Abstract: Introduction to the differences and connections between computer viruses such as mail viruses, worms and *s in the network and other viruses, as well as examples of common mail viruses. At the same time, based on the current trend of computer virus development, some prevention and control suggestions were put forward.
Keywords Network virus program
With the rapid development of the international Internet, email has become the most common tool for people to communicate with each other, so it has also become an important vector of email-type viruses. In recent years, many extremely harmful email viruses have appeared, such as the "LOVE YOU" virus, the "Kurnikova" virus, the "Homepage" virus and the "cover letter" virus. These viruses mainly use email as a means of transmission, and generally choose Microsoft Outlook to invade and use the programmable characteristics of Outlook to complete attacks and destruction. When the recipient uses OutlookRS to open a virus-infected email or attachment, the virus inside will automatically activate and send an email with a virus-included email to the person in the "Tun Book", which is similar to a worm, infecting multiple machines from one machine to multiple machines. This type of virus has extremely strong infectiousness and destructive power. Viral emails will be copied and spread on a large scale in a very short period of time, which may cause the mail server to exhaust resources and paralyze, and seriously affect the network operation. Some viruses may even destroy data and files on the user's local hard drive. "Maoshanxia" website
Mail viruses have typical characteristics of viruses: the general characteristics of mail viruses can be understood through the "I LOVEYOU" (Aichuan) virus; self-replication and transmission are characterized by the spread of the transmission medium or pathway through email, so it is called "mail virus". Since email attachments allow files of any format, most viruses are sent quietly in disguise as email attachments. When the user opens a poisonous attachment, the virus is activated and infects the user's system. It sends emails with the subject "I LOVE YOU" to all addressless in the user's address book through Microsoft Outlook. The content of the email is "kindly check the attached LOVELET2TER coming from me” and has a poisonous attachment named "love letter foryooutxt . vbs". Once the user opens the attachment, the virus program hidden in it is activated, so he starts the email client program Out look and sends out the poisoned email, causing a chain reaction.
It can also be propagated through . htm file or a MIRC script. After infection with this virus, it will automatically search for local drives and mapped network drives, search for infected targets in all directories and subdirectories, such as JSE, CSSWSH, SCT, HTA, JPEG, MP2, and MP3 as extensions, overwrite the original content with virus code, change the extension to VBS, slow down the user's mail system, and then destroy the original file. By analyzing the special computer program "worm" and the "*" virus, we can have a deeper understanding of the characteristics of the "mail virus" so that we can actively take preventive measures. A worm is a program that can propagate between different hosts of a network without modifying other files on the target host. Its propagation depends on the operation of the host or network, and relies solely on itself without requiring other object programs to reproduce, constantly self-replicating between hosts occupies system resources and network bandwidth. Computer viruses are parasitic and often use other programs to spread, affecting the normal operation of the computer system, and finally causing the network system to be overloaded and paralyzed. The removal of worms is also very troublesome.
Because in a network environment, as long as the worm in a host is not killed, it will rekindle. Currently, there is no difference between "computer worms" and "computer viruses". This is because although their implementation techniques are different, their functions are similar, especially since some viruses now use worm technology, which can damage the network. * horses are a general term for hacking tools. It performs normal actions on the surface, but performs certain functions without the user's knowledge, which are often used by hackers to steal information from the user's machine. Its characteristic is that it has at least some functions, which are often used by hackers to steal information from users' machines. Its characteristic is that it has at least two programs: one is a client program and the other is a server program. Once a server-side program is run on a computer online, the hacker can manipulate the host through the client program. The * program itself cannot copy itself and must rely on the execution of other programs to install itself. This is also the difference between it and computer viruses. Hackers often place * programs in some file servers on the Internet, allowing people to download, or hide them in attachments of emails, send them to users, and use some tempting reasons to lure users to execute the obtained programs. To fool some newbies. The * program is based on the TCP/ IP protocol and adopts the "customer/ server" working method.
