≡× MENU

• Windows 10
• Internet, WiFi
• Useful
• Windows 7
• Mistakes

How to protect a flash drive from viruses? How to protect a flash drive from viruses once and for all Protecting against viruses on flash drives

USB Disk Security is a free application to provide complete protection against all kinds of malware distributed via removable USB media. The application works with external hard drives, memory cards, digital cameras, flash drives, and other devices that can be connected via USB. Disk Security is based on a special threat detection technology; as an anti-virus program, the utility is able to work in stealth mode, only letting you know about its existence only if malware is detected.

Basically, the infection of a personal computer with viruses occurs at the time of using the global Internet, a little less often it happens during the installation of a dubious or unverified program. An infected file can also penetrate a PC through the most common flash media.

When an infected flash drive is connected to a personal computer, the malware software penetrates into HDD, and most importantly, it happens so quickly that the installed antivirus programs do not always have time to respond in time. Especially for such cases, it is necessary to use programs that can easily cope with this type of threat. Today, Disk Security is one of the the best programs to protect against infected files distributed via USB drives.

If viruses are detected, the application, depending on the settings, will remove or block them, thereby preventing them from automatically launching. In addition, the utility is able to restore the system after it has been infected with malware, clear the hard drive of temporary files, prohibit copying files from the computer's hard drive, checking URL addresses, completely blocking USB ports, autoload control, forced scanning of hard drives.

The program is equipped with a convenient and simple user interface in Russian. The control panel is located on the left side of the working window, consisting of seven main items. The following sections deserve special attention: data protection, scanning and USB shield.

The last section is responsible for displaying a full report on all detected threats. You also need to take into account that the utility automatically removes any malicious application by default. So in order to avoid deleting important documents, it is better to disable this option, for example, after deleting the boot file, your USB drive will not be able to start. After disabling, Disk Security will act as follows - it will automatically move the infected file to quarantine or simply mark it.

In addition to tools for automatic checking of flash media, the "Scanning" section is equipped with a vaccination function. Vaccination can be carried out both on removable media and on the personal computer itself. At the same time, a special file is created on the flash drive or on the hard drive, which prohibits the launch of some malicious applications. Vaccination can be turned off if desired.

The "Data Protection" section is able to provide devices with higher protection, for example, you can set a ban on moving data from a computer to a memory card or generally block access to a PC via a USB port. To close access, you will need to restart your computer, only after that the settings will take effect.

Key features of USB Disk Security:

• Perform a more thorough scan of external drives. If malware is detected, they are either removed or quarantined.
• The presence of a resident anti-virus scanner that works when a new USB drive is connected. Without making changes to the settings, infected files will be automatically deleted.
• If necessary, you can completely disable automatic startup on the PC.
• When using the utility, it is possible to view content without the risk of infecting a personal computer.
• Websites are checked for infected applications. The following services are used during the scan: Trend Micro, McAfee, VirusTotal, Symantec, and Google.
• The linkzb.com search service provides an opportunity to use the Internet safely.
• The application is able to prevent unauthorized USB connection media to PC.
• Blocking the copying of unauthorized data to USB is performed through the use of the Access Control tool.
• Using the system for cleaning temporary files, if the virus is located in temporary directories, it will be removed immediately.
• You can set a password in the program settings.
• Full control over the applications included in autorun.
• The presence of a built-in system for restoring important directories in the registry that were affected by malware.
• You can download Disk Security for free.
• Runs on Windows XP, 7 and 8.
• An automatic check for updates is in progress.
• The application does not need to update virus databases, as it does not work like a standard anti-virus program.
• Due to the small volume, the utility can be installed even on a weak personal computer.
• Full compatibility with many modern anti-virus programs is viewed.
• Using a multi-language interface, a total of 12 languages ​​are available.

USB Disk Security is a simple and effective program to provide complete protection against malware distributed via removable media.

In this lesson I will tell you how to protect a USB flash drive from viruses. This method will be useful to owners of a flash drive with both FAT32 and NTFS file systems.

The first step is to define the file system. To do this, insert the USB flash drive into the usb port, then go to "My Computer", right-click on the removable disk icon and go to its properties. A new window will open in which you can easily specify the file system of your flash drive.

If the flash drive belongs to one of those systems that I spoke about above, then everything is fine. If not, then it needs to be formatted. To do this, right-click on the removable disk icon and select "Format...". In the window that appears, select "File system", check the box "Quick (cleaning the table of contents)" and click the "Start" button.

For a different file system, you need to use completely different methods of protection. We will analyze the first method for a flash drive with the NTFS file system.

How to protect a flash drive from viruses (NTFS).

First of all, go to the USB flash drive and create a regular folder. The name can be given as you wish.

