Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

16bit ms-dos subsystem

Started by dgpro , Aug 30 2008 09:22 AM

  • Please log in to reply

#1
dgpro
Posted 30 August 2008 - 09:22 AM

dgpro

    New Member

  • Member
  • Pip
  • 1 posts
Hi

Wonder if anyone can help me here.

Keep getting this message every 3-5 mins while surfing the net.

16 bit ms dos subsystem
c:\window\system32\wxpsetup.exe
the ntvdm cpu has encountered an illegal instruction
cs:0523:e IP:fffe OP:ff ff ff 00 choose 'close' to terminate the application

Read from previous threads which recommended combofix. Combofix.txt is as follows:

................................................................................
..................................................


ComboFix 08-08-24.03 - yiming 2008-08-30 22:14:01.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.936.86.1033.18.622 [GMT 8:00]
Running from: C:\Documents and Settings\yiming\My Documents\downloads\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\wxpSetup.exe

.
((((((((((((((((((((((((( Files Created from 2008-07-28 to 2008-08-30 )))))))))))))))))))))))))))))))
.

2008-08-24 09:36 . 2008-08-30 22:12 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-24 09:35 . 2008-08-30 21:40 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-08-24 09:35 . 2008-08-24 09:35 <DIR> d-------- C:\Documents and Settings\yiming\Application Data\PC Tools
2008-08-24 09:35 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-08-24 09:35 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-08-24 09:35 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-08-24 09:35 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-08-23 17:57 . 2001-08-17 13:32 50,620 --a------ C:\WINDOWS\system32\command.nt
2008-08-18 21:43 . 2008-08-18 21:43 <DIR> d-------- C:\!KillBox
2008-08-17 09:56 . 2008-08-17 09:56 <DIR> d-------- C:\NECSOFT
2008-08-14 15:59 . 2008-04-14 08:11 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-08-14 15:59 . 2008-04-14 08:11 21,504 --a------ C:\WINDOWS\system32\dllcache\hidserv.dll
2008-08-13 22:28 . 2008-08-13 22:28 <DIR> d-------- C:\Documents and Settings\Administrator
2008-08-13 22:00 . 2008-05-01 22:33 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-13 21:45 . 2008-04-12 03:04 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-13 21:33 . 2008-08-30 21:40 25 --a------ C:\WINDOWS\system32\vwndvtb60.dat
2008-08-13 21:32 . 2008-08-13 21:32 589,312 --a------ C:\WINDOWS\system32\rtmbufdx.exe
2008-08-09 23:21 . 2008-08-09 23:21 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-06 19:24 . 2008-08-12 20:56 95 --a------ C:\WINDOWS\system32\tebiurecs.ve
2008-08-06 16:29 . 2008-08-27 21:07 366 --a------ C:\WINDOWS\PPSMediaList.ini
2008-08-06 14:22 . 2008-08-14 11:00 80 --a------ C:\WINDOWS\system32\cfl_Info.nt
2008-08-04 18:32 . 2008-08-06 11:59 <DIR> d-------- C:\Program Files\pipi
2008-08-04 18:31 . 2008-08-04 18:31 3,891,555 --a------ C:\WINDOWS\ppfilm.exe
2008-08-04 18:30 . 2008-08-04 19:17 <DIR> d-------- C:\Program Files\Funshion Online
2008-08-04 18:30 . 2008-08-04 18:45 <DIR> d-------- C:\Program Files\Coopen
2008-08-04 18:30 . 2008-08-04 19:17 <DIR> d-------- C:\Documents and Settings\yiming\funshion
2008-08-04 18:30 . 2008-08-04 18:45 <DIR> d-------- C:\Documents and Settings\yiming\Application Data\Coopen
2008-08-04 18:30 . 2008-08-04 18:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Coopen
2008-08-04 18:30 . 2008-08-04 18:30 418,304 --a------ C:\WINDOWS\system32\jspplay.exe
2008-08-04 18:30 . 2008-08-04 18:30 418,304 --a------ C:\WINDOWS\system32\drivers\jspplay.sys
2008-08-04 18:30 . 2008-08-04 18:30 375,808 --a------ C:\WINDOWS\system32\drivers\jsphelp.sys
2008-08-04 18:30 . 2008-08-10 11:19 371,200 --a------ C:\WINDOWS\system32\jsphelp.exe
2008-08-04 18:28 . 2008-05-16 10:10 4,020,368 --------- C:\WINDOWS\system32\FunshionInstall_C6529.exe
2008-08-04 18:28 . 2008-05-29 12:45 936,176 --a------ C:\WINDOWS\system32\coopen_setup_100068.exe
2008-08-04 18:28 . 2008-05-28 14:27 257,693 --------- C:\WINDOWS\system32\pp139.exe
2008-08-04 18:28 . 2008-05-29 17:13 256,267 --------- C:\WINDOWS\system32\coop.exe
2008-08-04 18:28 . 2008-06-03 16:23 173,946 --a------ C:\WINDOWS\system32\msn013.exe
2008-08-04 18:28 . 2005-04-13 06:10 19,518 --a------ C:\WINDOWS\system32\66.ICO
2008-08-04 18:28 . 2008-07-24 13:48 4,272 --a------ C:\WINDOWS\system32\66.reg
2008-08-04 18:28 . 2008-03-24 09:22 35 --a------ C:\WINDOWS\system32\66.bat
2008-08-04 18:20 . 2008-08-04 18:43 <DIR> d-------- C:\Zcom
2008-08-04 18:20 . 2008-08-04 18:22 <DIR> d-------- C:\Magazine
2008-08-02 22:31 . 2008-08-02 22:31 92,288 --a------ C:\Documents and Settings\yiming\Application Data\GDIPFONTCACHEV1.DAT
2008-07-15 21:17 . 2001-08-17 22:36 171,008 --a------ C:\WINDOWS\system32\LXAESUI.DLL
2008-07-08 04:26 . 2008-07-08 04:26 253,952 --------- C:\WINDOWS\system32\dllcache\es.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-30 14:12 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-28 12:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-28 12:20 --------- d-----w C:\Program Files\StormII
2008-08-27 12:32 --------- d-----w C:\Program Files\PPStream
2008-08-14 03:01 --------- d-----w C:\Documents and Settings\yiming\Application Data\AdobeUM
