HOWTO: Deep Scan for Malware

Category: Security

A reader asks: 'My anti-virus software offers me the option to run a quick scan or a full scan. I've always run the quick scan, because that's the recommended setting. What does a full scan do, and how would I know if I need to do one?' Read on to learn about deep scanning, to check every nook and cranny of your computer for malware...

What is a Deep AntiVirus Scan?

As you've noticed, the "quick scan" option is the default in almost every anti-virus and anti-malware software. A quick scan examines only the most common spyware hiding places, such as the Windows system folders, your Documents and Settings folder, and the registry.

A deep scan, sometimes referred to as a "full scan", "complete system scan", or "whole computer scan" examines every bit of your computer's RAM memory, hard drives, and removable drives. A deep scan will also scan your startup programs and the Windows registry for any traces of malware.

Malware (viruses, spyware and other nasties) usually comes in the form of an EXE or DLL file, but it can also hide in a JPG file (graphics image), a DOC file (Microsoft Word), a PDF, and many other places you wouldn't expect. If a virus is lurking anywhere on your hard drive, external drive, flash drive, or on a CD/DVD disk, a deep scan should find it.

Antivirus Deep Scan

Because it must open and scan through every file on every drive, a full scan will take a lot longer than a quick scan. You should set aside at least two hours to allow a full system scan to complete. You can continue to work while the scan is in progress, but performance will probably take a significant hit due to the disk-intensive scanning operation.

How often should you run a full or deep scan? Most experts agree that a scheduled quick scan will do a good job of protecting you, if run on a daily basis, along with real-time malware detection. These are standard features for almost all anti-virus software, even the free versions. I would definitely recommend a full scan if you suspect that your system is infected. Beyond that, a full scan once a month seems more than sufficient. If you're paranoid, or just have CPU cycles to burn late at night, schedule a deep scan to run weekly.

How to Start a Full Scan

There are many different anti-virus programs available, so it's not always obvious how to initiate a full anti-virus scan, and which options are important. Below are step-by-step instructions for deep scanning with the most popular free anti-virus programs. Click the desktop icon or the mini-icon in the task bar to open your program's main menu, then jump to the appropriate set of instructions. If you don't have an anti-virus program yet, or you want to check into free alternatives to the paid security software you now have, see my related article on Free Anti-Virus Programs before continuing.

Avast Free - Full Scan

  • On the Avast main menu: click "Scan"
  • In the dropdown box, select "Full system scan"
  • Click "Settings"
  • Under "Scan Areas" select "All harddisks", "Rootkits (full scan)", and "Auto-start programs and modules loaded in memory".
  • Check the box next to "Scan all files"
  • Select the "content" option under "Recognize file types by"
  • Click OK to save settings
  • Click Start to run the scan.
  • If desired, run the "Removable media scan" with the same settings.

AVG Free - Full Scan

  • On the AVG main menu: next to "Scan Now", click the options icon (the three horizontal bars)
  • Next to "Scan Whole Computer", click the options icon
  • Check all boxes (except "Scan for tracking cookies")
  • Click "Additional scan settings"
  • Under File types for scanning, select "All file types"
  • Check "Scan files without extensions", then click OK
  • Click "Start Scan" button
  • Click "Stop" to cancel a running scan. You won't hurt anything, just scan again later if desired.

Avira Free - Full Scan

  • On the Avira main menu: click "System Scanner"
  • RIGHT-click "Complete System Scan"
  • Select "Start Scan (admin)"
  • Click OK or YES on the security popup
  • Right-click "Scan for Rootkits and active malware"
  • Click OK on the security popup
  • Select Start Scan (admin)

Microsoft Security Essentials - Full Scan

  • On the MSE main menu: select the "Full" radio button
  • Click "Settings" tab, click "Advanced", then select these options:
    • Scan archive files
    • Scan removable drives
    • Create a system restore point
    • Allow all users to view full History results
  • Save changes, return to the Home tab, and click "Scan Now"

MalwareBytes Anti-Malware - Full Scan

In addition to the full scan option in your antivirus program, I recommend that you download the free MalwareBytes Anti-Malware (MBAM) program and run the full scan option in this program as well. MBAM scans for all types of malware (not just viruses) and sometimes finds things that are not detected by dedicated anti-virus scanners. MBAM makes it easy:

  • At the top of the MBAM main menu: click the "Scan" icon
  • Select the "Custom Scan" radio button and click the "Scan Now" button.
  • Under "Custom Scanning Options" check all the boxes
  • Select the disk drive(s) you want to scan.
  • Click "Start Scan" to start the scan

Microsoft System Sweeper - Full Scan

If you are not able to start your computer due to a malware infection, the Windows Defender Offline (WDO) is a stand-alone deep scan utility that runs from a bootable CD or USB flash drive. You can also use WDO as an adjunct to the full scan option of your installed anti-virus software.

Too Much of a Good Thing

Let me repeat a caution here that I've mentioned before. It's okay to run a dedicated anti-virus program along with an on-demand scanner such as MBAM. But I strongly advise that you run only ONE dedicated anti-virus program at a time. If you run two or more, the real-time virus detection engines can actually fight with each other. Each will think the other is an attacking virus, and the ensuing battle for supremacy can bring your system to a crawl.

I actually just tested this on my Windows 7 laptop. After installing Microsoft Security Essential, Avira, and Avast, my system came to what seemed like a complete halt. I hit the power button to reboot, and 20 minutes later it was still cranking away. Try to open any program or navigate the web was like swimming in wet cement.

Do you have something to say about running a deep antivirus scan? Post your comment or question below...

 
How Else Can I Help You?   (Enter your question in the box above.)
 

Sign up now for AskBob Updates!

Boost your Internet IQ, keep up with the latest online trends... get your FREE subscription now!


Email:


Posted by on 24 Apr 2014


For Fun: Buy Bob a Snickers.
Need More Help? Try the AskBobRankin Updates Newsletter. It's Free!

Prev Article:
SSD Hard Drives Offer Blazing Speed

The Top Twenty
Next Article:
The Best Upgrades for Your Computer?

Link to this article from your site or blog. Just copy and paste from this box:


Most recent comments on "HOWTO: Deep Scan for Malware"

(See all 21 comments for this article.)

Posted by:

onedeafeye
24 Apr 2014

I use Avast and I've always used Boot-time Scan as I've been under the impression that it's easier to catch baddies if you can get them before they become active. It only takes an hour and a bit, so I let it run while I'm working out. By the time I'm done, so is the scan.
Would anyone know if a Boot-time Scan is actually more effective than a Full System Scan?


Posted by:

Rick
24 Apr 2014

On the Avast Free software, it has an option that I have found very useful, Boot scan. It will do a deep scan on your next boot up before loading Windows. After the scan has finished, it continues on to load windows. My advise at this point is to reboot Windows from the options on the sign in window because Windows seems to get cranky if you go on to sign in. I have XP Pro.


Posted by:

Steve Jay
24 Apr 2014

My antivirus provider (Trend Titanium) had me remove MBAM from my W8 telling me it interfered with their product's operation. Is this true as you have always implied that MBAM could be used with other security software. Thanks in advance for your response.

EDITOR'S NOTE: If you mean the paid version of MBAM that runs in "always on" mode, then MAYBE. But if you had the free MBAM that only runs on-demand scans, then you got wrong info.


Posted by:

Don
24 Apr 2014

I use free Avast and do a full scan once a week. I had 2 viruses one week and Avast recommended that I do a boot-time scan. The same 2 viruses were picked up on boot-time scan that had been quarantined on the full scan.I do quick scan twice a week which takes about 8 minutes, full scan once a week which takes about 40 minutes and boot-time scan once a month which takes more than an hour.


Posted by:

Steve
24 Apr 2014

Just letting you know that I actually run two programs together in real time- the free version of Bitdefender and the paid-for version of Malwarebytes. They seem to work very well together with no noticable hit on the processor and each seems to catch something the other doesn't. Malwarebytes seems to catch more however.


Posted by:

Doc
24 Apr 2014

I run a complete FULL deep scan (every box checked) a couple of times a week, and a quick scan every day using MBAM (free) in addition to the real-time scanner provided by my ISP. It seems that MBAM feels that many of the 'free' downloads you get from CNET and other sites (some streaming video and PDF files) have PUP's (Potentially Unwanted Programs) bundled in with their download. These PUP's can do things like install unwanted toolbars, and some are felt to have the potential to put ". . .deep hooks into your system files . . ." and open up your computer to adware you might not want.

MBAM says that they are often not an immediate threat, but may leave your computer open to other programs downloading themselves without your permission or knowledge.

A full scan DOES take a long time, so I do it when I'm out of the house and running my dogs each evening. It's not something you want to do if you are doing any kind of serious work (intensive cpu cycles) on your computer -- you may go insane.


Posted by:

Dell
24 Apr 2014

I don't care if it takes all night, I trigger the full Malwarebytes scan before light's out and deal with the results (almost always clean) the next morning. I do the same with MSE, but trust Malwarebytes more.


Posted by:

JP
24 Apr 2014

I upgraded to MBAM v. 2.0 (free) when it was first released. Tried it and didn't like how much longer it took to run even the "quick" threat scan. It took about twice as long as the previous version. As a result of that as well as not liking the new, "improved" UI, I uninstalled the new version and reinstalled the old one. I'm still able to get several updates each day, get the familiar interface, and enjoy much faster scans.


