Solved

USB flash virus infection

Posted on 2010-09-23
9
627 Views
Last Modified: 2012-05-10
HI,

I need to know if an infected flash disk can infect the computer even if the usb ports are disabled on that computer.

Thanks
0
Comment
Question by:oamal2001
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 1

Expert Comment

by:mpiceni
ID: 33742531
If the ports are disabled via BIOS, there's no way, simply because Windows absolutely can't see the USB drive.
Also disabling USB support via Device manager or group policy, as far as I know, prevents infection from USB, but can't assure that an already present virus can infect the USB drive inserted. This kind of disabling is software and re-enabling can be done by software.
0
 

Author Comment

by:oamal2001
ID: 33742584
I disable USB through a program intelliadmin.

Regards,
0
 
LVL 7

Expert Comment

by:myhc
ID: 33742604
BIOS is the way if you don't need to use USB for anything else.
0
 

Author Comment

by:oamal2001
ID: 33742616
I need to do this through network because I have more than 150 computers.

Thanks
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 1

Expert Comment

by:mpiceni
ID: 33742666
IntelliAdmin USBDisabler uses group policies to disable USB support. This means that a code present on a USB drive can't be executed unless some code present on the PC tamper the protection. So very likely you'll not get a virus from USB, but you may get from other source and then put it on the USB drive. I think is an acceptable solution.
0
 
LVL 19

Expert Comment

by:lamaslany
ID: 33742744
What are the makes/models of your PCs?  Some allow you to modify BIOS settings through Windows...
0
 
LVL 19

Expert Comment

by:lamaslany
ID: 33742837
PS:  From my understanding of the registry change that IntelliAdmin USBDisabler applies it prevents Windows from loading the drivers to support the USB device.  If this is the case then Windows will not be able to properly initialise the device and will be unabel to access the file system.  This means that any driver expolits will fail and autorun-style viruses will never be loaded.  This would also have prevented the recent icon handler exploit where simply looking at the drive in Windows Explorer was enough to compromise the system.
0
 
LVL 7

Accepted Solution

by:
myhc earned 250 total points
ID: 33747985
wow wow, If your PC had AV, then what's the problem. USB drives are scanned, well should be. Mcafee, AVG and many others will do this.
Also, most or ALL anti-viruses scan on file open. so your be covered.

Now the downfall is if the virus is so new that you AV doesn't know about it.  But if someone really wanted to execute  a virus on your system they could by having a bootable USB virus that would bypass any system software you install, so BIOS is the only true way to do this.
0
 
LVL 19

Expert Comment

by:lamaslany
ID: 33748431
Just a quick note:  the risk of booting another OS from a USB device can be mitigated by fixing the boot order and password-protecting the BIOS.  How much protection this offers though is still questionable if you cannot physically secure the machine.  You might want to look at full disk encryption (sometimes called On-The-Fly encryption) which should help further mitigate the risk of physical tampering.

I am afraid at the end of the day you have to make a choice between security, convenience and cost.  
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Disk boot Failure 100 200
USB Cables 4 50
laptop screen glitch deffected 8 46
Put a name of this device 9 34
In this article we have discussed the manual scenarios to recover data from Windows 10 through some backup and recovery tools which are offered by it.
Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now