Home | Log In

Home :: Tips :: General :: Disabling Windows Autorun

Disabling Windows Autorun

larger image

Disabling Windows Autorun

Care needs to be taken when examining suspect USB thumb drives and CDs. These types of media may contain autorun viruses and malware that could potentially infect the investigators workstation. Steps should be taken to disable autorun on Windows computers and decrease the chance of damage by malware. By disabling autorun on a Windows machine the investigator stops programs that may attempt to run when suspect media is attached. Disabling autorun will also stop MacLockPick from accidentally being run on an investigator's forensic examination station. It may still be run manually.

To protect your Windows forensic workstations, follow these steps:

Copy and paste the following into a .reg file and merge it into the registry.

REGEDIT4
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionIniFileMappingAutorun.inf]
@="@SYS:DoesNotExist"

More information on disabling Windows Autorun can be found here:

http://support.microsoft.com/kb/953252

Product 1/34

Previous

Return to the Product List

Next

Search

Categories

Software (6)
Hardware (2)
Upgrades (2)

Documents

Dealers (10)
Consultants
Manuals-> (28)
Tips-> (103)
  |_ MacForensicsLab (19)
  |_ MacLockPick (4)
  |_ General (34)
  |_ Field Triage (46)
Press (23)
Resources-> (105)
White Papers (5)

Sponsors

Newark, Calif. April 15th 2010 - MacForensicsLab Inc. announces the immediate availability of the latest version of their powerful computer forensic suite, MacForensicLab 3.0. The new version brings many new features along with rock solid stability and big speed improvements.

The latest version of MacForensicsLab features redesigned core functions making it faster to zero in on suspect evidence with an easier and more intuitive interface. The industry standard in Macintosh-based forensics just got better. With over twenty new features, such as hashing and data carving throughout the application along with improved stability and speed, MacForensicsLab 3.0 is the must have tool for Mac forensics.

"MacForensicsLab 3.0 brings many new features to the software suite while building on many of the things it already does best." said Marko Kostyrko, CEO of MacForensicsLab Inc. "We're very happy with the evolution of this product and excited for where it's headed in the future."

Speed improvements make all tasks faster than ever. Some operations were benchmarked to run up to 12 times faster then the previous version. New 64-bit operation helps to maximize speed and take full advantage of newer Mac's Intel processor. MacForensicsLab has redesigned memory allocation algorithms to prevent system freezes due to memory leaks or inefficient memory distribution by the operating system. This ensures that MacForensicsLab is always running at its best.

Evaluation copies of MacForensicsLab 3.0 are available to licensed investigators and media. Please contact Sales@MacForensicsLab.com to obtain an evaluation agreement.

Information

Notifications

Notify me of updates to Disabling Windows Autorun

New Products [more]

Unfreezing A FireWire Bus That Has Hung

Unfreezing A FireWire Bus That Has Hung

Have you seen ...

The MacForensicsLab ‘Preferences’ window allows the investigator to setup and maintain both individual cases and examiners within MacForensicsLab, as well as to specify the desired database destination case data storage purposes..

| Home |

Copyright © 2006 - 2010 MacForensicsLab Inc.
Phone +1 (510) 870-7883 - Fax +1 (510) 868 3407
M ac and the Mac logo are trademarks of Apple Computer, Inc., registered in the U.S. and other countries.

Forensics Technologies - designed to perform investigations, for law enforcement and eDiscovery professionals.

MacForensicsLab - The only effective cross-platform weapon in the war on Cyber Crime and Digital Terrorism,
with unique tools designed to combat identity theft and child pornography.