But this convenience comes at a price. Not only your stored data in these little gems is prone to theft and lost cases, but is also vulnerable to malware infections, which it could acquire as it gets inserted from one PC to the other. You never know, which of them is already compromised and infected and cause virus infection to spread onto your USB Flash Drive.

Why take chances? Why not Write Protect your USB Drives. There are free tools available from making your thumb drive write protected. They generally make use of a simple Windows Registry Hack. If you are comfortable enough to make modifications to your Windows Registry files, then you even do not require to download these these write protectors.

The First Tool: Thumbscrew – Software USB Write Blocker

Thumbscrew allows you to quickly enable or disable writing to all USB mass storage devices on your Windows system. In other words, you can use it to make a USB flash drive, hard drive or IDE / SATA drive in an enclosure read only. Although there are no guaruntees provided, you can play around with making forensic images of thumb drives and other USB mass storage devices also with this tool. You will see one of two icons in your system tray to indicate whether or not USB mass storage devices are set to be read only:

The Second Tool: USB WriteProtector

Just like ThumbScrew, USB WriteProtector enables or disables the write protection for USB disks, e.g. an USB stick.

Both of these devices function on simple principle, and you can employ that even without downloading any of these software. If you do not find yourself comfortable with using third party software, then follow these steps.

• Click on Start > Run.
• Type in regedit to open the Registry Editor.
• Navigate to the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
• Click on Control in left pane. Check if you can find a sub-key StorageDevicePolicies in the right pane. If it is not there, you will have to create it first.
  
• For it, Click on Control in left pane and right click on right pane. Click on New > Key.
• Name it as StorageDevicePolicies.

• Click on this newly created key in the left pane.
• Right Click in the right pane, click on New, select DWORD.

• Name it as WriteProtect.
• Double Click on it and change its value as ’1′.

[Download Thumbscrew]

[Download USB WriteProtector]

If you are one among them, and find yourself struggling to select the best suitable font for your latest document among the installed fonts, then there is a useful utility, which allows you to easily list and view all the installed windows fonts in your machine.

Welcome to WinFontsView.

WinFontsView is a small utility from NorSoft, that enumerates all fonts installed on your system, and displays them in one simple table. For each font, WinFontsView draws 5 samples of the font in different sizes, in order to allow you to easily find and choose the desired font that you need. WinFontsView also allows you to view the fonts as Bold, as Italic or with underline, as well as it allows you to export the fonts list into html file.

If you need to find a font in non-English character set, WinFontsView also allows you to choose the right characters set of the fonts and to type the characters displayed in the sample text of each font.

WinFontsView doesn’t require any installation process or additional DLL files. In order to start using it, simply run the executable file – WinFontsView.exe. After running WinFontsView, the main window displays all ANSI fonts installed on your system. If you want to view fonts in non-English language, Go to Options->Advanced Options (or press F8), choose the desired character set and type the characters of your language to view in the sample text.

You can also choose to view the fonts as Bold (Ctrl+B), as Italic (Ctrl+I) or with underline (Ctrl+U). If you want to view the font samples in HTML, you can use the save option (Ctrl+S) or the HTML report options under the View menu. However, be aware that you cannot view the HTML file in another computer that these fonts are not installed.

If you work on a shared computer, and are concerned about the privacy of your stored information then you can consider using a tiny utility called USBDeview from NirSoft.

USBDeview keeps track of all the USB Devices installed on your computer through the use of an event log file. It lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used.

For each USB device, exteneded information is displayed: Device name/description, device type, serial number (for mass storage devices), the date/time that device was added, VendorID, ProductID, and more…

USBDeview also allows you to uninstall USB devices that you previously used, and disconnect USB devices that are currently connected to your computer. You can also use USBDeview on a remote computer, as long as you login to that computer with admin user.

This utility works on Windows 2000, Windows XP, Windows 2003, Windows Vista, Windows Server 2008, and Windows 7. Windows 98/ME is not supported. In order to disable/enable/uninstall USB items under Vista with UAC turned on, you should right click on USBDeview and choose ‘Run As Administrator’.

USBDeview doesn’t require any installation process or additional DLL files. Just copy the executable file (USBDeview.exe) to any folder you like, and run it. The main window of USBDeview displays all USB devices installed on your system. You can select one or more items, and then disconnect (unplug) them , uninstall them, or just save the information into text/xml/html file.

[Download USBDeview]

SysInternal’s Autorun – A Useful SystemTool from Microsoft

If you are looking for a reliable tool to manage all of the windows processes, services, DLLs, startup applications and programs, then Microsoft provides you a free tool. It is a great utility, which lets you manage virtually everything with just a few mouse clicks. You can easily disable and enable any entry just by clicking on checkbox against each entry.

I am yet to find any tool better than this. It is probably the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. You can configure Autoruns to show other locations, including Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond the MSConfig utility bundled with Windows Me and XP.

You can right-click any active entry and choose to delete, copy or verify the item. SysInternal’s Autorun also allows you to search online for more information about that entry using a single click, view an entries properties and more from the resulting pop-up menu.

Just like MsConfig utility in Windows, Autoruns’ Hide Signed Microsoft Entries option helps you to zoom in on third-party auto-starting images that have been added to your system and it has support for looking at the auto-starting images configured for other accounts configured on a system. Also included in the download package is a command-line equivalent that can output in CSV format, Autorunsc.

How to use AutoRun

Simply run Autoruns and it shows you the currently configured auto-start applications as well as the full list of Registry and file system locations available for auto-start configuration. Autostart locations displayed by Autoruns include logon entries, Explorer add-ons, Internet Explorer add-ons including Browser Helper Objects (BHOs), Appinit DLLs, image hijacks, boot execute images, Winlogon notification DLLs, Windows Services and Winsock Layered Service Providers.

It come from the reliable source Microsoft, that too absolutely free. It doesn’t require any installation, and is in the form of an executable file, which you can run in standalone mode. It is the perfect tool for network administrators, system analysts and IT experts to track down and eliminate strange looking and hidden windows processes and services. It can also be of great help in manual removal of malware processes.

What more a Windows user will ask for.

[Download SysInternal's AutoRuns]

For knowing more about the this useful tool and sharing the user experience, you can also visit the Sysinternals Autoruns Forum.

AutoRun, a feature of Windows Explorer (actually of the shell32 dll) introduced in Windows 95, enables media and devices to launch programs by use of commands listed in a file called autorun.inf, stored in the root directory of the medium.

This feature was introduced in Windows way back during the development of Windows 95 and has been continuing with Windows since then on the pretext of adding user convenience.

AutoRun functionality has been used as a malware vector for some time. Since you never know, what is configured in the Autorun files of the removable media, which your inserting in your computer, there is a huge risk, that a malware script might get executed without your knowledge as soon as you insert that innocent looking USB in your computer.

Prior to Windows Vista, the default action with a CD-ROM drive type was to follow any autorun.inf file instructions without prompts or warnings. This makes rogue CD-ROMs one possible infection vector.

How to Block Block Malware Infections from Autorun Files in USB

There are tools and tricks, which will allow you to completely block the execution of any AutoRun files on your computer through USB Flash Disks or any other removal media.

But in case, you are fond of AutoRun functionality and want only the malware files to be blocked, then you might need a simple utility, which can monitor and stop the execution of AutoRun files, which can harm your computer.

AutoRun Easter is one such useful utility for your PC Security. It is fast and prompt in detecting the execution of malicious files in the inserted USB Autorun file. It is in the form of a downloadable .exe file, which will sit silently in your system tray on execution.

As soon as any USB Disk or CD is inserted in your computer, it will quicklu check the contents of AutoRun file even before your Windows is able to check the directory structure of the inserted disk.

How Does AutoRun Eater determine if the AutoRun File contains any Malware

Autorun Eater determines whether an ‘autorun.inf’ file is malicious or not by checking for certain strings in the file. You are then warned and asked for further action if ‘autorun.inf’ files containing those strings are detected.

As soon as AutoRun Eater detects any malicious content in the AutoRun file, the original file gets deleted and a backup copy of the suspicious ‘autorun.inf’ file is first made.

Backup copies of the removed ‘autorun.inf’ file(s) can be viewed by clicking on ‘View Backup’ under the ‘Autorun Backup’ menu option or you could manually navigate here: Documents and Settings\All Users\Application Data\Autorun Eater\Autorun Backup.

Here is a YouTube video, which displays the functionality of Autorun Eater.

[Download AutoRun Eater]

Like most modern operating systems, Windows can run many programs at the same time. Still, unless your computer has several processors, it can only perform one task at a time. To solve this problem Windows switches rapidly between all running programs, creating the illusion of all programs running in parallel.

How to See Which Processes are Currently Running on Your Computer

Windows has a simple function for it. Just Press Ctrl+Alt+Del keys, and you will get the desired window.

Why You May Need to Kill Certain Processes

You may need to kill Windows Processes when you are trying to remove malware and spyware from your computer. If you are using some step-by-step instructions for the malware removal from your computer, then first you have to kill the processes associated with the malware. Today’s malware and viruses take control of the entire system in their hands and make your security software handicapped. Unless you kill the malicious process, it is sometimes very difficult for the security software to identify the malware and clean your computer.

At many other times, a process may be taking too much time to get completed and may be causing a huge drain on your system. In such cases you might want to identify the process causing it and kill that.

How to Kill, End or Stop Windows Processes

Just select the desired process and kill it.

How to identify which Windows Processes to Kill

It is a tricky process. Sometimes the names of the running processes can easily be identified with a running Windows application. But many a times, the names are so ambiguous that it is almost impossible for an average computer user to identify the application associated with the process. Many of the currently running windows processes are associated with system files and it is essential to let them run for correct operation of your Windows operating system.

If you are not sure about any of them, there are many process libraries, which you can refer. Just enter the name of the process in their database, and complete information about them will be there for you. You can then decide what you want to do with that process.

Some of the good Process Libraries are as follows.

• ProcessLibrary.com
• What-process.com
• Windows Processes Database at pcselfhelp.net
• what-is-exe.com

Sandboxing, is an approach, which is often overlooked by many of the computer users. However it is a great way to get protected.

What is a SandBox

If you are not sure, Sandbox is a tool, which creates a virtual space in your PC and restricts the applications, browsers and websites to work within this space. Your main files remain protected and all the changes made to them are only temporary in nature. Even if you encounter a virus or trojan, or you click a malicious link while browsing, which downloads some malware script on your PC, or you visit a website which attempts to push some drive-by-download onto your PC, you do not have to be worried about them.

If you are using a sandbox, you are protected. With one click or a simple boot, you can just wipe out all the changes made during this session and your computer is as fresh as it was before you started the sandbox session.

Sandbox is also an excellent tool for testing of a new software, about whose safe nature you are not absolutely sure. For instance, you might be willing to try some screensaver, or some new software from a torrent site, but you are afraid whether it contains any malware or s pyware, then there is no need to worry. Just run that software in an sondboxed environment, test the software as you wish and in the end, wipe out all the changes made to your system with few simple clicks. Easy.

Returnil Virual System – A useful toll for Windows Security

Returnil is one such tool, which allows you to run applications in a sandboxed environment. Returnil virtualization technology clones a computer’s System Partition and boots the PC into this system rather than native Windows, allowing users to run your applications in a completely isolated environment.

This method of providing security to your Windows computer has some distinct merits over the traditional methods of using security software like antiviruses, antispyware etc. These tools work on post-event basis. They depend on early detection of all new malware and updation of the signature file of these antiviruses by the end user. There can be considerable delays, sometime hours, sometimes days and sometimes months, before the actual protection to a malware ultimately reached the end user.

Important Feature of Returnil Virtual System

System Protection Mode / Virtualization: It allows you to create a virtual copy of your system and thus take advantage of virtualization. You can choose to drop or save changes upon restart.

Virtual Partition: You can easily create and mount virtual partition with a facility to A\automount with each system start. Saved files will stay after restart.

Access Protection: It allows you to keep inexperienced users from making changes to your settings. For instance if you have a few children, which also play around with your Computer in your absence, then you can try it. You can also set custom password to lock the interface.
Protection Scheduler: It can also automate your computer’s protection. You can schedule your protection to be ON at specified times. It also allows you to operate it on case-to-case basis; for instance you can turn OFF protection when updating Windows etc.