2008-08-09 15:27 --------- d-----w C:\Program Files\Lavasoft
2008-08-09 15:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-09 15:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-09 15:07 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-06 08:29 --------- d-----w C:\Documents and Settings\yiming\Application Data\ppstream
2008-08-04 10:46 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE
2008-07-30 09:42 23,888 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-07-30 09:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-07-30 09:28 10,537 ----a-w C:\WINDOWS\system32\drivers\coh_mon.cat
2008-07-18 14:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 14:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 14:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 14:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 14:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 14:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 14:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 14:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 14:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 14:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 14:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 14:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 14:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 14:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 14:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 14:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 14:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:43 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 02:57 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:20 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:20 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:46 245,248 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:46 147,968 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 11:51 361,600 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 11:40 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 11:08 225,856 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-13 06:45 579,464 ----a-w C:\WINDOWS\system32\SymNeti.dll
2008-06-13 06:45 207,240 ----a-w C:\WINDOWS\system32\SymRedir.dll
2008-06-08 03:07 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2008-05-16 03:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-09 10:53 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
2008-05-09 10:53 90,112 ------w C:\WINDOWS\system32\dllcache\wshext.dll
2008-05-09 10:53 512,000 ------w C:\WINDOWS\system32\dllcache\jscript.dll
2008-05-09 10:53 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-05-09 10:53 430,080 ------w C:\WINDOWS\system32\dllcache\vbscript.dll
2008-05-09 10:53 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
2008-05-09 10:53 180,224 ------w C:\WINDOWS\system32\dllcache\scrobj.dll
2008-05-09 10:53 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
2008-05-09 10:53 172,032 ------w C:\WINDOWS\system32\dllcache\scrrun.dll
2008-05-08 14:02 203,136 ------w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
2008-05-08 11:24 155,648 ------w C:\WINDOWS\system32\dllcache\wscript.exe
2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
2008-05-07 09:07 135,168 ------w C:\WINDOWS\system32\dllcache\cscript.exe
2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:12 1,288,192 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2008-05-09 09:04 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008050920080510\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 08:12 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:35 5724184]
"PPS Accelerator"="C:\Program Files\PPStream\ppsap.exe" [2008-08-04 16:37 165240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-26 09:47 51048]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-02-25 21:17 180269]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-09-26 11:01 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-09-26 11:01 503808]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-02-25 21:17 98304]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 14:00 455168]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2004-10-08 03:14 81920]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2008-02-07 14:49 718704]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 14:00 208952]
"Icon"="C:\WINDOWS\system32\drivers\Icon.exe" [2004-04-19 15:23 221184]
"BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 15:37 40960]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-05-15 21:10 339968]
"SoundMan"="SOUNDMAN.EXE" [2004-04-28 17:19 66048 C:\WINDOWS\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 08:12 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoBandCustomize"= 0 (0x0)
"NoMovingBands"= 0 (0x0)
"NoCloseDragDropBands"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Utility\\hall\\hall\\frame.exe"=
"C:\\Program Files\\PPStream\\PPStream.exe"=
"C:\\Program Files\\PPLive\\PPLive.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\PPStream\\PPSAP.exe"=
"C:\\Program Files\\StormII\\Storm.exe"=
"C:\\Program Files\\StormII\\stormliv.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=

