Li gang
Different from the general biological virus, the infection of computer virus is based on the operation of computer system and the reading and writing of disk. Without such conditions, computer viruses are not contagious, because when the computer is not started or running, it is impossible to read and write disks or enjoy data. If you don't read or write to the disk, the virus won't spread to the disk or network. Therefore, as long as the computer is running, there will be disk reading and writing actions, and the two prerequisites for virus infection will be easily met. The operation of the system creates conditions for the virus to reside in memory. The first step of virus infection is to stay in memory. Once it enters the memory, it will look for infection opportunities and attack targets, judge whether it meets the conditions and decide whether it can be infected. When the conditions are met, the virus is infected and written to the disk system. Moreover, all computer viruses are artificially created. Once they spread, sometimes even the makers themselves can't control them. So the virus is not a simple computer academic problem, but a serious social problem. Therefore, it is an urgent problem to understand the source, harm and common preventive measures of computer viruses.
1 computer virus overview
Classification of 1 1 computer virus
At present, it is estimated that there are more than 200,000 kinds of viruses in the world. According to the basic types, it can be divided into six types: (1) guided virus; (2) executable file virus; (3) Macro virus; (4) mixed virus; (5) Trojan horse virus; (6) Network language virus.
1. Second generation computer virus
The emergence of computer virus is the inevitable product of the development of computer technology and the development of computer-centered social informatization. Its background is:
(1) Computer virus is a new derivative form of computer crime. Computer virus is a high-tech crime, which is instantaneous, dynamic and random. It is difficult to obtain evidence, with little risk and great harm, thus stimulating criminal awareness and criminal activities. It is a manifestation of some people's mischief and revenge in the field of computer application.
(2) The fragility of computer software and hardware products is the fundamental technical reason. Computers are electronic products, and the data from input, storage, processing to output are easy to be wrong, tampered with, lost, tampered with and destroyed. Programs are easy to be deleted and rewritten; The manual method of computer software design is inefficient and the production cycle is long; So far, people have no way to know in advance whether a program has any errors or defects hidden in it. These vulnerabilities facilitate the invasion of viruses.
(3) The popularization and application of microcomputers is a necessary environment for the generation of computer viruses. 1983165438+1October 3rd, American computer experts first put forward the concept of computer virus and verified it. Only in recent years have computer viruses spread to China. These years are the climax of the popularization and application of microcomputers in China.
1.3 Transmission routes of computer viruses
Computer viruses are called viruses because they are contagious. There are usually the following infection channels:
(1) removable media. The first and possibly the biggest transmission route of computer viruses and other malicious software is file transfer, which started from floppy disks and gradually developed to all mobile media.
(2) Enjoy the Internet. Once computers are provided with the mechanism of direct interconnection through the network, it will provide malicious software writers with another propagation mechanism to spread malicious code.
(3) P2P network program. The emergence of QQ peer-to-peer program provides a way for P2P file transmission and is also used by computer viruses. At present, there have been a variety of viruses aimed at QQ peer-to-peer programs.
(4) E-mail. E-mail has become the preferred transmission mechanism for many malware attacks.
(5) Remote utilization. Malware may try to replicate by exploiting specific vulnerabilities in services or applications, which can be seen in worms.
2 computer virus hazards and prevention
2. 1 hazard level of virus
Most computer viruses are harmless, and these viruses are also collectively referred to as benign viruses. They occupy a certain amount of memory and disk space, slow down the running speed of the computer system, interfere with the display of the display screen, and generally do not cause serious damage. There are also a few computer viruses that will destroy the data in the disk or even the ROM chip and paralyze the computer system. They are operable, reproducible, contagious, latent, destructive, deceptive, exquisite, triggering, hidden and stubborn. These viruses are also collectively called malignant computer viruses. They can lurk or parasitize in storage media (disks), memory or programs through different channels. When certain conditions or opportunities appear, usually, their damage to computer resources is completely different.
2.2 Prevention of virus infection
The most effective way to prevent and control computer viruses is to focus on prevention. Preventing virus invasion is more important than finding and removing it after virus invasion, so the focus of virus prevention should be on prevention. Eliminating the source of infection, blocking the route of infection and protecting the susceptible parts are effective methods to prevent virus invasion. Although there are thousands of computer viruses, they all have certain characteristics, that is, the transmission routes are basically the same. As long as we have a good pass, we can nip in the bud. Be careful when using floppy disks, CD-ROMs and mobile disks. Don't use disks of unknown origin, especially game program disks. You should get into the habit of checking viruses before using them. Don't easily download software from unreliable websites, don't open or browse emails of unknown origin, regularly check the operating system and application software, regularly back up and save your important data, write-protect the system disk and file disk, always keep a really "clean" startup disk, write-protect, and make as many backups as possible. Use this clean startup disk to start the computer when you are ready to kill viruses or corresponding occasions in the future. Sometimes hand defense alone is not enough. You should also install anti-virus software in your computer, carefully study the functions of the anti-virus software used, what responsibilities are undertaken by different modules, what application combinations are there, and what different killing effects are there for different running commands (option settings) parameters, so as to give full play to the role of anti-virus tools. Set a virus firewall in the computer to realize online detection. The anti-virus software Memory resident detects the virus in the current file of the operating system in real time, ensuring that the virus is found and alerted before it tries to infect your system. In this way, whether copying files from floppy disk, installing programs from CD-ROM or downloading files from the Internet, online virus detection software will be the first.
Check first to make sure there is no virus.
3. Implementation plan for comprehensive virus prevention
[M]。 Beijing: Tsinghua University Publishing House, 2004.