My virus

During the past twelve years not a day has passed when I haven’t been asked where a virus originates.  Typically it takes significantly longer to track down the virus than it does to simply remove it, so I don’t usually offer the service unless the customer has come back repeatedly.

Last week I started exploring areas I could change to increase business.  Regular readers and customers have heard me mention that business is slow.  In fact, business in my sector is slow so I’ve since stopped worrying.  However, last week I decided to visit my website and do a little homework to make it better.

I spend a significant amount of my time removing viruses from others’ computers, I never thought I’d be removing viruses from my company website.  No sooner had l finished typing “localcomputerwiz.com” into my browser did my antivirus software warn me that the site I’m visiting is unsafe and contains a virus.  I must of checked it a half dozen times in disbelief.

There’s no way my website could contain a virus.  Yes, my site contained a virus and a very bad one at that.  I would not suggest any of you do this:  I turned my virus software off and revisited my site so I could see the ramifications of the potential virus and actually see what effects it had taken.

Visually there were absolutely no differences between it and the site I designed.  Though my site it pretty bland, the virus hadn’t changed a thing.  Instead it inserted a line of code that referenced a folder buried deep inside the site structure.  In other words, the line of html internet code directed the browser to download a file in a folder.

I was still a little dismayed how the virus could penetrate my security.  The password I had used most recently was “R8u$St1kIK:X”.  Again, my password was everything between the quotation marks.  Hopefully now you can feel my frustration wondering how a hacker can guess that password.  One in a million, right?

Turns out hackers don’t need to know website passwords and usually gain access through the server.  Most websites reside on a server (or larger computer) with many other websites.  Sharing server space is much less expensive for both the host and customer because companies like mine split both the storage and bandwidth.

Most hackers would probably agree that it takes just as long to find the password to a server as it does the individual websites located on the server.  Once the hacker finds the vulnerability, infecting the hundreds of sites on the server is a matter of pointing and clicking.  Exploiting the server’s security flaws opens the hacker to everything without worry of guessing passwords.

After all was said and done it took me about ten minutes to find the virus and delete it from my site.  For safety’s sake, I changed the password to something a little more difficult to guess and modified the structure a bit.  Rather than assume the site is safe, I now check it more than once a day.  I’m currently shopping for new website hosts to prevent this problem in the future.

Understanding how these viruses initiate is only half the battle.  The other half is prevention.  I use AVG Free on my personal computer and have installed it on thousands of customers’ machines.  AVG picked up the virus before it could attack my system and gave me adequate warning.  If you do receive these warning messages when surfing do not push the “continue to site” button and take caution.  Removing them from my website is a cakewalk compared to removing them from computers.

(Jeromy Patriquin is the President of Laptop & Computer Repair, Inc. located at 509 Main St. in Gardner.  You can call him directly at (978) 919-8059) or visit www.LocalComputerWiz.com.