Ransomware, Adware and Co. - How Can You Protect Yourself | Free Antivirus Software

Malware makes headlines again and again: attacks on companies, institutes, private computers, and even hospitals have long since become the norm in the digital age. They appear in different forms: The suitcase words ransomware, spyware, adware, or scareware are often used in IT circles for the various types of malicious software - always with the appended "-ware" as an abbreviation for "software". They all describe different forms of malware(English "malicious software" = "malicious software"). But what exactly is hidden behind the individual terms? How acute is the threat real? As an Internet user, how can you protect yourself from malware and remove it from your computer in the event of an infection?

Ransomware: How To Protect Yourself from The "blackmail Trojans"

The first word in the suitcase, “ransomware”, is a combination of the English terms “ransom” (German “ransom”) and “software”. There is also talk of blackmail, crypto, or encryption Trojans. They all have the same function: the malware encrypts all files on a computer- or even an entire network - and instead of the usual user interface, displays an instruction for releasing the files, often a ransom note or a similar “ransom note”. When it comes to distribution, ransomware does not differ from the much more well-known computer viruses: it mostly reaches the targeted computer via fake email attachments (such as alleged invoices, delivery notes, ZIP files, etc.), security gaps in the web browser or file hosting services such as Dropbox.

This Is How Ransomware Works

However, the most common method is to send mass emails with infected attachments via bot networks. This means spambots cybercriminals can send the prepared emails automatically. Finally, the fake attachments hide downloaders that deliver the actual encryption Trojan. As a rule, the emails build up pressure, imitate existing senders such as well-known companies, or try to get in touch with users. These can be addressed directly and called up to open the attachment.

The method is well known, but the threat has become much more acute since the winter of 2015/16: The German Federal Office for Information Security (BSI) published an issue paper in the course of a veritable explosion of ransomware attacks: It says that in In February 2016 ten times more ransomware was detected by antivirus programs in October 2015. At times in Germany alone up to 5,000 newly infected computers were counted every hour by the crypto Trojan "Locky". The malicious program caused millions of euros in damage worldwide and did not even stop at hospitals: in addition to a clinic in Los Angeles, numerous other hospitals, companies, and private computers around the world were encrypted. Malware from the TeslaCrypt ransomware family is even more common.

Protective Measures and Methods to Remove Ransomware

The preventive measures against ransomware are diverse: First of all, the basic protective measures against fraudulent e-mails should be mentioned. That means: Be skeptical of unexpected emails, do not click carelessly on dubious links and always question the plausibility of attachments and only open them if the authenticity can be ascertained without any problems. It is also recommended:

• to keep the operating system and effective anti-virus software always up to date; this is the only way to identify new threats

• Create backups of the most important files on an external storage medium on a regular basis; in the event of loss, the data can be restored without major damage

• always activate the firewall of the operating system; it can also offer additional protection not to work permanently with administrator rights

• Stop using software with known security vulnerabilities; First of all, the Adobe Flash Player should be mentioned here, which is required less and less since the conversion of many websites to HTML5

If it does come this far: What can you do in the event of encryption by ransomware? Whether or not the ransomware can be removed depends heavily on the encryption method used. Some can be detected and removed by popular antivirus software. Others are more persistent: In any case, the computer should be disconnected from the network and switched off in the event of an attack. Rescue CDs can be used to ward off some threats: These rescue discs are available from the manufacturers of common anti-virus software such as Kaspersky, AVG, or BitDefender.

Also, starting in Safe Mode can help. This ensures that only the most important system functions startup. In this secure environment, the system can be reset to an earlier point in time under "Control Panel" in the "System and Security" menu - but only if a restore point has been set beforehand. However, the system usually generates this automatically for updates or program installations.

As a last resort, you can also use the command line to run special decryption tools designed against specific encryption Trojans. You can find all the important links to these tools in this article from "PC Welt".

Remove Adware and Spyware: Get Rid of Sniffing Software and Protect Your Data

Spyware (English "spy" = "spy") refers to espionage programs which, in the most harmless case, sniff out user behavior and interests for advertising purposes, but in the worst case also spy out credit card details, passwords, or other sensitive information. In the case of particularly malicious attacks, spyware installs itself together with so-called keyloggers, which track any input made by the user and forward it to the malware developer via the Internet. In the first, more harmless case, one also speaks of adware(composed of "advertisement" = "advertising" and "Software"). These programs often make no secret of their real intent. They often reach the computer as optional additional content of an installation client and can also be easily uninstalled there. In many cases, it is a question of toolbars for the browser or search bars for mostly unknown search engines. The entries in these search bars can be used to present tailored advertising in the form of banners or pop-ups. It is also possible to automatically change the start page or the standard search engine - interventions that can be easily undone, but are nevertheless annoying.