Posted by:

Buffet
24 Apr 2014

I have always run a full scan with MBAM and NOD32, never a "quick" scan!
Why would I?


Posted by:

JR
24 Apr 2014

I have Kasersky installed on my machine and I guess that I must be super-paranoid. I run a Quck Scan every morning and a Full Scan every evening. I shut the machine down at night and start it in the morning when I am back. I run the Vulnerability scan once per week.

Seems like Bob would consider this to be crazy overkill, no?


Posted by:

DataDoc
25 Apr 2014

One other thought about MBAM - I have run it under Windows and found a few threats, then re-run it in Windows "Safe Mode" and found MANY more. Any system I suspect is infected gets MBAM and SuperAntiSpyware run in Safe Mode. (I am a Tech)


Posted by:

Warren S.
25 Apr 2014

I recently had an issue that the program -Super Anti Spyware-was able to find and delete. All the others did not see the issue. I also only run these types of programs "on demand."

Good luck.


Posted by:

Tom
25 Apr 2014

I had to pay to have my laptop hard disk totally stripped of all data and the operating system reinstalled, and after that the stripped data reloaded. Why? Somehow this program got installed: "mysearch dot avg dot com" got loaded. It prevented access to the internet, so I could not fix even update my avast program. And I don't have any "AVG" programs on my machine. We are still reloading the programs that got removed.


Posted by:

Jon
25 Apr 2014

Really a follow up question. How would you rate the emergence of the 'Whitelist' virus etc. protection compared with the normal 'Blacklist' system used by most?

Basically I use Kaspersky (provided free by my Bank - weirdly British?) and also have PC Matic without their anti-virus activated, and wonder if I should just delete Kaspersky.

Thanks for the info but the more info I get the more I hide in 'senior moments' .

EDITOR'S NOTE: I think a combination of blacklist and whitelisting, along with signature scanning and heuristics offers the most comprehensive protection. PC-Matic does use a whitelist, so I thnk you'd be fine to use that and drop Kaspersky.


Posted by:

D V N Sarma
25 Apr 2014

I had Avast free and SpybotSD on my XP Pro for a long time and now I have MSE and MBAM Free also. They seem to coexist without much trouble.


Posted by:

intelligencia
25 Apr 2014


@DataDoc

Sounds like fine advice as it makes sense.

I thank you for the tip of running MBAM in "Safe Mode" for a more Thorough scan!


Posted by:

onedeafeye
25 Apr 2014

@DataDoc
https://helpdesk.malwarebytes.org/entries/42699408-Should-I-scan-with-Malwarebytes-Anti-Malware-in-Safe-Mode-


Posted by:

Dan
19 May 2014

Like I recommend to anyone I talk with: do system backups regularly, preferably with a reliable imaging tool. I'm still baffled that in 2014 computer users still have to reinstall their OS after a disaster. There are lots of tools out there to help you prevent having to do that. Bob has talked about them.

I use Bitdefender as my active scanner, Clamwin as my static scanner and MBAM Free. It all works quite well.


Posted by:

Dan
05 Jun 2014

Here's what I have and what I do: I have Hitman Pro, Malwarebytes Pro, Avast Internet Security-with the free version of their virus scanner.

I run Malwarebytes Pro and Avast full time-they do not interfere with each other. I use Hitman Pro only on demand. All my security utilities are nested on my task bar for quick activation when needed.

If I suspect something strange, I activate a scan from one, or all the scanners. Also, if I feel that I have been online too long, and while still online, I activate Hitman Pro for a quick scan. This set-up has kept my computer clean for months-each has caught something at different times.

Thanks for your time.


Posted by:

Phil
06 Jun 2014

Bob,

I've been using MBAM for years based on your recommendation. But recently I've had trouble with the program in that it wouldn't install properly nor update or run.

Tried downloading it several different times and reinstalling. No luck in that each time I'd get the same several errors. I even uninstalled it with a deep uninstall feature using IObit Uninstall. Still couldn't get it to install.

So I did a search this morning for the errors I kept getting, and evidently there were others who were having the same problem. I found the following link in my Google search to the MBAM Web site that offered the solution that worked. You have to use "their deep uninstall program" to completely uninstall a previous version before the update can be installed.

Here's the link: https://forums.malwarebytes.org/index.php?showtopic=146017


There's more reader feedback... See all 21 comments for this article.

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.


Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- HOWTO: Deep Scan for Malware (Posted: 24 Apr 2014)
Source: http://askbobrankin.com/howto_deep_scan_for_malware.html
Copyright © 2005 - Bob Rankin - All Rights Reserved