Next, go back to "My Computer" and again go to the properties of the flash drive. Now go to the "Security" tab and click on the "Edit" button. Further, for all users, we leave only 2 items "List of the contents of the folder" and "Reading". At the end, click "OK".

If now you want to copy or create something in the root directory of the flash drive, then you will not succeed and an error will pop up that you need permission to perform this operation.

But that's not all. We click on the folder created earlier with the right mouse button and go to its properties. On the "Security" tab, click on the "Edit" button and give "Full Control" for all users.

This is done so that we can work with this folder, for example, copy some files to it, while access to the root of the flash drive is denied.

If your flash drive is in FAT32 format, then the instructions below will help you protect it.

How to protect a flash drive from viruses (FAT32).

First, as in the case of NTFS, the flash drive must be formatted. Only in this case we choose the FAT32 file system.

The next step is to run " command line" as an administrator. We go "Let -> All programs -> Accessories", then right-click on the desired item and select "Run as administrator" from the list.

We write the first command: md disk_number:\autorun.inf. In my case, the drive name is F. Thus, we create a special startup file.

Next command: attrib +s +h +r disk_number:\autorun.inf. By this we say that the file must be assigned attributes: system, hidden and read-only (prohibits writing it).

Of course, this is not 100% protection against viruses, but in most cases it can save you from malware that is distributed through the autorun.inf file.

In this tutorial, I'll show you how to quickly hide shortcuts on the desktop.

In this video tutorial, I will tell you how you can set up a single view to display the contents of all folders on your computer.

Good day, dear habra-reader. I work at a university in a computer science lab. We administer about a hundred computers. We faced the problem of protection against Autorun-viruses on flash drives. Naturally, we have autorun disabled in Windows, but it was necessary to protect the flash drives themselves so that the worker at home, inserting a working flash drive, would not infect his computer. Under the cut is a solution to the problem.

Before you start...

Dear users, the following actions were performed in the OS Microsoft Windows xp, in others operating systems process may be different. I would also like to say that the author of the text is not responsible for equipment damaged as a result of the following actions.

Training.

To implement our plans, we need to format the flash drive in NTFS, for this there are several methods known to me. For me, the easiest is to use Acronis Disk Director.

After launching Disk Director, you will see a list of disks connected to your system. In this list we find our flash drive, right-click and select "Delete Partition", in the new window we leave everything as it is (There is not much difference there). Then again right click on our disk and select "Create Partition". In the "Create Partition" window, select:

• File system: NTFS.
• Create as: Main section.

Now click on the "Flag" icon and in the window that appears, click "Proceed". After making the changes, restart your computer.

The flash drive can also be formatted more than in a simple way, specified SW. maxshop :

Start → Run → cmd →

Convert f: /FS:NTFS< - это если данные на флэшке нужны и их некуда сбэкапить

Format f: /FS:NTFS< - если данные нафик

Setting.

So, the card is ready for configuration, go to the flash drive and create a directory in the root directory in which the data will be stored, I called it "DATA". Right click on the new directory and go to the security tab, then click on the "Advanced" button. Here, uncheck the box "Allow inheritance of permissions from the parent object to this ...", in the dialog that appears, click "Copy", then click "OK" in both windows. Now let's go to the "Security" section of the root directory of our media and configure the permissions as follows:

In the "Allow" column, leave the following items checked:

• Reading and Execution
• List folder contents
• Reading

In the "Prohibit" column, check the box next to the "Record" item, in the dialog that appears, click "Yes".

That's it, in the end we get a flash drive that Autorun cannot write to. For this, we sacrifice a small share of performance, the ability to write to the root directory of the media and, of course, the inability to use the "Send" menu to copy data to the media.

Possible problems and their solution.

1. After formatting the drive to NTFS, it is not visible in the system.

   
   Right-click on "My Computer", select "Management", in the window that appears, go to "Disk Management", there we right-click on our flash drive and select "Change drive letter or drive path." Select a letter and click OK.

Unfortunately or fortunately, I did not find any more problems, if you suddenly find it - write, we will try to solve it.

Disable autorun.

Except XP Home Edition:
start - run - gpedit.msc - computer configuration - administrative templates - system - disable autorun (choose where to disable). Next, apply the new policy with the gpupdate command in the console.

In Home There is no group policy management snap-in, but the same effect can be achieved by manually editing the registry:
1) Start -> run -> regedit
2) open branch HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies
3) Create a new section
4) Rename the created section in Explorer
5) In this section, create the key NoDriveTypeAutoRun

Valid key values:
0x1 - disable autorun on drives of unknown types
0x4 - disable autorun of removable devices
0x8 - disable autostart of non-removable devices
0x10 - disable autorun network drives
0x20 - disable autorun CD drives
0x40 - disable autorun of RAM disks
0x80 - disable autorun on drives of unknown types
0xFF - disable autorun for all drives.

