So far in this series we defined malware, looked at how it can get into a system, and the steps to take to defend yourself. With all that said, how do you tell if you already have one? This week we’ll provide actionable tips to check for malware even if your anti-virus is reporting all clear. We are Microsoft Windows based here at Systems Support, so the majority of tips and tricks are aimed towards a Windows user.

Overall, the biggest way a user can detect malware is through one major piece: slow performance. It is a dead giveaway for a virus. Given that malware is looking to either replicate itself, use your system resources for something else, or comb for information, the easiest way to spot malware is through a process taking up more resources than is reasonable. A quick caveat, it is important to be careful when poking around in things like Task Manager. This is where expertise comes in, you have to know not to kill a process like svchost.exe because it may be running an update for you in the background that when unexpectedly terminated causes some real headaches. These tips are more for helping you see if you should seek out professional assistance. Couple that with some viruses name themselves the same thing as legitimate Windows processes, you have to know what you’re doing when you go to remove the virus.

With that out of the way, let’s get started. Check in Task Manager if either CPU or Memory is running abnormally high for doing much of nothing (for example, CPU above 40% and memory above 80%). It might be that your machine just runs that way. I have an old laptop that sits at those numbers just because it is woefully underpowered for modern applications and browsers. See if any process in Task manager is taking up an abnormally high set of resources (for example, some audio program taking up 1000MB of memory, or a Word document doing the same). Modern web browsers like Chrome and Firefox will take up that level of memory and that’s because of how they’re designed: take up a lot of local memory to help websites run smoother. However, when Chrome takes up more than half your RAM and you only have 1 tab open, it’s time to take a closer look.

Chrome has its own task manager, which you can find under the More Tools menu of Chrome, or by pressing Shift + Esc. From there, you’ll see the different plug ins and processes running within Chrome itself. Everything in there should look familiar, the extensions should be one you knowingly downloaded, and different tabs will have some subframes within them related to other websites (for example, Facebook will usually have a subframe that is checking in on what content you’re viewing on the web to show you relevant content in your news feed). A big thing to be wary of within Chrome is the presence of a crypto miner. Some extensions will run a cryptocurrency mining rig in the background of Chrome or other browsers, so it looks like the web browser is using most of your system resources instead of malware. Usual suspects for crypto mining malware packages are in Chrome extensions you didn’t ask for.

In conclusion, there are usual giveaways that something is going amiss with your system and the easiest way to tell is if your system is running slow. Taking a look to see if anything is hogging system resources from Chrome to your Task Manager is a quick way to figure out if something is running slow and if a virus is present. However, this is a relatively outdated method of checking for viruses. This method will really only find a crude crypto-mining virus that’s using your system to mine Bitcoin or some other cryptocurrency. Almost all modern viruses have a way to mask their behavior and trick the operating system into not showing any signs that something is wrong. However, taking a look at your machine and checking in on its general health by checking task manager is a good start and a good way to get more familiar with a tool you use every day. A final reminder, please don’t try and start killing processes in task manager without knowing what you’re doing. We’ve seen one too many PC’s that went from bad to worse when someone crashed out a critical Windows program that looked suspicious.