[TriLUG] Rescue CD

[David Burton via TriLUG]

Be sure your computer is set to never automatically run such such things.
Under Windows 7 the setting is here:

*Control Panel *->* All Control Panel Items *->* AutoPlay*


Make sure that "Software and games" is set to something reasonable (i.e.,
*NOT* set to "install or run program from your media").

Microsoft has a (remarkably bloated) "FixIt" to make this settings
adjustment on Windows versions from XP through Win7: MicrosoftFixit50471.msi
<http://go.microsoft.com/?linkid=9741395>

Supposedly, starting with Windows 7, Autorun no longer works except on
CD/DVD drives. *(Microsoft, what took you so long
<https://www.youtube.com/watch?v=4RpoAnnmgw4#t=51s>?)  *Microsoft has also
released a (horribly bloated) "hotfix" for Vista, to prevent autorun except
on CD/DVD drives (like Win7): KB971029
<http://www.microsoft.com/en-us/download/details.aspx?id=12314>

However, even on Win7/8/8.1 (or Vista with the hotfox), I still would not
plug a possibly-infected device into a computer which had AutoPlay /
Software and games set to "Install or run program from your media." It's
probably safe, but I'm not certain of that. Some thumbdrives are trickily
partitioned to look like a small read-only CD drive plus a bigger
read-write drive, but I don't know how that works, and I don't really have
confidence that autorun is really disabled for such thumbdrives.

Dave
www.geeksalive.com



On Wed, Apr 15, 2015 at 1:29 PM, MrB <brentrbrian at gmail.com> wrote:

> Be careful ... some malware puts "autorun" in c:\  ... you could infect
> the host system doing the "clean up"
>
>
> On Wed, Apr 15, 2015 at 1:00 PM, David Burton via TriLUG <
> trilug at trilug.org> wrote:
>
>> For badly infected machines, I usually just pull out the hard disk drive,
>> hook it up as an external drive on a clean machine, and scan it from the
>> clean machine, so that the infections can't "fight back."
>>
>> Unless you're in a desperate hurry, scan it with several tools, because
>
> *...[snip] *