I get variations of this question often. Someone has correctly determined their computer has some kind of malware, either by symptoms or some other means, but the anti-malware program they’re running fails to detect it — or perhaps detects it, but fails to repair it.
It’s a race, folks, and sometimes your security software isn’t in the lead.
Become a Patron of Ask Leo! and go ad-free!
New malware is discovered every single day.
As a result, anti-malware programs are constantly racing to update the list of malware that they know to look for. Each time new malware is found, they update their information. These updates are called “signatures” or “definition databases”, and must be downloaded by users of their software each time they are released.
That’s why I, and many others, constantly harp on the importance of running up-to-date security software. That means both the latest version of the software itself, as well as its definitions database. You need to update regularly to stay up to date and protected against all the new malware found every day.
How often is “regularly “?
Every day at a minimum. Many security programs now check for updates multiple times a day, because so much can happen in just a few hours.
It doesn’t have to be a burden. In fact, all you need do is configure your security software to automatically check for new definitions. Conveniently, that’s typically the default configuration. It just happens; you rarely have to think about it.
Why malware can still slip through
Unfortunately, no security program is perfect. In fact, it’s not uncommon for one to catch malware that another misses.
It would be nice if it weren’t that way. It would be nice if we could all agree on one security solution that is 100% perfect and provides 100% coverage — but that isn’t going to happen. Malware is too complex, and malware authors are too crafty.
That’s why, when you know you have malware and your (up-to-date!) security software doesn’t catch it, I recommend running an additional scan using a different security solution from a different vendor.
This doesn’t mean you’re running two security solutions at the same time. Running what’s called “real time” scanning from more than one vendor at the same time can cause its own set of problems. Instead, I’m recommending running a single scan using another product.
Occasionally, malware will be detected but cannot be removed. The first thing to try, again, is another security program. However, sometimes there are technical reasons why removing malware may take additional work. In such cases, you may need to visit the website of your security software vendor and search for specific instructions, or occasionally a downloadable tool, to remove specific malware.
In the absolute worst case, malware will be unable to be removed cleanly. In cases like this, the only safe solution is to revert to a backup image taken of your computer prior to it being infected, or to back up your data and reinstall Windows and your applications from scratch.
Be sure to learn
Whenever your machine gets a malware infection, it’s important not only to clean it up so as to be able to proceed safely, but also to learn from the experience.
How did you get the malware? What were you doing? What sites were you visiting or what software did you install?
As important as removing malware is learning how to avoid becoming infected again.
If you found this article helpful, I'm sure you'll also love Confident Computing! My weekly email newsletter is full of articles that help you solve problems, stay safe, and give you more confidence with technology. Subscribe now and I'll see you there soon,