Non-dangerous computer viruses can lead to... How viruses become infected via Email Mail virus

1) to crashes and freezes during computer operation (+); 2) to the loss of programs and data; 3) to format the hard drive;

15. Dangerous computer viruses can lead...

1) to crashes and freezes during computer operation; 2) to the loss of programs and data (+); 3) to format the hard drive;

4) to decrease free memory computer.

1. What type of computer viruses are introduced and infect executive files with the extension *.exe, *.com and are activated when they are launched?

1) file viruses; (+)

2) boot viruses;

3) macro viruses;

4) network viruses.

1. What type of computer viruses are introduced and infect files with the extension *.txt, *.doc?

1. file viruses;
2. boot viruses;
3. macro viruses; (+)

1. network viruses.

1. Viruses that are introduced into a document under the guise of macros

1. Viruses that penetrate a computer block the operation of the network

1. Malicious programs that penetrate a computer using computer network services (+)

1. Malicious programs that install other programs secretly from the user.

1. Hardware.

1. Software.

1. Hardware and antivirus programs. (+)

22. Antivirus programs are programs for:

1. Virus detection

1. Virus removal (+)
2. Reproduction of viruses

1. AVP, MS-DOS, MS Word
2. AVG, DrWeb, Norton AntiVirus (+)
3. Norton Commander, MS Word, MS Excel.

25. Which programs are not anti-virus programs?

1. phage programs(+)
2. scanning programs
3. audit programs(+)
4. detector programs

1. Is it possible to update anti-virus databases on a computer that is not connected to the Internet?

1. yes, by calling the service technical support antivirus software company. The specialists of this service will dictate the latest databases that need to be saved on your computer using any text editor

1. yes, this can be done using mobile media by copying anti-virus databases from another computer on which Internet access is configured and the same anti-virus program is installed, or on it you need to manually copy the databases from the website of the anti-virus program manufacturer (+)

27. Basic measures to protect information from damage by viruses:

1) check disks for viruses

2) create archival copies of valuable information

3) do not use pirated collections software(+)

4) transfer files only over the network.

The most effective means of protecting against network attacks

1. using antivirus programs

1. use of firewalls or firewalls

1. visiting only “reliable” Internet sites (+)

4) use only certified browser programs when accessing the Internet. (+)

The main function of a firewall

1. remote user management
2. filtering of incoming and outgoing traffic (+)

1. scan disks for viruses
2. program for viewing files.

Articles to read:

10 DANGEROUS COMPUTER VIRUSES

215.File viruses infect:

graphic files

files table processor

text documents

Executable files

service areas on disk

216.Macroviruses infect

Utility disk areas

Programs that have a macro language

executable files

boot files

graphic documents

217.Bomb viruses are characterized by the fact that

affects executable files

not detected by OS tools

Do not have a breeding phase

do not have a permanent code

affects boot files

218 Stealth viruses are programs that...

attack text files

destroy service areas on the disk

bothered by unexpected messages

Cannot be seen using OS tools

affects executable files

219 Destructive viruses destroy

executable files

Service areas on the hard drive

text files

Spreadsheet Files

graphic files

220 Programs called Trojan horses refer to

file viruses

Malicious codes

macroviruses

harmless programs

221.Virus is

a program that affects only system files

A program capable of performing unauthorized actions on a computer

program that destroys only boot files

program that bothers you with unexpected messages

file hiding program

223 May be infected by computer viruses

all answers are correct

Programs and documents

video files

sound files

graphic files

concept of physical structure hard drive Excluded

224 A virus may appear on your computer

when solving a mathematical problem

when connecting a modem to a computer

spontaneously

when archiving data

Moved from floppy disk

225 You may become infected with computer viruses

all answers are correct

Programs and documents

sound files

graphic files

video files

226 Computer viruses are...

Special program small in size which can attribute itself to other programs, it has the ability to “multiply”

disk check and treatment program

disk defragmenter program

any program created in low level languages

scanning program from a poorly formatted floppy disk

227 Programs called “Trojan horses” refer to:

harmless programs

file viruses

Malicious codes

macroviruses

228. A computer can become infected with a virus when:

Working with an “infected program”

formatting a floppy disk

running an antivirus program

computer testing

restarting the computer

229 Specify a non-existent virus type

Installation viruses

boot viruses

macroviruses

viruses are satellites

file viruses.

230 Viruses that infect files with the extension com. exe

file viruses

installation viruses

Boot viruses

macroviruses

DIR viruses

231 The auditor program detects viruses...

will periodically check all files on the disk

controls important functions computer and possible ways of infection

tracks changes boot sectors disks

When opening a file, it calculates checksums and compares them with data stored in the database

by date of virus infection

232 Specify a non-existent type of anti-virus program

Eliminator programs

auditor programs

filter programs

detector programs

doctor auditors

233 Boot viruses

Affects system areas of hard and floppy disks.

always changes the code of the infected file;

affects files;

always changes the beginning of the file;

changes the beginning and length of the file.

234 Purpose of anti-virus programs called detectors

detection and destruction of viruses;

control possible ways distribution of computer viruses;

Detection of computer viruses;

“cure” infected files;

destruction of infected files.

235 Specify programs that are not anti-virus

Scanning programs

detector programs

phage programs

auditor programs

all answers are correct

236 Infection with the “mail” virus occurs ...

When connecting to a web server infected with an email virus

When opening an infected file sent with an e-mail

When working on the Internet

When connected to mail server

When you receive an infected file with a letter sent by e-mail

Special variety network viruses. To spread, email viruses use the capabilities of email protocols. They send their body via email as an attached file. When a user opens such a file, the virus is activated and performs its intended functions. Due to various bugs present in client mail programs(especially Microsoft Outlook), the attachment file can be launched automatically when you open the letter itself, for example, the “I Love You” virus. For distribution, the virus can use a list of addresses stored in address book mail client.

For camouflage purposes, virus distributors often take advantage of the fact that by default Explorer Microsoft Windows does not display extensions of registered files. As a result, a file attached to the letter with a name, for example, FreeCreditCard.txt.exe, will be shown to the user as FreeCreditCard.txt. And if the user does not control the external attributes of the file and tries to open it, then malware will be launched. Another commonly used trick is to include 70 - 100 or more spaces in the file name between the name and the true resolution. The file name becomes:

« Readme.txt.exe",

Moreover, Microsoft Windows Explorer, due to a flaw in the developers, shows only “ Readme.txt". As a result, the user can try to open the file without any suspicion, and thereby launch a malicious program.

Additionally, email messages often arrive in the form HTML documents, which may include references to ActiveX controls, Java applets, and other active components. When you receive a message in HTML format mail client shows its contents in its window. If a message contains malicious active components, they immediately launch and do their dirty work. Most often, Trojan horses and network worms are distributed in this way.

Macro – viruses.

Macro viruses (or script viruses) use the capabilities of macro languages ​​built into various OS and information processing facilities ( text editors, spreadsheets, financial systems and so on.). Today, similar viruses for applications in the MSOffice package are widely known, and cases of macro viruses appearing for the 1C package are also known. Viruses for Windows OS written in VISUAL BASIC can also be considered a type of macro-virus.

A distinctive feature of macro viruses is the following:

The body of the virus is a text file containing macro language commands and data;

A macro virus can only be activated in an environment where the interpreter of a given macro language operates;

The body of a macro virus is usually placed inside a document file intended for processing in a software package that includes a corresponding macro language interpreter;

When a program is infected, the body of the virus is usually saved in the program along with user settings (for example, the normal.dot template of the MSWord editor), or with additional loadable modules.

Macro viruses launched from an infected document seize control when the infected file is opened, intercept some file functions, and then infect the files being accessed. Macro viruses can “live” not only on separate computers, but also interact with the network if such functions are implemented in the environment in which the infected document is processed.

The “living environment” of macro-viruses also has external signs of infection. For example, one of the symptoms of MSWord infection is that it is not possible to save files using the “Save As...” command. Or, if you cannot enter the “Macro” item in the “Service” menu, this is also a sign of infection.

Since macro viruses for MSWord were the most popular, we will dwell on them in more detail.

First, you need to remember that the entire MS Office software package consists of macros. Any action performed on a document is performed using a macro. For example: printing a document – ​​“ FilePrint", saving the file - " FileSave", saving a document in another file - " FileSaveAs».

For automatic start macro from the template for a particular event, the macro must have one of the following names:

- AutoExec – Runs when MSWord starts or the global template is loaded

- AutoNew – Triggered when a new document is created

- AutoOpen – Runs when opening a document

- AutoClose – Runs when the document is closed

- AutoExit – Fires when you exit Word or close a global template.

In principle, the execution of such macros can be canceled by pressing the key Shift when performing the steps described above.

In addition, the creators Microsoft Office made the task of attackers easier by introducing the ability to replace MSWord commands with user macros. So, if a loaded document has a macro with a name like " FileOpen", then it will be executed every time another document is opened. That is, a macro virus with the appropriate name will be launched instead of the corresponding built-in editor macro.

When infecting MSWord, macro viruses save their body in a template Normal.dot, but there may also be other templates that are loaded when the editor is launched and contain macro viruses. To do this, the editor uses the setting parameter "Startup" user accessible from the menu: Service/Options/Location.

In principle, MSWord itself is able to control the process of loading macros when opening a document. To do this, you need to set the security level in the menu: Service\Macro\Security. The MSWord security level is controlled by a registry key, for example: MSWord 2000 is controlled by the key: HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security, for later versions of the editor “9.0” must be replaced with “10.0”, “11.0”, etc. Key values, respectively: 1, 2, 3 and more. 1 is the lowest security level, allowing you to run any macro without notifying the user. Any macro executed under Win 9x, or under Win 2000, Win XP, Win Vista OS under a user with administrator rights, can change the key value to 1 , and the user will then be unable to track subsequent downloads of macro viruses.

Call the admin exorcist, guys! The chief accountant caught a powerful virus, everything is gone! A frequent, frequent situation based on human factors, recent virus trends and the determination of hackers. Indeed, why dig into someone else’s software yourself if you can rely on the company’s employees to do it.

Yes, the products of large public and private companies are constantly hacked, although hundreds of experienced people work on their creation and support.

And an ordinary person has nothing to oppose to hackers. At the same time, no one needs one lonely account; the goal of hackers is to obtain a large database of potential victims and process it with chain letters, spam or viruses. And we ourselves distribute all personal and public information left and right.

Latest Viral Trends

The distinctive feature of all new viruses and hacking techniques is that they interact with a person, and not with a system. That is, the victim herself starts the process. This is called “social engineering” - a method of illegal access to information based on the characteristics of human psychology. And if earlier attackers had to turn into real detectives, tracking down their targets, communicating, sometimes even getting a job in the hacked company, now we can say thank you social networks. They significantly simplified and sped up the process of collecting information.

By browsing VK, Twitter, FB and Instagram of your target, you can get an exact profile of the person with his phone number, email, names of parents, friends and other details. And it’s all free and voluntary - use it, dear!

And if fraudsters gain access to the corporate mail of one of your employees, spam mailing threatens not only everyone within the company, but also your clients. In another case, hackers will disable an employee’s computer for a long time by sending some kind of “report” by email.

Hackers are planning attacks on those who work with valuable information - secretaries, managers, accountants, HR officers.

Because restoring documents, systems, websites, or obtaining passwords will cost you a pretty penny, we need to understand what we are dealing with. To prevent all these “social engineers” from profiting from you, let’s look at one of the latest viral schemes.

"Cryptographers"

The ransomware virus spreads through email under the guise of serious documents: subpoenas, invoices, requests from the tax office. And in order not to install it for yourself, you need to keep your eyes open. Our technical specialists We specifically analyzed one such virus so that we could show what you need to pay attention to:

Let's follow the hands of these magicians:

• Threatening headline. "Notice to Appear in Court" means "Subpoena". The guys are trying to intimidate and force the user to open the letter.
• Sender's address – [email protected]. It clearly shows that this is not an official letter, but a spammer/hacker.
• Letter archive. There is a file there that should immediately alert you (the file name includes .doc, but the extension is js - the virus disguises itself as a Word document)

Attention! If your computer is infected with ransomware, there is a 95% chance that your information will be lost forever. After downloading and launching a malicious file, a call is made to remote server, from which the virus code is downloaded. All data on the computer is encrypted with a random sequence of characters.

To “decode” the files you will need a key that only the hacker has. The scammer promises to decrypt the information back for a certain amount, but it is far from certain that this will happen. What for? It is much easier to leave a person without money and without data: contracts, acts, orders, any valuable and sensitive information. So do it backups especially important documentation, you will sleep more peacefully. In this situation, this is your only 100% protection against viruses.

Pay attention to the features described above, and you will be able to prevent dangerous cases of blocking computers and deleting important information. In any case, eliminating the consequences of critical vulnerabilities will be much more expensive than taking precautions.

Therefore, here are 6 more tips for detecting viruses and preventing infection:

1. Update your operating system and programs regularly. You can turn off important updates that are installed automatically by default. But it’s not worth it, since new versions often close discovered holes in software security.

2. Install an antivirus and regularly update the virus database. Every day 100 thousand new viruses appear!

3. Enable the display of file extensions: Control Panel\Folder Options\View\Advanced Options, uncheck the "Hide extensions for known file types" option and click OK. This way you will always see the real file extension. Most often, disguised viruses look like this: filename.doc.js and filename.pdf.exe. The real file extensions are js and exe, and everything before them is part of the file name.

4. Back up important files– working documents and photographs. Periodicity Reserve copy you need to choose depending on the frequency of file changes. For backup storage, you can use a cloud service if it allows you to return to old versions of files and set up manual synchronization. Then, if your computer is infected, the virus will not get into the cloud. We also recommend that you keep a copy of your important data in an archive. Most viruses cannot penetrate the archive, and all archived information is restored after the computer is disinfected.

5. Improve the professional competence of your specialists! As we have already said, hackers tailor their attacks to our psychology and are constantly improving their techniques. Don't assume that anyone other than your company and team will click/upload/enter your details. Anyone can get caught, the only task is to select the right hook for the person. Therefore, train your employees, at least individually, at least as a team, at least in a playful way, at least in some way!

6. Carefully monitor letters in the mail, messages in corporate instant messengers and any other incoming information. Check sender email addresses, attachments, and contents of emails. Most viruses must be launched manually before they can harm your computer.

We really hope that you are reading this article for preliminary information, and not because everything is already bad. We wish you never to encounter total uncontrolled spam, missing documentation for six months and other pleasant consequences of caught viruses. Follow the six steps above, keep your eyes open, and keep your information confidential!