Non-dangerous computer viruses can lead to... How viruses become infected via Email Mail virus
1) to crashes and freezes during computer operation (+); 2) to the loss of programs and data; 3) to format the hard drive;
15. Dangerous computer viruses can lead...
1) to crashes and freezes during computer operation; 2) to the loss of programs and data (+); 3) to format the hard drive;
4) to decrease free memory computer.
- What type of computer viruses are introduced and infect executive files with the extension *.exe, *.com and are activated when they are launched?
1) file viruses; (+)
2) boot viruses;
3) macro viruses;
4) network viruses.
- What type of computer viruses are introduced and infect files with the extension *.txt, *.doc?
- file viruses;
- boot viruses;
- macro viruses; (+)
- network viruses.
- Viruses that are introduced into a document under the guise of macros
- Viruses that penetrate a computer block the operation of the network
- Malicious programs that penetrate a computer using computer network services (+)
- Malicious programs that install other programs secretly from the user.
- Hardware.
- Software.
- Hardware and antivirus programs. (+)
22. Antivirus programs are programs for:
- Virus detection
- Virus removal (+)
- Reproduction of viruses
- AVP, MS-DOS, MS Word
- AVG, DrWeb, Norton AntiVirus (+)
- Norton Commander, MS Word, MS Excel.
25. Which programs are not anti-virus programs?
- phage programs(+)
- scanning programs
- audit programs(+)
- detector programs
- Is it possible to update anti-virus databases on a computer that is not connected to the Internet?
- yes, by calling the service technical support antivirus software company. The specialists of this service will dictate the latest databases that need to be saved on your computer using any text editor
- yes, this can be done using mobile media by copying anti-virus databases from another computer on which Internet access is configured and the same anti-virus program is installed, or on it you need to manually copy the databases from the website of the anti-virus program manufacturer (+)
27. Basic measures to protect information from damage by viruses:
1) check disks for viruses
2) create archival copies of valuable information
3) do not use pirated collections software(+)
4) transfer files only over the network.
The most effective means of protecting against network attacks
- using antivirus programs
- use of firewalls or firewalls
- visiting only “reliable” Internet sites (+)
4) use only certified browser programs when accessing the Internet. (+)
The main function of a firewall
- remote user management
- filtering of incoming and outgoing traffic (+)
- scan disks for viruses
- program for viewing files.
Articles to read:
10 DANGEROUS COMPUTER VIRUSES
215.File viruses infect:
files table processor
Executable files
service areas on disk
216.Macroviruses infect
Utility disk areas
Programs that have a macro language
executable files
graphic documents
217.Bomb viruses are characterized by the fact that
affects executable files
not detected by OS tools
Do not have a breeding phase
do not have a permanent code
affects boot files
218 Stealth viruses are programs that...
attack text files
destroy service areas on the disk
bothered by unexpected messages
Cannot be seen using OS tools
affects executable files
219 Destructive viruses destroy
executable files
Service areas on the hard drive
text files
Spreadsheet Files
graphic files
220 Programs called Trojan horses refer to
file viruses
macroviruses
harmless programs
221.Virus is
a program that affects only system files
A program capable of performing unauthorized actions on a computer
program that destroys only boot files
program that bothers you with unexpected messages
file hiding program
223 May be infected by computer viruses
all answers are correct
Programs and documents
video files
graphic files
concept of physical structure hard drive Excluded
224 A virus may appear on your computer
when solving a mathematical problem
when connecting a modem to a computer
spontaneously
when archiving data
Moved from floppy disk
225 You may become infected with computer viruses
all answers are correct
Programs and documents
sound files
graphic files
video files
226 Computer viruses are...
Special program small in size which can attribute itself to other programs, it has the ability to “multiply”
disk check and treatment program
disk defragmenter program
any program created in low level languages
scanning program from a poorly formatted floppy disk
227 Programs called “Trojan horses” refer to:
harmless programs
file viruses
Malicious codes
macroviruses
228. A computer can become infected with a virus when:
Working with an “infected program”
formatting a floppy disk
running an antivirus program
computer testing
restarting the computer
229 Specify a non-existent virus type
Installation viruses
boot viruses
macroviruses
viruses are satellites
file viruses.
230 Viruses that infect files with the extension com. exe
file viruses
installation viruses
Boot viruses
macroviruses
DIR viruses
231 The auditor program detects viruses...
will periodically check all files on the disk
controls important functions computer and possible ways of infection
tracks changes boot sectors disks
When opening a file, it calculates checksums and compares them with data stored in the database
by date of virus infection
232 Specify a non-existent type of anti-virus program
Eliminator programs
auditor programs
filter programs
detector programs
doctor auditors
233 Boot viruses
Affects system areas of hard and floppy disks.
always changes the code of the infected file;
affects files;
always changes the beginning of the file;
changes the beginning and length of the file.
234 Purpose of anti-virus programs called detectors
detection and destruction of viruses;
control possible ways distribution of computer viruses;
Detection of computer viruses;
“cure” infected files;
destruction of infected files.
235 Specify programs that are not anti-virus
Scanning programs
detector programs
phage programs
auditor programs
all answers are correct
236 Infection with the “mail” virus occurs ...
When connecting to a web server infected with an email virus
When opening an infected file sent with an e-mail
When working on the Internet
When connected to mail server
When you receive an infected file with a letter sent by e-mail
Special variety network viruses. To spread, email viruses use the capabilities of email protocols. They send their body via email as an attached file. When a user opens such a file, the virus is activated and performs its intended functions. Due to various bugs present in client mail programs(especially Microsoft Outlook), the attachment file can be launched automatically when you open the letter itself, for example, the “I Love You” virus. For distribution, the virus can use a list of addresses stored in address book mail client.
For camouflage purposes, virus distributors often take advantage of the fact that by default Explorer Microsoft Windows does not display extensions of registered files. As a result, a file attached to the letter with a name, for example, FreeCreditCard.txt.exe, will be shown to the user as FreeCreditCard.txt. And if the user does not control the external attributes of the file and tries to open it, then malware will be launched. Another commonly used trick is to include 70 - 100 or more spaces in the file name between the name and the true resolution. The file name becomes:
« Readme.txt.exe",
Moreover, Microsoft Windows Explorer, due to a flaw in the developers, shows only “ Readme.txt". As a result, the user can try to open the file without any suspicion, and thereby launch a malicious program.
Additionally, email messages often arrive in the form HTML documents, which may include references to ActiveX controls, Java applets, and other active components. When you receive a message in HTML format mail client shows its contents in its window. If a message contains malicious active components, they immediately launch and do their dirty work. Most often, Trojan horses and network worms are distributed in this way.
Macro – viruses.
Macro viruses (or script viruses) use the capabilities of macro languages built into various OS and information processing facilities ( text editors, spreadsheets, financial systems and so on.). Today, similar viruses for applications in the MSOffice package are widely known, and cases of macro viruses appearing for the 1C package are also known. Viruses for Windows OS written in VISUAL BASIC can also be considered a type of macro-virus.
A distinctive feature of macro viruses is the following:
The body of the virus is a text file containing macro language commands and data;
A macro virus can only be activated in an environment where the interpreter of a given macro language operates;
The body of a macro virus is usually placed inside a document file intended for processing in a software package that includes a corresponding macro language interpreter;
When a program is infected, the body of the virus is usually saved in the program along with user settings (for example, the normal.dot template of the MSWord editor), or with additional loadable modules.
Macro viruses launched from an infected document seize control when the infected file is opened, intercept some file functions, and then infect the files being accessed. Macro viruses can “live” not only on separate computers, but also interact with the network if such functions are implemented in the environment in which the infected document is processed.
The “living environment” of macro-viruses also has external signs of infection. For example, one of the symptoms of MSWord infection is that it is not possible to save files using the “Save As...” command. Or, if you cannot enter the “Macro” item in the “Service” menu, this is also a sign of infection.
Since macro viruses for MSWord were the most popular, we will dwell on them in more detail.
First, you need to remember that the entire MS Office software package consists of macros. Any action performed on a document is performed using a macro. For example: printing a document – “ FilePrint", saving the file - " FileSave", saving a document in another file - " FileSaveAs».
For automatic start macro from the template for a particular event, the macro must have one of the following names:
- AutoExec – Runs when MSWord starts or the global template is loaded
- AutoNew – Triggered when a new document is created
- AutoOpen – Runs when opening a document
- AutoClose – Runs when the document is closed
- AutoExit – Fires when you exit Word or close a global template.
In principle, the execution of such macros can be canceled by pressing the key Shift when performing the steps described above.
In addition, the creators Microsoft Office made the task of attackers easier by introducing the ability to replace MSWord commands with user macros. So, if a loaded document has a macro with a name like " FileOpen", then it will be executed every time another document is opened. That is, a macro virus with the appropriate name will be launched instead of the corresponding built-in editor macro.
When infecting MSWord, macro viruses save their body in a template Normal.dot, but there may also be other templates that are loaded when the editor is launched and contain macro viruses. To do this, the editor uses the setting parameter "Startup" user accessible from the menu: Service/Options/Location.
In principle, MSWord itself is able to control the process of loading macros when opening a document. To do this, you need to set the security level in the menu: Service\Macro\Security. The MSWord security level is controlled by a registry key, for example: MSWord 2000 is controlled by the key: HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security, for later versions of the editor “9.0” must be replaced with “10.0”, “11.0”, etc. Key values, respectively: 1, 2, 3 and more. 1 is the lowest security level, allowing you to run any macro without notifying the user. Any macro executed under Win 9x, or under Win 2000, Win XP, Win Vista OS under a user with administrator rights, can change the key value to 1 , and the user will then be unable to track subsequent downloads of macro viruses.
