This information will help you stay out of Trouble, when you are online on the internet
1. Make sure that your Firewall is always turned on
What is a firewall?
A firewall is software or hardware that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings.
It is a security measure that is like locking the front door to your house, A firewall can stop certain connections coming in or going out
A firewall can help prevent hackers or malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers.
The following illustration shows how a firewall works.
A firewall isn’t the same thing as an antivirus program. To help protect your computer, you need both a firewall and an antivirus and anti-malware program.
It helps keep intruders (in this case, a virus, hackers and malicious software) from getting in. Windows Firewall is built in on Microsoft Windows Operating Sytems. Windows 7 has the firewall turned on by default, so you don’t need to set it up. Needless to say, you should always, check to make sure it turned on, because a Virus or Ransome-Ware can turn it off. Microsoft have made windows 7 more flexible and easier to use.
What is antivirus software?
Antivirus software is a computer program that detects, prevents, and takes action to disarm or remove malicious software programs, such as viruses and worms. You can help protect your computer against viruses by using antivirus software.
Computer viruses are software programs that are deliberately designed to interfere with computer operation; record, corrupt, or delete data; or spread themselves to other computers and throughout the Internet.
To help prevent the most current viruses, you must update your antivirus software regularly. You can set up most types of antivirus software to update automatically.
What are Security Updates?
Security Updates are a service provided by Microsoft to help your Computer deal with Threats and Errors
There are different kinds of updates. Security updates or critical updates protect against vulnerabilities to malware and security exploits. Other updates correct errors that aren’t related to security, or enhance functionality.
Security updates are routinely provided on the second Tuesday of each month, Patch Tuesday, but can be provided whenever a new update is urgently required to prevent a newly discovered or prevalent exploit targeting Windows users. Windows Update can be configured to install critical updates automatically so long as the computer is connected to the Internet, without the user needing to install them manually, or even be aware that an update is required.
Always make sure that your Computer is set up to receive Security Updates
What is a Computer Virus?
Computer viruses are small software programs that are designed to spread from one computer to another and to interfere with computer operation.
What do computer viruses do?
Through the course of using the Internet and your computer, you may have come in to contact with computer viruses. Many computer viruses are stopped before they can start, but there is still an ever growing concern as to what do computer viruses do and the list of common computer virus symptoms. A computer virus might corrupt or delete data on your computer, use your email program to spread itself to other computers, or even erase everything on your hard disk.
Computer viruses are often spread by attachments in email messages or instant messaging messages. That is why it is essential that you never open email attachments unless you know who it’s from and you are expecting it.
Viruses can be disguised as attachments of funny images, greeting cards, or audio and video files.
Computer viruses also spread through downloads on the Internet. They can be hidden in illicit software or other files or programs you might download.
To help avoid computer viruses, it’s essential that you keep your computer current with the latest updates and antivirus tools, stay informed about recent threats, run your computer as a standard user (not as administrator), and that you follow a few basic rules when you surf the Internet, download files, and open attachments.
Once a virus is on your computer, its type or the method it used to get there is not as important as removing it and preventing further infection.
What is a Trojan?
A Trojan horse, or Trojan, is a non-self-replicating type of malware which appears to perform a desirable function but instead drops a malicious payload.
Often including a backdoor allowing unauthorized access to the target’s computer. These backdoors tend to be invisible to average users. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses may steal information, or harm their host computer systems. Trojans may use drive-by downloads or install via online games or internet-driven applications in order to reach target computers. The term is derived from the Trojan Horse story in Greek mythology because Trojan horses employ a form of “social engineering,” presenting themselves as harmless, useful gifts, in order to persuade victims to install them on their computers.
Malware, short for malicious (or malevolent) software, is software used or programmed by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.
It can appear in the form of code, scripts, active content, and other software.
However, some malware is disguised as genuine software and may come from an official company website in the form of a useful or attractive program which has the harmful malware embedded in it along with additional tracking software that gathers marketing statistics.
Malware is sometimes used broadly against government or corporate websites to gather guarded information, or to disrupt their operation in general. However, malware is often used against individuals to gain personal information such as social security numbers, bank or credit card numbers, and so on. Left unguarded, personal and networked computers can be at considerable risk against these threats. (These are most frequently counter-acted by various types of firewalls, anti-virussoftware, and network hardware)
What is a RansomeWare?
Ransomware is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. Ransomware generates a pop-up window, webpage, or email warning from what looks like an official authority. It explains that your computer has been locked because of possible illegal activities on it and demands payment before you can access your files and programs again.
NEVER CLICK TO PAY TO UNLOCK YOUR PC, they will still your information and money
What is a Rootkit?
A rootkit is a stealthy type of software, often malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.
The term rootkit is a concatenation of “root” (the traditional name of the privileged account on Unix operating systems) and the word “kit” (which refers to the software components that implement the tool). The term “rootkit” has negative connotations through its association with malware.
Rootkit installation can be automated, or an attacker can install it once they’ve obtained root or Administrator access. Obtaining this access is a result of direct attack on a system (i.e. exploiting a known vulnerability, password (either by cracking, privilege escalation, or social engineering). Once installed, it becomes possible to hide the intrusion as well as to maintain privileged access. The key is the root/Administrator access. Full control over a system means that existing software can be modified, including software that might otherwise be used to detect or circumvent it.
Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternative and trusted operating system, behavioral-based methods, signature scanning, difference scanning, and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem. When dealing with firmware rootkits, removal may require hardware replacement, or specialized equipment.
What is csrrs.exe
Client/Server Runtime Subsystem, or csrss.exe, is a component of the Microsoft Windows NT operating system that provides the user mode side of the Win32 subsystem and is included in Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows 8. Some viruses, spyware, and trojans are known to disguise themselves as the CSRSS.exe process
Because most of the Win32 subsystem operations have been moved to kernel mode drivers, in Windows NT 4 and later, CSRSS is mainly responsible for Win32 console handling and GUI shutdown. It is critical to system operation; therefore, terminating this process will result in system failure. Under normal circumstances, CSRSS cannot be terminated with the taskkill command or with Windows Task Manager, although it is possible in Vista if the Task Manager is run in Administrator mode. On Windows 7 and Windows 8 Developer Preview, Task Manager will inform the user that terminating the process will result in system failure, and prompt if they want to continue. Some virus hoax emails claim that csrss.exe is a virus that has been confirmed by Microsoft, and that the user should terminate it immediately. This, obviously, would actually lead to system failure and a blue screen of death
CSRSS runs as a user-mode system service. When a user-mode process calls a function involving console windows, process/thread creation, or Side-by-Side support, instead of issuing a system call, the Win32 libraries (kernel32.dll, user32.dll, gdi32.dll) send an inter-process call to the CSRSS process which does most of the actual work without compromising the kernel. Window manager and GDI services are handled by a kernel mode driver (win32k.sys) instead.
CSRSS is called along with winlogon.exe at Windows start-up. If either of the files is corrupted or otherwise inaccessible, the NT kernel will shut down the start-up process with a Blue Screen of Death. This is caused by a failure to move out of kernel mode and into user mode, the “normal” operation of Windows. The error code for this fault is 0xc000021a
Avoid tech support phone scams
Cybercriminals don’t just send fraudulent email messages and set up fake websites. They might also call you on the telephone and claim to be from Microsoft. They might offer to help solve your computer problems or sell you a software license. Once they have access to your computer, they can do the following:
Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
Take control of your computer remotely and adjust settings to leave your computer vulnerable.
Request credit card information so they can bill you for phony services.
Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.
Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.
Telephone tech support scams: What you need to know
Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you’re using.
Once they’ve gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable.
Do not trust unsolicited calls. Do not provide any personal information.
Here are some of the organizations that cybercriminals claim to be from:
Windows Service Center
Microsoft Tech Support
Windows Technical Department Support Group
Microsoft Research and Development Team (Microsoft R & D Team)
Report phone scams
Learn about how to report phone fraud in the United States. Outside of the US, contact your local authorities.
How to protect yourself from telephone tech support scams
If someone claiming to be from Microsoft tech support calls you:
Do not purchase any software or services.
Ask if there is a fee or subscription associated with the “service.” If there is, hang up.
Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.
Take the caller’s information down and immediately report it to your local authorities.
Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.
What to do if you already gave information to a tech support person
If you think that you might have downloaded malware from a phone tech support scam website or allowed a cybercriminal to access your computer, take these steps:
Change your computer’s password, change the password on your main email account, and change the password for any financial accounts, especially your bank and credit card.
Scan your computer to find out if you have malware installed on your computer or you can simply call us for assistance
Will Microsoft ever call me?
There are some cases where Microsoft will work with your Internet service provider and call you to fix a malware-infected computer—such as during the recent cleanup effort begun in our botnet takedown actions. These calls will be made by someone with whom you can verify you already are a customer. You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.
For more information about how to recognize a phishing scam, feel free to contact us.