Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware/Trojan

Started by NoExcuse , Jul 01 2008 07:06 PM

  • This topic is locked This topic is locked

#1
NoExcuse
Posted 01 July 2008 - 07:06 PM

NoExcuse

    New Member

  • Member
  • Pip
  • 2 posts
I'm not sure what kind of virus/malware/trojan I have but its slowing down my computer horribly. I'm kind of a noob at fixing this kind of thing, so I went through other threads to try to get help. I've got a combolog, so here it is. Also, I have run both AVG and Norton computer scan, but it has not helped.

Attached File  log.txt   15.91KB   212 downloads

ComboFix 08-06-30.2 - chunk 2008-07-01 19:47:45.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.651 [GMT -5:00]
Running from: C:\Documents and Settings\chunk\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\chunk\Desktop\WinXP_EN_HOM_BF.EXE
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\chunk\Application Data\ShoppingReport
C:\Documents and Settings\chunk\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\chunk\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\chunk\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\chunk\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\chunk\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\chunk\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\chunk\Application Data\ShoppingReport\cs\res2\WhiteList.dbs
C:\Documents and Settings\chunk\Application Data\WNSXS~1
C:\Documents and Settings\chunk\Application Data\WNSXS~1\W?nSxS\
C:\Documents and Settings\chunk\Start Menu\Programs\Startup\Deewoo.lnk
C:\Documents and Settings\chunk\Start Menu\Programs\Startup\DW_Start.lnk
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Program Files\Common Files\Yazzle1396OinUninstaller.exe
C:\Program Files\network monitor
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Program Files\outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\outerinfo\FF\install.rdf
C:\Program Files\outlook
C:\Program Files\outlook\v.tmp
C:\Program Files\ShoppingReport
C:\Program Files\ShoppingReport\Uninst.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\temp\tn3
C:\WINDOWS\accesss.exe
C:\WINDOWS\astctl32.ocx
C:\WINDOWS\avpcc.dll
C:\WINDOWS\clrssn.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\cpan.dll
C:\WINDOWS\ctfmon32.exe
C:\WINDOWS\ctrlpan.dll
C:\WINDOWS\default.htm
C:\WINDOWS\directx32.exe
C:\WINDOWS\dnsrelay.dll
C:\WINDOWS\editpad.exe
C:\WINDOWS\explore.exe
C:\WINDOWS\explorer32.exe
C:\WINDOWS\funniest.exe
C:\WINDOWS\funny.exe
C:\WINDOWS\gfmnaaa.dll
C:\WINDOWS\helpcvs.exe
C:\WINDOWS\iedll.exe
C:\WINDOWS\iexplorer.exe
C:\WINDOWS\inetinf.exe
C:\WINDOWS\internet.exe
C:\WINDOWS\loader.exe
C:\WINDOWS\msconfd.dll
C:\WINDOWS\msspi.dll
C:\WINDOWS\mssys.exe
C:\WINDOWS\msupdate.exe
C:\WINDOWS\mswsc10.dll
C:\WINDOWS\mswsc20.dll
C:\WINDOWS\mtwirl32.dll
C:\WINDOWS\notepad32.exe
C:\WINDOWS\olehelp.exe
C:\WINDOWS\qttasks.exe
C:\WINDOWS\quicken.exe
C:\WINDOWS\rundll16.exe
C:\WINDOWS\rundll32.vbe
C:\WINDOWS\searchword.dll
C:\WINDOWS\sistem.exe
C:\WINDOWS\svchost32.exe
C:\WINDOWS\svcinit.exe
C:\WINDOWS\systeem.exe
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\seriall.sys
C:\WINDOWS\system32\f10
C:\WINDOWS\system32\hljwugsf.bin
C:\WINDOWS\system32\icroso~1.net
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\msnav32.ax
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ojqrvmod.ini
C:\WINDOWS\system32\ojqrvmod.ini2
C:\WINDOWS\system32\ojqrvmod.tmp
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\PXbIRXbc.ini
C:\WINDOWS\system32\PXbIRXbc.ini2
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tasklist.com
C:\WINDOWS\system32\tracert.com
C:\WINDOWS\system32\winpfz33.sys
C:\WINDOWS\system32\zxdnt3d.cfg
C:\WINDOWS\systemcritical.exe
C:\WINDOWS\time.exe
C:\WINDOWS\uninstall_nmon.vbs
C:\WINDOWS\users32.exe
C:\WINDOWS\waol.exe
C:\WINDOWS\win32e.exe
C:\WINDOWS\win64.exe
C:\WINDOWS\winajbm.dll
C:\WINDOWS\window.exe
C:\WINDOWS\winmgnt.exe
C:\WINDOWS\x.exe
C:\WINDOWS\xplugin.dll
C:\WINDOWS\xxxvideo.hta
C:\WINDOWS\y.exe
C:\WINDOWS\Y2h1bms\
C:\WINDOWS\Y2h1bms\\sZ1YvAP.vbs

----- BITS: Possible infected sites -----

hxxp://exteel.patcher.ncsoft.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR
-------\Legacy_SERIALL
-------\Service_cmdService
-------\Service_Network Monitor
-------\Service_seriall


((((((((((((((((((((((((( Files Created from 2008-06-02 to 2008-07-02 )))))))))))))))))))))))))))))))
.

