windows update will not run

[Jim Bunton]

Windows media centre service pack 3
iexplorer v 7

Windows update will not run
Run services.msc
Check Background Intelligent Transfer Service running - OK
Check Event Log running - ok
Check Automatic Updates NOT running

Automatic Updates is disabled and it's start button is greyed out
Setting the combo to Automatic (or manual) it reverts to disabled

-----------
RECENT EVENTS - seems like some sort of malware
IeExplorer Home page began to default to MyWebHunt
When reset to normal home page on reboot reverted to MyWebHunt
---------------
Googled mywebhunt
--------
found:
http://www.threatexpert.com/report.aspx?uid=dd190d12-5574-4797-8d70-24b662a299ea
The following Registry Value was modified:. [HKEY_CURRENT_USER\Software\
Microsoft\Internet Explorer\Main]. Start Page = "http://www.mywebhunt.com"
....

reports the folowing registry modifications
a.. The following Registry Key was created:
a.. HKEY_LOCAL_MACHINE\SOFTWARE\GodLib
a.. The newly created Registry Values are:
a.. [HKEY_LOCAL_MACHINE\SOFTWARE\GodLib]
a.. FR = "1"
b.. BootDays = "23"
b.. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
a.. NotifyDownloadComplete = "yes"
c.. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
a.. [filename of the sample #1 without extension] =
"%Windir%\[filename of the sample #1]"

so that [filename of the sample #1] runs every time Windows starts

a.. The following Registry Value was modified:
a.. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
a.. Start Page = http://www.mywebhunt.com
---------
I HAVE DELETED
HKEY_LOCAL_MACHINE\SOFTWARE\GodLib
HKEY_LOCAL_MACHINE\SOFTWARE\GodLib]
a.. FR = "1"
b.. BootDays = "23"
in the entry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
a.. [filename of the sample #1 without extension] = "%Windir%\[filename of
the sample #1]"
I found a program named molocha.exe
AND a copy of it
in C:\Windows & Documents and Settings .. . \Temp
CREATED DATE today !!

Deleted the registry entry
"[filename of the sample #1 without extension] =
"%Windir%\[filename of the sample #1]" " for this file

AND, after reboot, renamed the C:\windows instance to Xmolocha.exe
AND deleted it from Documents and Settings\ . . \Temp

----------
This has stopped the hijack of the web browser to MyWebHunt
BUT Internet explorer is occassionally opening new instances with seemingly
random websites.
--- HELP! ---

 

[Malke]

Re: windows update will not run

Jim Bunton wrote:

> Windows media centre service pack 3
> iexplorer v 7
>
> Windows update will not run
> Run services.msc
> Check Background Intelligent Transfer Service running - OK
> Check Event Log running - ok
> Check Automatic Updates NOT running
>
> Automatic Updates is disabled and it's start button is greyed out
> Setting the combo to Automatic (or manual) it reverts to disabled
> RECENT EVENTS - seems like some sort of malware
> IeExplorer Home page began to default to MyWebHunt
> When reset to normal home page on reboot reverted to MyWebHunt

(snippage)

> I found a program named molocha.exe
> AND a copy of it
> in C:\Windows & Documents and Settings .. . \Temp
> CREATED DATE today !!
>
> Deleted the registry entry
> "[filename of the sample #1 without extension] =
> "%Windir%\[filename of the sample #1]" " for this file
>
> AND, after reboot, renamed the C:\windows instance to Xmolocha.exe
> AND deleted it from Documents and Settings\ . . \Temp
> This has stopped the hijack of the web browser to MyWebHunt
> BUT Internet explorer is occassionally opening new instances with
> seemingly random websites.

Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to do
all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://tinyurl.com/yoeru3 - download link and more instructions

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

or here:
Malwarebytes malware removal guides:
http://tinyurl.com/5xrpft

When all else fails, get guided help. Choose one of the specialty forums
listed at the first link. Register and read its posting FAQ. PLEASE DO NOT
POST LOGS IN THE MS NEWSGROUPS.

Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
FAQ - http://www.elephantboycomputers.com/#FAQ

 

[The Real Truth MVP]

Re: windows update will not run

Use my Remove-it software, it will remove that malware from your system.
Choose yes for all options when prompted. Download it here
http://pcbutts1.com/downloads/tools/tools.htm When done from the same site
download Microsoft's Automatic Update Repair Tool to fix your auto update
issue.


--
Ignore any posts made by the Stalker Leythos, he's still in love with me.
He started stalking me after I spurned his advances towards me.
He said he would stop Stalking me If I stopped mentioning his name.
As you can see that does not work. He is a sick obsessive STALKER.





"Jim Bunton" <wbbr26814@blueyonder.co.uk> wrote in message
news:48eef3f2$0$13867$426a34cc@news.free.fr...
> Windows media centre service pack 3
> iexplorer v 7
>
> Windows update will not run
> Run services.msc
> Check Background Intelligent Transfer Service running - OK
> Check Event Log running - ok
> Check Automatic Updates NOT running
>
> Automatic Updates is disabled and it's start button is greyed out
> Setting the combo to Automatic (or manual) it reverts to disabled
>
> -----------
> RECENT EVENTS - seems like some sort of malware
> IeExplorer Home page began to default to MyWebHunt
> When reset to normal home page on reboot reverted to MyWebHunt
> ---------------
> Googled mywebhunt
> --------
> found:
> http://www.threatexpert.com/report.aspx?uid=dd190d12-5574-4797-8d70-24b662a299ea
> The following Registry Value was modified:. [HKEY_CURRENT_USER\Software\
> Microsoft\Internet Explorer\Main]. Start Page = "http://www.mywebhunt.com"
> ...
>
> reports the folowing registry modifications
> a.. The following Registry Key was created:
> a.. HKEY_LOCAL_MACHINE\SOFTWARE\GodLib
> a.. The newly created Registry Values are:
> a.. [HKEY_LOCAL_MACHINE\SOFTWARE\GodLib]
> a.. FR = "1"
> b.. BootDays = "23"
> b.. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
> a.. NotifyDownloadComplete = "yes"
> c.. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
> a.. [filename of the sample #1 without extension] =
> "%Windir%\[filename of the sample #1]"
>
> so that [filename of the sample #1] runs every time Windows starts
>
> a.. The following Registry Value was modified:
> a.. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
> a.. Start Page = http://www.mywebhunt.com
> ---------
> I HAVE DELETED
> HKEY_LOCAL_MACHINE\SOFTWARE\GodLib
> HKEY_LOCAL_MACHINE\SOFTWARE\GodLib]
> a.. FR = "1"
> b.. BootDays = "23"
> in the entry
> [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
> a.. [filename of the sample #1 without extension] = "%Windir%\[filename
> of
> the sample #1]"
> I found a program named molocha.exe
> AND a copy of it
> in C:\Windows & Documents and Settings .. . \Temp
> CREATED DATE today !!
>
> Deleted the registry entry
> "[filename of the sample #1 without extension] =
> "%Windir%\[filename of the sample #1]" " for this file
>
> AND, after reboot, renamed the C:\windows instance to Xmolocha.exe
> AND deleted it from Documents and Settings\ . . \Temp
>
> ----------
> This has stopped the hijack of the web browser to MyWebHunt
> BUT Internet explorer is occassionally opening new instances with
> seemingly
> random websites.
> --- HELP! ---
>
>
>

 

[David H. Lipman]

Re: windows update will not run

From: "Jim Bunton" <wbbr26814@blueyonder.co.uk>

| Windows media centre service pack 3
| iexplorer v 7

| Windows update will not run
| Run services.msc
| Check Background Intelligent Transfer Service running - OK
| Check Event Log running - ok
| Check Automatic Updates NOT running

| Automatic Updates is disabled and it's start button is greyed out
| Setting the combo to Automatic (or manual) it reverts to disabled

| -----------
| RECENT EVENTS - seems like some sort of malware
| IeExplorer Home page began to default to MyWebHunt
| When reset to normal home page on reboot reverted to MyWebHunt
| ---------------
| Googled mywebhunt
| --------
| found:
| http://www.threatexpert.com/report.aspx?uid=dd190d12-5574-4797-8d70-24b662a299ea
| The following Registry Value was modified:. [HKEY_CURRENT_USER\Software\
| Microsoft\Internet Explorer\Main]. Start Page = "http://www.mywebhunt.com"
| ...

