Thursday, April 3, 2008

Prevent, Block, Disable use of USB flash / Pen / hard disk drives

How to Prevent, Block, Disable use of USB flash / Pen / hard disk drives ?

On one fine day, my friend approached me and asked ,
----------------------------------------------------------------
Can I block use of USB pen drive? I donot want to block USB port as it needed for Camera and other gadgets , just want to block Pen drive or Flash drive? ”
-----------------------------------------------------------------

Use windows 2008 Server, apply group policy and through group policy you can block it... was my answer.

No, I want to do it for Home PC. I donot have Windows 2008 server or 2003 at my home.

OK I will let you know later , I gave my standard answer.

His question really stumped me. He wanted to block use of Flash drive on home pc where no server, group policy etc is there. Blocking of USB port through BIOS is not good idea as it totally block the use of USB. So I started reading on internet. The following knowledge I gained in this process

Whenever you plugged USB device in port, windows first checks the device ID.Through device ID it determines the type of device wheatear storage or Imaging or pointing device etc. If it determines that it is storage device, means Pen drive or Flash drive it loads the driver file known as usbstor.sys

So it is all about the blocking of usbstor.sys to load , which can serve the purpose.

Now there are two methods
1. Delete / Rename the usbstor.sys file so that it cannot be loaded.
2. Block the loading from registry.

Deleting or renaming usbstor.sys is not a good idea. Windows vista can restore these files during system integrity process. Hence the second option is only viable solution.

The following registry key is used for this purpose
---------------------------------------------------------- ---------
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR
------------------------------------------------------------ ------

See the DWORD "Start" and assign its value as 4, instead existing 3.

Just changing the value to 4 from 3 will disable the pen drive. If you insert the drive you will notice that light of USB Flash drive is not glowing. It indicates that driver is not loaded hence it has not recognized.

No need to say, to enable the drive just change the value to 3 from 4

Most Important: Before making any change in registry, ensure that no USB Flash drive , pen drive is connected to it. First remove the drive , then make changes in registry for usbstor.sys.
Happy Disabling of USB Flash Drive

********** Read Other Popular Posts **********
1.Installing XP over preinstalled Vista for Dual boot: Vista will not Boot
2.Parts inside your printer are at the end of their service life.Epson Printer error
3.Usage of USB drive to boost Vista with ReadyBoost
Do you like this Tip?Please Post Your Comments

2 comments:

Unknown said...

thanx buddy for this valueable solution !!!!

Tom Goll said...

You might want to take a look at a product called USB Lock ST. This allows you to allow or disallow usb drives. So you can use your usb drive or usb keyboard and stop anyone else.
http://www.laptopsecuritysolutions.com/usb_lock_st.htm