First, the hacker must install the server-side program of the * to the user's machine and lure the user to execute the program containing the * through means. When the server-side program is installed on the user's machine, the installer generally needs to modify the system settings file to ensure that the * program automatically runs when the computer restarts. After that, hackers can use client programs to search the network, find the host running the server program, and monitor the host, and implement all the functions of the program, steal data, monitor user behavior, remote control, etc. The damage that a hacker can implement will depend on the functionality of the tools it uses. The * program is very hidden and it is difficult for ordinary users to discover it without being hacked. A common * program is the hacker tool BO (Back Orfice2000). Its host program is Bogui . exe , the client program is Bogui . exe , and the operating environment is Win98, which can monitor any computer that is surfing the Internet under the TCP/IP protocol. The server-side program runs automatically through the registry. With the continuous development of network technology, global networking is soon realized. Based on the characteristics and harms of network viruses, it is very dangerous for our computers to not have real-time network antivirus software. That will bring devastating disaster to our computers. Therefore, we must take effective management measures and technical means to prevent virus infection and destruction and strive to minimize losses. Of course, the prevention and control of computer viruses should also improve the legal system and strengthen management and find measures. According to the characteristics of online viruses, major websites should strengthen the prevention and control of viruses and use the latest technical means to carry out the struggle to prevent and control computer viruses to the end. Prevention of email viruses is an example of * prevention. After understanding the * program, it is easier to prevent.
First of all, don’t download software from a young personal website. When downloading software, you need to go to well-known and reputable sites. These site software is usually relatively safe. Secondly, don’t be too trustworthy and run software given by others casually. You should check your system files, registry, ports, etc. frequently, pay more attention to security information, and then change the default settings of Windows for hidden file extensions, so that we can see the real extension of the file. Many anti-virus software currently have the function of detecting and killing "*s" or "backdoors" programs, but they still need to update and adopt advanced anti-virus software. The last thing to remind you is: If you suddenly find that your computer hard drive is working inexplicably, or if Modem is still "blinking" without opening any connection, immediately disconnecting the network and searching for *s. Email viruses are mainly transmitted through email, and most of them are entrained through attachments. After understanding this, it is clearer and easier to prevent this type of virus:
(1) Don’t easily open attachments from strangers’ letters, especially some EXE-like executable files.
(2) For emails sent by friends who are more familiar with them, if the letter contains attachments but does not explain them in the main text, do not open the attachments easily, because their system may be infected with poison.
(3) Do not forward emails blindly. When sending program files or even e-cards to others, you can try it on your computer first, and then send it after confirming that there is no problem, so as not to accidentally become a spreader of the virus.
(4) If you receive an email with the topic "I LOVE YOU" immediately, don’t open the attachment.
(5) Pay attention to anti-virus alerts at any time and update the anti-virus software's virus code base in time. From technical means, you can install anti-virus real-time monitoring programs that monitor email systems to monitor system behavior at any time. For example, use the latest version of anti-virus real-time software to check and kill files in the attachment.
Keywords Network virus program
With the rapid development of the international Internet, email has become the most common tool for people to communicate with each other, so it has also become an important vector of email-type viruses. In recent years, many extremely harmful email viruses have appeared, such as the "LOVE YOU" virus, the "Kurnikova" virus, the "Homepage" virus and the "cover letter" virus. These viruses mainly use email as a means of transmission, and generally choose Microsoft Outlook to invade and use the programmable characteristics of Outlook to complete attacks and destruction. When the recipient uses OutlookRS to open a virus-infected email or attachment, the virus inside will automatically activate and send an email with a virus-included email to the person in the "Tun Book", which is similar to a worm, infecting multiple machines from one machine to multiple machines. This type of virus has extremely strong infectiousness and destructive power. Viral emails will be copied and spread on a large scale in a very short period of time, which may cause the mail server to exhaust resources and paralyze, and seriously affect the network operation. Some viruses may even destroy data and files on the user's local hard drive. "Maoshanxia" website
Mail viruses have typical characteristics of viruses: the general characteristics of mail viruses can be understood through the "I LOVEYOU" (Aichuan) virus; self-replication and transmission are characterized by the spread of the transmission medium or pathway through email, so it is called "mail virus". Since email attachments allow files of any format, most viruses are sent quietly in disguise as email attachments. When the user opens a poisonous attachment, the virus is activated and infects the user's system. It sends emails with the subject "I LOVE YOU" to all addressless in the user's address book through Microsoft Outlook. The content of the email is "kindly check the attached LOVELET2TER coming from me” and has a poisonous attachment named "love letter foryooutxt . vbs". Once the user opens the attachment, the virus program hidden in it is activated, so he starts the email client program Out look and sends out the poisoned email, causing a chain reaction.
It can also be propagated through . htm file or a MIRC script. After infection with this virus, it will automatically search for local drives and mapped network drives, search for infected targets in all directories and subdirectories, such as JSE, CSSWSH, SCT, HTA, JPEG, MP2, and MP3 as extensions, overwrite the original content with virus code, change the extension to VBS, slow down the user's mail system, and then destroy the original file. By analyzing the special computer program "worm" and the "*" virus, we can have a deeper understanding of the characteristics of the "mail virus" so that we can actively take preventive measures. A worm is a program that can propagate between different hosts of a network without modifying other files on the target host. Its propagation depends on the operation of the host or network, and relies solely on itself without requiring other object programs to reproduce, constantly self-replicating between hosts occupies system resources and network bandwidth. Computer viruses are parasitic and often use other programs to spread, affecting the normal operation of the computer system, and finally causing the network system to be overloaded and paralyzed. The removal of worms is also very troublesome.
Because in a network environment, as long as the worm in a host is not killed, it will rekindle. Currently, there is no difference between "computer worms" and "computer viruses". This is because although their implementation techniques are different, their functions are similar, especially since some viruses now use worm technology, which can damage the network. * horses are a general term for hacking tools. It performs normal actions on the surface, but performs certain functions without the user's knowledge, which are often used by hackers to steal information from the user's machine. Its characteristic is that it has at least some functions, which are often used by hackers to steal information from users' machines. Its characteristic is that it has at least two programs: one is a client program and the other is a server program. Once a server-side program is run on a computer online, the hacker can manipulate the host through the client program. The * program itself cannot copy itself and must rely on the execution of other programs to install itself. This is also the difference between it and computer viruses. Hackers often place * programs in some file servers on the Internet, allowing people to download, or hide them in attachments of emails, send them to users, and use some tempting reasons to lure users to execute the obtained programs. To fool some newbies. The * program is based on the TCP/ IP protocol and adopts the "customer/ server" working method.
First, the hacker must install the server-side program of the * to the user's machine and lure the user to execute the program containing the * through means. When the server-side program is installed on the user's machine, the installer generally needs to modify the system settings file to ensure that the * program automatically runs when the computer restarts. After that, hackers can use client programs to search the network, find the host running the server program, and monitor the host, and implement all the functions of the program, steal data, monitor user behavior, remote control, etc. The damage that a hacker can implement will depend on the functionality of the tools it uses. The * program is very hidden and it is difficult for ordinary users to discover it without being hacked. A common * program is the hacker tool BO (Back Orfice2000). Its host program is Bogui . exe , the client program is Bogui . exe , and the operating environment is Win98, which can monitor any computer that is surfing the Internet under the TCP/IP protocol. The server-side program runs automatically through the registry. With the continuous development of network technology, global networking is soon realized. Based on the characteristics and harms of network viruses, it is very dangerous for our computers to not have real-time network antivirus software. That will bring devastating disaster to our computers. Therefore, we must take effective management measures and technical means to prevent virus infection and destruction and strive to minimize losses. Of course, the prevention and control of computer viruses should also improve the legal system and strengthen management and find measures. According to the characteristics of online viruses, major websites should strengthen the prevention and control of viruses and use the latest technical means to carry out the struggle to prevent and control computer viruses to the end. Prevention of email viruses is an example of * prevention. After understanding the * program, it is easier to prevent.
First of all, don’t download software from a young personal website. When downloading software, you need to go to well-known and reputable sites. These site software is usually relatively safe. Secondly, don’t be too trustworthy and run software given by others casually. You should check your system files, registry, ports, etc. frequently, pay more attention to security information, and then change the default settings of Windows for hidden file extensions, so that we can see the real extension of the file. Many anti-virus software currently have the function of detecting and killing "*s" or "backdoors" programs, but they still need to update and adopt advanced anti-virus software. The last thing to remind you is: If you suddenly find that your computer hard drive is working inexplicably, or if Modem is still "blinking" without opening any connection, immediately disconnecting the network and searching for *s. Email viruses are mainly transmitted through email, and most of them are entrained through attachments. After understanding this, it is clearer and easier to prevent this type of virus:
(1) Don’t easily open attachments from strangers’ letters, especially some EXE-like executable files.
(2) For emails sent by friends who are more familiar with them, if the letter contains attachments but does not explain them in the main text, do not open the attachments easily, because their system may be infected with poison.
(3) Do not forward emails blindly. When sending program files or even e-cards to others, you can try it on your computer first, and then send it after confirming that there is no problem, so as not to accidentally become a spreader of the virus.
(4) If you receive an email with the topic "I LOVE YOU" immediately, don’t open the attachment.
(5) Pay attention to anti-virus alerts at any time and update the anti-virus software's virus code base in time. From technical means, you can install anti-virus real-time monitoring programs that monitor email systems to monitor system behavior at any time. For example, use the latest version of anti-virus real-time software to check and kill files in the attachment.