Safely opening a suspect USB Drive [duplicate]

usb-flash-drive virus-removal

If you want to be completely sure, mount it on a Mac or Linux box. Seriously.

For an example, see the new shortcut icon exploit, which ALL Windows machines since NT have been vulnerable to. This exploit allows arbitrary code to be executed simply when the folder is opened. No Autorun required. No manual execution required. It infects the system as soon as the folder is opened.

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3AWin32%2FCplLnk.A

If you don't have a real *nix (includes Mac) box, just boot from a LiveCD. You may want to scan with Clam AntiVirus while you're at it too.


The first thing you absolutely need to do is disable autorun. There is a good tutorial here.

If it were me though, I'd boot to a non-writable OS (e.g. Knoppix) and copy the data off that way. Knoppix is outstanding for this sort of recovery.

Related

How is software hacked and patched?
Creating a large file of random bytes quickly
How do I reference an Excel sheet name in an Excel formula? [closed]
How to create swapfile on ssd disk with btrfs
Why is my file copying slowly?
Good, lightweight GUI-based process monitor for Linux [closed]
Windows 8 asks DotNet 3.5 to install DotNet 3.5
How to find out the top space-consuming directories or files?
Why am I seeing multiple different IP addresses reported as my public IP? [duplicate]
Microsoft Visual Studio 2013 won't load past splash screen
I would like to pipe output of find into input list of scp, how?
How to disable a McAfee service?