Mededeling

Collapse
No announcement yet.

Log van Buurmeisje

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Log van Buurmeisje

    Beste ASO medewerkers. Hier het logje van mijn buurmeisje. Ze werd de reklame schermen beu en wil haar eigen startpagina weer hebben.
    Met Ad/Aware ongeveer 750 items kunnen verwijderen.

    Logfile of HijackThis v1.98.2
    Scan saved at 12:45:57, on 22-11-2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Keymaestro\Multimedia Keyboard\nhksrv.exe
    C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\wuauclt.exe
    c:\temp\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.acer.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.meidenstart.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    R3 - URLSearchHook: (no name) - _{42ABE710-643F-4281-AEC1-DE0248E844C2} - (no file)
    R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    R3 - URLSearchHook: (no name) - _{31ED5C89-5587-4796-91F8-0BB7AB515829} - (no file)
    R3 - URLSearchHook: Richfind - {31ED5C89-5587-4796-91F8-0BB7AB515829} - C:\WINDOWS\System32\Q1003109.dll
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
    R3 - URLSearchHook: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    O2 - BHO: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Richfind - {371525C2-A5E6-474A-9C75-C084D448FBE0} - C:\WINDOWS\System32\Q1003109.dll
    O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
    O2 - BHO: Richfind - {4DC0005E-9B94-4CE4-9577-835526E198C8} - C:\WINDOWS\System32\Q1003109.dll
    O2 - BHO: Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Program Files\Hotbar\bin\4.5.1.0\HbHostIE.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: &Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Program Files\Hotbar\bin\4.5.1.0\HbHostIE.dll
    O3 - Toolbar: Richfind - {378D728B-5F5A-4C39-8654-DE87E3FA71DE} - C:\WINDOWS\System32\Q1003109.dll
    O3 - Toolbar: Richfind - {21EFB487-E123-45CC-B5DC-FE9C777DCD4C} - C:\WINDOWS\System32\Q1003109.dll
    O3 - Toolbar: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: PopUpDut.exe
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk142XXNL
    O9 - Extra button: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    O9 - Extra button: Richfind - {21EFB487-E123-45CC-B5DC-FE9C777DCD4C} - C:\WINDOWS\System32\Q1003109.dll
    O9 - Extra button: Richfind - {378D728B-5F5A-4C39-8654-DE87E3FA71DE} - C:\WINDOWS\System32\Q1003109.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.acer.com
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {018A066F-584A-422F-AC4C-0B1F5FE5C040} (VacPro.olanda_ver3) - http://ocx2.advnt01.com/dialer/olanda_ver3.CAB
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab
    O18 - Filter: text/html - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    O18 - Filter: text/plain - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    99.9% van de computerproblemen zit tussen de bureaustoel en het toetsenbord!!! .

  • #2
    Maak eerst even een eigen, permanente map voor HijackThis, bijvoorbeeld C:\Program Files\HJT. Plaats HijackThis in die map en draai het nu dus vanuit die map.

    1. Ga naar Configuratiescherm -> Software en deïnstalleer "New.net", "NewDotNet", "New.net Domains" of "New.net Application".
    Start daarna de pc opnieuw op.

    2. Scan met HijackThis en vink de volgende items aan:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.richfind.com/ie/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.richfind.com/ie/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.richfind.com/home/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.richfind.com/ie/

    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    R3 - URLSearchHook: (no name) - _{42ABE710-643F-4281-AEC1-DE0248E844C2} - (no file)
    R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    R3 - URLSearchHook: (no name) - _{31ED5C89-5587-4796-91F8-0BB7AB515829} - (no file)
    R3 - URLSearchHook: Richfind - {31ED5C89-5587-4796-91F8-0BB7AB515829} - C:\WINDOWS\System32\Q1003109.dll
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
    R3 - URLSearchHook: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll

    O2 - BHO: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
    O2 - BHO: Richfind - {371525C2-A5E6-474A-9C75-C084D448FBE0} - C:\WINDOWS\System32\Q1003109.dll
    O2 - BHO: Richfind - {4DC0005E-9B94-4CE4-9577-835526E198C8} - C:\WINDOWS\System32\Q1003109.dll
    O2 - BHO: Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Program Files\Hotbar\bin\4.5.1.0\HbHostIE.dll

