Popups, ransomware, slow computer? I'll clean it up and get you protected. Evenings and weekends.
Viruses and malware are more common than most people think. You don't have to visit dodgy websites to pick something up — it can happen through email attachments, fake software updates, or even legitimate-looking ads on normal websites.
I don't just run a quick scan and call it done. I manually check for rootkits, persistent threats, browser hijackers, and anything else that automated tools might miss. If your computer has been compromised, I'll find it and remove it completely.
Once everything's clean, I set up proper protection so it doesn't happen again — a decent antivirus, browser security settings, and some practical advice on what to watch out for. Prevention is always better than cure.
I've been cleaning up infected computers since 2008, and I work evenings and weekends from my home in Laffak, St Helens. No shop prices, just a fair price for a thorough job.
Random popups appearing on your desktop or in your browser, even when you're not doing anything? That's a classic sign of adware or malware.
Malware often runs in the background, hogging your CPU and memory. If your computer suddenly became sluggish, something might be running that shouldn't be.
Software launching without you clicking it, or your mouse moving on its own? This could indicate remote access malware — get help immediately.
Searching Google but ending up on strange websites? Your browser has likely been hijacked by malware that redirects your searches.
Can't open your files? Seeing a message demanding payment? This is ransomware. Don't pay — contact me first, there may be options.
Scary-looking warnings telling you to call a number or download software? These are scams designed to trick you into paying or installing more malware.
Most people still picture a "virus" as some kid in a hoodie writing code to crash your computer for fun. That's not really what's out there anymore. Modern malware is a business, and the people behind it want one of two things — your money or your data, ideally both.
Info-stealers are probably the most common thing I see now. They sit quietly in the background and harvest saved browser passwords, banking logins, autofill details, even crypto wallet keys. You won't notice them — that's the whole point. The first sign is usually your bank ringing about a transaction you didn't make, or someone logging into your email from another country.
Then there's adware and browser hijackers. Technically not illegal in a lot of cases, which is why they slip past some scanners. They redirect your searches, inject ads into pages that didn't have them, and change your homepage back every time you fix it. Annoying rather than dangerous, but they bog the machine down and they're a pig to remove properly.
The big one for older users round St Helens is the tech support scam. Fake "Microsoft" popups telling you your PC is infected and to ring an 0800 number, or cold calls from someone claiming to be from BT or Microsoft. They talk you into giving them remote access, then either install real malware, charge a few hundred quid for a "fix", or empty your bank account directly. It happens far more than you'd think.
And ransomware — that's the one that encrypts every file on the machine and demands payment in Bitcoin to get them back. It's a horrible thing to deal with and I'll come back to that further down.
The reason a quick scan often isn't enough: automated tools are good at catching known threats, but they miss novel infections, rootkits that hide from the operating system, and the leftover bits and pieces from a removal that wasn't done properly. That's why I do it manually.
When a machine comes in, the first thing I do is get it into a controlled environment — usually safe mode with networking, or booted from a separate offline rescue drive if the infection is fighting back. That stops most malware from running while I work on it.
From there it's a layered scan, not a single tool. I'll typically run Malwarebytes for general detections, plus a dedicated rootkit scanner, plus a manual sweep through the places malware actually hides — Windows startup entries, scheduled tasks, services, browser extensions, the hosts file, registry run keys, and any recently created files in temp folders or AppData. A surprising amount of nasty stuff lives in those last two and never gets touched by a basic scan.
Once it's clean, I set up protection properly. For most home users that means Windows Defender configured the way it should be (most people don't realise it's actually decent now), Malwarebytes Free for on-demand scanning, and a couple of sensible browser tweaks — ad blocker, popup blocker, no shady extensions. You don't need a paid antivirus subscription for normal home use, and I'll tell you that honestly rather than try to sell you one.
Last step is checking what may have leaked. If it was an info-stealer, I'll go through saved browser passwords with you and flag the ones you need to change first — banking, email, anything with a card stored. Better to know now than find out the hard way.
One thing that's a bit different about virus jobs compared to hardware repairs — a lot of them I can do remotely, without ever needing to pick the machine up. If your computer still boots and gets online, I can connect securely (using a proper remote tool, not anything dodgy), take a look, and clean it up while you put the kettle on. For a lot of adware, browser hijackers and tech support scam aftermath, that's the quickest way to sort it.
If the infection is bad enough that the machine won't boot properly, or it's ransomware, or you'd just rather hand it over and not worry about it — drop-off at my place in Laffak works fine, or I can come and collect.
I cover all of St Helens and the surrounding villages — Haydock, Newton-le-Willows, Billinge, Rainhill, Eccleston, Prescot, Rainford, Sutton, Thatto Heath, Clock Face, Parr, Moss Bank, Garswood. If you're not sure whether you're in range, just ask. I'm happy to drive a reasonable distance for a callout, and remote help works wherever you are anyway.
Evenings and weekends are when I'm available, which suits most people better than taking a day off work to wait in for an engineer.
In the vast majority of cases, no. A normal malware cleanup doesn't touch your documents, photos, or anything in your user folders — I'm removing the malicious files, not your data. The exception is ransomware, where the files have already been encrypted by the infection itself before I get involved. Even then, your data is still on the drive — the question is whether it can be decrypted, which I'll cover below. Either way, if anything important is at risk I'll tell you before I start, and if you've got a backup we'll make sure it's intact first.
For most home users, yes. Windows Defender (which is built into Windows 10 and 11) is genuinely decent these days when it's set up properly, and pairing it with the free version of Malwarebytes for occasional on-demand scans covers nearly everything. The paid suites from Norton, McAfee and the rest aren't really buying you more protection — they're buying you a subscription, a load of bundled extras you won't use, and renewal reminders for the next ten years. I'll set you up with something that works and doesn't cost you anything ongoing.
Honest answer: usually no, and the official advice from the National Cyber Security Centre is the same. Paying funds the criminals, marks you as a willing target for next time, and doesn't always work — plenty of people have paid and got nothing back. Before you even consider it, bring the machine to me. For some ransomware strains there are free decryption tools available (the No More Ransom project keeps a list), and sometimes the infection didn't finish encrypting everything. If there's no decryptor and no backup, I'll be straight with you about what your options actually are rather than pretend otherwise.
Fair question, because plenty of "cleanups" leave bits behind. After I've finished I'll run a final scan with a different tool to the one I cleaned with — second opinion, basically — and check the same hiding spots all over again to make sure nothing came back. I'll also leave you with a baseline of what's running on the machine, so if something odd shows up later it's easier to spot. If anything reappears within a couple of weeks I'll come back and sort it without charging again.
Don't beat yourself up, it happens to a lot of people and the scammers are very good at sounding convincing. Step one: if you let them connect to your computer, assume the machine is compromised — disconnect it from the internet and ring me. Step two: if you gave them card or bank details, ring your bank straight away (there's usually a fraud line on the back of the card) and they can block the card and reverse pending transactions. Step three: change your important passwords from a different device — email first, then banking, then anything else with payment info saved. I can help you work through the whole thing if you're not sure where to start, and I'll check the machine over to make sure they didn't leave anything installed.
Don't panic. Drop me a WhatsApp or give me a call and I'll talk you through what to do next.