“欢乐时光”病毒检测工具的实现
摘 要
病毒检测是计算机安全领域的重要技术之一,是反病毒技术的核心。利用病毒检测技术便于发现计算机系统是否受到安全威胁,同时也可以及时通告用户做好病毒防范措施。本论文从计算机病毒及其检测的基本理论出发,对经典的欢乐时光脚本病毒的特点进行分析,提出了预防脚本病毒的主要方法,得出了对欢乐时光脚本病毒有效的检测方法,最后用VC++设计实现了一个对该病毒的检测工具,该病毒检测工具采用匹配病毒感染标识的检测方法,在遍历文件的同时对文件进行检测。同时该检测工具也具有清理相关注册表项及限制使用次数等功能。该病毒检测工具能够准确地检测到计算机系统中被欢乐时光脚本病毒所感染的文件并删除病毒脚本。
关键词:计算机安全;欢乐时光脚本病毒;病毒检测;病毒感染标识的匹配;遍历文件夹
The Implementation of HappyTime Virus Detection Software
Abstract
Virus detection is one of the most significant technologies in computer security field as well as the core technology in anti-virus software. With the technology of virus detection, it is useful to discover whether a computer system is safe or not. Simultaneously, it could also inform users to do some preventive measure for virus promptly. Based on the basic concept and theory of computer virus and virus detection, a classical virus, the HappyTime script virus, is well analyzed first. After that, it points out the main methods of script virus prevention. Then the effective method to detect HappyTime script virus is concluded. Finally a virus detection software for HappyTime virus is designed and realized with VC++. The virus detection software is designed to detect a virus by matching the sign string of a virus while traversing the files. The functions of cleaning up relative registry and limiting the times of using are also available in the software. This virus detection software can accurately detect the files infected by the script of HappyTime virus in the computer system and delete the viral script.
Key words: Computer security; HappyTime script virus; Virus detection; Matching the sign string of a virus; Traversing files
功能
欢乐时光脚本病毒具有很强的传播性和破坏性,是脚本病毒的典型代表。欢乐时光脚本病毒被激活后会感染系统内html、htm和asp等文件,将病毒脚本写入文件,创建相关注册表项以配合病毒的感染和传播。
本设计需分析设计并实现一个专门检测欢乐时光脚本病毒的检测工具。主要需实现的功能有:
1.可以检测系统是否被欢乐时光病毒感染,在检测到文件被其感染时能自动弹出提示框进行报警提示;
2.清除被感染文件中的病毒脚本且不能更改正常文件;
3.需提供全盘检测和指定路径检测两种方式;
4.可以清理被病毒修改的相关注册表项;
5.需要有使用次数限制的功能,在每次使用时提示还可以使用的次数。
本软件应能在Windows操作系统下运行,还需有使用方便,界面简洁友好等特性。