USB Waechter, Only Allow Whitelisted USB Devices PC Access

Martin Brinkmann
Nov 7, 2010
Updated • Nov 7, 2010
Software, Windows, Windows software

One of the major causes for PC infections with worms, viruses and trojans are USB devices that are connected to the computer. Vulnerabilities in the past have shown that it is sometimes enough to connect the USB device to the PC to infect the system.

A program like USB Waecher, which is German and means USB Guardian, can protect the computer from these attacks. The program uses a whitelist to determine if an USB device may connect to the PC. Devices that are not in the whitelist are not permitted to establish the connection unless they are whitelisted by a system administrator.

Part of the information displayed are in German, with no option to change the interface language. It is however not difficulty to use the program even without understanding German. The program makes use of the Microsoft Management Console to administrate the USB devices.

usb whitelist devices

The most important menu on the left side is Erlaubte Geräte, which means allowed devices. This lists all USB devices that are permitted to connect to the PC so that they can be used. All devices that are connected during installation are automatically added to the whitelist.

It is possible to remove devices from that list by right-clicking on an USB device and selecting Delete from the context menu.

delete usb device

New USB devices are added to the whitelist by clicking on the + icon in the toolbar of the application, or by right-clicking on Erlaubte Geräte and selecting Gerät hinzufügen (which means add device). This displays a wizard which is completely in German. Not a big problem though as you need to click on Weiter (next) in the first screen to select the USB device that needs to be added to the whitelist on the second.

whitelist usb devices

Just select the device or devices and click Weiter once again. Click Fertig stellen (finalize) on the last screen of the wizard to add the device to the whitelist.

Download and compatibility

USB Waechter is compatible with 32-bit and 64-bit editions of Microsoft Windows 7, XP, Vista and the server products Server 2003, Server 2008 and Server 2008 R2. The program can be downloaded directly from the developer website.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. thomas said on November 7, 2010 at 10:02 pm

    What stops anyone unauthorised to add a new usb stick to the whitelist when being first rejected? Is the program locked with a password?

  2. JK said on November 7, 2010 at 7:54 pm

    I got its core idea, but, what if I connect a new USB drive – whitelist or blacklist?

    1. Martin said on November 7, 2010 at 7:57 pm

      New USB devices are not allowed to connect. They need to be added to the whitelist first.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.