Out, Damned Virus! Out I Say!

If you visited my website last week (and possibly before that), you may have noticed an unusual link in the upper left corner on every page. It said, “Cost of Valtrex.” After my initial freak out, I not only added it to my to-do list, but made it a priority. How on earth did I get this thing, and how would I go about getting rid of it? At first, I was sure I got it from downloading a plugin because I noticed it right after installing the plugin. After writing to the company, they ASSURED me that I didn’t get it from their product, but everything seemed to point to it as the culprit. I hadn’t installed any widgets or other plugins for a long time before installing this one, and it seemed to pop up just after I had installed it. Furthermore, I had JUST changed my password to a stronger one after way too long having a weak password, so a hacker didn’t make sense. Besides, I couldn’t imagine why a hacker would choose my poor little site where I’ve barely gotten any traffic going compared to many.

Well, I went ahead and deleted the plugin and all files associated with it, just in case. Of course, the link was still there, and I knew that fact didn’t tell me anything about whether the installation was responsible. Meanwhile, the site was perfectly functional, and I continued to post to it and send people to it with a caveat to not click on that link. It didn’t make the site run noticeably slower or cause any damage. There was just a link in the corner of each page that I hadn’t put there. After conversations with support people at the theme I use, and with support people at the host company, I eventually found the dirty files. Luckily, they were all contained within the theme folder. I couldn’t believe it, but all I had to do was put my site on a different theme for five minutes (which essentially made it useless, in case you’re wondering), delete the offending folder, re-install a clean version, and then put my site back on the theme. I was so sure that it couldn’t be so easy that I had numerous people go to my site on their computers, and I went to it on as many university computers as I could put my hands on that day. No link. Everything was normal.

Afterwards, I re-installed the plugin and checked again on as many computers as possible. No link. I now felt a small tinge of remorse for my panic-driven emails to the plugin company. In retrospect, I realize that I made the association because I asked a co-worker to go to my site on his computer to see if the plugin was working properly. Since I could not see the link from my own computer, it’s likely that the link had been there before I installed the plugin, but I saw it for the first time on his computer when he went to the site to check it for me.

My first thought was, how smart & weasely of them to plant something that can’t be seen by the site administrator. My second thought was that I had indulged in one of the most common logical fallacies, one that I had many a time warned my composition students against when writing argument essays: Post Hoc, ergo Propter Hoc. Or, in English, “after this, therefore because of this.” In other words, just because you notice one thing and then another thing does not mean that there is a meaningful association between the two. Duh.

My third thought was, I sure did make a mountain out of a molehill. No, it was not cool for that link to be there, not at all, and I’m still perplexed as to how it made its way onto my page. But why was my first assumption that this was a HUGE mess? The thing didn’t even interfere with the functionality of the site. My reaction was out of proportion to the reality of the situation. At one point, the representative from the host company suggested that I enlist the services of a company to track down the virus and eradicate it. It would cost me $80 for that service, and then no doubt, they’d try to enlist me on a monthly basis in order to protect the site from further issues. I knew I didn’t have extra money at the moment, so it wasn’t even a question, but that caused me to think that in trying to track it down and get rid of it myself, I would surely do some serious damage to my own site. You don’t want to know the things I imagined! Geez, ever wonder why there’s so much fear mongering in this country? If I had had the money, I probably would have enlisted that service right then and there. Boom. Done. It’s a great marketing tool, fear. And this experience makes me want to be more vigilant against it. I don’t want to put money in the pockets of companies that profit from my fear. Do you? So, let’s not be reactionary, making mountains out of molehills. Let’s assess situations with calm, clear minds. How about that? And even if we are going to make a purchase in order to assuage a fear, let’s not go with the company that markets to our fears. Deal?

So many great lessons learned and revisited, it almost makes me glad to have had the experience. Almost.