Call the admin exorcist, guys! The chief accountant caught a powerful virus, everything is gone! A frequent, frequent situation based on human factors, recent virus trends and the determination of hackers. Indeed, why dig into someone else’s software yourself if you can rely on the company’s employees to do it.
Yes, the products of large public and private companies are constantly hacked, although hundreds of experienced people work on their creation and support.
And an ordinary person has nothing to oppose to hackers. At the same time, no one needs one lonely account; the goal of hackers is to obtain a large database of potential victims and process it with chain letters, spam or viruses. And we ourselves distribute all personal and public information left and right.
Latest Viral Trends
The distinctive feature of all new viruses and hacking techniques is that they interact with a person, and not with a system. That is, the victim herself starts the process. This is called “social engineering” - a method of illegal access to information based on the characteristics of human psychology. And if earlier attackers had to turn into real detectives, tracking down their targets, communicating, sometimes even getting a job in the hacked company, now we can say thank you social networks. They significantly simplified and sped up the process of collecting information.
By browsing VK, Twitter, FB and Instagram of your target, you can get an exact profile of the person with his phone number, email, names of parents, friends and other details. And it’s all free and voluntary - use it, dear!
And if fraudsters gain access to the corporate mail of one of your employees, spam mailing threatens not only everyone within the company, but also your clients. In another case, hackers will disable an employee’s computer for a long time by sending some kind of “report” by email.
Hackers are planning attacks on those who work with valuable information - secretaries, managers, accountants, HR officers.
Because restoring documents, systems, websites, or obtaining passwords will cost you a pretty penny, we need to understand what we are dealing with. To prevent all these “social engineers” from profiting from you, let’s look at one of the latest viral schemes.
"Cryptographers"
The ransomware virus spreads through email under the guise of serious documents: subpoenas, invoices, requests from the tax office. And in order not to install it for yourself, you need to keep your eyes open. Our technical specialists We specifically analyzed one such virus so that we could show what you need to pay attention to:
Let's follow the hands of these magicians:
- Threatening headline. "Notice to Appear in Court" means "Subpoena". The guys are trying to intimidate and force the user to open the letter.
- Sender's address – [email protected]. It clearly shows that this is not an official letter, but a spammer/hacker.
- Letter archive. There is a file there that should immediately alert you (the file name includes .doc, but the extension is js - the virus disguises itself as a Word document)
Attention! If your computer is infected with ransomware, there is a 95% chance that your information will be lost forever. After downloading and launching a malicious file, a call is made to remote server, from which the virus code is downloaded. All data on the computer is encrypted with a random sequence of characters.
To “decode” the files you will need a key that only the hacker has. The scammer promises to decrypt the information back for a certain amount, but it is far from certain that this will happen. What for? It is much easier to leave a person without money and without data: contracts, acts, orders, any valuable and sensitive information. So do it backups especially important documentation, you will sleep more peacefully. In this situation, this is your only 100% protection against viruses.
Pay attention to the features described above, and you will be able to prevent dangerous cases of blocking computers and deleting important information. In any case, eliminating the consequences of critical vulnerabilities will be much more expensive than taking precautions.
Therefore, here are 6 more tips for detecting viruses and preventing infection:
1. Update your operating system and programs regularly. You can turn off important updates that are installed automatically by default. But it’s not worth it, since new versions often close discovered holes in software security.
2. Install an antivirus and regularly update the virus database. Every day 100 thousand new viruses appear!
3. Enable the display of file extensions: Control Panel\Folder Options\View\Advanced Options, uncheck the "Hide extensions for known file types" option and click OK. This way you will always see the real file extension. Most often, disguised viruses look like this: filename.doc.js and filename.pdf.exe. The real file extensions are js and exe, and everything before them is part of the file name.
4. Back up important files– working documents and photographs. Periodicity Reserve copy you need to choose depending on the frequency of file changes. For backup storage, you can use a cloud service if it allows you to return to old versions of files and set up manual synchronization. Then, if your computer is infected, the virus will not get into the cloud. We also recommend that you keep a copy of your important data in an archive. Most viruses cannot penetrate the archive, and all archived information is restored after the computer is disinfected.
5. Improve the professional competence of your specialists! As we have already said, hackers tailor their attacks to our psychology and are constantly improving their techniques. Don't assume that anyone other than your company and team will click/upload/enter your details. Anyone can get caught, the only task is to select the right hook for the person. Therefore, train your employees, at least individually, at least as a team, at least in a playful way, at least in some way!
6. Carefully monitor letters in the mail, messages in corporate instant messengers and any other incoming information. Check sender email addresses, attachments, and contents of emails. Most viruses must be launched manually before they can harm your computer.
We really hope that you are reading this article for preliminary information, and not because everything is already bad. We wish you never to encounter total uncontrolled spam, missing documentation for six months and other pleasant consequences of caught viruses. Follow the six steps above, keep your eyes open, and keep your information confidential!