SHOP PRODUCTS
Houzz Logo Print
lbpod_gw

Power Point Slide . . . Save?

lbpod
12 years ago

Good Morning,

Is it possible to save an individual slide off of a

Power Point presentation that I received as an

e-mail attachment? Thanks.

Comments (25)

  • mikie_gw
    12 years ago
    last modified: 9 years ago

    You might want to look at the link below.
    Its for a simple Screen Shot tool. Capture anypart of what you see on your monitor. Save it to file as a picture.

    Did you try right click, save picture ?

    Here is a link that might be useful: http://lightshot.skillbrains.com/

  • grandms
    12 years ago
    last modified: 9 years ago

    Mikie, this was a Russian site, and after I installed, it literally took over my Chrome browser. I used Revo to uninstall, and my Chrome still opened to this page. Had to restore my home page before Chrome would work properly. Thanks, but no thanks.

  • Related Discussions

    Power Point for Windows 7

    Q

    Comments (10)
    Good post Bob. Mine is nothing like that- but I wish it was! The pps come as attachments to email, Windows Live Mail -I hate it. Right click on attachment pps: Mine opens little window/box in center of screen. Top left says "mail attachment" Top right has red "X". "Do you want to open this file?" "Name: Beautiful pictures.pps" "Type: Microsoft PowerPoint Slide Show" Then offers choice of "Open or "Cancel" Selecting "Open" brings message: Big Red X "This file does not have a program associated with it for performing this action. Please install a program or, if one is already installed, create an association in the Default Programs control panel". I do have Windows PowerPoint viewer installed- and have booted several times since then. It is in my programs list.
    ...See More

    want to watch MS PowerPoint slide on tv

    Q

    Comments (42)
    of course, there are many ways to burn PowerPoint to DVD for viewing it on TV: http://www.acoolsoft.com/knowledges/methods-to-burn-powerpoint-to-dvd.html You can compare the cons and pros of these ways and then choose the best way for you. For my part, the direct way to burn PowerPoint to dvd with Acoolsoft PPT to DVD Pro will be the most proper way if you want to make a professional DVD with DVD menu. Here is a link that might be useful: Acoolsoft PPT to DVD
    ...See More

    Power Point and OpenOffice Impress

    Q

    Comments (3)
    I don't know if it will address your problem but I can say I use OO OpenOffice.org Draw-PPT, not "Impress". It is in the free package.
    ...See More

    Need Help with Power Point

    Q

    Comments (4)
    Thanks so much for the help. I'm a real dummy at this. judys ont, when I went there, it was all grayed out and I couldn't do anything. That led me to believe I was missing something some place. I, then, kept experimenting and finally found the problem. I had neglected to go to " slide transitions" and do the settings there. Everything is fine now and I'm so pleased. Thanks to for your offer ,jodi. I really appreciate it. Maybe next time, I will remember, or maybe I should pactice more - or probably both. ivamae
    ...See More
  • owbist
    12 years ago
    last modified: 9 years ago

    Hmm, if Mikie's link is problematic then just use the PRN SCRN or Print Screen button located to the right of your F12 button on a QWERTY keyboard.

    Then us Paint - or something better if you have it - to edit out the part you do not need.

    No extra program needed.

  • bob414
    12 years ago
    last modified: 9 years ago

    If this is a one time thing it may be too much but PicPick is a screen capture tool that I use a lot. I looked for one for quite a while after I couldn't use Prinkey2000 anymore - it won't work with newer versions of windows and they removed it from all the download sites. You can download PicPick from the link above if interested. Or you can read about it and download it from download.com at PicPick.

  • mikie_gw
    12 years ago
    last modified: 9 years ago

    grandms;
    "it literally took over my Chrome browser"

    sorry... its not a flaky thing usually. Seems respected.

    I've used for quite some time no issues & its passed many many SAS & MSE full scans & lots of others too that come & go here.
    Google/Opera/etc offers it as plugins too
    Cnet/snapfiles/ all the regulare download sites have it.

    seems ok.. dont know why it got you.

  • grandms
    12 years ago
    last modified: 9 years ago

    It keeps making itself my home page even though I reset that to ths.gardenweb.com. It even changed my search choice from Google to a Russian one.

  • grandms
    12 years ago
    last modified: 9 years ago

    It even added an extension in Russian to the ones I have, so I managed to delete that. Now the test will be when I close the browser to see if it still opens to the Russian site.

  • grandms
    12 years ago
    last modified: 9 years ago

    Just hope no one else has been through what I have with the Russian website Yandex.ru taking over my browsers. Yes, it has extensions for IE, FF, as well as Chrome. What I really resent was that it highjacked my home pages and changed my default search. Even though I had immediately removed the Skillbrain download from my computer, I found it also embedded. The file Praetorian.exe seemed to be at the root of all this. Even with Win Patrol I could not kill its action, either in startup or as an active process. I think I have finally removed all traces of these from my computer. After running a full system virus check with Avast and doing the same with Malwarbytes, I did one last search, and there were two files in Windows Prefetch, one for Yandex and one for Pratorian. I deleted both of those, ran CC, including the registry cleaner, and hopefully I am clean. I still have doubts, however, because yesterday I used my computer several times, and it was not until 8:48PM that Yandex reared its ugly head again. If it does appear again, I guess I'll have to pay a visit to Lanzdown.

  • zep516
    12 years ago
    last modified: 9 years ago

    grandmas,
    Lets take a look now, then we can look and see and send you off to ldz if needed.

    DDS is a program that will scan your computer and create logs that can be used to display various startup, configuration, and file information from your computer.

    The program will also display information about the computer that will allow us to quickly ascertain whether or not malware may be running on your computer.

    To use DDS, simply download the executable and save it to your desktop or other location on your computer. You should then double-click on the DDS.scr icon to launch the program. DDS will then start to scan your computer and compile the information found into two log files. When DDS has finished it will launch the two Notepad windows that display the contents of these log files. The contents of these log files can then be attached to a reply.

    See link for download of DDS

    Here is a link that might be useful: DDS

  • grandms
    12 years ago
    last modified: 9 years ago

    I think all is okay now, but just to make sure, I'll do what you suggest.

  • grandms
    12 years ago
    last modified: 9 years ago

    .Avast did not want to let it run, but I finally got past that. I do believe I have every vestige of both praetorian.exe and Yandex.com off my computer. Whew! Google searches were quite inconclusive about whether this was a threat or not, but it surely wasn't something I enjoyed having. Uh, oh, I see something about a search engine on FF in Russian. Will go check that out.

