in , ,

How to scan your Windows 10 PC for viruses or malware [troubleshooting guide]

Malware infection can take many forms and even those that practice every conceivable strategies to avoid them can still fall victims from time to time. If you think your PC may be infected by a virus, our suggestions below may help.

Keep in mind that the most effective way to fix a malware infection is by prevention. Be sure to update programs and Windows regularly, never fall on clicking links from suspicious sources, never open spam or emails from unknown senders, and always activate your security software.

Before we proceed to the main topic though, we would like to remind you that we accept requests for assistance regarding their Windows computers. If you have a problem that you can’t seem to find a solution to, send us your issue by following the link at the bottom of this page. Just remember, windows problems can sometimes be difficult to diagnose so kindly make sure that you give us very detailed description of the problem. You want to mention relevant history that may have led to the issue. The more information that you can provide, the higher the chance of us diagnosing the issue more efficiently. We also expect that you mention whatever troubleshooting step/s that you may have done before contacting us in order to prevent repeating them in our article. Again, the more details you can give us, the faster it is for us to pinpoint the cause and its corresponding solution.

How to know if your Windows 10 PC is infected by a virus

There can be a number of reasons why you would want to scan your computer for malware. Maybe you’ve noticed some irregularities with some programs or the computer has started showing those pesky popups again. Whatever your situation is, here are the common signs that you must watch out for that can signal presence of malware in your device:

  • Slower performance. Computers are expected to slow down as they age. Continued use can take a tool in the hardware and software in general. However, if you noticed that your PC has become significantly slower, even when you’re not running demanding programs, it may be due to a virus infection.
  • Random crashes. If your computer has suddenly become problematic and keeps crashing for no obvious reason, it can signal a malware infection. In some cases, the dreaded blue screen of death (BSOD) can occur while in the middle of doing a normal task. Make sure to scan your computer right away for possible malware.
  • IP address has been blacklisted. Under normal circumstances, your IP address should not be blocked or blacklisted. However, if you receive a message from your ISP or from any other source saying that your IP has been blacklisted, that can be a sign that your computer has become a zombie device for spam-sending botnet.
  • Antivirus won’t update, or won’t turn on. One of the first things a malware does is to disable your computer’s security software so it can do whatever it wants. If you noticed that your antivirus software no longer runs, or won’t install any update at all, there must be something wrong.
  • Hard drive is constantly running. You’ll only notice this when you’re not using your computer. If your PC is idle but the hard drive seems to continue working, it’s possible that a virus is trying to use it.
  • Strange Windows. Another good sign to watch out for is when your computer shows up  a popup on its own after boot up, telling you that it has lost access to drives.
  • Program runs or access the internet on its own. If a program open up automatically without you initiating it, or if your firewall notifies you that a program it trying to access the internet on its own, you can bet malware is active in the system.

How to scan your Windows 10 PC

If any of the signs above happen in your PC, you should seriously consider scanning it right away.

Scan with Microsoft Windows Malicious Software Removal Tool (MSRT)

MSRT is a free scanning software from Microsoft that’s designed to identify and remove known malware. It’s a limited security software that covers “prevalent malware” protection but we still recommend it anyway. If the malware present in the system is identified by MSRT, it can easily remove it for you. On top of that, you don’t have to shell out additional cash to buy it.

To download and install Microsoft Windows Malicious Software Removal Tool, visit Microsoft’s site in this link.

We suggest that you do a full scan instead of a quick scan so a more thorough search is done. To save time, you can clear your computer’s temporary files first.

Keep in mind that MSRT is not a substitute for a good antivirus program. To maintain higher level of security for your machine, install an antivirus product.

Install antivirus updates

If you have a non-Microsoft security software installed, make sure that it’s up-to-date. Like any other program in your computer, known bugs, viruses and malware may be fixed by simply hitting the update button. An antivirus product in particular needs to update its virus and malware definitions to allow it to identify new threats. By default, antivirus products should update themselves automatically every time internet connection becomes available but if you chose to limit it before, be sure to manually check for updates. Some malware may choose to disarm your antivirus right away by turning it off, or preventing it from updating. Look for the update button and see to it that it updates properly. Once the update is finished, begin scanning your machine right away.

Make sure to scan the entire machine periodically

Most antivirus programs, in order to make scanning convenient and fast, are set to do a quick scan only. Such type of scan only covers frequently targeted portions of Windows PC software that your antivirus has identified. While sometimes effective, it may not include other important parts of the software that can potentially hide malware. Let your antivirus scan every drive in your computer, including, if you have, and external hard drive/s or USB stick.

How to remove malware or virus from your Windows 10 PC

Generally, an antivirus scan should be able to identify and remove a malware from your machine. If that doesn’t happen, or if the antivirus won’t work because it’s being blocked or disabled by the malware itself, you can try more drastic solutions.

Boot to safe mode

Some malware may prevent you from logging into Windows, effectively logging you out to do basic troubleshooting like doing an antivirus scan.

