welcome to windowsforum,
gengarus • left-click … clicking left-button on mouse.
• right-click … clicking right-button on mouse.
• save images incrementally and with unique names … avoid overwriting images.
• taking screen-cap? refer to bottom of this post.
• think like a hack … place yourself in that point of perspective.
• at every step of the way … take notes by typing into notepad … always saving the text-document with "unix" accessibility …
… for instance, the
path to a certain program on your computer … a web-site address … the install-date of a program … an error# window popping into view … etc. also, follow through by taking screen-caps.
things are not always as they seem. in other words, just because it appears the program's name is
"tradeoff" … it could masquerade by utilizing certain unix-codes for alpha-characters. that's why it is important to copy/paste things like program paths and other interests.
let's start from the top,
gengarus …
why you used cell-phone to take pic? why you did not use windows screen-cap utility? computers are not toys … they also are not babysitters. if you give your child a computer … it is
your sole responsibility to lock down the computer … so
nothing can install. period.
now … access the child's computer. take screen-cap of that "tradeoff" window you claim pops into view … immediately, "paste" the screen-cap into windows-paint utility … save the image in a folder on desktop … label the folder "working" … close the image.
open windows task-manager … left-click tab "details" … scroll down until you can see "tradeoff" … take screen-cap of the window … "paste" the image into windows-paint utility … save it in your "working" folder on desktop. now, right-click one time on "tradeoff" program … choose "search online" … bookmark the page that is displayed. this bookmark should reside in a unique space easily accessible to yourself.
still in task-manager … left-click tab "services" … at bottom of window, left-click "extended". now, scroll down until you can see "tradeoff" … left-click one time on "tradeoff" service … take screen-cap of the window … "paste" the image into windows-paint utility … save it in your "working" folder on desktop. now, right-click one time on "tradeoff" program … choose "search online" … bookmark the page that is displayed.
with "tradeoff-services" still displayed in task-manager … right-click and take screen-cap of the window
("general-tab" is default) … "paste" the image into windows-paint utility … save it in your "working" folder on desktop.
still under general-tab … "path to executable" … right-click and "select all" and choose "copy". "paste" this alphameric string into your text-document. save text-document into your "working" folder on desktop.
windows "start" button … locate/select "control-panel" … locate/select "programs/features" … scroll down until you can see "tradeoff" … left-click one time on "tradeoff" program … take screen-cap of the window … "paste" the image into windows-paint utility … save it in your "working" folder on desktop.
still in that window … check when the "install" date was … type this into your notepad/text-document … remember to save the revised text.
check windows-10 for system-restore points … how many exist? are there any restore-points prior to tradeoff install-date? you might consider restoring back to that time.
you have everything in front of you,
gengarus:
research on the internet what the program does.
is it malicious?
how to uninstall it safely.
how to take back control of the computer.
last of all … search how to lock the computer down from your child's wandering fingertips.
safe to say … we all were children at one time.
when your child downloaded that wallpaper on the desktop … a program could easily have
piggy-backed within the data-packet … nobody would ever know.
when time comes for you to ask for assistance in getting rid of an infection … you have all your notes typed into notepad, as well as screen-caps … you can open your topic and portray everything you have done yourself.
additionally,
gengarus … you may also consider using a program called "process-explorer". hupp! don't even think of downloading it from download.cnet.com or other web-sites … go straight to the development source:
p.s. remember … screen-cap resides in *.clp file
(temporary swap-file) … meaning it's overwritten by next "copy" progression. so, if you took screen-cap of one window … it's sitting in that swap-file. if you highlight / copy some text … the image has been replaced by the text you just copied. so … at all times … if you "copy" … immediately "paste" … thanks.
p.p.s. be cautious when uploading/sharing images that may reveal personal info,
gengarus. i.e. programs installed … os-license-#'s … usernames/passwords … ip-address … serial# … anything identifiable to a potential hacker. once the image has been uploaded … it becomes public property. so "black out" any such info as you deem necessary.
p.p.p.s. when comes time to ask for additional assistance … the
dick tracy's of the world need certain information to aid in their prognosis:
win-os / version
computer model/maker
av / malware sentries
taking screen-cap: