Skip to main content

Virus removal

Virus removal

All viruses


There are several telltale signs that your computer may be infected with a virus:

  • Reduced performance
  • Unexpected advertising popups
  • Changes to your web browser home page and / or default search engine

Infection and avoidance

One of the first questions people with infected computers tend to ask, apart from "How do we remove the virus?", is "How did my computer become infected?". Two of the most common mechanisms used to infect systems are rogue email and web pages.

Any email you receive should be treated with scepticism; even messages apparently from family, friends, or other trusted sources - such as your bank or a supplier (e.g. Amazon) - may not be what they appear to be. Any message containing an attachment or a link to a web page is a potential threat; unfortunately many such messages escape detection by anti-virus tools. In the case of web links in messages it is often possible to hover your mouse pointer over a link without clicking on it, in order to view the actual link address, rather than the one displayed in the message; your email software should be able to display the true link in a small popup or on its status line, allowing you to check if it links to a rogue address.

Many rogue websites masquerade as legitimate pages, often ranking high with search engines; you should be as wary of search engine results as you should of apparently trustworthy email messages. If your web browser displays a suspect web page you may not be able to navigate away from it if it is locked by a popup; in such circumstances it is safer to close your web browser, by force if necessary.

Be suspicious of any 'free' utilities, particularly from pirate download sites. Many such sites require you to install a downloader app, allegedly to manage your downloads efficiently. A downloader from a rogue site, whilst controlling your download as expected, may contain a malware payload.

Most computer operating systems employ mechanisms to prevent the execution of unauthorised programs; usually these require you to respond to a system warning message, which asks for your authorisation to continue, possibly requiring the system password. Malware installers often masquerade as legitimate applications in order to persuade you to click on the button which authorises the installation; once you have done this the malware obtains the authorisation required to install itself, often bypassing antivirus detection in the process. Don't authorise the installation of any software on your computer unless you are absolutely certain it comes from a trusted source and poses no threat.


What is adware?

Adware is a common type of malware, which most of us have experienced. In many cases adware will simply produce annoying popup adverts and do little harm to your computer's system. However, more malicious types of adware can compromise your computer's security. Also adware is sometimes installed by more malicious types of virus so what may appear to be a minor irritation (e.g. popups) could be an indication of a more serious underlying infection.

How do I know if my computer has an adware infection?

One of the first indications of an adware or similar malware infection may be the replacement of your chosen web browser home page with a new search engine page; usually this is accompanied by a change in your browser's default search provider. This 'browser hijack' technique can be used to intercept your web browsing, harvest your web browsing data and redirect you to rogue websites. As mentioned previously another common symptom of an adware infection is the appearance of advertising popups. If you think your computer may be infected with adware contact us now.


What is ransomware?

Typically ransomware compromises all your computer files by encrypting them. The encryption process is likely to affect all files on your main system drive, plus any attached storage devices. The level of encryption renders all key data files, including documents, photographs etc, unreadable. The only way to recover your data is by removing the ransomware infection and restoring your data from a backup, or paying the ransom to obtain the decryption key; if you don't carry out one of these actions before a deadline the encryption becomes permanent and irreversible.

How do I know if my computer has a ransomware infection?

Unlike other malware infections, rather than evading detection ransomware announces its presence, usually by taking over your computer and displaying a message; this will include instructions on how to pay the ransom and obtain the decryption key, plus the deadline for completing this. If your computer is infected with ransomware contact us now.


What is a rootkit?

Rootkits and bootkits were developed to replace the older boot sector viruses. They infect the master boot record (MBR) of a hard disk, SSD, or other bootable device.

How do I know if my computer has a boot sector infection?

As a rootkit loads before any other system software, including the operating system itself, it can operate without detection. The only indication of an infection may be symptoms caused by other malware loaded by the rootkit (see All viruses). Kaspersky Labs developed a speialised tool, TDSSKiller, for detecting and removing rootkits; this should only be used under expert guidance however. If you think your computer may have a rootkit infection contact us now.


What is spyware?

As its name implies, spyware monitors what you do with your computer. This can range from tracking which websites you visit in order to target advertising, to stealing your login details for on-line shopping, banking etc.

How do I know if my computer has a spyware infection?

Spyware is designed to run undetected so it's unlikely you'll know if your computer is infected. If not picked up by an anti-virus scan one of the few ways of recognising a spyware infection is a reduction in computer performance as the spyware tracks your activities and reports them to its remote controller. If you think your computer may be infected with spyware contact us now.


What is a Trojan?

Trojans, or 'Trojan horse' viruses, like their namesake, often install themselves on a host system without detection. Once installed a Trojan may become active immediately or remain dormant until activated remotely. Trojans can be used to perform many different malicious tasks, often without you even knowing:

  • Installing a 'back door' on your computer - this allows the Trojan to be accessed by a remote system without you knowing. The back door can be used to reprogram the Trojan malware to perform any task.
  • Spying on you as you use your computer (see spyware).
  • Turning your computer into a 'zombie', allowing it to be accessed by a remote 'command and control' system. A large group of zombie systems can be turned into a 'botnet'; botnets are used to launch virtually untraceable concerted attacks, typically on large corporate systems.

How do I know if my computer has a Trojan infection?

This type of virus can be difficult to detect as an infected computer may not display any symptoms. Trojans are often detected when an antivirus scan runs, sometimes during a procedure to remove a different type of virus. If you think your computer may be infected with a Trojan contact us now.