Adware: How To Remove Unwanted Browser Tools

It is best not to install adware in the first place: Therefore, when installing free programs from the Internet (freeware), do not choose the automated standard installation - even if you trust the source of the installation client. Additional programs are often simply installed with the express installation without the user knowing anything about them. The effects only become apparent the next time you open the browser. Better take the time to go through the installation step by step. At each installation step, check exactly what is to be installed and remove the ticks for unwanted programs.

If you have inadvertently installed adware, you can usually easily remove it again. Many toolbars can be uninstalled in the system control of the operating system ("Programs and Functions" or similar). In any case, you should check all installed browsers and, if necessary, delete the toolbars individually and manually, provided that they still appear in the add-on or plug-in overview. You can also adjust the standard search engine and the start page manually in the browser settings. However, if the malware cannot be uninstalled, heavier guns are required.

For example, the AdwCleaner program finds and removes many forms of browser toolbars and hijackers. It can be used to effectively remove numerous forms of adware. Installation is not necessary, so you can also run the check from an external medium such as a USB stick or CD. As with all freeware, you should be careful when downloading the program: Free riders sometimes try to get fake software into the above results on Google. Safe download sources and further information about the program are given in this article. Nevertheless, after cleaning up your computer and browser, you should run a full system scan with your anti-virus scanner to be on the safe side.

What Is Spyware, how Can It Be Detected and Removed?

The distinction between adware and spyware is usually not very clear and the transitions can be fluid - however, spyware is usually much more aggressive and camouflaged. While adware usually appears in the app and program overview and can be uninstalled here, spyware works covertly and in the background. The recording of keyboard entries by keyloggers also falls under this umbrella term: In this way, PINs, passwords, e-mail addresses, or other sensitive data are to be spied out. You usually notice this malware when the virus scanner or the firewall is the alarm. If this does not happen, for example, because you have not updated the virus scanner or none is installed at all, you will only notice the intruder when the computer suddenly works unusually slowly.

If you suspect you can use the Task Manager (press Ctrl + Alt + Del and select "Start Task Manager") to check the CPU usage and research unwanted processes. Some Trojans disguise themselves as supposedly known processes. For example, if the browser is not open at all, but the overview of active processes still shows, a spy Trojan could be at work. You can also get an overview of the network load under the "Network" tab. If unusual activities are shown here, this could also be an indication of active sniffing software.

Here, too, the most important protective measure is updating or installing anti-virus software. The programs recognize malware and render it harmless. The following applies: Even free antivirus software is better than none at all.

Scareware: How Does the Panic Software Work?

Scareware ("to scare") is a particularly perfidious type of program: The malware is intended to frighten the user - in most cases, scareware disguises itself as an alleged anti-virus program that warns of an alleged infection by viruses or Trojans. In reality, however, it is the malware itself. The frightened user will see pop-up windows with warnings. An alleged cleaning of the computer is possible against payment or the purchase of a new version of the fake program. After the victim has paid, the messages are simply hidden. Worse still: If the payment is made by credit card, the cybercriminals will from now on also have very sensitive credit card data.

Some scareware pop-ups immediately look dubious due to their penetrating, flashing design and can easily be exposed as a deception. Others are more sophisticated, trying to mimic the looks of authentic antivirus software, and even offer bogus support over the phone or email. But how can the deception be recognized and the scareware removed? Basically, you should take a close look at every warning: Did the message really come from a program that you installed or that was preinstalled on your computer? If not, you are most likely dealing with scareware.

No reputable antivirus software will attempt to panic you with a virus warning while capitalizing on your fear. Indeed, free antivirus programs occasionally show offers to upgrade to a more extensive and paid version; Authentic antivirus software (also free) offers immediate help at the moment of an infestation without paying extra. Scareware also tries to make the threat more acute with a list of allegedly several dozen infections - but such numerous attacks are extremely rare and unlikely. Scareware can be removed with all common and authentic antivirus programs. Here it is again important to obtain the programs only from reputable and trustworthy sources.