PCInfo Guide: How to Check Hardware, Drivers, and Performance

PCInfo Security: Detecting Malware, Vulnerabilities, and Safe Settings

Keeping your PC secure means combining good tools, regular checks, and safe habits. This guide walks through practical steps to detect malware, find vulnerabilities, and apply safe settings using PCInfo-style diagnostics and common utilities.

1. Quick risk assessment

• Scan status: Run a full antivirus and antimalware scan (Windows Security, Malwarebytes).
• Update status: Ensure OS, drivers, and installed apps are up to date.
• Exposure points: Check open network ports, enabled remote access, and startup programs.

2. Detecting malware

• Use multiple scanners: Run Windows Defender Offline scan, then scan with a second opinion tool (Malwarebytes or ESET Online Scanner).
• Check unusual processes:
  • Open Task Manager (Ctrl+Shift+Esc) → More details → Processes.
  • Look for unknown/CPU-heavy processes. Google exact process names before ending.
• Examine startup items:
  • Windows: Task Manager → Startup or msconfig to find suspicious autostart entries.
  • Disable nonessential items and note their publisher.
• Inspect scheduled tasks: Task Scheduler → Task Scheduler Library. Remove unknown or recently added tasks.
• Network activity monitoring:
  • Use Resource Monitor or netstat -ano to list active connections and associated PIDs.
  • Command: netstat -bano (run as admin) to correlate executables with network endpoints.
• Browser checks: Reset browsers, remove unknown extensions, check proxy settings (Settings → Network & Internet → Proxy).
• File integrity and signature checks: Right-click suspicious EXE → Properties → Digital Signatures. Untrusted/missing signatures are red flags.
• Boot-time/rootkit detection: Use offline rescue media from a reputable vendor (Kaspersky Rescue Disk, Bitdefender Rescue) to scan before the OS loads.

3. Finding vulnerabilities

• Patch management:
  • Windows Update: Install all important/security updates.
  • Update major apps (browsers, Java, Adobe, Office) — use vendor auto-updaters.
• Driver and firmware updates: Use Device Manager or vendor tools to update critical drivers and BIOS/UEFI firmware.
• Open ports and services:
  • Check with netstat -an and firewall inbound rules. Disable unnecessary services (e.g., SMBv1, Telnet).
• User account configuration:
  • Ensure users run non-admin accounts for daily tasks.
  • Disable or rename the built-in Administrator account; require strong passwords.
• Weak credential detection: Review saved credentials in Credential Manager and browser password managers; remove outdated or repeated passwords.
• Vulnerability scanners: Run a local scanner (Microsoft Baseline Security Analyzer or third-party tools like Nessus Home) to find missing patches and misconfigurations.
• Software inventory: List installed programs (Settings → Apps) and uninstall unused or EOL software.

4. Safe settings to apply

• Enable firewall: Use Windows Firewall with default deny inbound rules; create specific allow rules only as needed.
• Enable and configure antivirus: Real-time protection on; schedule regular full scans.
• Enable controlled folder access / Ransomware protections: Windows Security → Virus & threat protection → Manage ransomware protection.
• Use UAC (User Account Control): Keep at default or higher to prevent silent elevation.
• Secure remote access: Disable Remote Desktop if unused. If needed, restrict by IP and use strong authentication + VPN.
• Enable BitLocker or full-disk encryption: Protect data at rest (Windows Pro/Enterprise) or use VeraCrypt for other editions.
• Browser hardening: Use hardened settings, enable click-to-play for plugins, block third-party cookies, and use extensions that enhance privacy/security sparingly.
• Network segmentation: Put IoT devices on a guest network; keep critical PCs on a separate VLAN