On-Time Computer Solutions

Dependable

Anti-Virus, Anti-Spyware, and Virus Removal

What is a Virus? A virus is a program that installs itself on your computer with malicious intent. Generally this is installed without your permission, but can use “tricks” to get you to install it.
 
What is Spyware? Spyware is loosely defined as a program you install that has legitimate use, but its main drive is to use your computer’s resources in ways that are not explicitly mentioned. For example, a program that stores passwords for you, but also keeps track of the websites you visit and “phones home” to send marketing data to the originating company. This is not essential to get rid of, but isn’t recommended to have, as the programs often have bugs and security holes in them.
 
What is Anti-Virus? Anti-virus is software that protects your computer from viruses. In most cases, this software scans files as they are accessed. This is called “On Access Scanning.” It is very important to only have one On Access Scanner on your computer at a time.
 
What is a Virus Removal Program? This is a program that is run to remove a virus from your computer if it gets past your Anti-Virus. It doesn’t run in the background on your computer, but is run in response to an infection. A Virus Removal Program can target a specific virus, or a group of viruses.
 
How can a virus get by my Anti-Virus Program? The analogy I’ve found best works on this is to think of your Anti-Virus Program as airport security. There are a few steps in airport security: When you buy your ticket, your name is checked with the No-Fly List. When you go to the airport, they scan your checked luggage and also bring you through a security checkpoint.
An Anti-Virus Program works in a similar way: When a program is copied to your computer, it’s checked against your virus definitions (No-Fly List). If it’s on there, the Anti-Virus will stop it and either delete it or move it to a safe area called Quarantine. Then, when the program is run, it checks to see what it’s carrying (in the case of a virus, this is called a payload) and for any suspicious activity. If the Anti-Virus sees anything that looks suspicious, it will usually prompt you for further action.
 
Despite these measures, it’s always possible for a virus to slip through. If your virus definitions (No-Fly List) are out of date, a newer virus may be able to slip by. If the virus conceals its payload well enough, it may be able to get through the “security checkpoint” that scans it when it is run. No Anti-Virus is foolproof, but by keeping it up-to-date, it can catch most infections before they get on your computer.
 
Why is it important to only run one On Access Scanner? To understand this, it’s first important to understand how an On Access Scanner works. Here are the simplified steps that happen when a file is accessed, using a JPEG Picture file as an example.

  1. You double-click on the JPEG Picture file.
  2. The On Access Scanner detects an attempt to access the Picture, and starts an On Access Scan on the file.
  3. If the Picture has virus code in it, your Anti-Virus will prompt you for further instructions. If it is clean, the Anti-Virus will pass the Picture through to the program that opens pictures.

 
Here is what happens to open that same picture with two On Access scanners. I’ll refer to them as Alice and Bob to differentiate.

  1. You double-click on the JPEG Picture file.
  2. Alice detects an attempt to access the Picture, and starts an On Access Scan on the file.
  3. If the Picture has virus code in it, Alice will prompt for further instructions. If not, it will attempt to pass the Picture through to the program that opens pictures.
  4. Because Alice scanned the program, Alice accessed the file. Bob detects the access that Alice caused on the file and starts an On Access Scan on the file.
  5. If the Picture has virus code in it, Bob will prompt you for further instructions. If not, it will attempt to pass the Picture through to the program that opens pictures.
  6. Because Bob scanned the program, Bob accessed the file. Alice detects the access that Bob caused on the file and starts an On Access Scan on the file.
  7. Go back to step 2.

 
In this scenario, both On Access scanners are stuck in a loop scanning the same file over and over. Each scan will use a small amount of system resources, but when it’s in an endless loop, those small amounts add up to a large amount of resources used and the computer starts to slow down. Usually this will continue until one of the Anti-Virus programs errors out or the operating system (Windows, OS X, etc.) fails and crashes the computer. Having two On Access Scanners running at once can essentially render your computer useless until one of them is removed.
 
If you get into a situation where you have a virus that you just can’t get rid of, we’ll be happy to help remove that. As part of our Virus removal service, we’ll remove the virus, make sure that your computer doesn’t have any other viruses, repair any damage from the virus, and install updated Anti-Virus software to prevent any new viruses from getting in. Check our pricing page for details on our current pricing.