| reports the folowing registry modifications
| a.. The following Registry Key was created:
| a.. HKEY_LOCAL_MACHINE\SOFTWARE\GodLib
| a.. The newly created Registry Values are:
| a.. [HKEY_LOCAL_MACHINE\SOFTWARE\GodLib]
| a.. FR = "1"
| b.. BootDays = "23"
| b.. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
| a.. NotifyDownloadComplete = "yes"
| c.. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
| a.. [filename of the sample #1 without extension] =
| "%Windir%\[filename of the sample #1]"

| so that [filename of the sample #1] runs every time Windows starts

| a.. The following Registry Value was modified:
| a.. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
| a.. Start Page = http://www.mywebhunt.com
| ---------
| I HAVE DELETED
| HKEY_LOCAL_MACHINE\SOFTWARE\GodLib
| HKEY_LOCAL_MACHINE\SOFTWARE\GodLib]
| a.. FR = "1"
| b.. BootDays = "23"
| in the entry
| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
| a.. [filename of the sample #1 without extension] = "%Windir%\[filename of
| the sample #1]"
| I found a program named molocha.exe
| AND a copy of it
| in C:\Windows & Documents and Settings .. . \Temp
| CREATED DATE today !!

| Deleted the registry entry
| "[filename of the sample #1 without extension] =
| "%Windir%\[filename of the sample #1]" " for this file

| AND, after reboot, renamed the C:\windows instance to Xmolocha.exe
| AND deleted it from Documents and Settings\ . . \Temp

| ----------
| This has stopped the hijack of the web browser to MyWebHunt
| BUT Internet explorer is occassionally opening new instances with seemingly
| random websites.
| --- HELP! ---



Please do NOT use Remove-IT from the fake MS MVP.
There are many reasons from the fact it is malicious and it is based upon two plagiarized
utilities to the fact that it will not target the malware you have.

I have seen the malware that you are infected with.

Have you been downloading and installing so-called cracked programs, w-arez or software
cracking utilities ?

The malware I have seen does indeed create the Registry key; HKLM\SOFTWARE\GodLib as
seen in a SandBox
However, I could find no references to it in any malware encyclopedias and there were no
detections for the installer.

The following is your best bet.

Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

Then post the contents of the HJT log in your post in one of the below expert forums...

{ Please - Do NOT post the HJT Log here ! }

Forums where you can get expert advice for HiJack This! (HJT) Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/index.php?showforum=7

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

 

[Leythos]

Re: windows update will not run

In article <KKPHk.2979$as4.2449@nlpi069.nbdc.sbc.com>, toidi@tpap.com
says...
> Use my Remove-it software
>
Read the truth about PCBUTTS online:

http://tinyurl.com/4rruwd


--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

 

[---Fitz---]

Re: windows update will not run

"Leythos" <void@nowhere.lan> wrote in message
news:1223690937_179331@news.usenet.com...
> In article <KKPHk.2979$as4.2449@nlpi069.nbdc.sbc.com>, toidi@tpap.com
> says...
>> Use my Remove-it software
>>
> Read the truth about PCBUTTS online:
>
> http://tinyurl.com/4rruwd
>
>
> --
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)


Very informative...even through the translation.

 

[Leythos]

Re: windows update will not run

In article <OLfsBW1KJHA.5904@TK2MSFTNGP02.phx.gbl>, ---fitz---
@invalid.com says...
> "Leythos" <void@nowhere.lan> wrote in message
> news:1223690937_179331@news.usenet.com...
> > In article <KKPHk.2979$as4.2449@nlpi069.nbdc.sbc.com>, toidi@tpap.com
> > says...
> >> Use my Remove-it software
> >>
> > Read the truth about PCBUTTS online:
> >
> > http://tinyurl.com/4rruwd
> >
>
>
> Very informative...even through the translation.

I wish I could translate the language myself, had to use the google
translation services, it leaves a little to be desired but people can
get the overall story.

--
Leythos - spam999free@rrohio.com (remove 999 to email me)
Public Service Warning: Learn about PCButts before you trust:
http://www.velocityreviews.com/forums/t513604-author-of-removeit.html
http://www.google.com/search?hl=en&q=pcbutts1+thief
http://tinyurl.com/4rruwd

 

[The Real Truth MVP]

Re: windows update will not run

You idiot. That article is in direct response to me putting the pctipp.ch
website in my hosts file. The popularity of my hosts file is growing fast.
Plus they probably didn't like the email I sent them about David Lipman and
hosting his stolen script. They blew me off and ignored me and now that I
done it they are trying to explain why.


--
Ignore any posts made by the Stalker Leythos, he's still in love with me.
He started stalking me after I spurned his advances towards me.
He said he would stop Stalking me If I stopped mentioning his name.
As you can see that does not work. He is a sick obsessive STALKER.





"---Fitz---" <---fitz---@invalid.com> wrote in message
news:OLfsBW1KJHA.5904@TK2MSFTNGP02.phx.gbl...
> "Leythos" <void@nowhere.lan> wrote in message
> news:1223690937_179331@news.usenet.com...
>> In article <KKPHk.2979$as4.2449@nlpi069.nbdc.sbc.com>, toidi@tpap.com
>> says...
>>> Use my Remove-it software
>>>
>> Read the truth about PCBUTTS online:
>>
>> http://tinyurl.com/4rruwd
>>
>>
>> --
>> - Igitur qui desiderat pacem, praeparet bellum.
>> - Calling an illegal alien an "undocumented worker" is like calling a
>> drug dealer an "unlicensed pharmacist"
>> spam999free@rrohio.com (remove 999 for proper email address)
>
>
> Very informative...even through the translation.

 

[Peter Foldes]

Re: windows update will not run

nicht richtig.

That article seems to be correct

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"The Real Truth MVP" <toidi@tpap.com> wrote in message news28Ik.2060$pr6.656@flpi149.ffdc.sbc.com...
> You idiot. That article is in direct response to me putting the pctipp.ch
> website in my hosts file. The popularity of my hosts file is growing fast.
> Plus they probably didn't like the email I sent them about David Lipman and
> hosting his stolen script. They blew me off and ignored me and now that I
> done it they are trying to explain why.
>
>
> --
> Ignore any posts made by the Stalker Leythos, he's still in love with me.
> He started stalking me after I spurned his advances towards me.
> He said he would stop Stalking me If I stopped mentioning his name.
> As you can see that does not work. He is a sick obsessive STALKER.
>
>
>
>
>
> "---Fitz---" <---fitz---@invalid.com> wrote in message
> news:OLfsBW1KJHA.5904@TK2MSFTNGP02.phx.gbl...
>> "Leythos" <void@nowhere.lan> wrote in message
>> news:1223690937_179331@news.usenet.com...
>>> In article <KKPHk.2979$as4.2449@nlpi069.nbdc.sbc.com>, toidi@tpap.com
>>> says...
>>>> Use my Remove-it software
>>>>
>>> Read the truth about PCBUTTS online:
>>>
>>> http://tinyurl.com/4rruwd
>>>
>>>
>>> --
>>> - Igitur qui desiderat pacem, praeparet bellum.
>>> - Calling an illegal alien an "undocumented worker" is like calling a
>>> drug dealer an "unlicensed pharmacist"
>>> spam999free@rrohio.com (remove 999 for proper email address)
>>
>>
>> Very informative...even through the translation.
>

 

[The Real Truth MVP]

Re: windows update will not run

The only thing correct about that article is the spelling of the name
pcbutts1. You people are so dumb and gullible I wonder how you make it
through the day without hurting yourself. I mean they have been complaining
about me for years everyday and every post I make. When are you idiots going
to admit that you have failed, that the reason you keep failing is because
you going after the wrong person. I am NOT Chris butts. You have been after
him for years and nothing has been done. Don't you learn from your mistakes?
apparently not. You have it instilled and burned into you feeble mind
because of one post I made 4 years ago that I am Chris butts. That's why you
are trolls.


--
Ignore any posts made by the Stalker Leythos, he's still in love with me.
He started stalking me after I spurned his advances towards me.
He said he would stop Stalking me If I stopped mentioning his name.
As you can see that does not work. He is a sick obsessive STALKER.





"Peter Foldes" <okf22@hotmail.com> wrote in message
news:%2334b2K%23KJHA.4236@TK2MSFTNGP03.phx.gbl...
nicht richtig.

That article seems to be correct

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"The Real Truth MVP" <toidi@tpap.com> wrote in message
news28Ik.2060$pr6.656@flpi149.ffdc.sbc.com...
> You idiot. That article is in direct response to me putting the pctipp.ch
> website in my hosts file. The popularity of my hosts file is growing fast.
> Plus they probably didn't like the email I sent them about David Lipman
> and
> hosting his stolen script. They blew me off and ignored me and now that I
> done it they are trying to explain why.
>
>
> --
> Ignore any posts made by the Stalker Leythos, he's still in love with me.
> He started stalking me after I spurned his advances towards me.
> He said he would stop Stalking me If I stopped mentioning his name.
> As you can see that does not work. He is a sick obsessive STALKER.
>
>
>
>
>
> "---Fitz---" <---fitz---@invalid.com> wrote in message
> news:OLfsBW1KJHA.5904@TK2MSFTNGP02.phx.gbl...
>> "Leythos" <void@nowhere.lan> wrote in message
>> news:1223690937_179331@news.usenet.com...
>>> In article <KKPHk.2979$as4.2449@nlpi069.nbdc.sbc.com>, toidi@tpap.com
>>> says...
>>>> Use my Remove-it software
>>>>
>>> Read the truth about PCBUTTS online:
>>>
>>> http://tinyurl.com/4rruwd
>>>
>>>
>>> --
>>> - Igitur qui desiderat pacem, praeparet bellum.
>>> - Calling an illegal alien an "undocumented worker" is like calling a
>>> drug dealer an "unlicensed pharmacist"
>>> spam999free@rrohio.com (remove 999 for proper email address)
>>
>>
>> Very informative...even through the translation.
>

 

[---Fitz---]

Re: windows update will not run

"The Real Truth MVP" <toidi@tpap.com> wrote in message
news28Ik.2060$pr6.656@flpi149.ffdc.sbc.com...
> You idiot. That article is in direct response to me putting the pctipp.ch
> website in my hosts file. The popularity of my hosts file is growing fast.
> Plus they probably didn't like the email I sent them about David Lipman
> and hosting his stolen script. They blew me off and ignored me and now
> that I done it they are trying to explain why.
>
>
> --
> Ignore any posts made by the Stalker Leythos, he's still in love with me.
> He started stalking me after I spurned his advances towards me.
> He said he would stop Stalking me If I stopped mentioning his name.
> As you can see that does not work. He is a sick obsessive STALKER.
>
>
>
>
>
> "---Fitz---" <---fitz---@invalid.com> wrote in message
> news:OLfsBW1KJHA.5904@TK2MSFTNGP02.phx.gbl...
>> "Leythos" <void@nowhere.lan> wrote in message
>> news:1223690937_179331@news.usenet.com...
>>> In article <KKPHk.2979$as4.2449@nlpi069.nbdc.sbc.com>, toidi@tpap.com
>>> says...
>>>> Use my Remove-it software
>>>>
>>> Read the truth about PCBUTTS online:
>>>
>>> http://tinyurl.com/4rruwd
>>>
>>>
>>> --
>>> - Igitur qui desiderat pacem, praeparet bellum.
>>> - Calling an illegal alien an "undocumented worker" is like calling a
>>> drug dealer an "unlicensed pharmacist"
>>> spam999free@rrohio.com (remove 999 for proper email address)
>>
>>
>> Very informative...even through the translation.
>

The popularity of your hosts file? You mean the one that installs without
the user knowing what legitimate sites it blocks, even the MVP site? Seems
your fame is international! Way to go! However...stupidity is NOT a life
goal.

 

[Leythos]

Re: windows update will not run

In article <A39Ik.3289$c45.484@nlpi065.nbdc.sbc.com>, toidi@tpap.com
says...
> Ignore any posts made by the Stalker Leythos, he's still in love with me.
> He started stalking me after I spurned his advances towards me.
> He said he would stop Stalking me If I stopped mentioning his name.
> As you can see that does not work. He is a sick obsessive STALKER.
>

Do you really want to trust someone that was banned from posting
directly to Microsoft Usenet servers, someone that has posted links to
pornographic materials on HIS WEBSITE, who's website is in the MVP HOST
Block list, and who provides a tool for your use that will block access
to reputable anti-malware sites without telling you he's doing it?

Do you really want to trust someone that has had to change their posting
identity after being busted by MS as a fake MVP?

Stalking, even in usenet is a crime, there are enough pages from your
filthy site to prove you're stalking me in your posts, I have them
documented and certified authentic - it's your call now Stalker.

--
Leythos - spam999free@rrohio.com (remove 999 to email me)
Public Service Warning: Learn about PCButts before you trust:
http://www.velocityreviews.com/forums/t513604-author-of-removeit.html
http://www.google.com/search?hl=en&q=pcbutts1+thief
http://tinyurl.com/4rruwd