2008-06-30 23:38 . 2008-06-30 23:44 <DIR> d-------- C:\Program Files\Free Easy Burner
2008-06-30 18:26 . 2008-06-30 18:26 <DIR> d-------- C:\Documents and Settings\chunk\Program Files
2008-06-30 14:25 . 2008-07-01 12:36 <DIR> d--h----- C:\$AVG8.VAULT$
2008-06-30 14:18 . 2008-06-30 20:59 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-30 14:18 . 2008-06-30 14:18 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-30 14:18 . 2008-06-30 14:18 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-30 14:18 . 2008-06-30 14:18 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-06-30 14:17 . 2008-06-30 14:17 <DIR> d-------- C:\Program Files\AVG
2008-06-30 14:17 . 2008-06-30 14:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-30 14:00 . 2008-06-30 15:20 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-06-30 13:55 . 2008-07-01 19:46 3,086 --a------ C:\WINDOWS\system32\wpdsm.dat
2008-06-30 13:55 . 2008-07-01 19:46 2,946 --a------ C:\WINDOWS\system32\wuauserv.dat
2008-06-30 13:55 . 2008-07-01 19:46 2,946 --a------ C:\WINDOWS\system32\msv1x0.dat
2008-06-30 13:55 . 2008-07-01 19:45 0 --a------ C:\WINDOWS\system32\ds16gcs.dat
2008-06-30 13:49 . 2008-06-30 13:49 110,592 --a------ C:\index.tmp
2008-06-30 13:49 . 2008-07-01 19:52 13,523 --a------ C:\WINDOWS\system32\kbdinbzn.dat
2008-06-30 13:49 . 2008-07-01 19:52 2,002 --a------ C:\WINDOWS\system32\battvj.dat
2008-06-30 13:49 . 2008-07-01 19:52 487 --a------ C:\WINDOWS\system32\ltkrnc1n.dat
2008-06-30 13:49 . 2008-06-30 13:55 295 --a------ C:\WINDOWS\system32\mdmxsdw.dat
2008-06-30 13:49 . 2008-07-01 19:50 0 --a------ C:\WINDOWS\system32\cluskpij.dat
2008-06-30 13:46 . 2008-06-30 13:46 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconUS.ico
2008-06-30 13:36 . 2008-06-30 15:10 <DIR> d-------- C:\WINDOWS\system32\xsir
2008-06-30 13:36 . 2008-06-30 15:10 <DIR> d-------- C:\WINDOWS\system32\vec3
2008-06-30 13:36 . 2008-06-30 15:09 <DIR> d-------- C:\WINDOWS\system32\modtrux07
2008-06-30 13:36 . 2008-06-30 15:07 <DIR> d-------- C:\WINDOWS\system32\bam
2008-06-30 13:36 . 2008-06-30 13:36 <DIR> d-------- C:\Temp\syschk3
2008-06-30 13:36 . 2008-07-01 19:48 <DIR> d-------- C:\Temp
2008-06-29 10:43 . 2008-07-01 11:39 <DIR> d-------- C:\Program Files\Norton Security Scan
2008-06-23 11:18 . 2008-06-23 11:18 <DIR> d-------- C:\Documents and Settings\chunk\dwhelper
2008-06-22 13:52 . 2008-06-22 13:52 <DIR> d-------- C:\Program Files\Guitar Pro 5
2008-06-22 13:15 . 2008-07-01 18:16 <DIR> d-------- C:\Documents and Settings\chunk\Application Data\LimeWire
2008-06-17 18:57 . 2008-06-29 10:43 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-06-11 12:50 . 2008-06-13 08:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 12:50 . 2008-06-13 08:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-05 18:28 . 2008-06-05 18:28 <DIR> d-------- C:\Program Files\Disney
2008-06-03 22:17 . 2008-06-03 22:17 268 --ah----- C:\sqmdata19.sqm
2008-06-03 22:17 . 2008-06-03 22:17 244 --ah----- C:\sqmnoopt19.sqm
2008-06-03 18:04 . 2008-06-03 18:04 268 --ah----- C:\sqmdata18.sqm
2008-06-03 18:04 . 2008-06-03 18:04 244 --ah----- C:\sqmnoopt18.sqm
2008-06-03 11:53 . 2008-06-03 11:53 268 --ah----- C:\sqmdata17.sqm
2008-06-03 11:53 . 2008-06-03 11:53 244 --ah----- C:\sqmnoopt17.sqm
2008-06-03 09:13 . 2008-06-03 09:13 268 --ah----- C:\sqmdata16.sqm
2008-06-03 09:13 . 2008-06-03 09:13 244 --ah----- C:\sqmnoopt16.sqm
2008-06-02 15:08 . 2008-07-01 19:49 268 --ah----- C:\sqmdata15.sqm
2008-06-02 15:08 . 2008-07-01 19:49 244 --ah----- C:\sqmnoopt15.sqm
2008-06-02 08:15 . 2008-07-01 12:41 244 --ah----- C:\sqmnoopt14.sqm
2008-06-02 08:15 . 2008-07-01 12:41 232 --ah----- C:\sqmdata14.sqm