To fix this type of issue, you need to boot the phone to Safe Mode. This will prevent some viruses to load together with Windows, allowing you remove them manually if necessary. To load your Windows 10 PC to safe mode, follow these steps:

  1. Restart your computer.
  2. Once you get to the sign-in screen, hold the Shift key down while you select Power icon (circle with a vertical line at the top). There should be at least three options: Sleep, Shut down, and Restart.  Select Restart.
  3. Wait for a few moments.
  4. When the PC has briefly restarted, select Troubleshoot.
  5. Then, click on Advanced options.
  6. Click on Startup Settings.
  7. Click on Restart.
  8. Wait until the PC has restarted wait for a list of options to appear. Select 4 or F4 to start your PC in Safe Mode.

Remember, when Safe Mode is enabled, only the basic services and programs will run. If you picked Safe Mode only and not Safe Mode with Networking, even internet connection won’t work. If the type of malware infecting the device is designed to load automatically when Windows boots up, safe mode will prevent it from running.

If you badly need your PC to surf the web to access tutorials and guides while troubleshooting, you can boot to Safe Mode with Networking by following the steps below:

  1. Restart your computer.
  2. Once you get to the sign-in screen, hold the Shift key down while you select Power icon (circle with a vertical line at the top). There should be at least three options: Sleep, Shut down, and Restart.  Select Restart.
  3. Wait for a few moments.
  4. When the PC has briefly restarted, select Troubleshoot.
  5. Then, click on Advanced options.
  6. Click on Startup Settings.
  7. Click on Restart.
  8. Wait until the PC has restarted wait for a list of options to appear. Select 5 or F5 to start your PC in Safe Mode.

Delete Windows 10 cache or temporary files

Once the phone has booted to Safe Mode, the next thing that you want to do is to attempt a virus scan again. We would like to think that your antivirus will be able to fix the issue at this point. Before you do that though, make sure that you delete the operating system cache to speed up scanning. Some malware are designed to disguise themselves as temporary files so wiping the system cache may effectively purge them too.

Alternatively, you can run the Disk Cleanup tool:

  1. Boot to safe mode
  2. Right click on Start button.
  3. Open Disk Management.
  4. Click File.
  5. Click Options.
  6. Click Disk Cleanup.
  7. Click Delete Files button.

For more advanced steps on how to delete the system cache or temporary files, follow this link.

Edit the registry

Other types of malware can bury deep inside the system by creating false entries in your computer’s registry. Registry is a complex database of all possible operations in your machine. It’s a vital component of the operating system and for other programs that are designed to use it. Everytime you install a program, the registry is updated with a new set of instructions that are kept in a specific location. File references will also be added to allow other programs to interact with the newly installed program. Most programs utilize the registry in Windows machines. It is for this reason that, some malware may specifically target the registry to change computer behaviors. Troubleshooting the registry is a recommended step but only for those with advanced knowledge of Windows and computing in general. Tampering with the registry can lead to serious problems and can render a machine inoperable.

Unless you know exactly what to look for in your computer’s registry, we would advise against it. However, one possibly helpful way is to look for obvious signs of malware entries in your registry. Try to look for unfamiliar names and Google them. Some misspelled entries may be a telltale sign of a malware so look them up too. If you are positive that you’ve identified a malware, right click on the entry and hit Delete.

To check for false entries in your registry:

  1. Turn on your PC.
  2. Click Start button.
  3. Type regedit in the search box, then hit Enter
  4. Open the following directory by double-clicking on each folder in the hierarchy: HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion
  5. Scroll down and look for folders that start with Run. Depending on your computer, you may see Run, RunOnce, Run-Disabled, etc. There can be as many as six entries there that starts with Run.
  6. If you noticed any misspelled or unfamiliar word, search it up in Google to know what it is. For instance, my laptop has an entry under HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion named RTFTrack.exe because it’s a Lenovo. Other non-Lenovo devices will not have it.

VERY IMPORTANT:  As mentioned above, tweaking the registry is not for average users. If you don’t know what you’re doing, or if you’re not sure that the entry you’re trying to delete is a malware or not, just leave it for now.

How to create a back up of the registry in your Windows 10 PC

To be on the safe side, be sure to back your registry up before editing it. You can do that by doing the following:

  1. Turn on your PC.
  2. Click Start button.
  3. Type regedit in the search box, then hit Enter.
  4. Click File.
  5. Click Export.
  6. Rename the registry file to the one you want.

If something happens bad to the registry, you can simply re-open the registry, go under File>Import to restore your backup.

 

 


We are here to help

If you are having a problem with your Windows computer, don’t hesitate to let us know about it. We understand how frustrating computer problems can be so, more so if you can’t find the right solutions at all. Our blog exists to help PC users and Windows community deal with their problems effectively. To engage with us, just fill out the questionnaire in this link and wait for our articles to be published. In order to help as many people as possible, we only provide our solutions via posts so please don’t expect that we will respond to your emails or private messages. By making all posts public, we can share our solutions to other users in a more efficient manner. We cannot guarantee a quick response so if your issue is time sensitive, please find another way to resolve your problem.

Three ways to reset your MacBook Pro [tutorial]

How to fix slow internet or slow browsing issue in your Windows 8, 10 PC