(In) Famous last words) ….

I just use a filter on my emails which I only accept in text format (never html!). MailWasher Pro is my favourite for Windows as you can just tell it to delete all non-english font emails, or those originating outside a few selected countries. It may not help you now but mail filters is the way to go.

Others will tell you to use Google as that too has a filtering system. I personally trust Google only a shade more than I trust Facebook, but Android has me by the purse-strings so I do have a gmail junk mail account for use with companies that insist on having an email address

You have learned your lesson on clicking random buttons so I will not add to your woes..

I find that Hotmail/Outlook actually “learns” faster than Gmail. Very few scams and unwanted emails get into my Outlook now, and those are sent straight to Junk by Outlook itself. Gmail is a different story: I am still getting Scandinavian “Ladies” (and occasional Gents!) offering me services (?) that I do not understand because I don’t speak or read Scandihoovian. I am gradually reducing those by blocking, but it takes gmail longer than Outlook.

Hitman Pro is good, Dwynne.

http://tinyurl.com/hely8xq

There is a reason why HPro has to be paid for Dwynne: it is the best I have used for removing nasties.

I keep it running on SWMBO’s lappy, because granddaughters use that. The 12 yo is savvy and does not go on anything potentially suspect, but the 21 yo has no idea about security. Her 19 yo brother checks her lappy regularly and sweeps it clean, when she’s out. If she ever finds out, he’s in trouble, though. His point is that nothing nasty should be allowed on the network. Once she moves out and lives with her BF, that old HP Dv7 Pavilion is in danger.

dwynnehugh wrote:

Well MSE just ended – all clean. Thanks for the suggestions as to free cleaners – will give them a go. Just as a matter of interest – Hitman Pro – can this be loaded onto a USB stick and used as and when trouble brews or has it got to be downloaded onto a PC?

Yes Dwynne: I keep it with Kaspersky KVRT.exe, Adware Cleaner and Malwarebytes on a stick, updating them all regularly. Has saved myself, family and friends a few times.

dwynnehugh wrote:

I can access all parts of the PC – so in that even would it be a wise or unwise decision to copy off the files the owner really would like to keep?

Copy them onto a blank USB drive, then reboot the computer from a live CD. Install and update an antivirus, and scan the files.

Maybe set up a throwaway Google account and upload the files to Drive (depending on the size). Google scans them before you download them, and I imagine they won’t let a nasty slip through. Have a look at the Security section here:

https://support.google.com/a/answer/172541?hl=en

Ed, it is possible that the HD could contain some self replicating code that might try to spread onto a drive in a connected PC. Would it be best to ensure that at the very least it was connected to a non Windows machine to scan or copy the files. A read around the subject suggests that if it really is a root kit infection then it would likely be a far better use of your time to thoroughly wipe the drive and start again. If you first salvage any wanted files they would need to be very thoroughly inspected for hidden nasties. Care would need to be taken over how any files were copied and the use of a non windows OS, such as a live CD/DVD might be wise.

If you do restore the machine, make an image of the drive so that in future restoration is made a little easier.

Some went as far as to suggest removing the HD and replacing it as the risk of not removing the rubbish is too great compared with the ongoing costs of repeating the exercise.

That should bee good news, until the user gets hold of it once more.

Yes Ed, code is a bit like a brick of explosive, without something to initiate action it can just sit there as a logical brick. It needs some form of initiator just as explosive needs its primer and/or detonator, though some may self initiate and detonate themselves through shock. I have connected dodgy boot drives from one computer to a host in the past with interesting and in fact beneficial automatic effects. The host OS examined the guest drive and promptly announced that there were errors it would fix. The previously non booting drive was repaired all quite autonomously.

In this case Malwarebytes had found nothing more it did not like, so the PUP issue should be removed, though one can still wonder though finally the machine at issue has finally been declared safe and stable. The user was clearly guilty of unwise use on a premeditated basis.