spy sherrif
duke
i can start my computer, however the backgoround does not show up..
i can not click on the start button or anything else..
it basically freezes from there...wat do i do .. hope u can help.
David H. Lipman
Download SmitFraud.exe from the URL --
http://www.ik-cs.com/programs/virtools/SmitFraud.exe
Save SmitFraud.XXX to the desktop.
Rename SmitFraud.XXX to SmitFraud.exe
On the infected PC...
Execute; SmitFraud.exe { Note: You must accept the default of C:\McAfee }
Choose; Unzip
Choose; Close
NOTE: You may have to disable your software FireWall or allow FTP.EXE to go through your
FireWall to enable FTP.EXE to download the needed McAfee related files.
Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }
A final report in HTML format called C:\mcafee\ScanReport.HTML will be generated. At the
end of the scan, it will be displayed in your browser (Opera, FireFox or Internet Explorer).
It is suggested that you move the report out of c:\mcafee before performing another scan.
It would be a good idea to scan in Safe Mode and in Normal Mode and save a copy of the HTML
report for each session.
You should be able execute any program by bringing up the Task Manager bit hitting the "Ctrl
+ Alt + Del" key combo.
Then in Task Manger go to File --> New Task
You can then execute; http://www.ik-cs.com/programs/virtools/SmitFraud.exe
Save the file to; C:\ for convenience.
And then repeat the process to execute; c:\SmitFraud.exe
And then repeat the process to execute; c:\mcafee\clean.bat
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
rstones12
David H. Lipman Wrote:
> From: "duke" du...@discussions.microsoft.com
>
> | my computer has been attacked by this spy sherrif, believed to be a
> spy ware...
> | i can start my computer, however the backgoround does not show up..
> | i can not click on the start button or anything else..
> | it basically freezes from there...wat do i do .. hope u can help.
>
> Download SmitFraud.exe from the URL --
> http://www.ik-cs.com/programs/virtools/SmitFraud.exe
>
>
>
> It is a tool that has been fraudulently copied to make it look like
> this users own tool. Which in fact it is NOT...
--
rstones12
David H. Lipman
>>
>> Download SmitFraud.exe from the URL --
>> http://www.ik-cs.com/programs/virtools/SmitFraud.exe
>>
>> You are using a site that *DOES NOT* have permission to host this file.>
>>
>> It is a tool that has been fraudulently copied to make it look like> this users own tool.
>> Which in fact it is NOT...-- rstones12
I don't know what you are talking about. This is a tool written by me using the Kixtart
script interpreter. it is hosted by Ian Kenefick who I regularly collaborate with. He has
MY permission to host the utility and it is an exclusive right granted by me.
If you are thinking that it is a copy of noahdfear's utility, it doesn't even come close to
being the same. I do know about a Troll [ P C B U T T S 1 ] who has stolen noahdfear's
batch file code. If you came to this conclusion based upon this code ripping problem then I
fully understand your concern. However, and I reiterate, it is NOT a batch file process but
is written completely using the Kixtart script interpreter and is 100% my own code.
I must state that you had better be careful about coming to faux conclusions without *any*
facts !
If you know Dave (aka; noahdfear), ask him about me. ;-)
rstones12
If you know Dave (aka; noahdfear), ask him about me. ;-)
Dave,
I do know Dave (noahdfear, my apologies for any misinterpretation....
This pcbutts had me wound up to no end...
regards...
--
rstones12
Michael Stevens
rstones12 <rstones1...@pcbanter.net> replied with a ;-)
rstones12,
David Lipman is a regular contributor to these newsgroup and is not the
thief and leach pcButts1 (aka, Tom Jones, Ali Akbar, mem, etc, etc., etc.
etc.). David is one of the goodguys. 8-)
It is so condemning that all the files in pcButts1 utility smitrem.zip are
now dated November 24, a day after noahdfear confronted pcButts about his
theft of his intellectual property. You can see the real smitRem.exe at the
link below.
http://noahdfear.geekstogo.com/
I do hope all you guys follow up on documenting his illegal hosting on his
web site to the proper channels and make him aware he cannot get away with
stealing others hard work.
He thinks he is anonymous, but he made a big mistake posting from his
jpl.nasa.gov domain.
Myself and other regular posters can only inform others that come to the
newsgroups for help when a source is not to be trusted, but noahdfear,
miekiemoes, racooper and others who have personally been ripped off have
legal channels to stop pcButts.
--
Michael Stevens MS-MVP XP
xpn...@bogusmichaelstevenstech.com
http://www.michaelstevenstech.com
For a better newsgroup experience. Setup a newsreader.
http://www.michaelstevenstech.com/outlookexpressnewreader.htm
David H. Lipman
| Dave,
| I do know Dave (noahdfear, my apologies for any misinterpretation....
|
| This pcbutts had me wound up to no end...
|
| regards...-- rstones12
Thanx ! apology accepted with no problems. I'm glad we have this all cleared up.