    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
    Run by HP_Administrator at 16:01:25 on 2012-03-30
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3006.2420 [GMT -4:00]
    . AV: avast! Antivirus *Enabled/Updated* "7591DB91-41F0-48A3-B128-1A293FD8233D>
    FW: Privatefirewall *Enabled*
    . ============== Running Processes ===============
    . C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe
    C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe
    C:\Program Files\Privacyware\Privatefirewall 7.0\PFGUI.exe
    C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Secunia\PSI\psi_tray.exe
    svchost.exe
    C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Secunia\PSI\PSIA.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Secunia\PSI\sua.exe
    C:\WINDOWS\system32\rundll32.exe
    . ============== Pseudo HJT Report ===============
    . uStart Page = hxxp://abcnews.go.com
    uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    BHO: Shareaza Web Download Hook: "0eedb912-c5fa-486f-8334-57288578c627> - c:\program files\shareaza\RazaWebHook32.dll
    BHO: Do Not Track Plus: "6e45f3e8-2683-4824-a6be-08108022fb36> - c:\program files\donottrackplus\ScriptHost.dll
    BHO: Java(tm) Plug-In SSV Helper: "761497bb-d6f0-462c-b6eb-d4daf1d92d43> - c:\program files\java\jre6\bin\ssv.dll
    BHO: avast! WebRep: "8e5e2654-ad2d-48bf-ac2d-d17f00898d06> - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: "dbc80044-a445-435b-bc74-9c25c1c588a9> - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: "e7e6f031-17ce-4c07-bc86-eabfe594f69c> - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: HP view: "b2847e28-5d7d-4deb-8b67-05d28bcf79f5> - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
    TB: avast! WebRep: "8e5e2654-ad2d-48bf-ac2d-d17f00898d06> - c:\program files\avast software\avast\aswWebRepIE.dll
    TB: "2318C2B1-4965-11D4-9B18-009027A5CD4F> - No File
    TB: "91397D20-1446-11D4-8AF4-0040CA1127B6> - No File
    uRun: [Google Update] "c:\documents and settings\hp_administrator.desktop\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [DW7] "c:\program files\the weather channel\the weather channel app\TWCApp.exe"
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [EaseUs Watch] "c:\program files\easeus\todo backup\bin\EuWatch.exe"
    mRun: [EaseUs Tray] "c:\program files\easeus\todo backup\bin\TrayNotify.exe"
    mRun: [Privatefirewall] c:\program files\privacyware\privatefirewall 7.0\PFGUI.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
    IE: Download with &Shareaza - c:\program files\shareaza\RazaWebHook32.dll/3000
    IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
    IE: "E2D4D26B-0180-43a4-B05F-462D6D54C789> - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
    IE: "e2e2dd38-d088-4134-82b7-f2ba38496583> - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: "FB5F1910-F110-11d2-BB9E-00C04F795683> - c:\program files\messenger\msmsgs.exe
    DPF: "6E32070A-766D-4EE6-879C-DC1FA91D2FC3> - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1325110486953
    DPF: "8AD9C840-044E-11D1-B3E9-00805F499D93> - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: "CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA> - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: "CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA> - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: "CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA> - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\"A61EAB09-9A69-4329-B570-42C37AD13A84> : DhcpNameServer = 192.168.0.1
    Handler: belarc - "6318E0AB-2E93-11D1-B8ED-00608CC9A71F> - c:\program files\belarc\advisor\system\BAVoilaX.dll
    Handler: cetihpz - "CF184AD3-CDCB-4168-A3F7-8E447D129300> - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    . ================= FIREFOX ===================
    . FF - ProfilePath - c:\documents and settings\hp_administrator.desktop\application data\mozilla\firefox\profiles\lk87sgw5.default\
    FF - prefs.js: browser.search.selectedEngine - Яндекс
    FF - prefs.js: browser.startup.homepage - hxxp://z1.invisionfree.com/IBBS_ComputerHelp/index.php?
    FF - prefs.js: keyword.URL - hxxp://yandex.ru/yandsearch?stype=first&clid=1855511&text=
    FF - plugin: c:\documents and settings\hp_administrator.desktop\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
    . ============= SERVICES / DRIVERS ===============
    . R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-12-30 50312]
    R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2011-12-30 43784]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-28 612184]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-28 337880]
