The security checks and all instructions and tools on this page are available free of charge. Individual products may be licensed for longer term use.
Depending on the Internet access provider, the affected customers are notified via different channels (online, e-mail, letter, SMS).
Because Internet access providers do not access your computer, malicious software that operates only locally and does not attract you to the outside can not be detected by your Internet access provider.
Neither your internet access provider nor other SISA cooperation partners will collect personal information about you or your computer as a result of this initiative. This initiative aims to reduce the risk of malware damage in Switzerland. In case of an infestation, your Internet access provider will detect certain behavior patterns of your computer in their networks, or your computer (or IP address) will catch on to other Internet services through specific bot communication. If so, your internet access provider will contact you. Internet access providers are required by law to identify ports for 6 months based on their IP address.
A botnet is a network of Internet-enabled devices (PC, Mac, smartphone, tablet, router, TV, NAS, etc.) that are plugged together after the malware infection and, once connected to the Internet, can respond to remote commands from cybercriminals , The individual computers are called “bot” or “zombie”. In principle, a bot is the damaging program itself, but its meaning is also associated with the system.
The network connectivity and local resources of affected computers are used without the knowledge of the owners of cybercriminals for different purposes: Thus, the own computer unnoticed for sending spam can be abused, but also the execution of DDoS attacks or phishing, so the collection of personal data and Passwords, is possible.
Botnet operators want to hijack as many computers as possible to increase the resources available to them. They not only use the botnets themselves, but also rent them on the criminal market. The botnet increases itself and keeps itself alive by spreading the malware and infecting other computers.
It is believed that up to a quarter of all computers worldwide are part of a botnet. Switzerland is attractive for botnets, not least because it provides a high-performance Internet infrastructure. The botnets themselves serve as the infrastructure for cybercrime and are one of the largest sources of illegal Internet revenue.
The term malware or malware refers to a program that performs unwanted or hidden functions (e.g., erase, destroy or alter data) on the affected computer. Malicious programs are fully functional and often self-contained programs that are created and distributed by savvy programmers with criminal intentions. Malicious programs are
Botnets are augmented by installing a “bot” on an uninfected computer. This can be done in different ways:
An e-mail asks the user to open an attached file containing the malicious code or to click on a link pointing to an infected web page. If he follows the request, a malicious program will be installed on his computer, which can make this part of a botnet. These calls are often made via deceptive emails that are getting more and more professional. Thus, such an e-mail pretend to come from your own bank or similar.
The malicious program is linked to a program that is available for download on the Internet. Anyone downloading this program infects their computer with the malware. This coupling of a malicious program to a useful application is called a Trojan horse (“Trojan horse”). This usually happens with illegal download programs. For security reasons, legal and legitimate programs should only be downloaded from the manufacturer’s original website and verified with a virus scanner.
The infection using this method exploits security vulnerabilities and errors in applications, in the browser or in the operating system itself. Exploits are activated, for example, when the user clicks on a prepared link; In a drive-by attack, they can also be triggered automatically when a web page is called up.
A drive-by attack refers to the unconscious downloading of software onto a user’s computer. Among other things, this refers to the unwanted downloading of malicious software solely by visiting a specially prepared website. Unfortunately, not attacking shady sites, unfortunately, only partially protects, as it hackers always manage to manipulate legitimate websites.
Cybercriminals automatically scour the Internet for potential victims. Your computer is likely to have vulnerabilities or vulnerabilities that allowed attackers to install malicious software. As soon as you use a computer on the Internet, you are exposed to all dangers. It is therefore important that you have implemented all our safety recommendations as completely as possible.
Criminals who spread bots want to go undetected. This also applies to the bots that are active on millions of computers worldwide. The first signs of an infestation are a deteriorated Internet or computer speed, unwanted page views and advertising or even that you can no longer access pages with the popular browsers (Internet Explorer, Firefox, Opera). However, infected computers do not necessarily have to show these symptoms. Users often do not notice at all or very late that their computer has become part of a botnet.
First, notice the four basic rules.
The following tips should also be noted for your safety:
– Beware of attachments in emails. Never open attachments from senders you do not know. If in doubt, ask the sender.
– Beware of unknown web pages: You can install and run malicious programs on your computer just by visiting a page.
– Use strong passwords (at least 10 characters, uppercase and lowercase letters, numbers and special characters).
– Change your passwords at regular intervals, at least once a year.
– Make regular backups of your personal data (such as documents, pictures, music) on an external medium.
– If you use techniques such as Wi-Fi or VoIP, pay attention to encrypted transmission of the data.
– Do not install software from unknown, questionable sources, even if it is offered for free.
– Be suspicious of free offers such as fast money or free travel, as well as unknown links, attachments, or pictures in popular social networks such as social networks. Facebook, Twitter and Instagram.
A cleaner is a program that allows you to scan and clean your system for the latest bots. A cleaner does not replace the permanent installation of an anti-virus program.
On a computer running Mac OS or Linux, the risk of infection has traditionally been lower as cybercriminals have so far primarily attacked Windows computers. Meanwhile, however, there is also increasing malware for Mac OS. Also, Mac OS or Linux users should install an anti-virus program specifically for Mac OS or Linux to protect them.
Second Opinion Scanners are specifically designed to remove an existing malware infection or to confirm a suspicion that the computer may be infected. An installed anti-virus program, which usually runs in the background, is primarily intended to prevent infection of the computer in advance. It also allows a profound investigation of the system.
Depending on the amount of data and installed programs, the check may take a different amount of time. Usually it takes a few minutes on a modern system.
Infection can never be ruled out with absolute certainty. No product can guarantee a 100% detection rate. But if you like ours Sicherheits-Check and have taken all precautions, they are best protected.
The safest solution is to completely reinstall the operating system.
In any case, after successfully removing the findings, you should restart your computer and rescan. In any case, pay attention to the preventive measures.
There are several options here, depending on whether you have a complete PC or your own compilation. If you have an installation CD / DVD, insert it and boot from the CD / DVD. Further instructions for reinstallation can be obtained from the manufacturers of the operating systems. If you do not have an installation CD / DVD, try recovering from the recovery partition. For further instructions, refer to your manuals or contact the manufacturer of your system Windows 7 / Windows 8.
– at least 10 characters
– Numbers, upper and lower case letters as well as special characters
– no keyboard sequences such. Eg «asdfgh» or «45678»
no word of a known language, i. the password should not make sense
– a different password for each service
– do not write down the password and do not save it unencrypted
Use a password manager.
An anti-virus program is a virus scanner that detects up-to-date and known malware, such as malware. Tracks and eliminates viruses, worms, etc.
The term bot, from the English word for “robot”, describes a computer program that usually performs its own repetitive tasks without being dependent on user interaction. Harmful bots can i.a. used for email spam or DDoS attacks. However, the term bot is also associated with computer systems running damaging bots.
Botnets are networks of several interconnected bots. For details, please read the corresponding article on the page “Technical Backgrounds”.
Browsers are programs for displaying web pages on the Internet (WWW). The most popular browsers include Microsoft Internet Explorer, Mozilla Firefox, Opera, Apple Safari and Google Chrome.
DoS Attack is the generic term for attacks on the availability of network services, mostly Internet services, such as Internet access. Web or DNS server. The most common DoS attacks are: a) email bombing; Sending a large number of e-mails to a recipient. Objectives of the attack are the recipient, by very long waiting times, or crash his system and the e-mail server, by increased load, or crash the e-mail system). b) e-mail list bombing; Subscribing to a large number of mailing lists to a foreign e-mail address. c) Distributed DoS (DDoS); DoS attack, which is performed synchronized by many systems. In general, poorly protected systems with direct Internet connection and large bandwidth are used for such attacks. Small programs, so-called agents, are implemented on these systems and coordinated from a central point via so-called handlers.
In a drive-by attack, Internet users are infected with the malware when they visit a website where the attackers have placed malware. It usually exploits vulnerabilities in the browser and plug-ins of the visitor to infect the computer. Such a process happens without the user being aware of it.
E-mail spam describes mass unsolicited e-mailing of promotional content. Email spam often contains infected attachments or links that lead to infected web pages.
A firewall is a software that monitors the flow of data between two networks (e.g., the computer and the Internet) and filters or blocks them using given rules. A firewall can e.g. make it difficult for you to access your computer over the Internet and increase the security of your computer. Some routers have already integrated a firewall.
Internet access providers are companies that give users access to the Internet. Swisscom, upc cablecom and Sunrise are among the best-known Swiss providers.
An IP address is the address of a device in computer networks based on Internet Protocol (IP). A device can have more than one IP address. IP addresses allow devices connected to the Internet to communicate with each other.
A patch is a minor update or correction for a program. Microsoft e.g. publishes patches every other Tuesday of the month that fix known program, module, or operating system errors.
Phishing is an attempt to gain access to personal information about an Internet user through fake websites, e-mails or short messages in order to commit identity theft.
A port is the part of a network address that causes the assignment of data connections and packets to server and client programs by operating systems. Valid port numbers are 1-65535.
Scare ware includes programs that are designed to fool the computer user into a danger that does not exist. The most famous form is counterfeit antivirus software, which indicates that there are countless viruses on the computer. However, to remove the alleged pests, the user should purchase a paid program. The goal is to exploit the fear of computer users and to earn money with the fake anti-virus software.
Social engineering is a common method of spying on sensitive information. Attack target is always the human. In order to obtain confidential information, it is very often the good faith and the helpfulness but also the uncertainty of a person exploited. From fake phone calls, to people pretending to be someone else, to phishing attacks, anything is possible.
A social network refers to an internet community platform in which participants exchange information or data with one another. Usually, anyone interested can participate in such communities, usually for free. On such platforms, it is customary to make public a profile and contact information. The aim is to establish and maintain personal or business contacts. The best-known social networks include facebook, myspace, studiVZ, Xing, LinkedIn, etc.
As a Trojan horse (English Trojan horse), also referred to in computer jargon as “Trojan”, is called a computer program that is disguised as a useful application in the background but without the knowledge of the user performs another function. A Trojan horse belongs to the family of unwanted or harmful programs, the so-called malware.
A computer virus (Latin virus, poison, Schleim ‘) is a self-propagating computer program, which infiltrates into other computer programs and thus reproduces itself. The classification as a virus refers here to the distribution and infection function.
Once started, it can make uncontrollable changes to the status of the hardware, the operating system or other software (damaging function). Computer viruses can interfere with computer security by the creator desired or unwanted functions and count to Malware.
The term computer virus is colloquially also for
Computer worms and Trojanische Pferdeused, since there are often mixed forms and for users the difference is barely recognizable.
Voice over IP (VoIP) is a new technology for the transmission of voice. In contrast to traditional telephony, the call is split into data packets and transmitted over computer networks (e.g., Internet) (“Telephoning over the Internet”). The advantages are the low acquisition costs for the telephone system and the use of existing, mostly well-developed network structures. The locality as in a traditional telephone system is no longer given.
Wireless Local Area Network (WLAN) is the English term for wireless networks. In order to be able to operate a WLAN, a transmitter and a receiver must be present which can communicate with one another or exchange data on a previously defined standard. Many Internet access providers provide routers with built-in WLAN to their customers. Wi-Fi routers allow wireless Internet use.
A worm is a program that copies itself to another computer (independently executable). Cf. on the other hand a Virus, which is not a complete, executable program and therefore relies on a so-called host program.
An exploit that exploits a zero-day vulnerability. The curriculum vitae of a vulnerability can basically be divided into 4 time periods:
Attack programs are also generated automatically from error corrections within a very short time (minutes). Thus, the update procedures of the manufacturers become serious security risks for the users.