USB Pen drives are a great tool for carrying out our data from one place to other easily, but they can also be responsible for virus infections on your system along with the easiest way to steal your confidential and sensitive data from your system.
Using a simple registry edit, You can Block/Disable USB Pen Drives to be used on Your Computer. It doesnt require anything too technical. You just need to change a registry value only.
Navigate to Start > Run and type regedit to open the registry editor.
In the left pane, navigate to Computer\HKEY_LOCAL_MACHINE\System\Current-ControlSet\Services\ USBSTOR.
Double-click on the entry named Start in the right pane. Change the Value data: field from 3 to 4. Press OK to save it.
If you want to enable your computer’s ability to use USB drives again, you need to just set the value of Start to 3 again.
Similar Posts:
- Windows Registry : Explained in Simple terms
- Lock/Encrypt your USB flash drive / External hard disk with Rohos Mini Drive
- Free Registry Mechanic Genuine License For 1 Year
- TuneUp Utilities 2007 Download with Free License
- SNAGIT 7 Premier Screen Capture Utility – Free License
- Download PC Tools Desktop Maestro 2 for free
- ADrive.com – 50GB of Free Online Storage & Backup
- Enhance your Windows Vista / XP with Comodo System-Cleaner
- Free System Mechanic 8 Full Version Download with Six Month Activation License Serial Key
- Secure data by preventing Restore of deleted data
Avinashtech is a Revenue Sharing blog, Write for us and earn money. Read here for more info. Need help with your Laptop or desktop? Want to Share something or give feedback Use the FORUM
{ 2 trackbacks }
{ 11 comments… read them below or add one }
This is good advice and have seen this method and others like it. One issue is, “if I recall correctly” this only works on USB’s that haven’t been plugged in prior, not sure, it could be when you use GPO to block USB users when this applies. Either way, I feel in addition to this, logging out of your account when away, with a strong password and only allowing limited user accounts for others is the best way to go. In combination, it is at least an added level of security.
yes, I agree with you. Its a dded level of security just be a simple registry change. :)
hi ,
all good but useless , a person who will want info can open the comp , hook some cables on and you can copy data anyway , ….
if you use the cofee tool for law enforcement , even with this i can get into a comp true the usb , …. (!)
the solution is to use usb sticks like ironkey , and to have a strict data policy !!
can you ban them on the work floor ? no maybe not but you sure can control it !
have a nice day
Well then what you are saying is…. all security is useless with physical access, “and I agree to a point”. Anyone with physical access can own the PC in question. The question is more of “where” this will be used, what invironment? In a work environment, I would hope the administrator would take higher precautions and not rely on just this method, if so, they need to be fired. This isn’t directed at a corporation, this is for standard users I would think and once again, true, if you can touch it, you can own it as the old saying goes, however, some can’t, or won’t know how. Aside from that, this would still advance security in many standard circumstances and even if not, why make it easy for them? That little time it would take to get around this may be slight but perhaps just enough to make them retreat from trying in some cases. Either way, it’s good to add a layer of security even if slight and not everyone knows how to hack into a registry.
As far as Ironkey, it makes quite the ultimate USB stick, however, admin privilege and a registry lockout are two different things. If you block USB access, and once again “under basic circumstances” Ironkey isn’t going to hack the system.
So yes, anyone with the knowledge can access a PC but that doesn’t mean we should stop using security. The “Let’s take our locks off our doors since people can break in anyway” theory still fouls the air it seems.
hi ,
with some of the tools that you can load on a usb stick it will make no difference , …. thats why cofee was invented for example , … i have seen it work while the usb was blocked as told in the way above , ….
if you want usb protection disable it , but what to do when you need some repairs , or trackball hook up , external harddrive ?
most comps now have memory card readers also , you can use that also to get in , …
i think it would rather be a disadvantage for the average users , …
then again , i have a lock in front of the comp , it closes a door to the drives and the usb ports , …
have a nice monday
That way mate, everything is ineffective then. Even with anti virus installed on system, you may get infected by virus. That doesn’t mean that we should stop using antivirus. We do all the security measures t make system less prone to attack. ANy security system is not perfect.
And to what level are we going with this? Mission impossible type scenarios? Sure, we can set up a steel cutting laser parameter around the PC area only to have a man dangling from a drop wire and insert the USB stick into the PC after using a special magnetically data specific enhanced discombobulator device to disable all security.
Really, this is just a small security step for those who may have malicious persons trying to do harm. Yes, there are tools to bypass this. But for a lot of home users or even in a scenario where there are potentially more people who would try to get into their computer, this can be a decent security measure. As with the joking mission impossible scenario, it may not keep everyone out, but it will keep some out, and that’s better than not keeping anyone out.
As far as what if a repair needed to be done. Anyone who truly knows how to repair a computer would be able to get around this in minutes and wouldn’t even be an issue. For repairs done prior to OS loading, the USB ports won’t be disabled in POST. Plus if done correctly, all devices prior to this registry tweak should access the PC just fine.
Nice one
But some college staff can misuse this article to block USb drive in computer which is in the college..
that is the main problem… :-)
1. I disagree completely. People in general can misuse anything and as always, someone will but that doesn’t mean something useful should be banned or hidden due to this. A kitchen knife is the most useful tool to a chef, however, in the wrong hands, a weapon.
2. We can’t keep this sort of attitude which around the world is to blame everything but our own actions, it needs to go.
3. It’s no large secret what Avinash put up here, informative but by no means a secret. There are many softwares that lock the USB access just like users using the registry to do it, should they be taken off the market and regarded as problematic? **See no. 2**
4. If college staff are using this, it may be for a good reason, I know our local college blocks some USB access BUT if they do it to simply abuse this due to reading and article… then sir, please **see No. 2 and No.1**
Isso funciona, mas do mesmo jeito que se bloqueia, pode-se desbloquear.
Aqui na empresa tivemos a grata supesa de achar um produto nacional da categoria. Testamos varios, devicewall, usblock, e resolvemos comprar o Makrolock. O software é muito bom
Translated by Admin :
This works, but just like locks, you can unlock.
Here the company had the supesa grateful to find a national product category. We tested several, DeviceWall, usblock, and decided to buy the Makrolock. The software is very good
hi ,
tales check for iron key or corsair drives !
have a nice day