    R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-12-30 16008]
    R1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2011-12-30 185864]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-28 20696]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-28 44768]
    R2 EaseUS Agent;EaseUS Agent;c:\program files\easeus\todo backup\bin\Agent.exe [2012-2-1 61064]
    R2 Guard Agent;Guard Agent;c:\program files\easeus\todo backup\bin\GuardAgent.exe [2012-2-1 23176]
    R2 PFNet;Privacyware network service;c:\program files\privacyware\privatefirewall 7.0\pfsvc.exe [2012-3-23 374120]
    R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]
    R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
    R3 pwipf6;Privacyware Filter Driver;c:\windows\system32\drivers\pwipf6.sys [2012-3-24 132408]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 253600]
    S3 DigiartyVirtualCDBus;Digiarty Virtual Driver;c:\windows\system32\drivers\DigiartyVirtualCDBus.sys [2012-1-6 163616]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
    . =============== Created Last 30 ================
    . 2012-03-30 00:00:37 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-03-29 21:37:37 -------- d-----w- c:\program files\ESET
    2012-03-27 20:12:58 -------- d-----w- c:\documents and settings\all users\application data\Yandex
    2012-03-27 20:12:11 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Xpom
    2012-03-27 20:12:11 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Chromium
    2012-03-27 20:12:11 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Bromium
    2012-03-27 20:12:10 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Opera
    2012-03-27 20:11:54 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Temp
    2012-03-26 21:36:38 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Aiseesoft Studio
    2012-03-26 21:36:01 -------- d-----w- c:\program files\Aiseesoft Studio
    2012-03-26 21:36:01 -------- d-----w- c:\documents and settings\all users\application data\Aiseesoft Studio
    2012-03-25 20:01:59 -------- d-----w- c:\windows\system32\NtmsData
    2012-03-24 18:05:57 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Privatefirewall
    2012-03-24 18:04:07 132408 ----a-w- c:\windows\system32\drivers\pwipf6.sys
    2012-03-24 18:04:03 -------- d-----w- c:\program files\Privacyware
    2012-03-24 18:04:03 -------- d-----w- c:\documents and settings\all users\application data\Privacyware
    2012-03-22 20:05:37 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Shareaza
    2012-03-22 20:05:07 -------- d-----w- c:\documents and settings\hp_administrator.desktop\application data\Shareaza
    2012-03-22 20:05:04 -------- d-----w- c:\program files\Shareaza
    2012-03-22 02:09:18 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2012-03-22 02:09:17 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll
    2012-03-22 02:09:16 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
    2012-03-22 02:01:25 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Secunia PSI
    2012-03-22 02:00:54 -------- d-----w- c:\program files\Secunia
    2012-03-07 21:24:43 -------- d-----w- c:\program files\The Weather Channel
    2012-03-07 21:22:15 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\The Weather Channel
    2012-03-04 21:35:48 -------- dc-h--w- c:\documents and settings\all users\application data\"5BD198FE-6337-4D45-AAF8-F81D83B87D05>
    2012-03-04 21:35:44 6600192 ----a-w- c:\windows\system32\LicProtector310.exe
    2012-03-04 21:35:44 2323520 ----a-w- c:\windows\system32\gdpicturepro5.ocx
    2012-03-04 21:35:42 -------- d-----w- c:\program files\Free File Opener
    2012-03-04 21:35:42 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Free File Opener
    2012-03-04 21:35:42 -------- d-----w- c:\documents and settings\all users\application data\Free File Opener
    2012-03-04 21:35:41 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\PackageAware
    . ==================== Find3M ====================
    . 2012-03-30 00:03:15 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-03-26 16:38:13 163616 ----a-w- c:\windows\system32\drivers\DigiartyVirtualCDBus.sys
    2012-03-06 23:15:19 41184 ----a-w- c:\windows\avastSS.scr
    2012-03-06 23:03:51 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-02-17 02:40:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2012-02-17 02:40:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
    2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
    2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2009-10-10 01:44:03 4637952 ----a-w- c:\program files\common files\lpuninstall.exe
    . ============= FINISH: 16:05:17.99 ===============