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-02 00:49 --------- d-----w C:\Documents and Settings\chunk\Application Data\DNA
2008-07-01 03:54 --------- d-----w C:\Program Files\MSN Games
2008-07-01 03:44 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-27 06:42 --------- d-----w C:\Program Files\9Dragons
2008-06-22 03:29 --------- d-----w C:\Documents and Settings\chunk\Application Data\CyberLink
2008-06-21 16:32 --------- d-----w C:\Program Files\Warcraft III
2008-05-29 23:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-05-28 15:52 --------- d-----w C:\Program Files\NCSoft
2008-05-27 17:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-27 17:17 --------- d-----w C:\Documents and Settings\chunk\Application Data\GetRightToGo
2008-05-19 18:29 2,829 ----a-w C:\WINDOWS\War3Unin.pif
2008-05-19 18:29 126,976 ----a-w C:\WINDOWS\War3Unin.exe
2008-05-17 22:19 --------- d-----w C:\Program Files\Windows Live
2008-05-16 01:37 --------- d-----w C:\Program Files\BOTS
2008-05-11 09:05 --------- d-----w C:\Documents and Settings\chunk\Application Data\funkitron
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-08 01:47 --------- d-----w C:\Program Files\Infogrames Interactive
2008-05-04 18:35 --------- d-----w C:\Program Files\The Learning Company
2008-05-04 13:13 --------- d-----w C:\Program Files\Common Files\INCA Shared
2008-05-04 01:56 --------- d-----w C:\Program Files\Acclaim
2008-05-03 03:46 6,554,496 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mdmxsdw]
@="{B20618AD-1319-1471-8409-99253002EE83}"
[HKEY_CLASSES_ROOT\CLSID\{B20618AD-1319-1471-8409-99253002EE83}]
2002-12-11 12:49 94208 --a------ C:\WINDOWS\system32\mdmxsdw.dIl

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-08 20:45 289088]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-02-10 19:55 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-02-10 19:51 118784]
"SunKistEM"="C:\Program Files\Digital Media Reader\shwiconem.exe" [2004-08-18 17:52 135168]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 02:42 32768]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-02 22:46 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-02 22:46 86016]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-30 14:17 1177368]
"SoundMan"="SOUNDMAN.EXE" [2004-05-14 19:47 67072 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2008-05-02 22:46 1630208 C:\WINDOWS\system32\nwiz.exe]

C:\Documents and Settings\chunk\Start Menu\Programs\Startup\
PowerReg Scheduler V3.exe [2008-02-23 11:03:54 225280]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\THQ\\Titan Quest Immortal Throne\\Tqit.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Program Files\\Warcraft III\\War3.exe"=
"C:\\Program Files\\NCsoft\\Exteel\\System\\Exteel.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Documents and Settings\\All Users\\Documents\\My Music\\Audicity\\Lime\\LimeWire\\LimeWire.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-30 14:18]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-30 14:17]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-30 14:17]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-30 14:18]
R3 SunkFilt32;Alcor Micro Corp - 3233;C:\WINDOWS\System32\Drivers\sunkfilt32.sys [2004-08-18 18:44]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05225899-0878-11d9-8b9b-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-07-02 00:19:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-06-29 15:43:17 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
- - - - ORPHANS REMOVED - - - -

BHO-{100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
BHO-{8C469C45-77DA-2E50-FD34-7BA2E3EA1A97} - C:\WINDOWS\system32\psjo.dll
BHO-{A6C7DA00-F223-40FE-B3C2-6DC702F22163} - C:\WINDOWS\system32\cbXRIbXP.dll
BHO-{F30B1B0B-C305-414E-A4FF-AC93A08DE0AC} - C:\WINDOWS\system32\awtuuUnK.dll
WebBrowser-{E1BACF55-35E1-4E47-9247-2D48660E5545} - (no file)
HKCU-Run-ecfb24ff - C:\WINDOWS\system32\domvrqjo.dll
HKCU-Run-Power2GoExpress - (no file)
HKLM-Run-ecfb24ff - C:\WINDOWS\system32\domvrqjo.dll
ShellExecuteHooks-{F30B1B0B-C305-414E-A4FF-AC93A08DE0AC} - C:\WINDOWS\system32\awtuuUnK.dll
Notify-awtuuUnK - awtuuUnK.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-01 19:51:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Completion time: 2008-07-01 19:56:38 - machine was rebooted [chunk]
ComboFix-quarantined-files.txt 2008-07-02 00:56:31

Pre-Run: 25,212,653,568 bytes free
Post-Run: 25,201,913,856 bytes free

WinXP_EN_HOM_BF.EXE
[boot loader]
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional Edition" /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

305 --- E O F --- 2008-06-21 08:00:42

Edited by NoExcuse, 01 July 2008 - 07:06 PM.

  • 0

Advertisements

#2
Rorschach112
Posted 02 July 2008 - 08:00 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Don't post multiple topics

And don't run tools like ComboFix yourself unless a helper tells you to
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP