215. File viruses infect:

graphic files

spreadsheet files

text documents

Executable files

service areas on disk

216. Macroviruses infect

Service areas of the disk

Programs that have a macro language

executable files

boot files

graphic documents

217. Bomb viruses are characterized by the fact that

infect executable files

not detected by OS tools

Do not have a breeding phase

do not have a permanent code

infect boot files

218 Stealth viruses are programs that…

infect text files

destroy service areas on the disk

disturbed by unexpected messages

Cannot be seen by means of the OS

infect executable files

219 Destructive viruses destroy

executable files

Service areas on the hard disk

text files

Spreadsheet files

graphic files

220 Programs dubbed Trojan horses are

file viruses

Malicious codes

macro viruses

harmless programs

221 .Virus is

program that affects only system files

A program capable of performing unauthorized actions on a computer

program that destroys only boot files

program that disturbs unexpected messages

file hiding program

223 Computer viruses may affect

all answers are correct

Programs and documents

video files

sound files

graphic files

concept of physical structure hard drive Excluded

224 A virus in the computer may appear

when solving a mathematical problem

when connecting a modem to a computer

spontaneously

when archiving data

Will move from floppy disk

225 Infection with computer viruses can turn up

all answers are correct

Programs and documents

sound files

graphic files

video files

226 Computer viruses are…

Special Program small size that can attribute itself to other programs, it has the ability to "multiply"

disc check and repair program

disk defragmentation software

any program written in low-level languages

scanning software from a badly formatted floppy disk

227 Programs dubbed "Trojan horses" refer to:

harmless programs

file viruses

Malicious codes

macro viruses

228. A computer can become infected with a virus when:

Working with an "infected program"

formatting a floppy disk

launching an antivirus program

computer testing

restarting the computer

229 Specify non-existent type of virus

Installation viruses

boot viruses

macro viruses

viruses are companions

file viruses.

230 Viruses that infect files with the .com extension. exe

file viruses

installation viruses

Boot viruses

macro viruses

DIR viruses

231 Auditor program detects viruses...

periodically check all the files on the disk

controls important computer functions and ways of possible infection

tracks changes boot sectors disks

When opening a file, it calculates the checksums and compares them with the data stored in the database

by virus infection date

232 Specify a non-existent type of anti-virus software

Program screeners

program auditors

programs filters

programs detectors

doctor auditors

233 Boot viruses

Affects system areas of hard and floppy drives.

always changes the code of the infected file;

infects files;

always changes the beginning of the file;

changes the beginning and length of the file.

234 Purpose of anti-virus programs called detectors

detection and destruction of viruses;

control of possible ways of distribution of computer viruses;

Detection of computer viruses;

“cure” infected files;

destruction of infected files.

235 Specify programs that are not anti-virus

Scanning programs

programs detectors

Phage programs

program auditors

all answers are correct

236 Infection with the "mail" virus occurs ...

When connecting to a web server infected with a "mail" virus

When opening an infected file sent with an e-mail

When using the Internet

When connected to mail server

When you receive an infected file with a letter sent by e-mail

Call the exorcist admin guys! The chief accountant caught a powerful virus, everything is gone! A frequent, frequent situation based on the human factor, fresh virus trends and the hackers' determination. And really, why dig into someone else's software yourself, if you can rely on the company's employees in this.

Yes, the products of large public and private companies are constantly being hacked, although hundreds of experienced people are working on their creation and support.

And even more so, an ordinary person has nothing to oppose to hackers. At the same time, no one needs one lonely account, the goal of hackers is to get a large base of potential victims and process it with chain letters, spam or viruses. And we ourselves distribute all personal-public information right and left.

Latest Viral Trends

A distinctive feature of all recent viruses and hacking techniques is that they interact with a person, not with a system. That is, the victim herself starts the process. It is called " social engineering"- a method of illegal access to information, based on the characteristics of human psychology. And if earlier attackers had to turn into real detectives, tracking down their targets, communicating, sometimes even getting a job in a hacked company, now we can say thank you social networks. They greatly simplified and accelerated the process of collecting information.

By going through the VK, Twitter, FB and Instagram of your target, you can get the exact profile of a person with his phone number, mail, names of parents, friends and other details. And it's all free and voluntary - use it, dear!

What if scammers gain access to corporate mail one of your employees, spamming threatens not only everyone within the company, but also your customers. In another case, hackers will disable the employee's computer for a long time by sending some kind of "report" to the mail.

Hackers are planning attacks on those who work with valuable information - secretaries, managers, accountants, HRs.

Since restoring documents, systems, websites or getting passwords will cost you a pretty penny we need to understand what we are dealing with. So that all these "social engineers" cannot cash in on you, let's analyze one of the latest viral schemes.

"Cryptists"

The ransomware virus spreads via e-mail under the guise of serious documents: subpoenas, invoices, tax requests. And in order not to install it yourself, you need to look both ways. Our technicians specifically analyzed one such virus so we can show you what to look out for:

We follow the hands of these magicians:

• Threatening title. "Notice to Appear in Court" means "Summon to Court". The guys are trying to intimidate and force the user to open the letter.
• Sender's address - [email protected] It clearly shows that this is not an official letter, but a spammer / hacker.
• Letter archive. There is a file there that should immediately alert you (the file name includes .doc, but the js extension - the virus disguises itself as a Word document)

Attention! If the computer was infected with ransomware, then with a probability of 95% the information will be lost forever. After downloading and launching a malicious file, a request is made to remote server from which the virus code is downloaded. All data on the computer is encrypted with a random sequence of characters.

To "decode" the files, you will need a key that only a hacker has. The fraudster promises to decrypt the information back for a certain amount, but it is far from certain that this will happen. What for? It is much easier to leave a person without money and without data: contracts, acts, orders, any valuable and sensitive information. So what do you do backups especially important documentation, you will sleep better. In this situation, this is your only 100% protection against viruses.

Pay attention to the above features, and you will be able to prevent dangerous cases of blocking computers and deleting important information. In any case, fixing the consequences of critical vulnerabilities will be much more expensive than taking precautions.

So here are 6 more tips for detecting viruses and preventing infection:

1. Update your operating system and programs regularly. Important updates that are automatically installed by default can be disabled. But don't, because new versions often close discovered holes in software security.

2. Install an antivirus and update the virus database regularly. Every day there are 100 thousand new viruses!

3. Enable the display of file extensions: Control Panel\Folder Options\View\Advanced Options, uncheck the option "Hide extensions for known file types" and click OK. This way you will always see the real file extension. Most often, masked viruses look like this: filename.doc.js and filename.pdf.exe. The real file extensions are js and exe, and everything before them is part of the filename.

4. Back up your important files - work documents and photos. Periodicity Reserve copy you need to choose depending on the frequency of file changes. For backup storage, you can use a cloud service if it allows you to return to older versions of files and set up manual synchronization. Then, in the event of a computer infection, the virus will not get into the cloud. We also recommend that you keep a copy of your important data in an archive. Most viruses cannot penetrate the archive, and all archived information is restored after the computer is disinfected.

5. Raise the professional literacy of your specialists! As we have already said, hackers tailor their attacks to our psychology, and constantly improve their techniques. Don't expect anyone other than your company and team to click/upload/enter your data. Anyone can get caught, the task is only to select the right hook for a person. Therefore, train your employees, at least individually, at least as a team, at least in a playful way, at least somehow!

6. Keep a close eye on letters in the mail, messages in corporate messengers and any other incoming information. Check senders' email addresses, attachments, and email content. Most viruses need to be run manually before they can harm your computer.

We really hope that you are reading this article for a preview, and not because everything is already bad. We wish you never to meet with total uncontrolled spam, missing documentation for six months and other pleasant consequences of caught viruses. Follow the six steps above, keep your eyes open and keep your information private!

A special kind of network viruses. Mail viruses use the capabilities of protocols to propagate. Email. They send their body by e-mail as an attached file. When a user opens such a file, the virus is activated and performs its functions. Due to various bugs present in the client email programs(especially Microsoft Outlook), the attachment file can start automatically when you open the letter itself, for example, the “I Love You” virus. For distribution, the virus can use the list of addresses stored in the address book of the mail client.

To disguise themselves, virus distributors often take advantage of the fact that the default File Explorer Microsoft Windows does not display registered file extensions. As a result, the file attached to the letter with the name, for example, FreeCreditCard.txt.exe, will be shown to the user as FreeCreditCard.txt. And if the user does not control the external attributes of the file and tries to open it, then the malicious program will be launched. Another widely used move is to include 70-100 or more spaces between the name and the true resolution in the filename. The file name becomes:

« readme.txt.exe",

moreover, Explorer Microsoft Windows Explorer, due to developers' flaws, shows only " readme.txt". As a result, the user, without any suspicion, can try to open the file, and thereby launch the malicious program.

In addition, email messages often come in the form HTML documents, which may include links to ActiveX controls, Java applets, and more active ingredients. When receiving an HTML message mail client shows its contents in its own window. If the message contains malicious active components, they are immediately launched and do their dirty work. Most often, Trojans and network worms are distributed in this way.

Macro - viruses.

Macro viruses (or script viruses) use the capabilities of macro languages ​​built into various Operating Systems and information processing tools text editors, spreadsheets, financial systems, etc.). Today, such viruses are widely known for applications of the MSOffice package, as well as cases of the appearance of macro-viruses for the 1C package. Viruses for Windows OS written in VISUAL BASIC can also be considered a type of macro viruses.

Distinctive feature macro-viruses is the following:

The body of the virus is text file A that contains macro language commands and data;

Macro-virus can be activated only in the environment where the interpreter of the given macro-language functions;

The body of a macro virus, as a rule, is placed inside a document file intended for processing in a software package that includes an appropriate macro language interpreter;

The body of a virus, when a program is infected, is usually saved in the program along with the user's settings (for example, the normal.dot template of the MSWord editor), or with additional loadable modules.

Macro-viruses launched from an infected document take control when an infected file is opened, intercept some file functions, and then infect files that are accessed. Macro viruses are able to "live" not only on individual computers, but also interact with the network if such functions are implemented in the environment in which the infected document is processed.

The environment of "life" of macro-viruses also has external signs of infection. For example, one of the symptoms of MSWord infection is that it is not possible to save files using the "Save As..." command. Or, if you cannot enter the “Macro” item in the “Tools” menu, this is also a sign of infection.

Since macro viruses under MSWord were the most popular, we will dwell on them in more detail.

First, you need to remember that the entire MS Office package consists of macros. Any action performed on a document is performed using a macro. For example: printing a document - " FilePrint", saving the file - " FileSave", saving the document in another file - " FileSaveAs».

To automatically run a macro from a template on a particular event, the macro must have one of the following names:

- autoexec – Runs when MSWord is started or a global template is loaded

- autonew – Runs when a new document is created

- auto open - Runs when a document is opened

- auto close - Runs when the document is closed

- autoexit – Runs when Word exits or when the global template is closed.

In principle, the execution of such macros can be canceled by pressing the key Shift when performing the steps above.

In addition, the creators of Microsoft Office made it easier for attackers by introducing the ability to replace MSWord commands with user macros. Thus, if the loaded document has a macro named, for example, " File Open”, then it will be executed every time another document is opened. That is, a macro virus with the corresponding name will run instead of the corresponding built-in editor macro.

When infecting MSWord, macro viruses save their body in a template Normal.dot, but there may also be other templates that are loaded when the editor starts and contain macro viruses. To do this, the editor uses the settings option "Autoloaded" available to the user from the menu: Service/ Options/ Location.

In principle, MSWord itself is able to control the process of loading macros when opening a document. To do this, you need to set the security level in the menu: Service\Macro\Security. The security level of MSWord is controlled by the registry key, for example: MSWord 2000, controlled by the key: HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security, for more later versions editor "9.0" must be replaced with "10.0", "11.0", etc. Key values, respectively: 1, 2, 3 and more. 1 is the lowest security level, allowing any macro to run without notifying the user. Any macro executed under Win 9x, or under Win 2000, Win XP, Win Vista under a user with administrator rights, can change the value of the key to 1 , and the user will then be unable to track subsequent macro virus downloads.

First of all, we need to make a small digression about what is considered a virus. Now any program or file that an antivirus swears at is usually called a virus, although in reality it is not. A virus is a program that reproduces itself (copies itself many times) in order to infect as much as possible. more files and computers (network viruses). Everything else is just malware that is not capable of self-propagation. In order to exist, viruses need to somehow spread to other computers. Therefore, they are designed in such a way that, having penetrated one PC, they can move from it to others. This is how infection occurs.

The first group includes boot viruses. This method of penetration is quite common. Any of the storage media (flash drive and memory card, floppy disk, CD-DVD, HDD) has a boot sector. When you turn on your computer, the first thing it reads is boot information. If the boot information is contained on the disk, then the computer uses it on its own to correct operation. However, if the disk was infected with a virus, then even from the CD it immediately enters the computer, activating itself. Most of these viruses "live" on the user's PC for a long time without detecting themselves. They are designed to be distributed on the network, and they do not harm your computer. Often malware there is a kind of sensor: they are activated themselves at the time allotted for them ( New Year or Halloween). This is done in order to accumulate a sufficient mass of infected computers and antiviruses do not interfere with this. However, some viruses begin to harm as soon as they enter the PC. They are often programmed for full formatting(clear contents) of your PC disk.

Programs for infecting files belong to the second group. The virus remains in the computer's memory immediately after launching the application that was infected. If this virus is not removed, then all applications that you open on your PC will be infected automatically. This will lead to an increase in the number of dangerous applications. Infection of several applications at once is very harmful to the system. As a rule, files that have been infected may not cause problems for a while. This is precisely what they are dangerous for: during the time that the applications will work normally, the virus will have time to destroy the entire system. Incorrect saving of file names or partial memorization of contents is the first sign that the computer is infected. Programs belonging to this group impair the performance of all programs that are used to transfer information with other users or computers on the network. For example, the transfer of office documents, screen servers, applications that allow you to work with mail and compressed files that decompress themselves are the first to suffer.

"Mail" viruses make up the group of the most dangerous and widespread programs for damaging computer software. An email with a file attached to it is the most common carrier of viruses. If the computer was infected in this way, then the user will continue to send viruses by simply attaching the file necessary for sending to the letter. At the same time, he will not even guess that when attaching an application, the virus attaches itself. After opening the letter, the procedure is repeated. You should pay attention to letters from users you do not know. But even if the author of the letter is familiar to you, he may be a distributor of viruses without knowing it. Therefore, if you receive an email with attached animations, jokes, spreadsheets, greeting cards, photos or documents, check the email for viruses. Often such viruses independently send out infected emails to all users whose emails are stored in the computer's memory. Thus, while spreading, the virus harms the reputation of the user. That is why, before opening a letter, you should learn as much as possible about it. Even letters from well-known people are best checked with an antivirus. This is the only way to protect your computer and the computers of other users from infection with various kinds of viruses. useful links

1) to crashes and freezes during computer operation (+); 2) loss of programs and data; 3) to formatting the hard drive;

15. Dangerous computer viruses may lead...

1) to crashes and freezes during computer operation; 2) loss of programs and data (+); 3) to formatting the hard drive;

4) to reduce the free memory of the computer.

1. What type of computer viruses infect and infect executable files with the extension *.exe, *.com and are activated when they are launched?

1) file viruses; (+)

2) boot viruses;

3) macro viruses;

4) network viruses.

1. What type of computer viruses infect files with *.txt, *.doc extensions?

1. file viruses;
2. boot viruses;
3. macro viruses; (+)

1. network viruses.

1. Viruses that infiltrate a document under the guise of macros

1. Viruses that penetrate the computer block the network

1. Malicious programs that penetrate a computer using computer network services (+)

1. Malicious programs that install other programs hidden from the user.

1. Hardware.

1. Software.

1. Hardware and anti-virus programs. (+)

22. Antivirus programs are programs for:

1. Virus detections

1. Virus removal (+)
2. Virus reproduction

1. AVP, MS-DOS, MS Word
2. AVG, DrWeb, Norton AntiVirus (+)
3. Norton Commander, MS Word, MS Excel.

25. What programs are not anti-virus?

1. phage programs(+)
2. scanning programs
3. auditor programs(+)
4. detector programs

1. Is it possible to update anti-virus databases on a computer not connected to the Internet?

1. yes by calling the service technical support manufacturer of anti-virus software. The specialists of this service will dictate the latest databases that you need to save on your computer using any text editor

1. Yes, this can be done using mobile media by copying anti-virus databases from another computer that has Internet access configured and the same antivirus program or on it you need to manually copy the databases from the website of the manufacturer of the anti-virus program (+)

27. Basic measures to protect information from damage by viruses:

1) checking disks for viruses

2) create archival copies of valuable information

3) do not use pirated collections software(+)

4) transfer files only over the network.

The most effective tool to protect against network attacks

1. use of antivirus programs

1. usage firewalls or "firewall"

1. visiting only "reliable" Internet sites (+)

4) use only certified browser programs when accessing the Internet. (+)

main function firewall

1. remote user management
2. filtering incoming and outgoing traffic (+)

1. checking disks for viruses
2. file viewer.

Articles to read:

10 DANGEROUS COMPUTER VIRUSES