How to stop pendrives from getting unwanted viruses ?

How to remove virus from pendrives

Today, A big problem for windows user is to secure their data from viruses. Especially, in Pendrives, no one wants to keep their important data in pendrives because pendrives are portable devices and during sharing data it may get infected by virus like Shortcut virus, Autorun.inf , and new folder virus etc.

Some people recover their data by simply using Command prompt but some people think there is only option left and it is to format the flash drive.

well! if your pendrive is infected by any of these virus you can simply follow these step to get your hidden data back.

  • Open CMD (command prompt)
  • Open Flash drive in cmd ( if your drive is ‘G’ than enter ‘G:’ after c:\user\ press [ENTER] )
  • Now type following line and press enter:

attrib -s -h /s /d

Now open your flash drive in windows you will see all your files . but wait ! is it enough ? No way! your flash drive is still not fully secure . Above command just shows all your files that are hidden by viruses. If you desire to protect your USB from getting unwanted files i.e. virus, worm, spy, Trojan etc than follow these steps. What I’m gonna tell you is that how to setup your registry to end a computer from saving files to your USB (It’ll block all of them) If you have windows 7 or windows 8 then you can immobilize the writing option to USB drives. This trick is very helpful if you have virus in your computer and desire to copy files from a USB Drive but don’t desire to transfer virus to the USB. Follow the given steps to disable the USB writing option:

Open notepad and copy and paste the following:

Windows Registry Editor Version 5.00

Now keep the file with the extension “.reg”.

Click on the file you presently saved. In the pop-up window chose YES and then OK.
That’s it your USB is now sheltered


Open notepad and copy and paste the following:

Windows Registry Editor Version 5.00



Now put aside the file with the extension “.reg”.

Click on the file you presently saved. In the pop-up window click YES and then OK.

That’s it your defense is now disabled.


  1. Hello, is this only for windows XP with SP2. I am using windows 7, so do I have to follow same steps as you mentioned above?

  2. Does it work vice verse? i.e., your USB drive has VIRUS and you just want files to be copied from the USB, not the virus to your computer

    • this code seem like to disable the autocopy files function by trojan. the “WriteProtect”=dword:00000001” is DONT ALLOW ANY FILES WRITE TO THE DRIVE and
      “WriteProtect”=dword:00000000” is ALLOW it. So the .reg will working fine on all Windows PC i presume

  3. WARNING editing the registry can cause permanent damage to your Windows installation if not performed carefully. Always have a good backup beforehand.

    This edit looks like it disables writing to all drives

  4. I use this:
    1. create empty folder
    2. change name this folder to autorun.inf
    3. change attrib to hidden, system

    many virus try copy autorun.inf /file/ to root directory on usb flash
    and later autostart on other machine, after this 3 steps – can’t create
    and don’t copy to other machine 🙂

  5. It doesn’t show any files in my Pendrive and cmd are the attrib -s -h /s /d write access denied having written a Solution If you do, please help me

  6. Trouble is if I need to copy some of the files FROM the same computer which is infected, then I have to turn off the protection and that is what all the viruses and trojans need. So though it may be a good thing for just keeping and READING the files from the pendrive but it can help if you want to use the pendrive to copy uninfected files from infected computer to an uninfected computer.!!!

    • u must be having the .reg file in this
      Windows Registry Editor Version 5.00
      [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlStorageDevicePolicies] “WriteProtect”=dword:00000001
      to enable file copy, just chg the last line 【“WriteProtect”=dword:00000001】to【“WriteProtect”=dword:00000000】
      the last digit was indicate true/false which represent enable or disable

  7. I am currently a CS student and can figure out ’bout what the code mean so let me explain for some did not understand since the writer did not explain how it’s work.

    first is the part of G: c:\user\ press [enter] while G: represent the drive allocate by your PC to locate and present your pendrive and can be change. thr is another way which is “cd G:”. next is the
    attrib -s -h /s /d
    this mean it allow all the hidden files is allow to be display. It is similar to when we open FOLDER OPTION and go to View tab advance setting.

    Now we go to the crucial part
    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlStorageDevicePolicies] “WriteProtect”=dword:00000001
    this mean u disable ALL COPY FUNCTION that allow you copy files from PC to pendrive.
    the part 【“WriteProtect”=dword:00000001】last digit represent 1 which is true in computer language and logical flow and thus enable the WriteProtect function while when we chg the code to 【“WriteProtect”=dword:00000000】the last digit ‘0’ represent false which disable the writeprotect function.

    changing the .txt to .reg mean we change the file type as a registry file to be handle by PC.
    Finally, this code is ONLY AND will BE(i suppose) work on all user use PC. the version we use right now windows xp,7,8, and recent 10 too if the coding on Windows is the same. I haven’t go through Windows server or other platform so i dont know. Those using iOS or Linux can ignore this. I dont think this work on them. of course Linux user must be not care about my comment as most are master than me. Linux is just too disturbing for me.. Am I too lazy??

    Lastly, I’m only still a student and was not FULLY UNDERSTAND THE CODING but my explanation is in the logic. Those who’s truely understand Windows coding and command are free to comment and point out my mistake. =)

  8. open cmd with admin privileges

    then type

    diskpart (hit enter)

    now select your drive with following command, usb drive may be containg number 0,1,2,3… so type the number wch appears against ur usb )

    select disk 1 (hit enter)

    usb will be selected, now protect usb by using read-only mode setting

    attributes disk set readonly (hit enter)

    after upper command disconnect usb from pc and connect again. after that no data would be copied into usb but u can transfer data from usb to pc.

    to turn off readonly mode use following command

    diskpart (hit enter)

    select disk 1 (hit enter)

    attributes disk clear readonly (hit enter)

    after upper command disconnect usb from pc and connect again. now usb will transfer data to and from pc. this is one an other method to protect usb against viruses wch i know. thnx

  9. Do what i do and use an old laptop and a External -drive and back all your data & a copy disk ISO to it and most modern H-Drives already load to the screen on windows – 7 ,same as any other OS your useing i am on a 8 year old HP-Laptop with basic Linux as it’s far more stable for home users that use one External for 3 laptops .


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.