Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Dr Watson Poblem - PLEASE HELP! [resolved]

Started by pcnumpty , Mar 14 2005 01:31 PM

  • This topic is locked This topic is locked

#16
Guest_thatman_*
Posted 19 March 2005 - 05:09 PM

Guest_thatman_*
  • Guest
Hi pcnumpty

Welcome to geekstogo!

Please read through the instructions before you start (you may want to print this out).The following items are malware and must be fixed

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
Click on Fix Checked when finished and exit HijackThis.


C:\Documents and Settings\laurence\Favorites\Sites about\Broadband comparison.url<--Delete this file

Post back a fresh HijackThis log and we will take another look.
And the scan.log from panda

Kc :tazz:
  • 0

Advertisements

#17
pcnumpty
Posted 20 March 2005 - 08:35 AM

pcnumpty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi thatman

Completed the action as per your last post..........I also noticed that in the following file:

C:\Documents and Settings\laurence\Favorites\Sites about\

there were lots of similar files to the one I have just deleted, therefore I have deleted them all. (I deleted them whilst the active scan was running, therefore I think the scan report shows on one of the files I have since deleted....)

Attached as requested is a new HJT log and a updated active scan report:

Look forward to your next reply

Cheers

pcnumpty
:tazz:

Logfile of HijackThis v1.99.1
Scan saved at 14:24:35, on 20/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Corel\Graphics8\Programs\MFIndexer.exe
C:\freeserve\freeserveconnectionkit\atdialler1.exe
C:\Program Files\tesconet\Tesconet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe
O4 - Global Startup: Freeserve Connection Kit.lnk = C:\freeserve\freeserveconnectionkit\atdialler1.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .bmp: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tesco.net
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...ol_v1-0-3-9.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg...ol_v1-0-3-0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5A1C567-D857-4652-B24D-DA75EAB7F5ED}: NameServer = 194.168.4.100 194.168.8.100
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe



Incident Status Location

Spyware:Spyware/Petro-Line No disinfected C:\Documents and Settings\laurence\Favorites\Sites about\Credit counseling.url
Adware:Adware/CWS.HomeSearchAsisstantNo disinfected Windows Registry
  • 0

#18
Guest_thatman_*
Posted 20 March 2005 - 01:27 PM

Guest_thatman_*
  • Guest
Hi pcnumpty :)

I will leave this topic open for a few days just post back if you need any help.

What that big grin for :)

This is one item you need to search your registery for it's a dead link.
HomeSearchAsisstant

Download the ccleaner
I use this Program and is setup like this all boxs are check. Then chose Auto start.
Now run the ccleaner

Clean out all temp files in Mozilla, Internet Explorer.
Internet Explorer: Tools/ Internet Options/ General/ Temporary internet files/ Delete Files (NOTE, that this may take very long!). You can also set the memory limit to about 80 MB at the Settings.

Mozilla: Edit/ Options/ Extended/ Cache/ Clear Cache

Turn of system restore
Disabling or enabling Windows XP System Restore

Defrag your hard drive turn system restore back on and create a new restore point.

Congratulations! Your system is CLEAN :tazz:

How do you prevent spyware from being installed again? We strongly recommend installing SpywareBlaster (it's free for personal use). Click Here
QUOTE
Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.
Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
Restrict the actions of potentially dangerous sites in Internet Explorer.
Consumes no system resources.

Download, run, check for updates, download updates, select all, protect against checked. All done. Check for updates every couple of weeks. If you have any errors running the program like a missing file see the link at the bottom of the javacool page.

It's also very important to keep your system up to date to avoid unnecessary security risks. Click Here http://windowsupdate.microsoft.com/ to make sure that you have the latest patches for Windows.

These next two steps are optional, but will provide the greatest protection.
1. Use ANY browser besides Internet Explorer, almost every exploit is crafted to take advantage of an IE weakness. We usually recommend FireFox user posted image.
2. Install Sun's Java. It's much more secure than Microsoft's Java Virtual Machine .

After doing all these, your system will be thoroughly protected from future threats. ;)

Kc ;)
  • 0

#19
pcnumpty
Posted 20 March 2005 - 03:36 PM

pcnumpty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi thatman

Nearly there now.........just a few more daft questions.......

1) How do I search the registry and delete the 'HomeSearchAssistant'??

2) What does the following mean I have to actually do?? - Mozilla: Edit/ Options/ Extended/ Cache/ Clear Cache

3) How do I 'defrag my hard drive and create a new restore point'??

Back to sulking again!!

:tazz:

Cheers

pcnumpty
  • 0

#20
Guest_thatman_*
Posted 20 March 2005 - 05:55 PM

Guest_thatman_*
  • Guest
Hi pcnumpty

Use the following links tutorials

“Hidden files and folders” http://www.bleepingc...tutorial62.html

http://www.bleepingc...tutorial62.html

Reboot the computer into “ Safe Mode” http://www.bleepingc...tutorial61.html

Demystifying the Windows Registry

http://www.bleepingc...tion-tut55.html

http://www.bleepingc...uide-tut56.html

http://www.bleepingc...ures-tut58.html


Kc :tazz:
  • 0

#21
pcnumpty
Posted 22 March 2005 - 01:58 PM

pcnumpty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi thatman

Thanks for the last post.......very helpful.....

