Care needs to be taken when examining suspect USB thumb drives and CDs. These types of media may contain autorun viruses and malware that could potentially infect the investigators workstation. Steps should be taken to disable autorun on Windows computers and decrease the chance of damage by malware. By disabling autorun on a Windows machine the investigator stops programs that may attempt to run when suspect media is attached. Disabling autorun will also stop MacLockPick from accidentally being run on an investigator's forensic examination station. It may still be run manually.
To protect your Windows forensic workstations, follow these steps:
Copy and paste the following into a .reg file and merge it into the registry.
More information on disabling Windows Autorun can be found here: