As a registrar and hosting provider we normally don’t talk much about PCs.
Why would we?
Unfortunately there are times when it is necessary.
The desktop computer has almost become as ubiquitous as the internal combustion engine in many respects. Nobody would try to run an office without a computer these days.
But unfortunately we, as a society, don’t take as much care of our PCs as we do of our cars.
You’d remember to take your car for its service, but you could easily forget to do the same with your PC. And therein lies the problem.
At the moment, for example, our technical team are trying to mitigate the impact of a PC virus that is infecting people’s PCs and (ab)using their FTP logins to upload malicious content to their websites.
How is this happening?
In simple terms their PCs aren’t as secure as they thought. Maybe their antivirus software is out of date or maybe they haven’t updated it in while.
If you didn’t change your car’s oil regularly you’d run into issues, so do yourself a favour. Check your PC. Please.
If you are using any recent version of Windows you should be able to get it to update almost automatically for you.
Renew your antivirus subscription if you haven’t done so already.
23 Comments
Comments are closed.
I have been using pcs since 1992. I have never used antivirus. I have 4 pcs running here now. I have never had a virus in 17 years working with computers. Honest.
It sounds like you’ve been incredibly lucky đŸ™‚
erm, are any of those computers attached to a network or the Internet? I remember at a computer security seminar once the IT guy showed us how to completely protect a PC from viruses by promptly pulling the mains plug!
Of course they are connected, even so in the old days before the internet took off a virus would have been passed around on disks. Has anybody ever considered that these antivirus companies may have something to do with the spread of viruses. Just a thought because they have the motive, they have the knowledge, they are the only ones that benefit from the spread of a virus, they always have a cure, new viruses always seemed timed to come after the previous threat disappears and I really cant believe there are people writing viruses for fun when they can use their talents to make money.
Maybe, just maybe the fact that I don’t have antivirus software installed has something to with the fact I dont have any viruses. I hope I’m not going to eat these words soon.
Cheers
This happened to me, yet my virus software was bang up to date. And it never detected the virus. I wish I knew which particular virus I could search for and see if there are any dodgy files still banging about. It’s all a bit odd.
Just remove Total Commander from your pc – the easiest way. this is REALLY not good software. just popular. i`ve used an antivirus software, got a virus twice from same cd (i downloaded some app from infected pc and got infected, after about year i forgot about virus on that cd)
now the cd is destroyed, and i dont have any av, just good firewall, im scanning pc every 1 year, and havent got a virus for 4 years.
Well I use mac to develop websites, so hopefully this will not be impacted. One of the reasons I move to mac OS.
Back in the day, I remember inheriting a huge bunch of floppies from a designer. More than half had viruses. I see from the comments that some people are still as proactive. Kinda scary, actually.
Cannot believe that people are advocating not having an AV and protection for PC. With plenty of good FREE software out there AVG, Commodo etc there is no excuse. Saying you never had a virus or problem is not good enough. Not all viruses and trojans bin you PC, stealing data is often the target whether it be email addresses or worse. Do everyone a favour and get yourself protected. At best you are helping spammers at worst….hope you never have to find out.
A useful website for detecting malware on your own website is http://www.dasient.com/ I used it recently to help clean two infected websites. It detected dodgy code across multiple pages and a redirect which was targetting incoming traffic from search engines. Both websites were blacklisted by Google for a few days because it. Nasty stuff.
this is a good scan, worth doing on all your machines though it’s probably your clients with the issues.
http://www.microsoft.com/security/malwareremove/default.aspx
We have had this type of malware affect clients of ours from two hosting companies now, all within the last two weeks.
David
David
The problem is on the client end – not the server end.
Michele
I had two clients hit by Gumblar, it harvested FTP details from Contribute and uploaded malicious code on their websites. I had to delete the websites and reload from recent backups. Both clients had decent anti-virus programs that had been circumvented, so serious stuff.
Hackers make money from stealing your money from your bank/credit card accounts, or from placing trojans on your machines and selling the remote access to others. These people are seriously dodgy criminals from Russia, Ukraine, China etc. They hire the best coders and that’s why the viruses are so intricate. Anybody that thinks the AV companies, like McAfee and Symantec, are creating viruses is an idiot and probably still watching documentaries about the FBI killing JKF and crashing two planes into the WTC buildings.
Not having Anti-virus software on an internet connected PC is just down right irresponsible, as you could be infecting other computers every time you send an email, or you may have many viruses/malware on your PC’s keeping track of your accounts, waiting to harvest them. I have worked on many computers that had no AV installed and every single one of them had many, many instances of viruses, Thankfully it has been years since anyone I deal with has been stupid enough not to be protected.
While AVG and several others offer resonable Free anti-virus software, it is only free for non-commercial use. If you use it on a work computer then you could be in trouble.
Most people who use Microsoft don’t know anything about viruses etc. In a way they deserve what they get.
I use Linux and yet somehow my site was hijacked. I can only presume they got and used my password.
I just wonder how safe and secure these internet providers are. Eircom has had major problems just around the time my password went walkabout.
We’ve all seen just how indifferent some companies are with regard to passwords and personal information etc. I am not blaming anyone but I would have a lot more faith in my computer being safe than some providers!
Lou
I don’t see the point in debating whether you should use an AV program or not. It’s a simple fact that there are viruses out there (no matter who creates them), and you’re leaving yourself open to problems if you don’t have some protection.
Using free Avast here, and only yesterday it spotted a trojan on a website i was heading towards – that surely has to be a plus just in itself.
Yes, I got some on two sites, two weeks ago. Data base unaffected.
Without special monitoring, put a referer button to http://validator.w3.org on your site, and check for non-valid entries. Cheap and fast method, but works a lot of the time.
Check for “new” folders and sub directories. Delete, when sure.
Have known good backups for files and db. Overwriting index files may be enough, or may not be enough.
Change passwords as already stated. Use non-common words and a blend of numbers, and make long and awkward. Extra paranoid – don’t copy and paste, but remember. Like an uncommon Irish name with plenty of numbers before, after, or during.
Can I assume I’m safe, seeing as how I run linux? đŸ™‚
(and since we’re discussing nostalgia, I saw my first virus in 1987, travelling from Max to Mac via floppy)
buy mac , pc is only good for word ,exel and so on lol.
As John Braine said above, some up-to-date anti-virus software does not detect these trojans. I had the same happen to me, McAfee did not find them. After reading about it online I tried MalwareBytes and that found two on one PC and three on another. Lucky for me they had not compromised my FTP client, I suspect the breach came when I accessed a DirectAdmin interface via a non-secure URL. Interesting to read above that breaches have come via CMS tools (Contribute etc) rather than directly from FTP clients.
For strong passwords, I can recommend strongpasswordgenerator.com, it does exactly what it says on the tin.
Sorry Michele, I meant all reading this, not hosting companies, I wouldn’t be the one to give advice to your guys, when it comes to protecting servers I know about as much are your average grape knows about deep see fishing:)
Of course you need an up to date AntiVirus program. But no matter how up to date your antivirus software is, you can’t rely on it to protect you from an attack; there’s usually a delay of a day or two for antivirus software to catch up once a virus is known to be in the wild. A virus can be around the world in minutes.
To protect yourself and your website from attack, it is better not to safe your passwords in your FTP program or website editor program. Better to type in the password each time you need to.
I guess unfortunately we, as a society, don’t take as much care of our PCs as we do of our other things.
I’t unbelievable the crap people will believe. [and this is coming from someone who would buy into any conspiracy theory if there was even a hint of reasonable evidence]
I worked fixing home PC’s for about 3 years and TRUST me you absolutely NEED to have up to date antivirus software on your machine. Dont listen to people who tell you that antivirus companies write the viruses (it’s urban myth) – i can tell you for a fact that even if they wanted to they wouldnt have to because there is an abundance of nutters out there who do that for them – if you hang out on some dodgy hacker forums for a while you will see the evidence first hand.
I once connected a brand new pc to the net without any protection for a few hours and when i put AVG on and did a scan there was about 1500 infected files. ( just 2 or 3 viruses)
I have spent many hours struggling with virus infected machines and when you take a regular AV package – ( i just use free AVG ) and use it properly you really never get a virus – and even if you do it’s dealt with immediately.
Tips: dont use two AV’s on the one machine – always keep up to date – personally i dont find any need for anti spyware but you need to be carefull what you install and keep an eye out for anything suspicious – dont pay for antispyware packages unless you know they are genuine – many are betrayalware ( work it out )