Returnil Virtual System 2010 Beta

Recently, Returnil has also announced the release of the BETA version of their latest product Returnil Virtual System 2010. It has been able to integrate System level Virtualization with Malware detection and removal in a single, easy to use application.

“The addition of Malware detection in the virtual environment, the all new Returnil VirusGuard, works to ensure that users computing experience is free from known malicious content while working hand-in-hand with our virtual system technology to provide the most effective and seamless malicious content removal available,” said Fernando Francisco, the CEO of Returnil.

Returnil has a free personal edition as well as the paid pro version. The following screenshot lists the features in both the versions. In addition, you can download the full featured BETA version of Returnil 2010 from their website.

[Download Returnil]

What is a Firewall

Firewalls are that part of your computer system, which blocks the unauthorized access – both to and from your computer, based upon the authorization rules specified by you.Windows Vista has a built in Firewall, but many people just do not use this important PC Security Tool.

How to Change Windows Firewall Settings

Just Click on Start Menu and type Firewall in the Search Box of Start Menu.

Click on Windows Firewall with Advanced Security. A new Window will open, where you can tweak your Windows Firewall settings and make your own rules as which programs are allowed to make outbound or inbound connections.

In the Windows Firewall with Advanced Security window, there are three panes. Click on the Windows Firewall Properties link on the middle pane, and following window will open.

In this window, you can tweak the firewall settings. There are three tabs; Domain Profile, Private Profile and Public Profile. Click on each tab to make sure that Firewall State is ON for all the three tabs.

Next, if you have never changed your Windows Firewall settings in the past, then you will find that Inbound Connections are “Blocked” but the outbound connections are “Allowed”. These are the default settings for Windows Vista.

These settings are ok for an average user, but if you want to harden your PC Security, then all outbound connections are also required to be blocked. Change them to “Block” state in all the three tabs and save your settings.

Now you need to create rules for allowing the programs like your Internet Browsers, your security software etc., which need to access the Internet.

For it, click on the Outbound Rules link on the left plane of Windows Firewall with Advanced Security window. A new window will open, click on “New Rules” link on the top right section. Follow the steps thereafter for each program, which you want to allow the Internet access.

Important: Having said that, however, it is seen that if you do not configure the Windows Firewall correctly, you may encounter some “Failed to Connect” messages each time you visit sites. Keep remembered that when any such message appears from any application on your PC, remember that you may have to tweak your Windows Firewall settings to let that applications work smoothly.

Remember, your PC Security is too precious and requires some time and effort on your part to be devoted.

If you have Windows Vista on your PC, then Microsoft has incorporated a decent utility within your Control Panel, which checks the basic security aspects of your system, and lets you know if any of them needs your attention.

It is called Windows Security Center.

How to Access Windows Security Center

Just click on Start > Control Panel.

Click on Windows Security Center in the Classic View Mode.

What Windows Security Center Tells You

It monitors the status of four critical aspects of your PC Security in real time.

Firewall: Whether appropriate firewall is enabled on your PC or not.

Automatic Update: No software can ever be perfect. There are always weaknesses and vulnerabilities in every code and good vendors keep on finding them and plugging them through regular updates, which are automatically downloaded in your system and installed. It is a fact, that despite a recent awakening on this issue, many people still ignore this important aspect and let the Windows Update remain disabled. They think that it saves them time and bandwidth. Recent outbreak of Conficker Worm is a typical example of it, which exploited a vulnerability in Windows, which had been patched up by Microsoft more than one year back. But lots of people still were carrying the old versions.

This section of the Windows Security Center checks, whether the Automatic Update settings of your Windows are working or not.

Malware Protection: This section lets you know correct Antivirus and Antispyware software are installed and updated in your system or not.

Other Security Settings: This check your other security settings like Internet Security and User Access Control. If you are not knowing about User Account Control

User Account Control (UAC) is a feature in Windows that can help prevent unauthorized changes to your computer. UAC does this by asking you for permission or an administrator? password before performing actions that could potentially affect your computer’s operation or that change settings that affect other users.

So, be vigilant and keep checking your Windows Security Center settings. You never know, when disaster strikes.