Safely opening a suspect USB Drive [duplicate]

If you want to be completely sure, mount it on a Mac or Linux box. Seriously.

For an example, see the new shortcut icon exploit, which ALL Windows machines since NT have been vulnerable to. This exploit allows arbitrary code to be executed simply when the folder is opened. No Autorun required. No manual execution required. It infects the system as soon as the folder is opened.

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3AWin32%2FCplLnk.A

If you don't have a real *nix (includes Mac) box, just boot from a LiveCD. You may want to scan with Clam AntiVirus while you're at it too.


The first thing you absolutely need to do is disable autorun. There is a good tutorial here.

If it were me though, I'd boot to a non-writable OS (e.g. Knoppix) and copy the data off that way. Knoppix is outstanding for this sort of recovery.