Usb Flash Drive Virus Preventive Measures Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Protecting and securing from viruses is always a challenging task. Lot of viruses occupy space in disk and degrades the performance. USB Hard Disk and Flash Drive play a major role in spreading viruses. In this paper we discussed about preventive measures to avoid spreading viruses from USB Hard Disk and Flash Drive to system. Initially we discussed about stand alone system protection and then Anti - virus software for virus detection. Third is taking no action while connecting USB drive and manual deletion of viruses. Finally we discussed Preventive measures to avoid spreading viruses from USB Hard Disk and Flash Drive.

Key words

Preventive measures from viruses spreading, USB Hard Disk and Flash Drive virus prevention

I. Introduction

Many of our PC/laptop's normally gets virus because of Pen Drives or USB devices (Even PC's who are not connected to network). Some Virus like Ravmon Virus , Heap41a worm which are not detected by anti virus normally spreads mostly by the Pen Drives . In such a case what can we do to prevent our PC from getting infected with Virus that spreads through USB devices or Pen Drives? Prevention is better than cure. in this paper we are concentrating how to prevent our system by infecting viruses from USB Hard Disk and Flash Drive.

A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.

The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software), including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a program that appears harmless but has a hidden agenda. Worms and Trojans, like viruses, may cause harm to either a computer system's hosted data, functional performance, or networking throughput, when they are executed. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious.

II. Operating system reinstallation

Reinstalling the operating system is another approach to virus removal. It involves simply reformatting the OS partition and installing the OS from its original media, or imaging the partition with a clean backup image (Taken with Ghost or Acronis for example). This method has the benefits of being simple to do, being faster than running multiple antivirus scans, and is guaranteed to remove any malware. Downsides include having to reinstall all other software, reconfiguring, restoring user preferences. User data can be backed up by booting off of a Live CD or putting the hard drive into another computer and booting from the other computer's operating system (though care must be taken not to transfer the virus to the new computer).

III. Preventive measures to avoid spreading viruses

A. Stand alone system.

The only best way to avoid viruses is keeping the system as stand alone with out communicating with any other system. Even floppies, pen drives and blue tooth are should not used for computer. But in to-days world it is not at all possible because communication plays a vital role in modern world.

B. Anti - virus software.

Many users install anti-virus software that can detect and eliminate known viruses after the computer downloads or runs the executable. There are two common methods that an anti-virus software application uses to detect viruses. The first, and by far the most common method of virus detection is using a list of virus signature definitions. This works by examining the content of the computer's memory (its RAM, and boot sectors) and the files stored on fixed or removable drives (hard drives, floppy drives), and comparing those files against a database of known virus "signatures". The disadvantage of this detection method is that users are only protected from viruses that pre-date their last virus definition update. The second method is to use a heuristic algorithm to find viruses based on common behaviors. This method has the ability to detect viruses that anti-virus security firms have yet to create a signature for.

Some anti-virus programs are able to scan opened files in addition to sent and received e-mails 'on the fly' in a similar manner. This practice is known as "on-access scanning." Anti-virus software does not change the underlying capability of host software to transmit viruses. Users must update their software regularly to patch security holes. Anti-virus software also needs to be regularly updated in order to prevent the latest threats.

One may also minimise the damage done by viruses by making regular backups of data (and the operating systems) on different media, that are either kept unconnected to the system (most of the time), read-only or not accessible for other reasons, such as using different file systems. This way, if data is lost through a virus, one can start again using the backup (which should preferably be recent). If a backup session on optical media like CD and DVD is closed, it becomes read-only and can no longer be affected by a virus (so long as a virus or infected file was not copied onto the CD/DVD). Likewise, an operating system on a bootable CD can be used to start the computer if the installed operating systems become unusable. Backups on removable media must be carefully inspected before restoration. The Gammima virus, for example, propagates via removable flash drives

C. Take no action while connecting USB drive

We can protect your PC by just following the simple steps below while connecting USB drive.

Connect Pen Drive or USB drive to Computer.

Then a dialogue window will popup asking to choose among the options as shown in the figure 1.

