USB Guard - Extra Protection from Malware

Just think, how most of the unwanted malicious utilities (viruses, Trojans, malware, keyloggers, etc.) get to your computer. There are the two primary sources: Internet and network contaminants, and portable data storage devices. Since most of the portable data storage devices are USB-based, would not that be nice if we can safeguard the computer from any danger, coming with the attached portable devices, like external or thumb drives?

Free USB Guard is an ultimate freeware utility, helping to protect USB drives from viruses, malware, spyware, Trojans and scripts. It is lightweight, not demanding any significant resources and can be used with your real-time antivirus software at the same time. It is not a valid replacement for the antivirus utility you have, but it provides reliable additional protection to prevent your USB and computer from dangerous infection.

Main Features:

• It assures 100% protection on offline computers and almost 100% on online computers with regular antivirus installed.
• Lightweight, doesn't slow system performance.
• Doesn't conflict with other antivirus programs.
• Absolutely Free, and doesn't require any formal registration. No strings attached or trial gimmicks.  
• No Updates needed, it can detect latest viruses without their proper definitions, just by detecting the dangerous code traces.
• The software is in the early stages of development, and more useful features will be implemented in the further releases, like USB Lock.

Website: http://sites.google.com/site/freeusbguard/

What is Computer Firewall, and why do you need one?

A Firewall is a computer program that monitors the flow of information from the Internet to your computer. There are two different types of firewall available for you to use - Hardware Firewalls and Software Firewalls.

Hardware Firewall

A Hardware Firewall is a physical piece of equipment that sits between the Internet and your computer. An example of a hardware firewall is a broadband router, a common form of Internet connection. The benefit of using a hardware firewall, is that it has the ability to protect multiple computer systems that are connected to it at the same time. This makes it an effective firewall for use in businesses that have multiple computers connected to the Internet, as well as in homes that have more than one computer system.

However, it is not sufficient to have only the hardware firewall, because router-based firewalls only provide protection from computers on the Internet, not from computers on your home network. For example, if a mobile computer or guest computer connects to some other network, becomes infected with a computer worm, and then connects to your home network, your router-based firewall won't be able to prevent the spread of the worm. Therefore, a firewall running on each computer on your network can help control the spread of worms.

Note that running more than one firewall program on your computer at the same time could cause conflicts. It's best to just use one firewall program, in addition to a router-based firewall.

Software Firewall

Software Firewalls work in the same way as a hardware firewall, by monitoring and blocking information that comes to your computer via the Internet, however software firewalls must be installed as a program on your computer. These software firewalls can either be installed from a computer disk that you have purchased, or downloaded over the Internet. Software firewalls are the most common type of firewall. Programs such as Norton 360, Norton Internet Security, ESET Smart Security, and Kaspersky Internet Security all have a firewall bundled within them.

If you have Windows Operating System, the Firewall program is installed already by default. It is also set to active operations from the beginning. To make sure it hasn't been turned off, follow these steps:

1. Open Windows Firewall by clicking the Start button, and then clicking Control Panel. In the search box, type firewall, and then click Windows Firewall.
2. In the left pane, click Turn Windows Firewall on or off. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
3. Below each network location type, click Turn on Windows Firewall, and then click OK. We recommend that you turn on the firewall for all network location types.

What a Firewall does?

Regardless of what type of firewall you choose to use, having one on your computer is a really good idea. A firewall helps to prevent computer hackers from accessing your computer through the Internet, and stealing sensitive information or infecting your computer system with some form of computer virus. A hacker can gain access to your system by “back doors” or open ports that connect your computer to the Internet. With a firewall in place these ports are blocked from inbound traffic, effectively closing the door in the hackers face.

Of course, damage can also be done to your computer from outbound traffic as well. Say for instance a hacker was able to slip by you with a Trojan, virus, spyware or phishing scheme that went undetected. The next time you booted up your computer and connected to the Internet, information on your computer could be sent out to the hacker. Many firewalls also block outbound traffic that will help prevent this from happening.

There are basically two ways that Firewalls work. Generally, data that comes in is analyzed by the firewall to determine the IP address it is coming from and the content that it contains. The firewall system then checks to see if this information is compliant with rules that you are able to configure. It can also analyze information at the application level. The firewall program will determine whether or not the application should be able to send or receive data through the port you are connected by.

Firewall programs are extremely important to the protection of not only your computer system, but you personal information as well. Many anti-virus programs come with firewall protection. Firewall protection should be considered an essential part of any computer's security strategy.

What are some of the things that a firewall can't prevent?

• E‑mail viruses

E‑mail viruses are attached to e‑mail messages. A firewall can't determine the contents of e‑mail messages, so it can't protect you from these types of viruses. You should use an antivirus program to scan and delete suspicious attachments from an e‑mail message before you open it. Even when you have an antivirus program, you should not open an e‑mail attachment if you're not positive it's safe.

• Phishing scams

Phishing is a technique used to trick computer users into revealing personal or financial information, such as a bank account password. A common online phishing scam starts with an e‑mail message that appears to come from a trusted source, but actually directs recipients to provide information to a fraudulent website. Firewalls can't determine the contents of e‑mail messages, so they can't protect you from this type of attack.

Should you replace Windows Firewall?

If you are obsessed with your computer security, you may consider replacing our Windows Firewall with alternative solutions. Free and commercial software is available on the market for your evaluation. The default Windows firewall (Internet Connection Firewall) that is installed on Windows operating system has limitation of security protection or less user-friendly compares to third party firewall software.

Two major disadvantages to using default Windows firewall:

1. Default Windows Firewall does not restrict outgoing traffic from your computer or restrict applications from using your Internet connection. This means that if have a virus, Internet connection firewall will allow your applications to send data to the Internet without your permission.

2. When you boot your computer, Windows will enable your Internet connection before it enables the built-in firewall. This means that if someone attempts to hack your computer or port scan you while your computer is booting, your computer will be available on the Internet before the firewall starts up. This creates a limited opportunity for your computer to be hacked. Though this risk is mitigated by the short length of time between your Internet connection being active and the firewall starting, it is still a risk to take into consideration.

Alternatives for Windows Firewall

While we do not target in this post reviewing the available freeware firewall solutions, I would like to propose for your consideration the following utilities:

1. Comodo Internet Security, the latest Comodo Internet security that combines firewall and antivirus software can secure your system against internal attacks such as Trojans, viruses, malicious software and external attacks by hackers. Meanwhile, Comodo Internet Security run a multi-layered security application that protects you against identity theft hackers, Trojans, scripts and other unknown threats. Plus more, the Comodo firewall easy to understand and configure.
2. ZoneAlarm firewall is designed to protect your cable or DSL-connected computer against unauthorized access by hackers, hijackers and malicious software. It also blocks threats already on your pc from communicating with the malefactor or a third party so that hackers can’t gain access to your computer or personal data.
3. Private Firewall integrated desktop firewall and multi-layered intrusion prevention technology to protect your computer. This free private firewall delivers signature-less, real-time protection from known or new spyware, viruses, hacking techniques, and other intrusions on Windows desktops and servers. Meanwhile, it also offers network security features like port tracking, URL and packet filtering and application/system behavior modeling and anomaly detection components to protect both inbound and outbound traffics of user PCs.

Sources and Additional Information:

http://www.antivirusware.com/articles/what-is-firewall.htm

http://windows.microsoft.com/en-us/windows7/Firewall-frequently-asked-questions

http://www.techmixer.com/free-firewall-software-list-to-replace-windows-firewall/

http://www.firewallguide.com/

SC-PassUnleash Password Revealer

Most applications under Windows allow you to store their passwords. Examples are the passwords of ISP's, the password of your email client or FTP tool. Once the password is stored, it is hidden under a row of "***" asterisks and cannot be read again.

Now, this nifty utility allows you to read any of your passwords that are covered by the asterisks by simply dragging a cursor over such a password field. Once the cursor is on top of a "***" password field, SC-PassUnleash instantly displays the password in readable text on screen.

The software use does not require any tutorial or explanation.

Website: http://www.soft-central.net/passunleash.php

Direct Download: http://www.soft-central.net/Apps/SC-PassUnleash.exe

What is a danger of having your computer infected with Trojan?

What is a Trojan horse?


In the IT world, a Trojan horse is used to enter a victim’s computer undetected, granting the attacker unrestricted access to the data stored on that computer and causing great damage to the victim. A Trojan can be a hidden program that runs on your computer without your knowledge, or it can be ‘wrapped’ into a legitimate program meaning that this program may therefore have hidden functions that you are not aware of.

How a Trojan works

Trojans typically consist of two parts, a client part and a server part. When a victim (unknowingly) runs a Trojan server on his machine, the attacker then uses the client part of that Trojan to connect to the server module and start using the Trojan. The protocol usually used for communications is TCP, but some Trojans' functions use other protocols, such as UDP, as well. When a Trojan server runs on a victim’s computer, it (usually) tries to hide somewhere on the computer; it then starts listening for incoming connections from the attacker on one or more ports, and attempts to modify the registry and/or use some other auto-starting method.

It is necessary for the attacker to know the victim’s IP address to connect to his/her machine. Many Trojans include the ability to mail the victim’s IP and/or message the attacker via ICQ or IRC. This system is used when the victim has a dynamic IP, that is, every time he connects to the Internet, he is assigned a different IP (most dial-up users have this). ADSL users have static IPs, meaning that in this case, the infected IP is always known to the attacker; this makes it considerably easier for an attacker to connect to your machine.

Most Trojans use an auto-starting method that allows them to restart and grant an attacker access to your machine even when you shut down your computer. Trojan writers are constantly on the hunt for new auto-starting methods and other such tricks, making it hard to keep up with their new discoveries in this area. As a rule, attackers start by “joining” the Trojan to some executable file that you use very often, such as explorer.exe, and then proceed to use known methods to modify system files or the Windows Registry.

How can I get infected by a Trojan?

Trojans can be embedded in any executable file. The critical thing here is that the file must be executed to install the Trojan on your computer. Trojans can be sent via e-mail, ICQ, mIRC or IRCLE, FTP, Freeware or Shareware programs, mp3 and even movies. Some Trojans can even turn your webcam on so that the hackers can get a good look at your face.

Protecting Your Computer

To protect your computer from Trojans you need to get yourself a high quality virus scanner. You should also make sure you install a firewall as this will prevent hackers from accessing your computer in the first place.

Also use your common sense and make sure you're very careful whenever you're downloading anything from the internet. Never download anything unless you trust it, and make sure that it's from a trusted source. Also avoid downloading anything illegally as these often include some nasty extras.

Trojans Listing

If you have suspicion that you are infected by Trojan, run the anti-Trojan utilities (review the free software section). Be sure not to limit your “cleaning” with a single utility, but run several of them one after another. For less experienced users, there is not much difference, what your Trojan is suppose to do on your PC, and through which port it has entered the computer. The programs will do the dirty job without need of the user’s input.

However, if you consider yourself as pretty much computer literate, you may want to investigate the intrusion more seriously, checking and closing the security gap. For those, I would recommend review the listing of Trojans, filtered by different categories, like name, country of origin, actions, affected systems, ports, etc. Review the list: http://www.simovits.com/trojans/trojans.html

Sources and Additional Information:

http://kbase.gfi.com/showarticle.asp?id=KBID001671

http://www.mymommybiz.com/ebusiness/trojan.html

http://www.petri.co.il/trojan_ports_list.htm

http://www.spamlaws.com/trojan-horse-danger.html

Spybot - S&D (Search and Destroy) spyware detection and removal tool

Spybot - S&D (Search and Destroy) is an adware and spyware detection and removal tool. This includes removal of certain advertising components, which may gather statistics as well as detection of various keylogging and other spy utilities. In addition, it also securely removes PC and Internet usage tracks, including browser history, temporary pages, cookies (with option to keep selected) and more.

The program offers an attractive outlook-style interface that is easy to use and multi-lingual. Spybot - S&D allows you to exclude selected cookies, programs or extensions from being reported, allowing you to prevent false positive messages for items that you don’t want to be alerted of every time. It can even scan your download directory for files that have been downloaded, but not yet installed, allowing you to detect unwanted programs before you even install them.

SpyBot produces a detailed and easy to understand report before it deletes any files and allows you to deselect any item that you do not want to be processed. In addition, a recovery feature allows you to restore your settings if needed.

Note that even if you don't see the symptoms, your computer may be infected, because more and more spyware is emerging.

Spybot-S&D can start in two modes: Easy mode for new users who want just the basic features, and Advanced mode for professional users and those who want more control. Both modes are available in the free version.

Main features in default mode:

- Removal of adware and spyware.
- Removal of dialers.
- Removal of keyloggers.
- Removal of trojans.
- Removal of usage tracks.
- User-extendable database.
- Save removal of threats by shredding them.
- Backups of every removed problem.
- Permanent blocking of threatening ActiveX downloads.
- Permanent blocking of known tracking cookies for IE.
- Permanent blocking of threating downloads in IE.
- Command line parameters to automate tasks.
- Detailed information about problems found.
- Strict criteria to define targets.
- Integrated update function.
- Weekly updates.
- Update notification by mail.
- Easy to use interface.
- Multi-language support.

The efficiency of the utility is moderate, as any other similar freeware anti-malware programs. It should be used in conjunction with several other utilities to reach sterile cleanness on your computer.

Access program website for reviewing additional information and utility downloading: http://www.safer-networking.org/en/spybotsd/index.html.