However, I'm having a lot of difficulty locating the adware/homesearchassistant file that is still infected on my PC......

The active scan says it is in the 'Windows Registry'.......I cannot find a file with a name I recognise as the adware one........do you have any idea what it may be called????........or do i need to run one of the adware/malware removal scans??

I have attached an updated active scan report and a new HJT log for your info......

Many thanks

pcnumpty
:tazz:

Incident Status Location

Adware:Adware/CWS.HomeSearchAsisstantNo disinfected Windows Registry


Logfile of HijackThis v1.99.1
Scan saved at 19:41:07, on 22/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Corel\Graphics8\Programs\MFIndexer.exe
C:\freeserve\freeserveconnectionkit\atdialler1.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\tesconet\Tesconet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe
O4 - Global Startup: Freeserve Connection Kit.lnk = C:\freeserve\freeserveconnectionkit\atdialler1.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .bmp: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tesco.net
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...ol_v1-0-3-9.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg...ol_v1-0-3-0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5A1C567-D857-4652-B24D-DA75EAB7F5ED}: NameServer = 194.168.4.100 194.168.8.100
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
  • 0

#22
Guest_thatman_*
Posted 22 March 2005 - 05:28 PM

Guest_thatman_*
  • Guest
Hi pcnumpty

Lets try this tool

Lexun RegScrubXP 3.25

Kc :tazz:
  • 0

#23
pcnumpty
Posted 24 March 2005 - 01:47 PM

pcnumpty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi thatman

Thanks for the latest post......

I have donwloaded and run RegScrubXP (173 problems were found - all fixed and deleted) but unfortunately it has not got rid of the problem with the HomeSearchAssistant......when I run an Active Scan it is still found......

When I used RegScrubXP the facility 'User Determines Problem' did identify a large amount of entries but not knowing what was what I did not fix any of them.......maybe the problem is lurking in there??

Not sure what else can be done!!

Cheers

pcnumpty

:tazz:
  • 0

#24
Guest_thatman_*
Posted 24 March 2005 - 01:57 PM

Guest_thatman_*
  • Guest
Hi pcnumpty

Try this link just found it:

http://www.trendmicr...ADW_SEARCHAID.M

Please post back when you are done the we will seewhat is next to remove if any.

Kc :tazz:
  • 0

#25
pcnumpty
Posted 24 March 2005 - 03:53 PM

pcnumpty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi thatman

I managed to download the file but I was unable to open it and run it as it said 'it was unable to recognise which program had created it'..........

I tried to find it via the internet but it was still unrecognised.....

Thanks

pcnumpty

:tazz:
  • 0

Advertisements

#26
Guest_thatman_*
Posted 25 March 2005 - 08:42 AM

Guest_thatman_*
  • Guest
Hi pcnumpty

Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
Still In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>Uninstall
Still in the left panel, right-click on the following key(s) and choose Delete:
HSA <--Delete this
SW <--Delete this
SE <--Delete this

In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Classes>CLSID
Still in the left panel, right-click on the following key(s) and choose Delete:
{5B7E41D7-7D84-4D18-F028-D4A3986027B8} <--Delete this

Still In the left panel, double-click the following:
HKEY_CLASSES_ROOT>CLSID
Still in the left panel, right-click on the following key(s) and choose Delete:
{5B7E41D7-7D84-4D18-F028-D4A3986027B8} <--Delete this

Still In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>Internet Explorer>URLSearchHooks
Still in the left panel, right-click on the following key(s) and choose Delete:
{5B7E41D7-7D84-4D18-F028-D4A3986027B8} <--Delete this

Still In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft> Windows>CurrentVersion>Explorer>Browser Helper Objects
Still in the left panel, right-click on the following key(s) and choose Delete:
{5B7E41D7-7D84-4D18-F028-D4A3986027B8} <--Delete this

Close Registry Editor.

Please run the following free, online virus scans.
http://www.pandasoft...n_principal.htm
http://housecall.tre.../start_corp.asp

Please post the logs From both virus scans and HJT.log we will need them to remove previous infections that have left files on your system.

Kc :tazz:
  • 0

#27
pcnumpty
Posted 25 March 2005 - 11:39 AM

pcnumpty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi thatman

Thanks for the last post......

I did what you asked but again none of the entries you quoted were to be found in the registry........

Cheers

pcnumpty
:tazz:
  • 0

#28
Guest_thatman_*
Posted 25 March 2005 - 11:47 AM

Guest_thatman_*
  • Guest
Hi pcnumpty

The new panda malware is a beta version we may have some imperfections with it but believe it will improve

Are you having any problems

Kc :tazz:
  • 0

#29
pcnumpty
Posted 25 March 2005 - 12:15 PM

pcnumpty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi thatman

I think I'll call it a day with this issue........having followed your expert advice over the last week or so, my PC has gotten rid of the Dr Watson problem and is also running much faster having dumped much of the crap that was clogging it up........

Finally, I'd like to thank you for your time, effort and much patience during my time on this forum........without people like you many of us PC numpties would have no idea what to do.....

thanks again

not so - pcnumpty!!

:tazz:
  • 0

#30
Guest_thatman_*
Posted 25 March 2005 - 12:31 PM

Guest_thatman_*
  • Guest
Hi pcnumpty

Have a nice day

Kc :tazz:
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP