RSSAuto-run virus on my USB drive
Mar 12
Non-FLOSS, Technology No Comments
This morning I was copying some files in my USB drive and I found some peculiar files in the root directory: password_viewer.exe and autorun.inf. These are peculiar because I have embarked in a personal Use Linux-only policy in my home systems so I have no need for Windows auto-run feature and I hate that feature to the core so I disable them. I did some quick searching in the Internet and these are normally associated with the w32.sillyfdc worm.
This got me thinking on where I would have contracted that virus as I am pretty paranoid when it comes to my devices. Then it hit me, I had some photos developed at Picture City Digital shop in Robinson’s Pioneer. Sure, I saw the attendant run a manual AVG scan on the contents of my thumb drive but apparently it was not enough because: (1) the scanner real-time file protection was not activated, and (2) I am not sure when was the last time they have updated their virus definitions.
No big deal for me really because I was already prepared to have my drive infected as I only have the pictures to be developed in there. I think the scanning procedure done in the shop threw me back into a sense of complacency that I didn’t double check anymore if it was infected. The drive was used once more by my officemate on his Vista-loaded laptop but I am confident that he is as paranoid as me and his AVG was able to quarantine the infection automatically. He didn’t even notice it until I brought it up this morning.
My take-away tips for this experience are:
- Convert to using linux as your primary system. Ok, I just have to put that in. 🙂
- If using printing shop services for your digital pictures, put them in a read-only media like a CDRW or a SD-card with the write-lock enabled.
- If you are adamant in using Windows, turn-off the auto-play feature altogether. Most of the time it is more trouble than useful.
- When using Windows, keep your anti-virus software and definitions up to date and turn-on the real-time file protection if you have a habit of inserting media used from untrusted places.
ciao!