Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Constant popups from site called "sagipsul" [Closed]

Started by mooose , Dec 24 2008 03:37 PM

  • This topic is locked This topic is locked

#1
mooose
Posted 24 December 2008 - 03:37 PM

mooose

    New Member

  • Member
  • Pip
  • 8 posts
Hi,

I've been having trouble with a pop up site called "sagipsul", it also links me to other sites (for both IE and firefox).

I don't know much about this stuff, so I tried following the instructions given by user fenzodahl512 in the following thread

Here are the following logs:

1. Malwarebytes
Attached File  mbam_log.txt   8.14KB   377 downloads

2. RSIT log.txt (I couldn't get "info.txt"?)
Attached File  rsit_log.txt   27.49KB   290 downloads

3. GMER results
Attached File  gmer_results.txt   48.23KB   1144 downloads

Appreciate any help given in advance.
  • 0

Advertisements

#2
Rorschach112
Posted 24 December 2008 - 05:55 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Don't attach the logs

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.
  • 0

#3
mooose
Posted 24 December 2008 - 07:02 PM

mooose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
ComboFix 08-12-24.01 - Lamia 2008-12-24 19:43:55.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.272 [GMT -5:00]
Running from: c:\documents and settings\Lamia\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\program files\tintinyproxyy\tinyproxy.exe
c:\windows\admintxt.txt
c:\windows\system32\drivers\msqpdxngwurqdl.sys
c:\windows\system32\drivers\TDSSserv.sys
c:\windows\system32\Memman.vxd
c:\windows\system32\msqpdxakvpxexw.dll
c:\windows\system32\skinboxer43.dll
c:\windows\system32\tyshb36rfjdf.dll
c:\windows\Windows32.exe

----- BITS: Possible infected sites -----

hxxp://b9n.org
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_TDSSSERV.SYS
-------\Service_MSQPDXSERV.SYS
-------\Legacy_COM+_EVENT_SYSTEM_(EVENTSYSTEM)_
-------\Service_COM+ Event System (EventSystem)


((((((((((((((((((((((((( Files Created from 2008-11-25 to 2008-12-25 )))))))))))))))))))))))))))))))
.

2008-12-24 19:52 . 2008-12-24 19:52 <DIR> dr-hs---- C:\resycled
2008-12-23 19:22 . 2008-12-23 19:35 250 --a------ c:\windows\gmer.ini
2008-12-23 19:21 . 2008-12-23 19:21 <DIR> d-------- C:\rsit
2008-12-23 19:21 . 2008-12-23 19:21 <DIR> d-------- c:\program files\trend micro
2008-12-23 18:42 . 2008-12-23 18:42 <DIR> d-------- c:\program files\RogueRemover FREE
2008-12-23 18:07 . 2008-12-23 18:07 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-23 18:07 . 2008-12-23 18:07 <DIR> d-------- c:\documents and settings\Lamia\Application Data\Malwarebytes
2008-12-23 18:07 . 2008-12-23 18:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-23 18:07 . 2008-12-03 19:59 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-23 18:07 . 2008-12-03 19:59 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-23 14:15 . 2008-12-23 14:15 2,444 --a------ C:\autorun.PNF
2008-12-23 14:08 . 2008-12-24 19:47 <DIR> d-------- c:\program files\tintinyproxyy
2008-12-23 13:38 . 2004-08-04 06:00 24,576 --a------ c:\windows\system32\stu2.exe
2008-12-20 05:18 . 2008-12-20 05:18 <DIR> d---s---- c:\documents and settings\Lamia\UserData
2008-12-19 14:40 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2008-12-19 14:40 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2008-12-19 14:40 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2008-12-18 19:42 . 2008-12-18 19:43 <DIR> d-------- c:\program files\Windows Live
2008-12-18 19:42 . 2008-12-18 19:43 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2008-12-18 19:42 . 2008-12-18 19:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-12-18 19:24 . 2008-12-18 19:24 <DIR> d--h----- c:\windows\PIF
2008-12-12 02:49 . 2008-12-12 02:49 244 --ah----- C:\sqmnoopt10.sqm
2008-12-12 02:49 . 2008-12-12 02:49 232 --ah----- C:\sqmdata10.sqm
2008-12-04 20:11 . 2008-12-04 20:11 <DIR> d-------- c:\documents and settings\Lamia\Application Data\Apple Computer
2008-11-28 10:25 . 2008-11-28 10:25 <DIR> d-------- C:\WatchNow
2008-11-26 20:49 . 2008-11-26 20:49 <DIR> d--hs---- c:\windows\ftpcache
2008-11-26 20:43 . 2008-11-26 20:43 <DIR> d-------- c:\program files\Common Files\Oberon Media
2008-11-26 20:38 . 2008-11-26 20:38 <DIR> d-------- c:\program files\Oberon Media
2008-11-26 20:38 . 2008-11-26 20:43 <DIR> d-------- c:\program files\NetJet
2008-11-26 20:38 . 2008-11-26 20:38 <DIR> d-------- c:\documents and settings\Lamia\Application Data\Oberon Media
2008-11-26 20:38 . 2008-11-26 20:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Oberon Media

