04-15-2015, 12:26 AM
https://speccy.piriform.com/results/MczCtLpda7AUllWI2VSMpNc
My daughter wanted some freeware called PaintTool Sai. I researched it, seemed legit, and gave her permission to DL it. This is the website; https://painttool-sai.en.softonic.com/
I run comodo and I installed it and gave it permission.
Next I saw a video downloader tool on the desktop and also some kind of speedier PC icon. I deleted those two icons from the desktop and there was still a loading icon going;
and then it installed the Painttool sai.
Next thing I noticed on firefox my browser had been changed to http://www.webswitch.tk
Also on my desktop it is asking if I wanted to download a software update
I have random tabs popping up asking to help
It is looking fishy from the processes
I killed the only odd process I see under explorer.exe, and the grey processes won't let me cease those through comodo killswitch.
It is even happening right now, another tab opened.
I used advanced uninstaller to remove the programs and remove the traces, but to no avail.
I ran Comodo and it removed some items but nothing. I ran malwarebytes and it removed some items but no change.
I tried booting to safe mode and it stalls on the pulg n play monitor driver.
So then I used Comodo's rescue disk and it removed some items (HEUR.packed, bassmod) but still no change.
Any help would be appreciated!
Thanks,
Chris
My daughter wanted some freeware called PaintTool Sai. I researched it, seemed legit, and gave her permission to DL it. This is the website; https://painttool-sai.en.softonic.com/
I run comodo and I installed it and gave it permission.
Next I saw a video downloader tool on the desktop and also some kind of speedier PC icon. I deleted those two icons from the desktop and there was still a loading icon going;
and then it installed the Painttool sai.
Next thing I noticed on firefox my browser had been changed to http://www.webswitch.tk
Also on my desktop it is asking if I wanted to download a software update
I have random tabs popping up asking to help
It is looking fishy from the processes
I killed the only odd process I see under explorer.exe, and the grey processes won't let me cease those through comodo killswitch.
It is even happening right now, another tab opened.
I used advanced uninstaller to remove the programs and remove the traces, but to no avail.
I ran Comodo and it removed some items but nothing. I ran malwarebytes and it removed some items but no change.
I tried booting to safe mode and it stalls on the pulg n play monitor driver.
So then I used Comodo's rescue disk and it removed some items (HEUR.packed, bassmod) but still no change.
Any help would be appreciated!
Thanks,
Chris