    O3 - Toolbar: &Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Program Files\Hotbar\bin\4.5.1.0\HbHostIE.dll
    O3 - Toolbar: Richfind - {378D728B-5F5A-4C39-8654-DE87E3FA71DE} - C:\WINDOWS\System32\Q1003109.dll
    O3 - Toolbar: Richfind - {21EFB487-E123-45CC-B5DC-FE9C777DCD4C} - C:\WINDOWS\System32\Q1003109.dll
    O3 - Toolbar: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll

    O4 - Global Startup: PopUpDut.exe

    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZNxmk142XXNL

    O9 - Extra button: Richfind - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    O9 - Extra button: Richfind - {21EFB487-E123-45CC-B5DC-FE9C777DCD4C} - C:\WINDOWS\System32\Q1003109.dll
    O9 - Extra button: Richfind - {378D728B-5F5A-4C39-8654-DE87E3FA71DE} - C:\WINDOWS\System32\Q1003109.dll

    O16 - DPF: {018A066F-584A-422F-AC4C-0B1F5FE5C040} (VacPro.olanda_ver3) - http://ocx2.advnt01.com/dialer/olanda_ver3.CAB
    O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab

    O18 - Filter: text/html - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    O18 - Filter: text/plain - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\Q1003109.dll
    Sluit alle vensters behalve HijackThis zelf en klik op "Fix checked".

    3. Herstart de pc in veilige modus.
    Mocht je niet weten hoe dat moet, kijk dan hier even: http://www.virushelp.nl/veilige_modus.htm

    Zorg ervoor dat verborgen bestanden en mappen worden weergegeven.
    Hier kun je lezen hoe dat moet: http://users.telenet.be/marcvn/spyware/1117602.htm

    Verwijder nu, in veilige modus dus, de volgende bestanden en mappen (indien nog aanwezig):

    C:\WINDOWS\System32\Q1003109.dll <- dat bestand
    C:\Program Files\MyWebSearch <- die map
    C:\Program Files\Hotbar <- die map

    4. Herstart de pc in 'normale modus'.

    5. Maak een nieuw log en plaats dat hier.
    Last edited by Buffy; 22-11-04, 12:49. Reden: Typefoutje gecorrigeerd.

    Comment


    • #3
      Da´s snel

      Bedankt alvast voor het snell antwoord. Alles gedaan wat er beschrevn stond. Geheel ziet er al weer lekker uit.
      Hier het 2e log±

      Logfile of HijackThis v1.98.2
      Scan saved at 14:55:46, on 22-11-2004
      Platform: Windows XP SP1 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
      C:\WINDOWS\System32\ctfmon.exe
      C:\Program Files\Logitech\MouseWare\system\em_exec.exe
      C:\Program Files\Keymaestro\Multimedia Keyboard\nhksrv.exe
      C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
      C:\WINDOWS\System32\wuauclt.exe
      C:\WINDOWS\System32\wuauclt.exe
      c:\Program Files\HJT\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.acer.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.meidenstart.nl/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
      O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
      O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
      O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
      O14 - IERESET.INF: START_PAGE_URL=http://www.acer.com
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
      O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
      O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
      O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab
      99.9% van de computerproblemen zit tussen de bureaustoel en het toetsenbord!!! .

      Comment


      • #4
        Perfect.

        Tips om het nu ook schoon te houden:
        http://www.nucia.eu/forum/showthread.php?t=55
        http://www.nucia.eu/main/spyware_hoevoorkom.html

        Comment


        • #5
          Bedankt

          Bedankt maar weer namens de buren.
          Pc-tje draait weer als een tierelier.

          N.B. de tip van je eerste link over spywareblaster loopt dood.
          Download het hier: http://www.nucia.eu/...ster/index.html
          99.9% van de computerproblemen zit tussen de bureaustoel en het toetsenbord!!! .

          Comment


          • #6
            http://www.nucia.eu/downloads/spywareblaster/index.html

            Comment


            • #7
              Bedankt. [aaw6]
              99.9% van de computerproblemen zit tussen de bureaustoel en het toetsenbord!!! .

              Comment


              • #8
                Graag gedaan.

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X