  • zep516
    12 years ago
    last modified: 9 years ago

    2012-03-27 20:12:58 -------- d-----w- c:\documents and settings\all users\application data\Yandex

    FF - prefs.js: keyword.URL - hxxp://yandex.ru/yandsearch?stype=first&clid=1855511&text=

    FF - prefs.js: browser.search.selectedEngine - Яндекс

    That's what I see left over, there should have been another log report too. DDS creates 2 logs.

    Joe

  • grandms
    12 years ago
    last modified: 9 years ago

    Okay, there was a smaller log, too. I thought it was the same. I'll run again.

    2012-03-27 20:12:58 -------- d-----w- c:\documents and settings\all users\application data\Yandex - - - - - this was an empty folder.

    How do I find and delete the two entries under FF?

  • grandms
    12 years ago
    last modified: 9 years ago

    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
    Run by HP_Administrator at 21:01:08 on 2012-03-30
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3006.2072 [GMT -4:00]
    . AV: avast! Antivirus *Enabled/Updated* (7591DB91-41F0-48A3-B128-1A293FD8233D)
    FW: Privatefirewall *Enabled*
    . ============== Running Processes ===============
    . C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe
    C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe
    C:\Program Files\Privacyware\Privatefirewall 7.0\PFGUI.exe
    C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Secunia\PSI\psi_tray.exe
    svchost.exe
    C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Secunia\PSI\PSIA.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Secunia\PSI\sua.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\DoNotTrackPlus\PropertySync.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\HP_Administrator.DESKTOP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    . ============== Pseudo HJT Report ===============
    . uStart Page = hxxp://abcnews.go.com
    uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
    BHO: Shareaza Web Download Hook: (0eedb912-c5fa-486f-8334-57288578c627) - c:\program files\shareaza\RazaWebHook32.dll
    BHO: Do Not Track Plus: (6e45f3e8-2683-4824-a6be-08108022fb36) - c:\program files\donottrackplus\ScriptHost.dll
    BHO: Java(tm) Plug-In SSV Helper: (761497bb-d6f0-462c-b6eb-d4daf1d92d43) - c:\program files\java\jre6\bin\ssv.dll
    BHO: avast! WebRep: (8e5e2654-ad2d-48bf-ac2d-d17f00898d06) - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: (dbc80044-a445-435b-bc74-9c25c1c588a9) - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: (e7e6f031-17ce-4c07-bc86-eabfe594f69c) - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: HP view: (b2847e28-5d7d-4deb-8b67-05d28bcf79f5) - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
    TB: avast! WebRep: (8e5e2654-ad2d-48bf-ac2d-d17f00898d06) - c:\program files\avast software\avast\aswWebRepIE.dll
    TB: (2318C2B1-4965-11D4-9B18-009027A5CD4F) - No File
    TB: (91397D20-1446-11D4-8AF4-0040CA1127B6) - No File
    uRun: [Google Update] "c:\documents and settings\hp_administrator.desktop\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [DW7] "c:\program files\the weather channel\the weather channel app\TWCApp.exe"
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [EaseUs Watch] "c:\program files\easeus\todo backup\bin\EuWatch.exe"
    mRun: [EaseUs Tray] "c:\program files\easeus\todo backup\bin\TrayNotify.exe"
    mRun: [Privatefirewall] c:\program files\privacyware\privatefirewall 7.0\PFGUI.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
    IE: Download with &Shareaza - c:\program files\shareaza\RazaWebHook32.dll/3000
    IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
    IE: (E2D4D26B-0180-43a4-B05F-462D6D54C789) - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
    IE: (e2e2dd38-d088-4134-82b7-f2ba38496583) - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: (FB5F1910-F110-11d2-BB9E-00C04F795683) - c:\program files\messenger\msmsgs.exe
    DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1325110486953
    DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: (CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA) - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: (CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA) - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: (CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA) - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\(A61EAB09-9A69-4329-B570-42C37AD13A84) : DhcpNameServer = 192.168.0.1
    Handler: belarc - (6318E0AB-2E93-11D1-B8ED-00608CC9A71F) - c:\program files\belarc\advisor\system\BAVoilaX.dll
    Handler: cetihpz - (CF184AD3-CDCB-4168-A3F7-8E447D129300) - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    . ================= FIREFOX ===================
    . FF - ProfilePath - c:\documents and settings\hp_administrator.desktop\application data\mozilla\firefox\profiles\lk87sgw5.default\
    FF - prefs.js: browser.startup.homepage - hxxp://z1.invisionfree.com/IBBS_ComputerHelp/index.php?
    FF - prefs.js: keyword.URL - hxxp://yandex.ru/yandsearch?stype=first&clid=1855511&text=
