The exterminate-it page seems to show that some malware might create thumbs.db files but not that the malware spreads via them.
The 2-spyware page looked a pretty dodgy source, seemingly designed to promote a product. It had flashing "download FREE scanner now" content depsite my running of noscript and adblockplus. It seems that site might be trying to hand out infections, i took a look at it's reputation on weboftrust.
The f-secure page describes a pretty scary sounding virus, would i be right in thinking it can only infect computers which open CDs if those computers have autorun enabled? Or can the files it places on discs written by the infected computer be executed by the computer into which the disc is inserted even if that computer has autorun disabled? It sounds like this malware has an almost empty exe file that just says "take and run instructions from thumbs.db" and thumbs.db contains the viral instructions, but could the thumbs.db file alone cause the infection without the exe to read it?
The whole point of my questions here is to work out what can be done so that if malware had been written onto a cd disc that disc could be placed into a clean machne to copy certain (images and 3d models) files from it without the disc being able to infect the clean machine. Is disabling autorun all that needs to be done or is protecton more complex?
Edited by rp88, 11 December 2014 - 12:27 PM.