This post might get a little technical. For that, I apologise, but these things need to be covered to fully understand the main point of this post. I’ll try and explain as much as I can, as I go along.

Moss says, "Scan your computer, Cho!"

Scan your computer for viruses, cho!

Honestly

I’m not joking when I say this. I’ve had to attend to, around, 10 Windows PCs since Wednesday last week. Most of them have been messed up as a result of viruses and other malware. I don’t judge people based on their management skills for their Windows PCs, though.

Before I go on to why you should scan your computer (and regularly, too), let me explain a few things.

Processes and Rings

Processes are the parts of your operating system – usually they load at boot time – that provide you with some functionality. A graphics process, for instance, might provide you with full colour 2D/3D graphics; a defrag process is what most defragmentation programs plug into to get raw access to your hard drive (rather than file access), and so on.

Windows is segmented into several Rings – or levels. These Rings limit access to the files and hardware in your computer, allowing only the processes with the correct credentials to access things like direct memory access, or file lookup tables. More on which, can be found here, at Wikipedia: LINK

Most processes have (on Windows) Ring 1-3 access. Ring 0 is reserved for Operating System processes alone (called the Kernel Ring). Different versions of Windows have, slightly, different Ring permissions; but they follow a basic pattern: The more important a process is for providing important services to the Operating System, the lower down it lives.

For instance, WORD.EXE doesn’t live very far down the list because it’s main function is for creating and editing MS Word Documents; so it might have level 4 access. However, atiedxx.exe has lower level credentials because (on systems with an ATI graphics card) it provides the Operating System with access to the graphics processor allowing the user to see things on screen, so it might have level 2 access.

Without The Theory & Rhetoric, Please

For some reason, a large amount of people – mostly in the business arena – believe in the following:

I’ve got an Anti-Virus/Internet Security suite installed, that means I can’t get stung by viruses and malware. Aren’t I great?

Whilst, technically, this is true, they’re missing one crucial point.

Most Anti-Virus/Internet Security suites only scan processes ONCE, and only scan files when you ask them to.

Viruses and other malware usually operate by attaching themselves to a file (called “Infecting”) that has the credentials for low level access to your Operating System (as close to Ring 0 as they can get; which is, usually, Ring 2 or 3). This means that when the infected file is run, the virus or malware is able to take advantage of it’s newer level of credentials. Meaning that it can, effectively, run riot on your system; causing as much havock as it is programmed to do, within the limits set by it’s new Ring level.

How Do I Stop This?

There’s a really simple answer:

Scan your computer for viruses, cho!

That’s it. Seriously.

Well, a slightly more effective answer is this:

Learn how to scan your entire computer (all drives, both internal and external) with your chosen Anti-Virus/Internet Security suite, and do it regularly. Like, once a week.

You don’t have to scan more than once a week – unless you’re running a government building or some high security company… or are illegally downloading a lot of software/files/music/movies/etc.

Which I, absolutely, do NOT condone

Which One Is The Best?

As in Anti-Virus/Internet Security suites? There’s no straight answer for that. It all depends on your preferences.

  • If you like big, clear buttons with simple steps and instructions, I’d go with Norton 360
  • If you like simple, bold user interfaces, I’d go with Kaspersky Lab
  • If you need the user interface to have many different languages installed, I’d got with Avast!
  • If you like a bloated user interface and an incredibly slow scan, I’d go with AVG

They all, pretty much, do the same thing in comparable ways. Until recently, the Norton series seemed to slow down all functionality on most PCs, but that’s been fixed as of late. They’re all priced competitively, too. So you don’t necessarily have to pay top dollar for protection.

In fact, I use Avast! for the reason stated above, and the fact that there’s a free version with all the functionality of the paid version

As I said earlier, it all depends on what you want and need out of a user interface. The good thing, though, is that there are trial versions of all of the above. So, you can go away and try them all out, if you wish.

I Don’t Want To Wait For 2 Hours While It Does A Full/Thorough Scan

Due to the way that viruses and malware work (much like biological viruses, they have a specific signature in their file structure that these suites look for), and dependant on the scan settings you use and the sheer number and size of files you might have stored on your drives, this CAN take a few hours.

But it’s a shed load better to allow your computer to scan itself for a few hours in Safe Mode

While your computer is booting (after the BIOS has finished, but before Windows starts to boot) mash the F8 key and choose “Safe Mode with Networking Support” for extra security while scanning. It’s not essential, but one or two of the nastier viruses aren’t easily detectable one Windows has booted, due to their new Ring level.

… than to spend hours shouting at your PC because “it’s died again.” Plus, how good would it be to be able to tell that friend of yours – you know, the one who seems to have all the answers to your IT questions – that you don’t need his help with viruses any more, because you’ve learnt how to check for viruses yourself and feel pretty confident about it?

Final Thoughts

I apologise if this post has read as a little preachy or condescending, but this is something that we all should do – especially if you have important documents stored on your computer. And a little education really does go a long way.

As a friend of mine said a week or so back:

In any other business holding someone’s hand so much would be patronising.

And he’s completely right.

Something to think about, at the very least.

J

Related Post

Jamie is a .NET developer specialising in ASP.NET MVC websites and services, with a background in WinForms and Games Development. When not programming using .NET, he is either learning about .NET Core (and usually building something cross platform with it), speaking Japanese to anyone who'll listen, learning about languages, writing for this blog, or writing for a blog about Retro Gaming (which he runs with his brother)