    FF - plugin: c:\documents and settings\hp_administrator.desktop\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
    . ============= SERVICES / DRIVERS ===============
    . R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-12-30 50312]
    R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2011-12-30 43784]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-28 612184]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-28 337880]
    R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-12-30 16008]
    R1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2011-12-30 185864]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-28 20696]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-28 44768]
    R2 EaseUS Agent;EaseUS Agent;c:\program files\easeus\todo backup\bin\Agent.exe [2012-2-1 61064]
    R2 Guard Agent;Guard Agent;c:\program files\easeus\todo backup\bin\GuardAgent.exe [2012-2-1 23176]
    R2 PFNet;Privacyware network service;c:\program files\privacyware\privatefirewall 7.0\pfsvc.exe [2012-3-23 374120]
    R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]
    R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
    R3 pwipf6;Privacyware Filter Driver;c:\windows\system32\drivers\pwipf6.sys [2012-3-24 132408]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 253600]
    S3 DigiartyVirtualCDBus;Digiarty Virtual Driver;c:\windows\system32\drivers\DigiartyVirtualCDBus.sys [2012-1-6 163616]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
    . =============== Created Last 30 ================
    . 2012-03-30 20:22:28 -------- d-sh--w- c:\documents and settings\hp_administrator.desktop\IECompatCache
    2012-03-30 00:00:37 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-03-29 21:37:37 -------- d-----w- c:\program files\ESET
    2012-03-27 20:12:11 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Xpom
    2012-03-27 20:12:11 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Chromium
    2012-03-27 20:12:11 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Bromium
    2012-03-27 20:12:10 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Opera
    2012-03-27 20:11:54 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Temp
    2012-03-26 21:36:38 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Aiseesoft Studio
    2012-03-26 21:36:01 -------- d-----w- c:\program files\Aiseesoft Studio
    2012-03-26 21:36:01 -------- d-----w- c:\documents and settings\all users\application data\Aiseesoft Studio
    2012-03-25 20:01:59 -------- d-----w- c:\windows\system32\NtmsData
    2012-03-24 18:05:57 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Privatefirewall
    2012-03-24 18:04:07 132408 ----a-w- c:\windows\system32\drivers\pwipf6.sys
    2012-03-24 18:04:03 -------- d-----w- c:\program files\Privacyware
    2012-03-24 18:04:03 -------- d-----w- c:\documents and settings\all users\application data\Privacyware
    2012-03-22 20:05:37 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Shareaza
    2012-03-22 20:05:07 -------- d-----w- c:\documents and settings\hp_administrator.desktop\application data\Shareaza
    2012-03-22 20:05:04 -------- d-----w- c:\program files\Shareaza
    2012-03-22 02:09:18 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2012-03-22 02:09:17 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll
    2012-03-22 02:09:16 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
    2012-03-22 02:01:25 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Secunia PSI
    2012-03-22 02:00:54 -------- d-----w- c:\program files\Secunia
    2012-03-07 21:24:43 -------- d-----w- c:\program files\The Weather Channel
    2012-03-07 21:22:15 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\The Weather Channel
    2012-03-04 21:35:48 -------- dc-h--w- c:\documents and settings\all users\application data\(5BD198FE-6337-4D45-AAF8-F81D83B87D05)
    2012-03-04 21:35:44 6600192 ----a-w- c:\windows\system32\LicProtector310.exe
    2012-03-04 21:35:44 2323520 ----a-w- c:\windows\system32\gdpicturepro5.ocx
    2012-03-04 21:35:42 -------- d-----w- c:\program files\Free File Opener
    2012-03-04 21:35:42 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\Free File Opener
    2012-03-04 21:35:42 -------- d-----w- c:\documents and settings\all users\application data\Free File Opener
    2012-03-04 21:35:41 -------- d-----w- c:\documents and settings\hp_administrator.desktop\local settings\application data\PackageAware
    . ==================== Find3M ====================
    . 2012-03-30 00:03:15 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-03-26 16:38:13 163616 ----a-w- c:\windows\system32\drivers\DigiartyVirtualCDBus.sys
    2012-03-06 23:15:19 41184 ----a-w- c:\windows\avastSS.scr
    2012-03-06 23:03:51 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-02-17 02:40:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2012-02-17 02:40:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
    2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
    2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2009-10-10 01:44:03 4637952 ----a-w- c:\program files\common files\lpuninstall.exe
    . ============= FINISH: 21:04:24.98 ===============