Values ​​can be combined by summing their numeric values.

Default values:
0x95 - Windows 2000 and 2003 (disabled autorun of removable, network and unknown drives)
0x91 - Windows XP (disabled autorun network and unknown drives)

tweet

Almost every user has experienced flash drive viruses.

Perhaps this is the most "contagious" way of transmitting viruses between computers, because it works even when the Internet is turned off. Moreover, on computers cut off from the World Wide Web, the situation getting worse due to the fact that antiviruses and Windows do not receive timely updates to protect themselves.

The problem is solved relatively easily with the free xUSB Defenc. She will help recover folders deleted by a virus from a flash drive(actually just hidden) and will automatically clean flash drives from some types of viruses.

Symptoms of viruses on flash drives

The symptoms are very diverse, as there are countless viruses. Here are the most common ones:

• File presence autorun.inf on a flash drive.
• Folder appearance Recycler on a flash drive.
• Instead of folders, there are shortcuts or programs with folder names.
• Folders and files disappear from flash drive even though you didn't delete them.
• The flash drive does not want to "safely remove" - ​​an error appears indicating that the device is busy.
• When opening the flash drive, an error window appears.
• When opening folders, windows with the contents of these folders appear in a new window.

All this and more can be said both that a virus has taken over the flash drive, and that this virus is running on your computer.

About the autorun.inf file- this is actually a useful file that says what program to run when you open the disk. It is convenient when installing programs and games from a DVD, but, unfortunately, you can also write a command to launch a virus in it. What, in fact, the virus writers did not fail to take advantage of by placing this file on flash drives.

How infection occurs - what does the virus do

Typical behavior of an autorun virus:

1. Copying yourself to the Recycler folder or somewhere else on the flash drive.
2. Duplicating yourself all over the flash drive, calling it the names of the folders located there (or creating shortcuts to your copy, which is almost the same thing).
3. Setting the "hidden" and "system" attributes on files and folders to hide real folders from the user's view and slip their copies or labels on the virus instead of them (see point 2).
4. Creating an autorun.inf file in the root folder of the flash drive (the one you see when you open the flash drive).

If you open such a pseudo-folder or simply click on the flash drive icon in My Computer, a virus will start that will try to register itself in the system. The launched virus will check which flash drives you insert into the computer's USB port and write itself to them.

Additionally, the virus can edit the file hosts(about fixing hosts file see ) so that instead of your favorite sites there is a requirement to send SMS. A banner may also pop up on the screen, again with a demand to pay money or some other threatening name. The virus can steal passwords entered in the browser and other programs, as well as other information useful to the attacker (such viruses are called "trojans").

Why are these viruses so common?

There are several reasons. In my opinion, the main reason is the neglect of anti-virus protection. To protect your computer from threats, you must not only install an antivirus, but also keep its databases up to date.

The second reason rather sad - the use of pirated Windows versions, in which the ability to auto-update the system is often disabled. The fact is that Windows has an Update Center that downloads fixes that block loopholes for viruses. For example, in February 2011, an update was released that prohibited autorun for flash drives, which made it impossible for viruses that spread exclusively using the autorun.inf file to multiply. Systems where update checking is disabled will not receive this patch.

Third reason- inattention and ignorance. To determine what is in front of you - a folder or a program - just point the arrow at the icon and wait. The tooltip that appears will contain important information about whether it is a folder or a program. If the program disguises itself as a folder (has a folder icon) - it's probably a virus. If there are only labels left on the flash drive, it is also a virus.

Fourth reason- viruses for flash drives are very easy to create. Anyone with even the slightest knowledge of programming is capable of writing such malware. It saddens me that people spend their talent and mind to the detriment of others.

Fight against autorun viruses

Autorun viruses appear constantly, almost daily. Not a single antivirus, even the most advanced one, is able to detect all new infections. It always takes some time before the virus enters the antivirus database for identification. A reasonable question arises:

What to do? How to protect a flash drive from viruses?

There are many ways, but I will stop on the most simple for a novice user. Therefore, for example, I will not consider corporate-level situations - system administrators know many ways to protect against viruses, the article will be useless for them. I will focus on defense home computers.

There are several ways to deal with autorun viruses:

• Refusal to use USB ports and the Internet. Of course, this is a utopia. Similarly, one could shove a computer into a bunker for safekeeping. A home computer needs USB ports and the Internet, because its owner needs it.
• Prohibition of launching all programs from a flash drive. Pretty good option, but has significant drawbacks: such Windows setup it will be difficult for a beginner, viruses from a flash drive will not go anywhere, it will not be possible to run safe programs.
• Using a good antivirus. Unfortunately, even the omnivorous Kaspersky Anti-Virus can “gap”, allowing the virus to start. This is because the virus may have atypical behavior that is not recognized by the protection. In addition, after removing viruses, folders hidden by malware remain hidden.
• Using a special program to protect against autorun viruses. This option must be used together with the previous one - using a full-fledged antivirus. A special program for protecting flash drives from viruses will scan the inserted flash drive for suspicious files and remove viruses (or send it to quarantine). It will also restore hidden files on the flash drive. Unfortunately, if the virus is already running, then it will be a Sisyphean job - the virus will copy itself to the USB flash drive, and the program will be deleted. The reason for using it together and not instead of an antivirus is obvious.

