstanding. So let's take action and find out the virus. Now I will take the KV3000 launched by Jiangmin as an example to introduce the specific usage of virus detection and removal and online virus protection (virus firewall.

We can see that the KV3000 includes one CD and two floppy disks. Hosts file. Disk A is A KV3000 antivirus disk, which is used for virus detection and removal under DOS. Disk B is A non-encrypted disk, it is mainly used to upgrade the KVW3000 installed on the hard disk of a machine without internet access. It is also a boot disk with an optical drive driver. When running KVD3000, you must first start disk B. When running KVD3000 in the drive letter of the optical drive, you must read the encryption point of disk A before entering the KVD3000 antivirus interface to scan for viruses. Therefore, they have their own functions and must be used together. After KVW3000 is installed, the program group and shortcut will be generated on the Start Menu. Select the KVW3000 icon to view the main image of the KVW3000 (figure: 1 ).

1. virus detection and removal

In the path input window, enter one or more paths you want to scan, and separate them, then, click the "virus detection" or "Antivirus" button to scan and kill viruses separately. Similarly, you can click the Browse button to select the folder or drive you want to scan. Click OK to return. The program automatically starts scanning all files in the path selected by the user.

If a virus is detected by the program during the scan, the virus in the file is automatically cleared without any prompt. For viruses that do not need to be cleared, such as hacker programs and worms, the system determines whether to delete the files that contain viruses based on whether to delete the files. If the program cannot clear viruses in the infected files, it will also provide relevant information in the status window on the interface, and give the corresponding prompt, such as for the file virus in the compressed package, you need to first expand the compressed package, then you can clear it. During the scanning or anti-virus process, the detected files and processing results are displayed in the information display window. In the following status bar, the number of scanned files, the number of files processed and decompressed, the number of viruses found, and the number of suspicious files and viruses cleared are displayed.

If you need to check a file, you can select "check file" on the "scan" menu (figure: 2 ). The system displays the file selection window. If you select the file to be scanned and click the OPEN button, KVW3000 scans the file immediately and the scan result is displayed in the Information Window. Select "check all hard disks now" in the "scan" menu. KVW3000 scans all local hard disks. Select "check all network disks". KVW3000 scans all network disks (if no Network Disk exists, this item is gray ).

2. backup and recovery

Backup and recovery of the primary Boot Sector is a catastrophic damage to the system. You can recover the primary Boot Sector and the Boot Sector of the logical drive C before the backup. This function is available in the "file" menu. You can select "backup Master Boot Record" to back up the Master Boot Sector (MBR) of the hard disk, and select "Restore Master Boot Record" to restore the boot record to the status before backup.

The backup boot sector operation is basically the same as the backup Master Boot Record operation. The backup hard drive Boot Record and drive C Boot Sector will be stored in drive A. The file names are HDPT. DAT (Hard Drive boot record) and HDBOOT. DAT (logical drive C boot sector ). If a floppy disk is not attached to the drive, a prompt window appears (figure: 3). Click "cancel, you can also store these important data on other media that you think is safer.

NOTE: If an incorrect Boot Record is restored, more disasters may occur. Therefore, you must pay attention to the following before performing the restoration:

A. Ensure that the backup records are backed up on the same computer. (If you use backups on other computers for recovery, this will cause greater losses;

B. Make sure that no change is made to the partition or the format of the logical drive C is not changed before recovery.

C. If you change the partition or the format of logical drive C, make sure to back up the disk again;

D. installing a new operating system and some software related to partitioning and startup may also change the partition structure and logic C.

Disk format. Please back up the disk after installation.

3. Prevent unburned data

KVW3000 Online Virus firewall allows you to monitor and kill viruses on floppy disks, CDs, and Internet networks in real time and related malicious programs. It can monitor ZIP, ARJ, RAR, CAB, LZH, and other compressed packages, and can monitor or search for E-mail viruses. The program currently supports the mailbox formats created by common Email software such as FoxMail, OutLook, and Netscape.

1. Monitoring Management

If the KVW3000 virus real-time monitor is activated (in the File menu, you can set the start or stop real-time monitoring), double-click the KVW3000 icon in the system tray area (figure 4 ), you can enter the virus monitor window. The status line below the window shows the recently scanned file names and monitor working conditions. If a virus is detected, the system displays the file names, detected virus names, and processing results in the record window. (Figure: 5)

Tip: move the mouse pointer to the KVW3000 Real-Time Virus monitor icon in the system tray area for a while. The KVW3000 will display a floating window to brief you on the monitoring file. Right-click the monitor icon and a shortcut menu will appear. These functions are the most commonly used and important functions, which can be used more conveniently and quickly.

2. Monitoring Control

It is necessary to properly set the monitoring method according to the actual situation. The real-time monitoring configuration of KVW3000 is flexible. You can select "Real-time Monitoring" to adjust one of them. These options are the same as those in the scanning process, the expression means the same. In addition, you can click the "Settings" button on the program interface to select the applicable scan options.