Deisel Weisel

What I did, was what a lot of people will do: 1. Google ‘paint.net’ and www.paint.net/ comes top of the Google results. 2. Top r/h corner of paint.net is a banner to download, so click on that. 3. Takes you to here: http://www.getpaint.net/ where you d/l and get infected. The first URL is the exact same name as your product. This very forum appears to be a subdomain of http://www.getpaint.net/, which is hosting the infected copy. So what’s going on here? You appear to be directly associated with this trojan type download. Thanks for the advice about ‘Restore Points’ but I don’t see why I should be trusting you any further, to d/l it elsewhere, unless you’ve got a very good explanation for all of this.

Downloaded from here on Sunday: http://www.getpaint.net/ During the installation process it became obvious that it wasn’t only paint.net being installed, so I stopped the instalation. Opened up Chrome again, to find my home page, and chosen search engine, had been swapped. Changed those back, only to find other suspicious looking stuff when I looked in the downloads folder from that download. I’ve uninstalled those, but I’m left with this one problem: certain words on web pages are double under lined (hyperlinked?) and if you click on them the page goes momentarily to cxpfy.com and then mostly onto MonsterMarketplace and other places. Anyone know how to get rid of this? I’ve asked on a malware/spyware help forum, but so far no one has offered a solution. I have run Malwarebytes and have AVG 2012 installed, but neither helped.