R2 ccosm;Contrl Center of Storm Media;C:\Program Files\StormII\stormliv.exe [2008-05-28 16:40]
R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-01-26 09:47]
R2 MTC0005_MTCDIO;Wireless HotKey Driver;C:\WINDOWS\system32\drivers\MTCDIO.sys [2003-09-22 11:04]
R2 rtpPStream;SNS PSP Media Buffer for Windows;C:\WINDOWS\system32\rtmbufdx.exe [2008-08-13 21:32]
R2 Servicejsphelp;Servicejsphelp;C:\WINDOWS\system32\jspplay.exe [2008-08-04 18:30]
S2 MTCDIO;MTCDIO;C:\WINDOWS\system32\DRIVERS\MTCDIO.sys [2003-09-22 11:04]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 17:42]
S3 ZSMC302;VIMICRO USB PC Camera;C:\WINDOWS\system32\Drivers\usbVM31b.sys [2004-09-14 17:45]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1aa41f90-36c9-11da-9951-0040d074a81c}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL delautorun.bat
\Shell\杀毒(&K)\command - D:\delautorun.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ccafcb0-c74f-11dc-9b01-0040d074a81c}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL delautorun.bat
\Shell\杀毒(&K)\command - E:\delautorun.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91955ac0-7928-11dc-9aa1-0040d074a81c}]
\Shell\AutoRun\command - D:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3bd68a0-69d6-11dd-9bb5-0040d074a81c}]
\Shell\AutoRun\command - D:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca259ce0-1ea4-11dd-9b4f-0040d074a81c}]
\Shell\AutoRun\command - D:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca259ce1-1ea4-11dd-9b4f-0040d074a81c}]
\Shell\AutoRun\command - D:\AutoRun.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder

2008-08-11 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - yiming.job
- C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2008-02-07 22:05]
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
R0 -: HKCU-Main,Start Page = hxxp://sg.yahoo.com/
O9 -: {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.vodcn.com
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-30 22:16:56
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
.
Completion time: 2008-08-30 22:18:58
ComboFix-quarantined-files.txt 2008-08-30 14:18:10
ComboFix2.txt 2008-08-28 12:03:52
ComboFix3.txt 2008-08-26 09:20:35
ComboFix4.txt 2008-08-26 08:15:24

Pre-Run: 14,387,064,832 bytes free
Post-Run: 14,391,066,624 bytes free

241 --- E O F --- 2008-08-13 14:12:32
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP