Common questions


warning icon

How much does the service cost me?

Arrow

The security checks and all instructions and tools on this page are available free of charge. Individual products may be licensed for longer term use.

warning icon

How does my internet access provider inform me if my computer has been infected with malware?

Arrow

Depending on the Internet access provider, the affected customers are notified via different channels (online, e-mail, letter, SMS).

warning icon

Does my Internet access provider inform me about any virus attack?

Arrow

Because Internet access providers do not access your computer, malicious software that operates only locally and does not attract you to the outside can not be detected by your Internet access provider.

warning icon

Will my ISP or other SISA cooperation partners collect personal information about me?

Arrow

Neither your internet access provider nor other SISA cooperation partners will collect personal information about you or your computer as a result of this initiative. This initiative aims to reduce the risk of malware damage in Switzerland. In case of an infestation, your Internet access provider will detect certain behavior patterns of your computer in their networks, or your computer (or IP address) will catch on to other Internet services through specific bot communication. If so, your internet access provider will contact you. Internet access providers are required by law to identify ports for 6 months based on their IP address.

TECHNICAL QUESTIONS


shield icon

What are botnets?

Arrow

A botnet is a network of Internet-enabled devices (PC, Mac, smartphone, tablet, router, TV, NAS, etc.) that are plugged together after the malware infection and, once connected to the Internet, can respond to remote commands from cybercriminals , The individual computers are called “bot” or “zombie”. In principle, a bot is the damaging program itself, but its meaning is also associated with the system.
 
The network connectivity and local resources of affected computers are used without the knowledge of the owners of cybercriminals for different purposes: Thus, the own computer unnoticed for sending spam can be abused, but also the execution of DDoS attacks or phishing, so the collection of personal data and Passwords, is possible.
 
Botnet operators want to hijack as many computers as possible to increase the resources available to them. They not only use the botnets themselves, but also rent them on the criminal market. The botnet increases itself and keeps itself alive by spreading the malware and infecting other computers.
 
It is believed that up to a quarter of all computers worldwide are part of a botnet. Switzerland is attractive for botnets, not least because it provides a high-performance Internet infrastructure. The botnets themselves serve as the infrastructure for cybercrime and are one of the largest sources of illegal Internet revenue.

shield icon

What is malware?

Arrow

The term malware or malware refers to a program that performs unwanted or hidden functions (e.g., erase, destroy or alter data) on the affected computer. Malicious programs are fully functional and often self-contained programs that are created and distributed by savvy programmers with criminal intentions. Malicious programs are
 
– Virus
– Worms
– Trojans
– Bots
– Dialer
– Scareware
– Grayware

shield icon

How is a computer infected?

Arrow

Botnets are augmented by installing a “bot” on an uninfected computer. This can be done in different ways:
 
Infected emails:
An e-mail asks the user to open an attached file containing the malicious code or to click on a link pointing to an infected web page. If he follows the request, a malicious program will be installed on his computer, which can make this part of a botnet. These calls are often made via deceptive emails that are getting more and more professional. Thus, such an e-mail pretend to come from your own bank or similar.
Downloads:
The malicious program is linked to a program that is available for download on the Internet. Anyone downloading this program infects their computer with the malware. This coupling of a malicious program to a useful application is called a Trojan horse (“Trojan horse”). This usually happens with illegal download programs. For security reasons, legal and legitimate programs should only be downloaded from the manufacturer’s original website and verified with a virus scanner.
Exploits:
The infection using this method exploits security vulnerabilities and errors in applications, in the browser or in the operating system itself. Exploits are activated, for example, when the user clicks on a prepared link; In a drive-by attack, they can also be triggered automatically when a web page is called up.
Drive-by Attacke
A drive-by attack refers to the unconscious downloading of software onto a user’s computer. Among other things, this refers to the unwanted downloading of malicious software solely by visiting a specially prepared website. Unfortunately, not attacking shady sites, unfortunately, only partially protects, as it hackers always manage to manipulate legitimate websites.

shield icon

Why was my computer infected?

Arrow

Cybercriminals automatically scour the Internet for potential victims. Your computer is likely to have vulnerabilities or vulnerabilities that allowed attackers to install malicious software. As soon as you use a computer on the Internet, you are exposed to all dangers. It is therefore important that you have implemented all our safety recommendations as completely as possible.

shield icon

How do I know that my computer has been attacked by a bot?

Arrow

Criminals who spread bots want to go undetected. This also applies to the bots that are active on millions of computers worldwide. The first signs of an infestation are a deteriorated Internet or computer speed, unwanted page views and advertising or even that you can no longer access pages with the popular browsers (Internet Explorer, Firefox, Opera). However, infected computers do not necessarily have to show these symptoms. Users often do not notice at all or very late that their computer has become part of a botnet.

shield icon

How do I go about protecting my computer from further attacks?

Arrow

First, notice the four basic rules.
The following tips should also be noted for your safety:
 
– Beware of attachments in emails. Never open attachments from senders you do not know. If in doubt, ask the sender.
– Beware of unknown web pages: You can install and run malicious programs on your computer just by visiting a page.
– Use strong passwords (at least 10 characters, uppercase and lowercase letters, numbers and special characters).
– Change your passwords at regular intervals, at least once a year.
– Make regular backups of your personal data (such as documents, pictures, music) on an external medium.
– If you use techniques such as Wi-Fi or VoIP, pay attention to encrypted transmission of the data.
– Do not install software from unknown, questionable sources, even if it is offered for free.
– Be suspicious of free offers such as fast money or free travel, as well as unknown links, attachments, or pictures in popular social networks such as social networks. Facebook, Twitter and Instagram.

shield icon

What is a cleaner?

Arrow

A cleaner is a program that allows you to scan and clean your system for the latest bots. A cleaner does not replace the permanent installation of an anti-virus program.
 
Weitere Infos…

shield icon

Why are there fewer security programs for Linux or Mac OS than for Windows?

Arrow

On a computer running Mac OS or Linux, the risk of infection has traditionally been lower as cybercriminals have so far primarily attacked Windows computers. Meanwhile, however, there is also increasing malware for Mac OS. Also, Mac OS or Linux users should install an anti-virus program specifically for Mac OS or Linux to protect them.

shield icon

What sets a Second Opinion Scanner apart from an anti-virus program?

Arrow

Second Opinion Scanners are specifically designed to remove an existing malware infection or to confirm a suspicion that the computer may be infected. An installed anti-virus program, which usually runs in the background, is primarily intended to prevent infection of the computer in advance. It also allows a profound investigation of the system.

shield icon

How long does a review by a Second Opinion Scanner take?

Arrow

Depending on the amount of data and installed programs, the check may take a different amount of time. Usually it takes a few minutes on a modern system.

shield icon

Neither Anti-Virus nor Second Opinion Scanner finds any pests on my computer. Is my computer clean?

Arrow

Infection can never be ruled out with absolute certainty. No product can guarantee a 100% detection rate. But if you like ours Sicherheits-Check and have taken all precautions, they are best protected.

shield icon

The Second Opinion Scanner found and deleted pests on my computer. How do I proceed now?

Arrow

The safest solution is to completely reinstall the operating system.
In any case, after successfully removing the findings, you should restart your computer and rescan. In any case, pay attention to the preventive measures.

shield icon

How can I reinstall my operating system?

Arrow

There are several options here, depending on whether you have a complete PC or your own compilation. If you have an installation CD / DVD, insert it and boot from the CD / DVD. Further instructions for reinstallation can be obtained from the manufacturers of the operating systems. If you do not have an installation CD / DVD, try recovering from the recovery partition. For further instructions, refer to your manuals or contact the manufacturer of your system Windows 7 / Windows 8.

shield icon

How do I define a secure password?

Arrow

Use…
– at least 10 characters
– Numbers, upper and lower case letters as well as special characters
– no keyboard sequences such. Eg «asdfgh» or «45678»
no word of a known language, i. the password should not make sense
– a different password for each service
– do not write down the password and do not save it unencrypted
 

Further information…

shield icon

How can I safely manage many passwords?

Arrow

Use a password manager.
 
Further information…

GLOSSARY


locker icon

Anti-virus program

Arrow

An anti-virus program is a virus scanner that detects up-to-date and known malware, such as malware. Tracks and eliminates viruses, worms, etc.

locker icon

Bot

Arrow

The term bot, from the English word for “robot”, describes a computer program that usually performs its own repetitive tasks without being dependent on user interaction. Harmful bots can i.a. used for email spam or DDoS attacks. However, the term bot is also associated with computer systems running damaging bots.

locker icon

Botnets

Arrow

Botnets are networks of several interconnected bots. For details, please read the corresponding article on the page “Technical Backgrounds”.

locker icon

Browser

Arrow

Browsers are programs for displaying web pages on the Internet (WWW). The most popular browsers include Microsoft Internet Explorer, Mozilla Firefox, Opera, Apple Safari and Google Chrome.

locker icon

Distributed Denial of Service (DDoS)

Arrow

DoS Attack is the generic term for attacks on the availability of network services, mostly Internet services, such as Internet access. Web or DNS server. The most common DoS attacks are: a) email bombing; Sending a large number of e-mails to a recipient. Objectives of the attack are the recipient, by very long waiting times, or crash his system and the e-mail server, by increased load, or crash the e-mail system). b) e-mail list bombing; Subscribing to a large number of mailing lists to a foreign e-mail address. c) Distributed DoS (DDoS); DoS attack, which is performed synchronized by many systems. In general, poorly protected systems with direct Internet connection and large bandwidth are used for such attacks. Small programs, so-called agents, are implemented on these systems and coordinated from a central point via so-called handlers.
Weitere Infos…

locker icon

Drive-by Attacke

Arrow

In a drive-by attack, Internet users are infected with the malware when they visit a website where the attackers have placed malware. It usually exploits vulnerabilities in the browser and plug-ins of the visitor to infect the computer. Such a process happens without the user being aware of it.
Weitere Infos…

locker icon

Spam mail

Arrow

E-mail spam describes mass unsolicited e-mailing of promotional content. Email spam often contains infected attachments or links that lead to infected web pages.

locker icon

Firewall

Arrow

A firewall is a software that monitors the flow of data between two networks (e.g., the computer and the Internet) and filters or blocks them using given rules. A firewall can e.g. make it difficult for you to access your computer over the Internet and increase the security of your computer. Some routers have already integrated a firewall.

locker icon

Internet access providers

Arrow

Internet access providers are companies that give users access to the Internet. Swisscom, upc cablecom and Sunrise are among the best-known Swiss providers.

locker icon

IP address

Arrow

An IP address is the address of a device in computer networks based on Internet Protocol (IP). A device can have more than one IP address. IP addresses allow devices connected to the Internet to communicate with each other.
Further information…

locker icon

Malware

Arrow

Malware (= malicious software) is the umbrella term for malicious programs that run unnoticed in the background of the user and tap or manipulate data and perform other valuable functions for criminals. In particular, malware belongs Viren, worms and Trojaner.

locker icon

Patch

Arrow

A patch is a minor update or correction for a program. Microsoft e.g. publishes patches every other Tuesday of the month that fix known program, module, or operating system errors.

locker icon

Phishing

Arrow

Phishing is an attempt to gain access to personal information about an Internet user through fake websites, e-mails or short messages in order to commit identity theft.
Further information…

locker icon

Port

Arrow

A port is the part of a network address that causes the assignment of data connections and packets to server and client programs by operating systems. Valid port numbers are 1-65535.
Further information…

locker icon

Scare ware

Arrow

Scare ware includes programs that are designed to fool the computer user into a danger that does not exist. The most famous form is counterfeit antivirus software, which indicates that there are countless viruses on the computer. However, to remove the alleged pests, the user should purchase a paid program. The goal is to exploit the fear of computer users and to earn money with the fake anti-virus software.

locker icon

Social Engineering

Arrow

Social engineering is a common method of spying on sensitive information. Attack target is always the human. In order to obtain confidential information, it is very often the good faith and the helpfulness but also the uncertainty of a person exploited. From fake phone calls, to people pretending to be someone else, to phishing attacks, anything is possible.
Further information…

locker icon

Social Network

Arrow

A social network refers to an internet community platform in which participants exchange information or data with one another. Usually, anyone interested can participate in such communities, usually for free. On such platforms, it is customary to make public a profile and contact information. The aim is to establish and maintain personal or business contacts. The best-known social networks include facebook, myspace, studiVZ, Xing, LinkedIn, etc.
Further information…

locker icon

Trojans

Arrow

As a Trojan horse (English Trojan horse), also referred to in computer jargon as “Trojan”, is called a computer program that is disguised as a useful application in the background but without the knowledge of the user performs another function. A Trojan horse belongs to the family of unwanted or harmful programs, the so-called malware.
Weitere Infos…

locker icon

Virus

Arrow

A computer virus (Latin virus, poison, Schleim ‘) is a self-propagating computer program, which infiltrates into other computer programs and thus reproduces itself. The classification as a virus refers here to the distribution and infection function.
Once started, it can make uncontrollable changes to the status of the hardware, the operating system or other software (damaging function). Computer viruses can interfere with computer security by the creator desired or unwanted functions and count to Malware.
The term computer virus is colloquially also for
Computer worms and Trojanische Pferdeused, since there are often mixed forms and for users the difference is barely recognizable.

locker icon

VoIP

Arrow

Voice over IP (VoIP) is a new technology for the transmission of voice. In contrast to traditional telephony, the call is split into data packets and transmitted over computer networks (e.g., Internet) (“Telephoning over the Internet”). The advantages are the low acquisition costs for the telephone system and the use of existing, mostly well-developed network structures. The locality as in a traditional telephone system is no longer given.

locker icon

WLAN

Arrow

Wireless Local Area Network (WLAN) is the English term for wireless networks. In order to be able to operate a WLAN, a transmitter and a receiver must be present which can communicate with one another or exchange data on a previously defined standard. Many Internet access providers provide routers with built-in WLAN to their customers. Wi-Fi routers allow wireless Internet use.
Further information…

locker icon

Worm

Arrow

A worm is a program that copies itself to another computer (independently executable). Cf. on the other hand a Virus, which is not a complete, executable program and therefore relies on a so-called host program.

locker icon

Zero-Day Exploit

Arrow

An exploit that exploits a zero-day vulnerability. The curriculum vitae of a vulnerability can basically be divided into 4 time periods:

  • Seemingly safety gap-free section
  • A vulnerability is detected by someone and, if necessary, reported to the manufacturer of the program. At best, he also writes an attack program or sells this information to intelligence agencies or criminals.
  • The manufacturer develops an error correction (patch) depending on the significance of the vulnerability (only 60% – 80% of the published vulnerabilities are patched) and publishes the error correction – possibly together with the (previously unpublished) vulnerability. (Bug fixes can also contain security holes!),
  • until the user finally installs the patch (possibly after a compatibility check).

Attack programs are also generated automatically from error corrections within a very short time (minutes). Thus, the update procedures of the manufacturers become serious security risks for the users.