I often hear some "more professional" IT staff said, "Users have installed anti-virus software, but there is no concept of anti-virus, do you think it will not be poisoned?"
In order to not be poisoned, it is more important to understand the operation of the virus and the preservation of anti-virus software. Here, I hope that for the computer users of general enterprises, we can provide some "anti-virus concepts" that are sufficient. Maybe you can't "guarantee" anything, but at least you can have a general understanding of what's happening on your computer!
Compact and fragile boot program
The power is always loaded until the operating system is loaded. This is commonly known as the "boot program." Since most viruses try to make themselves part of the "boot program" (for parasitism and infection), you must first know what steps the entire program has:
1. Power on, if everything is fine, then Next Step
2. The BIOS (Basic Input/Output System) performs a routine power-on check and then takes over the boot process with the default storage device.
3. According to industry-recognized specifications, The boot device (usually the hard disk drive) starts the software boot process, and loads the core and driver of the operating system in sequence...
4. After the kernel of the operating system is loaded, it can also be loaded according to the settings. The various resident programs specified by the person (anti-virus software, IM software...)
In each of the above-mentioned boot programs, moving from this step to the next step will leave a "hook point". For example, the BIOS system on the motherboard should execute the boot process of the storage medium, and it will execute the boot command from a fixed location. Where is this fixed location? We don't need to know most people, but this position is definitely a public specification.
So, the person who writes the operating system knows where the storage media is powered on, and the person who writes the disk maintenance program knows that the person who writes the tool program knows, and the person who writes the virus... of course, I know, so there is The so-called "boot-type virus."
However, this kind of "boot-up virus" is very rare, mainly because the operating system loaded after booting is quite large and complicated. It is difficult for such viruses to be able to be operated under such complicated boot conditions. working normally. Most of the current viruses are mostly destroyed in the operating system.
There is a possibility that you can't boot up...
Whether it's Windows, Mac OS, Linux or BSD, the initial loading of the operating system is made up of delicate sequential steps, one after the other. A ring. The operating system usually has to set the operating mode of the processor, load the system core, driver and drawing interface, then load the resident program, and finally hand over the usage rights to the user. If this series of "exquisite" but also "fragile" process has a little mistake, the system can not load, the user will say "ah, this computer is hung up /crashed /can not open /died... All kinds of arguments are different:
● There is a problem with the driver
● There is a problem with the core program
● There is a problem with the disk that stores the OS core program
● The user's resident program has a problem
As long as there is a small link error, the operating system may not load properly - fortunately this situation does not happen often.
So far, the above concepts seem to be very simple?
Please introduce the concept of "memory"
No matter which operating system, after the boot process is completed, the user will You can execute a variety of application software. For example, you can execute a browser, a word processor, a movie player... The specific behavior is to use the mouse on the icon of the application, press the left mouse button twice, yes, It is such an "easy".
What most people often forget is that there is a very important "component" in the computer, called "memory." When the user presses the power and executes the boot process, one of the most important steps of this program is to put the core of the operating system. "Loading from storage media into memory".
After the kernel of the operating system is loaded into the memory, according to the design of the developer, it will constantly maintain the normal operation of its core and user applications. The same is delicate and fragile. In addition, because the program is written by "people", if the person writing the program "scrambles" (either intentionally or unintentionally), the application may cause the operating system kernel program to be destroyed. Get down.
in the Win7 system In the office, the printer is always inseparable, and the operation of the printe
Previously, in the WinXP system, changing the file format directly modified its suffix name, but the
1. Insert your U disk first, let the system use U disk normally, then enter “Control Panel”; 2. Open
In the Windows XP era, the main form of file management is based on the users personal wishes, store
Cleverly set up Win7 desktop, turned into news station
How to turn off Windows 7 monitor calibration
Play Win7 file library to make the file "disappear"
Win7 laptop turns into a wireless router to release wifi signal
Windows 7 Aero Theme Appreciation
How to set low battery automatic shutdown protection hard disk
Getting along with IE6 apps in Windows 7
Small Shift key greatly function Counting Shift key six tips
Disable TCP half-open connection limit in Vista/Win7
Full range of compatible Apacer flash drives with Win7 certification
How to cancel the boot login box in Win7 system? How to remove the boot login interface?
MSN can not log in under Windows solution
Win10/Win8.1/Win7 comprehensive performance evaluation big secret (5): coding performance
Teach you to modify the XP registry to achieve ADSL boot automatic dialing
LOL5 Mao special effects real human micro-film chrysanthemum letter
Win8 open app store display does not connect to the Internet how to do
Use the registry to modify the Win7/Win8 hard disk partition name
How to fix windows7 system registry damage failure
The Win7 system installation software prompts "Error 1327 invalid drive: D:\\" solution
Win9 is about to be released: the notification center screenshot is more suitable for mobile phone