Solved

USB flash virus infection

Posted on 2010-09-23
9
631 Views
Last Modified: 2012-05-10
HI,

I need to know if an infected flash disk can infect the computer even if the usb ports are disabled on that computer.

Thanks
0
Comment
Question by:oamal2001
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 1

Expert Comment

by:mpiceni
ID: 33742531
If the ports are disabled via BIOS, there's no way, simply because Windows absolutely can't see the USB drive.
Also disabling USB support via Device manager or group policy, as far as I know, prevents infection from USB, but can't assure that an already present virus can infect the USB drive inserted. This kind of disabling is software and re-enabling can be done by software.
0
 

Author Comment

by:oamal2001
ID: 33742584
I disable USB through a program intelliadmin.

Regards,
0
 
LVL 7

Expert Comment

by:myhc
ID: 33742604
BIOS is the way if you don't need to use USB for anything else.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:oamal2001
ID: 33742616
I need to do this through network because I have more than 150 computers.

Thanks
0
 
LVL 1

Expert Comment

by:mpiceni
ID: 33742666
IntelliAdmin USBDisabler uses group policies to disable USB support. This means that a code present on a USB drive can't be executed unless some code present on the PC tamper the protection. So very likely you'll not get a virus from USB, but you may get from other source and then put it on the USB drive. I think is an acceptable solution.
0
 
LVL 19

Expert Comment

by:lamaslany
ID: 33742744
What are the makes/models of your PCs?  Some allow you to modify BIOS settings through Windows...
0
 
LVL 19

Expert Comment

by:lamaslany
ID: 33742837
PS:  From my understanding of the registry change that IntelliAdmin USBDisabler applies it prevents Windows from loading the drivers to support the USB device.  If this is the case then Windows will not be able to properly initialise the device and will be unabel to access the file system.  This means that any driver expolits will fail and autorun-style viruses will never be loaded.  This would also have prevented the recent icon handler exploit where simply looking at the drive in Windows Explorer was enough to compromise the system.
0
 
LVL 7

Accepted Solution

by:
myhc earned 250 total points
ID: 33747985
wow wow, If your PC had AV, then what's the problem. USB drives are scanned, well should be. Mcafee, AVG and many others will do this.
Also, most or ALL anti-viruses scan on file open. so your be covered.

Now the downfall is if the virus is so new that you AV doesn't know about it.  But if someone really wanted to execute  a virus on your system they could by having a bootable USB virus that would bypass any system software you install, so BIOS is the only true way to do this.
0
 
LVL 19

Expert Comment

by:lamaslany
ID: 33748431
Just a quick note:  the risk of booting another OS from a USB device can be mitigated by fixing the boot order and password-protecting the BIOS.  How much protection this offers though is still questionable if you cannot physically secure the machine.  You might want to look at full disk encryption (sometimes called On-The-Fly encryption) which should help further mitigate the risk of physical tampering.

I am afraid at the end of the day you have to make a choice between security, convenience and cost.  
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Retrieval of photos from ipad after hardware reset 12 75
Adobe Premier GPU Issues 6 45
Guidelines for building a gaming PC 17 58
server room temperature control 24 70
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question