Fig.1 Take no action while connecting USB drive

Don't choose any of them, just simply click Cancel.

Now go to Start--> Run and type cmd to open the Command Prompt window.

Now go to My Computer and Check the Drive letter of your USB drive or Pen Drive. ( E.g. If it is written Kingston (I:) , then I: will be the drive letter .)

In the Command Window ( cmd ) , type the drive letter: and Hit Enter (I:) .

Now type dir/w/o/a/p and Hit Enter.

You will get a list of files . In the list , search if anyone of the following do exist .


New Folder.exe






RVHost.exe or any other files with .exe Extension .

If there is any one of the files above , Run the command attrib -h -r -s -a *.* and Hit Enter.

Now Delete each File using the following Command del filename ( E.g del autorun.inf ) .

Now scan USB drive with the anti virus we have to ensure that we made our Pen Drive free of Virus.

Now we removed the viruses manually and confirmed with Antivirus software.

D. Disable Write Access to USB Hard Disk and Flash Key Drives

There is a registry hack that able to disable the USB drive access to USB mass storage device such as flash drive, USB key, thumb drive, pen drive and portable hard disk while keeping the USB hardware device such as webcam, mouse, keyboard, printer and scanner connected to USB ports working as usual. However, the hack disables the USB access to disk drive completely. User cannot copy data to the USB disk storage, nor able to read any files and documents from the USB drive.

For user who just want to disable write access to the external removable USB mass storage disk drive, there is another registry hack of WriteProtect in StorageDevicePolicies registry key that able to restrict Windows system from writing to the USB disk drive, and hence effectively user to copy any sensitive or private data from the PC to USB key stick. The trick works in a similar way to write-protect feature used in floppy disk and backup tape which make the disk read-only, only that in this case, it's system wide implementation that block any writing and recording of data to USB mass storage device.

To disable writing access to USB drives and make all USB drives has only read-only access, follow these steps:

Run Registry Editor (regedit).

Fig.2. run regedit.exe.

Navigate to the following registry key:


Fig.3. Navigate to the registry key.

Create a New Key named as StorageDevicePolicies.

Fig.4. Create a new key

Highlight StorageDevicePolicies, and then create a New DWORD (32-bit) Value.

Fig.5. Add DWORD value

Named new DWORD value as WriteProtect.

Fig.6 name is given for new DWORD value.

6. Double click on WriteProtect, and set its value data to 1.

Fig.7 Edit DWORD value.

Once set, all users on the computer is now blocked and prevented from copying, transferring or writing any files, documents and data to the USB disk drives, without the need to restart or reboot computer. Any attempt to download or copy files to USB drive will return the following error message:

The disk is write protected.

The media is write-protected.

Remove the write protection or use another disk.

While creating a new Microsoft Word Document we get error message "The media is write-protected".

Fig.8 Error message: The media is write-protected.

While creating a new Microsoft Word Document we get error message "Remove the write protection or use another disk".

Fig.9 Error message: Remove the write protection or use another disk.

To revert and remove the blocked write access to USB drivers, just delete the StorageDevicePolicies registry key, or delete the WriteProtect registry entry, or change the value data for WriteProtect to zero (that is 0).

For user who doesn't want to manually editing the registry, simply the following code to enable or disable the write protection (block writing attempt) to USB removable drive.

A. Disable the write protection

Type the following code and save to DisableWriteToUSB.reg file

Fig. 10 DisableWriteToUSB.reg file

Double click the DisableWriteToUSB.reg file

Fig. 11 DisableWriteToUSB.reg file icon

B. Disable the write protection

Type the following code and save to EnableWriteToUSB.reg file

Fig. 12 EnableWriteToUSB.reg file

Double click the EnableWriteToUSB.reg file

Fig. 13 EnableWriteToUSB.reg file icon

This method works in Windows XP SP2 and SP3, Windows Vista, Windows Server 2003 and 2008.

IV. Conclusion

Lot of viruses occupy space in disk and degrades the performance. Using these preventive measures space and time problems are solved to some extent. Public service systems also get protection from viruses. Thousands of DTP centers will get benefit by preventing from spreading viruses.