Run a full scan in your built-in security app, update definitions first, then quarantine flagged items and restart to finish cleanup.
A virus scan is one of those chores you only notice when it’s missing. Your laptop starts lagging, the browser opens tabs you didn’t ask for, or a login alert pops up from a place you’ve never been. A scan won’t fix every computer problem, but it’s the fastest way to answer one question: is malware part of what’s going on?
This walkthrough covers clean, no-drama scans on Windows and Mac, plus what to do with results so you don’t accidentally click “allow” on the one thing you wanted gone. You’ll also see when a quick scan is enough, when a full scan makes sense, and when an offline scan is the better move.
What a virus scan actually does
A virus scan checks files, apps, and system areas for patterns and behaviors linked to malware. Modern tools mix signature matching (known bad) with behavior checks (suspicious actions) and cloud reputation (files seen across many devices).
Scans usually land in four buckets: quick, full, custom, and offline. Quick scans target the spots malware hits most. Full scans crawl far more files and can take a while. Custom scans let you aim at a folder, a drive, or a download stash. Offline scans restart your PC into a safer state so stubborn threats have fewer places to hide.
Before you scan, do these three prep steps
Two minutes of prep can save you a messy rerun.
- Save your work and close apps. Scans can spike disk use. Closing big apps keeps the scan smoother.
- Update security definitions. A scan with old definitions can miss newer threats.
- Plug in power. A full scan on a laptop can run long enough to drain a battery.
If you suspect you clicked a sketchy attachment or installer, disconnect from the internet after definitions update. That cuts off common “phone home” behavior while you scan and clean.
How To Run A Virus Scan on Windows 11 and 10
Windows includes Microsoft Defender, and it’s already wired into the system. That means you can run strong scans without shopping for extra tools.
Run a quick scan
- Open Windows Security (type it in the Start menu search).
- Select Virus & threat protection.
- Choose Quick scan.
A quick scan is a solid first pass when things feel “off” but you don’t have a clear cause. If the quick scan finds something, you’ll usually want a follow-up full scan after cleanup.
Run a full scan
- Open Windows Security → Virus & threat protection.
- Select Scan options.
- Pick Full scan → Scan now.
Full scans take longer, so start one when you can let the machine work. You can still use the computer, but it may feel sluggish if the disk is busy.
Scan a single file, folder, or drive
If you only want to check a download or a USB stick, a targeted scan is faster.
- In File Explorer, right-click the file or folder.
- Select Scan with Microsoft Defender (you may need “Show more options”).
This is also the move after you download an installer from a site you don’t fully trust. Microsoft’s steps for scanning a specific item are laid out here: Scan an item with Windows Security.
Use an offline scan when malware fights back
Some threats try to load early and block security tools. If scans keep failing, or you see threats returning after removal, use an offline scan.
- Open Windows Security → Virus & threat protection.
- Select Scan options.
- Choose Microsoft Defender Offline scan → Scan now.
Your PC restarts and runs the scan outside the normal Windows session. Save anything open first.
Run a virus scan on Mac without overcomplicating it
macOS includes multiple built-in layers that block and remove known malware. A “scan” on Mac often looks different than on Windows because Apple focuses on preventing untrusted apps from running in the first place, then stopping known threats when they appear.
Start with built-in protections
These checks are quick and catch a lot of common problems.
- Update macOS. Security updates can refresh malware protections.
- Check app sources. Installing only from sources you trust cuts risk.
- Review Privacy & Security settings. Make sure you haven’t loosened controls during a rushed install.
Apple summarizes the system protections and safe-install approach here: Protect your Mac from malware.
When you should use a dedicated scanner on Mac
Use a dedicated scanner when you see clear signals: persistent pop-ups, new browser extensions you didn’t add, sudden proxy settings, or repeated “login item” prompts. A reputable on-demand scanner can help confirm what’s present and remove it.
If you install a scanner, treat it like any other software: download from the vendor’s official site, avoid “free scan” ads, and uninstall tools you don’t plan to keep. Keep only one real-time antivirus running at a time if you use one, or you can end up with conflicts and false alarms.
How to scan safely on phones and tablets
Phone malware is real, but the clean-up steps depend on the platform.
Android
Start with Play Protect scans in the Play Store, then remove unknown apps you installed around the time issues started. If problems persist, reset browser settings, clear storage for the browser, and check for device admin apps you don’t recognize.
iPhone and iPad
iOS and iPadOS don’t allow traditional antivirus scans across the system. The practical “scan” is a review: remove suspicious profiles or VPN configs, delete unknown apps, reset Safari website data, and update iOS. If the device is acting hijacked, a clean restore from a known-good backup is often the fastest fix.
Scan types and when to use each
If you’re unsure which scan to run, match the scan to the situation. This keeps you from wasting time on a full scan when a targeted scan would do, or missing a deeper threat because you stopped at “quick.”
| Scan type | Best time to use it | What it touches |
|---|---|---|
| Windows quick scan | PC feels weird, no clear trigger | Common malware locations, running processes |
| Windows full scan | After a risky download, repeated alerts | Most files, installed apps, system areas |
| Windows custom scan | Only one folder, drive, or USB worries you | Selected paths you choose |
| Windows right-click scan | Checking a single installer or attachment | One file or folder you select |
| Windows offline scan | Threat returns, scan keeps failing | Runs before normal Windows loads |
| Mac built-in protections check | General safety tune-up | OS security updates, install controls |
| Mac on-demand scanner | Pop-ups, extensions, settings changes | User files and common persistence spots |
| Android app scan + cleanup | Battery drain, odd ads, new apps appeared | Installed apps and risky permissions |
How to read scan results without making things worse
After the scan finishes, you’ll see one of three outcomes: no threats, threats removed, or threats needing action. The last one is where people get tripped up, since the screen can include buttons like “allow” or “restore.” Slow down and read each item.
No threats found
This is good news, but it doesn’t guarantee your device is clean. Some threats are more about browser settings, shady extensions, or unwanted apps that count as “potentially unwanted” rather than classic viruses. If you still see problems, move to browser cleanup, startup items, and installed-app review.
Threat quarantined or removed
Quarantine means the file is blocked and isolated. Removal deletes it or reverses changes. Restart if prompted. Then run a full scan to confirm nothing else is waiting.
Threat allowed
If you ever clicked “allow” on something because you wanted a file to run, undo it. Go back to protection history (or your security tool’s history) and remove the allowed item. If you’re not sure what it was, err on the side of blocking it.
What to do after the scan
A scan is step one. Cleanup and prevention are step two. These moves take little time and cut repeat infections.
- Update your OS and browsers. Patch gaps that malware uses to get back in.
- Change passwords for accounts you used during the infection. Start with email, then banking, then shopping.
- Turn on multi-factor authentication. Use an authenticator app when possible.
- Review startup items and browser extensions. Remove what you don’t recognize.
- Back up data. Keep at least one backup offline or disconnected when not in use.
If you handle sensitive work, treat a confirmed infection as a reason to rotate passwords from a clean device, not the infected one. That avoids handing new credentials to a keylogger.
Common scan problems and quick fixes
The scan is stuck
Give it a little time, then check disk activity. Large archives and old external drives can slow scans. If it’s frozen for a long stretch, restart, run a quick scan first, then try a full scan again with fewer apps open.
The scan keeps finding the same threat
This points to persistence. Use an offline scan on Windows. On Mac, review login items, browser extensions, and recently installed apps, then run an on-demand scanner if symptoms remain.
You get alerts for files you recognize
False positives happen. If the file is from a vendor you trust, verify it by downloading again from the vendor’s official site, then scan the fresh copy. Don’t restore a quarantined file just because it breaks a workflow.
Your device is still acting strange after a clean scan
Shift your attention to these areas:
- Browser settings: homepage, search engine, extensions, notifications
- Network settings: DNS, proxy, unknown VPN profiles
- Storage: low disk space can mimic malware symptoms
- Overheating: dust and background apps can cause slowdowns
| Result you see | What it usually means | Next move |
|---|---|---|
| No threats found | No known malware detected | Check browser extensions and startup items |
| PUA or unwanted app flagged | Adware, bundlers, pushy installers | Remove it, then reset browser settings |
| Threat quarantined | File isolated so it can’t run | Restart, then run a full scan |
| Threat removed | File deleted or changes reversed | Update OS and browsers, rotate passwords |
| Threat blocked while running | Active process was stopped | Run an offline scan on Windows |
| Repeated detections | Persistence or reinfection | Offline scan, then check installed apps |
| Suspicious network warnings | Proxy/DNS/VPN changes | Reset network settings, change passwords |
How often you should run scans
If real-time protection is on, you don’t need to run full scans every day. A simple cadence works for most people:
- Quick scan: weekly, or after a risky download
- Full scan: monthly, or when alerts pop up
- Targeted scan: any time you plug in a USB drive or run a new installer
If your device is shared, used for lots of downloads, or connected to many external drives, run full scans more often. Keep the routine steady and boring. That’s the goal.
Small habits that cut malware risk
You don’t need paranoia. You need a few steady habits.
- Install apps from sources you trust.
- Skip “driver updater” pop-ups and fake download buttons.
- Use a password manager and unique passwords.
- Keep your router firmware updated and change default admin passwords.
- Back up files so ransomware can’t hold them hostage.
A virus scan is your check-engine light. It won’t replace safe driving, but it tells you when something’s wrong and gives you a clean next step.
References & Sources
- Microsoft Support.“Scan an item with Windows Security.”Steps for scanning a specific file or folder with Microsoft Defender in Windows Security.
- Apple Support.“Protect your Mac from malware.”Overview of macOS protections and settings that reduce malware risk on Mac.