My computer is my castle

It is necessary to provide the most "durable" protection of your computer. To do this, you need an antivirus and a program to remove viruses from flash drives.

Antivirus must be installed, work correctly

First of all, open your antivirus settings and make sure there are no warning labels. Bases should be updated, the license - to work. If you do not have an antivirus installed, then you will have to install it. I gave a brief overview of the most popular free antiviruses. In the absence of the Internet on the computer, the antivirus will not be able to update itself, which is quite logical. Read the help of your antivirus on how to update its databases manually. Almost all antiviruses can do this. The Internet, of course, will be needed, but not necessarily on your computer

xUSB Defense - antivirus for flash drives

In fact, there are a lot of such programs - Anti-autorun, Vigilant Eye, Autorun Eater, USB Disk Security and a dozen or so similar ones. I settled on xUSB Defense for one reason - it works the fastest and most discreetly (although there are problems), and is also free. Official page of the program

The program is small - one megabyte. Installation is simple. After starting the program, a tray icon will appear:

Clicking the left mouse button opens the settings window, right - the menu. The xUSB Defense has a lot of settings, but their purpose is clear. It makes no sense to describe.

I will focus on a few important points:

1. The program can automatically delete or move to quarantine folder viruses and other programs from flash drives. The problem is that the default quarantine folder is in C:Program FilesxUSB DefenseQuarantine. This is wrong, because any program in Windows Vista, 7 and 8 do not have permission to write there. You will either have to always run the program as an administrator (which is inconvenient) or reassign the appropriate setting. Or you can simply delete or rename suspicious files - all this is configurable, it's up to you. The same applies to the logging option.
2. The program has an option Enable "Work with documents" mode. When this mode is checked, all files except documents, from a flash drive are removed. Be careful!
3. xUSB Defense- not an antivirus, but only an addition to it. It is not able to distinguish viruses from ordinary programs! All it does is delete or render harmless files based on their name and location. If you store programs on a flash drive, do not set xUSB Defense to be deleted.
4. A nice feature is the automatic removal of the "Hidden" and "System" attributes from files and folders. That is the program "restore" folders and files hidden by the virus. Hidden folders and files can also be viewed using Windows tools - just open Control Panel - Folder Options - View and uncheck Hide protected system files, choose Show hidden files, folders and drives - OK. In case of use xUSB Defense you do not have to configure Windows - the program will automatically restore hidden folders on flash drives.

I will give screenshots of the most optimal, from my point of view, settings. No files will be deleted, only renamed - this will make it difficult for viruses to launch and at the same time protect us from deleting something important. Folders and files hidden by the virus will be restored. The program will work by itself, starting automatically when you turn on the computer.

Here are my settings:

Tab "General" - set to automatic mode of operation

Here and in the next two tabs we do not touch anything - everything is configured most optimally

After pressing OK the settings will close, xUSB Defense will take up “combat duty”. After inserting the USB flash drive into the USB, the program will scan the USB flash drive. You can use a flash drive during scanning, but it is better to wait at least 5 seconds - this time is enough for scanning. Files identified as viruses are marked with the extension .#WARNING# in the name - if the program made a mistake, you just need to rename the files back.

Please note that in the settings I unchecked the item Scan in subdirectories (Slows down scanning). Unfortunately, if you enable this option, the program first crawls deep into folders, looking for viruses there. This is incorrect behavior, because first of all we need to scan the root folder of the flash drive - the one that we see when we open it - in order to neutralize the viruses that are most likely to be launched. So keep in mind - if you need maximum protection, you will have to check the box, but you will wait for the flash drive to be checked for a long time - up to five minutes.

Outcome

The combination of a working antivirus and a customized xUSB Defense program will well protect your computer from viruses from flash drives. Unfortunately, good doesn't mean perfect. There are two sad things:

1. Virus scanning in subfolders in xUSB Defense is very bad. The check takes too long, the most vulnerable place (the root folder shown when opening the flash drive) is checked last. However, in other programs of this kind the situation is similar.
2. Viruses are not only .exe program files, but macros(subroutines) inside ordinary documents, web pages. If the former are easily detected, the latter require a well-functioning antivirus. An example of a virus that spreads through a Microsoft Word document.

There will never be 100% virus protection. But you can achieve something close to this. This and notes on anti-virus protection will help you with this.