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    . DDS (Ver_2011-08-26.01)
    . Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 12/28/2011 4:31:29 PM
    System Uptime: 3/30/2012 1:12:12 PM (8 hours ago)
    . Motherboard: MSI : : ALBACORE
    Processor: AMD Athlon(tm) 64 Processor 3500+ : Socket 939 : 2188/200mhz
    . ==== Disk Partitions =========================
    . C: is FIXED (NTFS) - 459 GiB total, 429.595 GiB free.
    D: is FIXED (FAT32) - 7 GiB total, 0.402 GiB free.
    E: is CDROM ()
    F: is CDROM ()
    G: is Removable
    H: is Removable
    I: is Removable
    J: is Removable
    . ==== Disabled Device Manager Items =============
    . ==== System Restore Points ===================
    . RP81: 2/1/2012 9:54:10 PM - Revo Uninstaller's restore point - EaseUS Todo Backup Free 3.5
    RP82: 2/3/2012 4:02:38 AM - System Checkpoint
    RP83: 2/4/2012 5:21:11 PM - System Checkpoint
    RP84: 2/5/2012 5:30:16 PM - System Checkpoint
    RP85: 2/6/2012 5:38:55 PM - System Checkpoint
    RP86: 2/7/2012 5:47:23 PM - System Checkpoint
    RP87: 2/9/2012 11:56:13 AM - System Checkpoint
    RP88: 2/10/2012 3:54:40 PM - System Checkpoint
    RP89: 2/11/2012 5:19:21 PM - System Checkpoint
    RP90: 2/13/2012 12:31:52 PM - System Checkpoint
    RP91: 2/14/2012 1:12:37 PM - System Checkpoint
    RP92: 2/15/2012 12:10:05 PM - Software Distribution Service 3.0
    RP93: 2/15/2012 12:17:22 PM - Software Distribution Service 3.0
    RP94: 2/15/2012 12:19:42 PM - Software Distribution Service 3.0
    RP95: 2/16/2012 8:09:04 PM - Installed Windows XP KB942288-v3.
    RP96: 2/16/2012 8:09:44 PM - Installed Windows XP KB958655-v2.
    RP97: 2/16/2012 9:40:24 PM - Removed Java(TM) 6 Update 30
    RP98: 2/17/2012 9:58:01 PM - Software Distribution Service 3.0
    RP99: 2/19/2012 4:57:18 AM - System Checkpoint
    RP100: 2/20/2012 5:07:39 AM - System Checkpoint
    RP101: 2/21/2012 3:41:08 PM - System Checkpoint
    RP102: 2/22/2012 4:51:37 PM - System Checkpoint
    RP103: 2/23/2012 10:00:11 PM - System Checkpoint
    RP104: 2/25/2012 5:34:19 PM - System Checkpoint
    RP105: 2/27/2012 3:00:58 AM - System Checkpoint
    RP106: 2/28/2012 3:11:28 AM - System Checkpoint
    RP107: 2/29/2012 4:45:32 PM - System Checkpoint
    RP108: 3/1/2012 4:46:58 PM - System Checkpoint
    RP109: 3/2/2012 5:26:44 PM - System Checkpoint
    RP110: 3/3/2012 5:30:38 PM - System Checkpoint
    RP111: 3/4/2012 5:41:42 PM - System Checkpoint
    RP112: 3/5/2012 6:25:29 PM - System Checkpoint
    RP113: 3/6/2012 7:01:42 PM - System Checkpoint
    RP114: 3/8/2012 1:18:19 PM - Software Distribution Service 3.0
    RP115: 3/8/2012 1:38:28 PM - Software Distribution Service 3.0
    RP116: 3/9/2012 5:51:35 PM - System Checkpoint
    RP117: 3/11/2012 3:57:47 PM - System Checkpoint
    RP118: 3/12/2012 4:22:07 PM - System Checkpoint
    RP119: 3/13/2012 4:36:50 PM - System Checkpoint
    RP120: 3/14/2012 3:43:56 PM - Software Distribution Service 3.0
    RP121: 3/14/2012 3:52:18 PM - Software Distribution Service 3.0
    RP122: 3/15/2012 4:23:17 PM - System Checkpoint
    RP123: 3/16/2012 4:27:18 PM - System Checkpoint
    RP124: 3/17/2012 5:13:32 PM - System Checkpoint
    RP125: 3/18/2012 5:31:34 PM - System Checkpoint
    RP126: 3/19/2012 5:55:38 PM - System Checkpoint
    RP127: 3/20/2012 3:38:56 PM - Revo Uninstaller's restore point - VLC media player 2.0.0
    RP128: 3/23/2012 2:49:31 PM - System Checkpoint
    RP129: 3/24/2012 2:04:01 PM - Installed Privatefirewall 7.0
    RP130: 3/25/2012 2:21:28 PM - System Checkpoint
    RP131: 3/26/2012 2:36:42 PM - System Checkpoint
    RP132: 3/27/2012 4:18:00 PM - Revo Uninstaller's restore point - lightshot-2.0.1.5
    RP133: 3/28/2012 5:13:42 PM - System Checkpoint
    RP136: 3/30/2012 4:55:10 PM - System Checkpoint
    . ==== Installed Programs ======================
    . ABBYY FineReader 5.0 Sprint
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Aiseesoft DVD Ripper 6.2.26
    Auslogics Disk Defrag
    avast! Free Antivirus
    BDlot DVD Clone Ultimate 3.1.2
    Belarc Advisor 8.2
    CCleaner
    Do Not Track Plus Add-on 1.0.5289.0208
    EaseUS Todo Backup Free 4.0
    EPSON Copy Utility
    EPSON PERF 3170Guide
    EPSON Photo Print
    EPSON Scan
    EPSON Smart Panel
    ESET Online Scanner v3
    Foxit Reader 5.1
    Free File Opener
    Glary Utilities Pro 2.41.0.1358
    Google Chrome
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB932716-v2)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB958655-v2)
    Hotfix for Windows XP (KB961118)
    HP Deskjet 5700
    Inpaint 3.1
    IrfanView (remove only)
    Java Auto Updater
    Java(TM) 6 Update 31
    K-Lite Codec Pack 7.0.0 (Standard)
    Malwarebytes Anti-Malware version 1.60.1.1000
    Microsoft .NET Framework 1.0 Hotfix (KB2572066)
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Picture It! Photo 2002
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    Mozilla Firefox 11.0 (x86 en-GB)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NOOK for PC
    Paint.NET v3.5.10
    Privatefirewall 7.0
    RedNotebook 1.3
    Revo Uninstaller 1.93
    ScanToWeb
    Secunia PSI (2.0.0.4003)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    Shareaza 2.5.5.0
    SpywareBlaster 4.6
    The Weather Channel App
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB2598845)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VLC media player 2.0.1
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WinPatrol
    WinX DVD Copy Pro 3.4.3
    . ==== Event Viewer Messages From Past Week ========
    . 3/29/2012 4:20:52 PM, error: Service Control Manager [7034] - The EaseUS Agent service terminated unexpectedly. It has done this 2 time(s).
    3/29/2012 4:19:39 PM, error: Service Control Manager [7034] - The EaseUS Agent service terminated unexpectedly. It has done this 1 time(s).
    . ==== End Of File ===========================

  • grandms
    12 years ago
    last modified: 9 years ago

    Joe, I have disabled both the EaseUS entries from startup since I do backups manually, so I don't need those running.

  • zep516
    12 years ago
    last modified: 9 years ago

    Reset your user preferences to the default values by using Firefox Safe Mode. This will rebuild the prefs.js file from program defaults, the same as if you manually deleted the file. It will not reset any preferences stored in the user.js file, if one exists.

    Exit Firefox completely
    Start Firefox in Safe Mode. The "Firefox Safe Mode" window will appear with some troubleshooting options,
    Select the option, Reset all user preferences to Firefox defaults.
    Click the button, Make Changes and Restart.

    FF - prefs.js: browser.startup.homepage - hxxp://z1.invisionfree.com/IBBS_ComputerHelp/index.php?

    Not what that is above! Are you.

    FF - prefs.js: keyword.URL - hxxp://yandex.ru/yandsearch?stype=first&clid=1855511&text=

    Start firefox in safe mode ---->http://support.mozilla.org/en-US/kb/Safe%20Mode

  • grandms
    12 years ago
    last modified: 9 years ago

    Okay, that's done.

    Joe, very little computer help. It's just a group of people who chat and occasionally someone may have a computer question. Very simple. Originally started by a group that left this forum, but that has gone by the wayside.

  • zep516
    12 years ago
    last modified: 9 years ago

    Okay,

    You Have TFC Temp file cleaner?

    I'd run that now. That should do it.

  • grandms
    12 years ago
    last modified: 9 years ago

    Thanks for your help in getting the last bits off. I still cannot understand how all this happened when I clicked on the link that Mikie posted to download the little screen capture tool. All three browsers, IE, FF, and Chrome had their home pages changed to that Russian page, Yandex.ru, and my search engine default choices were changed to another Russian search engine with an additional one being added to the list of search engines. Even after I had removed a bunch of stuff, including Praetorian.exe, it was as though it kept multiplying. Yet, an online search of all this brought up more questions than answers. No real threat detected, but when something comes, uninvited, and changes my choices, I consider that a threat.

  • zep516
    12 years ago
    last modified: 9 years ago

    What I found was,

    What is the "praetorian.exe" ?

    Product: Yandex
    Company: Yandex LLC
    Description: Yandex
    Version: 0.2.1.85
    MD5: 1B2E1FC50E927B134921393AC9E05FD9
    SHA1: F7503E95E21E2FEACCEC94973153804419DE34A9
    SHA256: F0AEF52886C06951311A642B8A2441157E3475ECB58FB42028868C79E39CEF5E
    Size: 1515352
    Directory: %USERPROFILE%\Local\Yandex\Updater\praetorian.exe
    Operating System: Windows 7
    Discovered: Sep 20 2011
    Occurence: High oc2

    This file belongs to product Yandex and was developed by company Yandex LLC. This file has description Yandex. This is executable file. You can find it running in Task Manager as the process praetorian.exe.

    http://systemexplorer.net/filereviews.php?fid=1476335

  • zep516
    12 years ago
    last modified: 9 years ago

    TB: "2318C2B1-4965-11D4-9B18-009027A5CD4F> - No File
    TB: "91397D20-1446-11D4-8AF4-0040CA1127B6> - No File

    Those are left over registry entries with no file. There from some toolbar looks like Google toolbar, you can Google the class ID #s that's how you find out what they are if you want to.

    Usually I get rid of those orphaned keys with Hijackthis, they will show as an 03 entry, no big deal, but I like to get rid of that sort of thing.

  • PKponder TX Z7B
    11 years ago
    last modified: 9 years ago

    I think that I see what may have happened with grandms, although Russian has me stumped. While running the installation, the first option is language...mine was defaulted to English, then the next option was 'Full Installation' or 'Options Tuning'. Choosing the Full installation allows the Yandex Bar to be installed plus it makes Yandex your home page and default search provider.

  • grandms
    11 years ago
    last modified: 9 years ago

    Thanks, pkponder. That is probably what happened. I cannot recall now seeing this setup box, and usually I will read everything before checking the "Next" button on any installation, and I do not remember seeing anything about installing Yandex. I know that I did not choose Options Tuning with those choices. However, I certainly got all those choices, didn't I?

  • owbist
    11 years ago
    last modified: 9 years ago

    Grandms I think that is why you got the works, you should have selected the 'Options tuning' and left all check marks off.

    Nasty way to trick people in my opinion, it gives the appearance of not having those options if you choose the full install but in fact does the opposite. You did what most would do and sadly got caught.

  • mikie_gw
    11 years ago
    last modified: 9 years ago

    I always choose any custom install option on programs. That way hopefully I see all the extra's and most times can just leave at defaults anyhow.