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-20 02:17 --------- d-----w c:\program files\Microsoft Silverlight
2008-12-20 00:31 --------- d-----w c:\program files\Microsoft Works
2008-11-27 01:58 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-19 00:20 508 ----a-w c:\documents and settings\Lamia\Application Data\wklnhst.dat
2008-11-14 23:35 --------- d-----w c:\program files\Yahoo!
2008-11-14 23:35 --------- d-----w c:\program files\Common Files\Logitech
2008-11-14 23:34 --------- d-----w c:\program files\Windows Media Components
2008-11-14 23:34 --------- d-----w c:\program files\Logitech
2008-11-09 20:13 --------- d-----w c:\documents and settings\Lamia\Application Data\InstallShield
2008-11-08 12:45 --------- d-----w c:\documents and settings\Lamia\Application Data\AdobeUM
2008-10-31 03:15 --------- d-----w c:\documents and settings\Lamia\Application Data\Corel Photo Album
2008-10-27 07:27 --------- d-----w c:\documents and settings\Lamia\Application Data\Talkback
2008-10-27 07:17 --------- d-----w c:\documents and settings\Lamia\Application Data\Netscape
2008-05-15 11:39 10,020 ----a-w c:\documents and settings\Moose\Application Data\wklnhst.dat
2008-03-10 06:24 0 ----a-w c:\program files\temp01
2007-04-03 22:14 81,920 ----a-w c:\documents and settings\Moose\Application Data\ezpinst.exe
2007-04-03 22:14 47,360 ----a-w c:\documents and settings\Moose\Application Data\pcouffin.sys
2008-12-25 00:52 58,880 ----a-w c:\program files\mozilla firefox\components\iamfamous.dll
2008-12-20 02:20 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-12-20 02:20 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-20 02:20 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2008-12-20 02:20 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2008-12-20 02:20 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe" [2005-09-08 8192]
"Lexmark X5100 Series"="c:\program files\Lexmark X5100 Series\lxbabmgr.exe" [2003-03-04 86100]
"System Files Updater"="c:\windows\FlyakiteOSX\Tools\System Files Updater.exe" [2006-02-25 118485]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-12-11 267048]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-01-29 185632]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver\LVCOMS.EXE" [2001-09-24 98304]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 c:\windows\stsystra.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
AOL 9.0 Tray Icon.lnk - c:\program files\AOL 9.0\aoltray.exe [2006-01-12 156784]
Belkin Wireless USB Utility.lnk - c:\program files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe [2005-10-28 1404928]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=mcdmqx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\ff_vfw.dll
"vidc.wmv3"= c:\progra~1\COMBIN~1\Filters\wmv9vcm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Documents and Settings\\Moose\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\GameHouse\\Wheel of Fortune\\Wheel of Fortune.exe"=
"c:\\Program Files\\Sierra Online\\FreeStyle Street Basketball™\\FreeStyle.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Documents and Settings\\Moose\\My Documents\\viviplay.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Risk II\\RiskII.RWG"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"50756:TCP"= 50756:TCP:BitComet 50756
"50756:UDP"= 50756:UDP:BitComet 50756
"53665:TCP"= 53665:TCP:Azureus TCP
"53665:UDP"= 53665:UDP:Azureus UDP
"67:UDP"= 67:UDP:DHCP Discovery Service

S3 ASPI;Advanced SCSI Programming Interface Driver;\??\c:\windows\System32\DRIVERS\ASPI32.sys [2006-02-05 16512]
S3 WLAN(WLAN);XPC 802.11b/g Wireless Kit Driver(WLAN);c:\windows\system32\DRIVERS\zd1211u.sys [2005-08-16 278016]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com c:
\Shell\Open\command - c:\resycled\boot.com c:
.
Contents of the 'Scheduled Tasks' folder

2008-12-24 c:\windows\Tasks\mruxhvqg.job
- c:\windows\system32\rundll32.exe [2004-08-04 06:00]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-WebCamRT.exe - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.dell.ca/myway
mStart Page = hxxp://www.dell.ca/myway

c:\windows\Downloaded Program Files\stg_drm.ocx - O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9}
file://c:\program files\Risk\Images\stg_drm.ocx

c:\windows\Downloaded Program Files\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54}
file://c:\program files\Risk\Images\armhelper.ocx
FF - ProfilePath - c:\documents and settings\Lamia\Application Data\Mozilla\Firefox\Profiles\gpolhv3y.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 9090
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\Mozilla Firefox\\components\iamfamous.dll
FF - component: c:\program files\Mozilla Firefox\extensions\[email protected]\components\qfaservices.dll
FF - plugin: c:\documents and settings\Lamia\My Documents\Mozilla Firefox\plugins\npnul32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-24 19:52:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\msqpdxserv.sys]
"imagepath"="\systemroot\system32\drivers\msqpdxvmehxdux.sys"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(816)
c:\windows\system32\cscui.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Cheetah Burner\Cheetah CD Burner\NMSAccess.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Pure Networks\Network Magic\nmsrvc.exe
c:\progra~1\MUSICM~1\MUSICM~3\MMDiag.exe
c:\program files\Lexmark X5100 Series\lxbabmon.exe
c:\program files\MUSICMATCH\Musicmatch Jukebox\mim.exe
c:\windows\system32\msiexec.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscript.exe
.
**************************************************************************
.
Completion time: 2008-12-24 19:55:31 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-25 00:55:29

Pre-Run: 26,471,985,152 bytes free
Post-Run: 28,273,209,344 bytes free

233 --- E O F --- 2008-12-22 14:33:00
  • 0

#4
Rorschach112
Posted 24 December 2008 - 07:21 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
hello

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

File::
c:\windows\system32\stu2.exe
c:\windows\Tasks\mruxhvqg.job

KillAll::

Folder::
C:\resycled
c:\program files\tintinyproxyy


Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\msqpdxserv.sys]

Driver::
msqpdxserv


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • 0

#5
mooose
Posted 24 December 2008 - 08:06 PM

mooose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I did all of the above, but upon restart I can't seem to log in under any user accounts.

It keeps saying "loading settings" then immediately "saving settings", I'm assuming it just logs out.

I'm pretty sure I have no anti virus/anti malware programs on, (went to Control Panel -> Security and it said they were off).
  • 0

#6
mooose
Posted 25 December 2008 - 11:08 AM

mooose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Up.

Still stuck at previous post, hoping anyone could still help.
  • 0

#7
Rorschach112
Posted 25 December 2008 - 01:40 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Boot up, keep pressing F8, select Last Known Good Configuration

That get you back in ?
  • 0

#8
mooose
Posted 25 December 2008 - 02:03 PM

mooose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Figured that's what I should do.

Tried it, then selected "Microsoft XP Edition" (instead of "Microsoft Recovery Console"), still can't log in.
  • 0

#9
Rorschach112
Posted 26 December 2008 - 07:32 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Ok go over to the Windows XP forum

Explain your problem to them and mention that you have an ERUNT backup

They will get you back in, then come back here
  • 0

#10
Rorschach112
Posted 30 December 2008 - 02:17 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP