If you want to be absolutely sure, then a Windows 10 reset via the restore options or an OS re-install from scratch.

If that's not an option, the Malwarebytes and Spybot Search and Destroy scan. You don't need to leave both installed, but scanning with more than just Malwarebytes potentially could catch something one on its own wouldn't. You can leave Malwarebytes on there should you need it again.

Other things might be worth doing is installing ad block on the browser, it blocks some sites than can inadvertently allow malware via third party delivery in ads.

Other than that, advice to give would be, be very careful clicking on links in unsolicited emails - or check very carefully before you do, make sure it doesn't have some wierd country code - if you get an email that looks legit like from your bank, rather than click on the link, type the URL into the browser yourself and login directly. And don't install stuff if you're not sure of its validity - always use the custom installer option if you are installing stuff and untick all the third party offers that get bundled in with them on "free" software (these sometime bundle in ad-banner plugins if you're not careful).

There are other things you can do like run browsers sandboxed, but you're starting to get into more advanced areas of security - sandboxed software can be a useful tool, but for general PC use you shouldn't need it if you're not installing software from dodgy warez sites.

Installing Chrome plug-ins like AdBlock Plus (or similar) or NoScript (if your father is willing/able to configure it) will help a lot. If he doesn't need to install stuff, running a non-admin user should add another layer of security.

I hesitate to recommend NoScript for casuals as it can cause problems with a lot of sites - I run it myself (along with adBlock and PiHole on an RPi as a DNS sinkhole) but sometime it means I have to run up a different browser or disable NoScript for some sites.

If your Dad is more of a power user Wakka, it's worth him giving it a go and seeing how he gets on with it.

Thanks for the guidance guys.

My Dad is far from a power user! I actually had it in my head I needed a Remote Desktop solution to help him with these kinds of questions (I used to run Apple Remote Desktop many years ago to control a headless Mac Mini for various geekery), and then the thread on here popped up about that very topic and today I grabbed TeamViewer. It’s made sorting this stuff out for him a billion times easier.

I’m going to remote into his machine and run MalwareBytes and Spybot just to be on the safe side. I’ll also install an Adblock extension on his Chrome and show him how to pause it for sites that gripe about it (I run one on all my computers and phones but he def isn’t using one).

I’ll steer clear of NoScript as that sounds a bit complex and might make things tricky, as it’s not something I’m personally familiar with. Sounds worth looking into for the future though.

I may very well do a total system restore, that’s a good suggestion, but I’ll need to be there in person to do that of course - so unfortunately it’ll have to wait as he’s in Devon and I’m in London. In the meantime I’m going to follow you guys guidance and that should hopefully make him as safe as possible.

One question - and it’s probably a case of ‘can’t say without seeing it’ - but do you think the malware was removed when I uninstalled Chrome? Seems it must have been as Norton then didn’t turn anything up.

Thanks again guys.

It's possible, it all depends on what it was. If you only ever saw it inside the browser, it was likely just an adware browser plug-in - if it was outside of the browser environment, then uninstalling Chrome would be unlikely to remove it. There is some isolation built into a browser's security model, so in a lot of cases you'd have to have granted something elevated privileges, but these things can still have 0-day security holes.

However, there are so many different types of malware it's difficult to say for sure - one thing I forgot to say is just make sure those updates are getting installed. It's near impossible to turn them off on Windows 10 now, but keeping on top of updates is worthwhile for apps and OS.

Thanks. Good point - I will make sure his machine is up to date too.

Interesting regarding Chrome. It only kicked off when it was open, but then seemed to stay running once Chrome was shut. I’m a bit of a dunce when it comes to Windows as I’ve used Macs for so many years now, so I’m fumbling about a bit.

Will see what the result of MalwareBytes and Spybot are next.

When you shut Chrome it doesn't always clear all the processes it starts up - if you looked in task manager there was probably still a rogue process running in the background belonging to Chrome.

I'd download 'Malwarebytes' and do a scan. Make sure to turn 'rootkit' scanning on in the options. Then you can uninstall once you're finished.