I'm also glad to see you are supporting Dave (Aka; noahdfear) against the code-ripping jerk
and Troll PCB....
David H. Lipman
|
| rstones12,
| David Lipman is a regular contributor to these newsgroup and is not the
| thief and leach pcButts1 (aka, Tom Jones, Ali Akbar, mem, etc, etc., etc.
| etc.). David is one of the goodguys. 8-)
< snip >
Thanx Michael !
duke
msn explorer, but i dont' know how to open that up with task manager..and if
i can't open that (msn explorer) then i can't download that file.. any other
way?
David H. Lipman
| David there is another problem.. explorer doesn't start up .. i've been using
| msn explorer, but i dont' know how to open that up with task manager..and if
| i can't open that (msn explorer) then i can't download that file.. any other
| way?
You should be able execute any program by bringing up the Task Manager bit hitting the
"Ctrl + Alt + Del" key combo.
Then in Task Manger go to File --> New Task
You can then execute; explorer.exe
You can also execute; userinit.exe
Michael Stevens
Michael Stevens <mste...@bogusmvps.org> replied with a ;-)
This is an addendum for those that missed the thread where pcButts was
busted big time and then made a lame post attempting to validate his obvious
lies and attempts to destort the truth.
<paste>
For someone so innocent, you sure look guilty. I find it curious that all
the files in your smitrem.zip files all have the time stamp of 10/24/2005
all updated between 8:38 AM to 8:40 AM, a day after noahdfear exposed you as
a thief of his intellectual property.
The files in your(pcbutts) zip have the same size but a different time
stamp: pcButts files because you had to remove the reference to "noahdfear"
you missed when you originally plagerized the file.
delfiles.cmd 4KB 10/24/2005 8:40 AM
Process.exe 52 KB 10/24/2005 8:39 AM
replace.cmd 17 KB 10/24/2005 8:39 AM
RunThis.bat 227KB 10/24/2005 8:37 AM
swreg.exe 42 KB 10/24/2005 8:38 AM
The files in his smitRem.exe have time stamp dates of:
delfiles.cmd 4KB 7/23/2005 3:04 AM
Process.exe 52 KB 6/5/2005 9:13 PM
replace.cmd 17 KB 7/23/2005 8:18 AM
RunThis.bat 227KB 10/14/2005 5:06 PM
swreg.exe 42 KB 10/7/2005 8:29 PM
Who can you believe?
pcButts, who now has password protection to block access to his alleged
legitimate files to domains such as mine and anyone that questions his
claims he is the author of software he has stolen and does not have
authorization to host on his web site.
I believe the example above is a very telling example of his attempts to
distort the truth.
I am very dismayed that the people at jpl.nasa.gov can allow this type of
devious individual that steals the intellectual properties of software
authors to be associated and defame their obvious perceived but now
questionable integrities.
duke
and then the programs do not respond.. is there anything else i can do ?
David H. Lipman
| major problem.. i cannot acces the internet.. the computer starts to stall
| and then the programs do not respond.. is there anything else i can do ?
|
I don't know.
You haven't decribed how far you have gone, what you have done and what you are
experiencing. That and the fact it takes 24hrs for replies to come in.
Alias Smith
or just email me at fivXeco...@yXahoo.com Remove the triple X to
respond.
"duke" <du...@discussions.microsoft.com> wrote in message
news:97A7CA31-4F8F-415D...@microsoft.com...
Michael Stevens
"Alias Smith" <a...@jones.com> wrote in message
news:ummitG22...@tk2msftngp13.phx.gbl...
>I can fix your problem but you will have to post your mungled email address
>or just email me at fivXeco...@yXahoo.com Remove the triple X to
>respond.
>
>
Why would anyone trust an unknown source for help when trusting an unknown
source probably got them in the shape they are in?
Alias Smith AKA pcbutts is not to be trusted. LOL Does he actually think
someone believes his crap.
--
Michael Stevens MS-MVP XP
xpn...@bogusmichaelstevenstech.com
http://www.michaelstevenstech.com
For a better newsgroup experience. Setup a newsreader.
http://www.michaelstevenstech.com/outlookexpressnewreader.htm
>
>
>
>
>
Alias Smith
send attachments if they are allowed. Is this a private group? I didn't know
that everybody here knew each other. It's not like that in other groups.
"Leythos" <vo...@nowhere.lan> wrote in message
news:QUf8f.160921$lI5....@tornado.ohiordc.rr.com...
> In article <ummitG22...@tk2msftngp13.phx.gbl>, a...@jones.com
> says...
>> I can fix your problem but you will have to post your mungled email
>> address
>> or just email me at fivXeco...@yXahoo.com Remove the triple X to
>> respond.
>
> Anyone that needs help does not need to take it to email and then be
> subjected to unknown help from an unknown person. If you are afraid to
> help in the public then you've got something to hide - wonder what that
> is?
>
> --
>
> spam9...@rrohio.com
> remove 999 in order to email me
Alias Smith
because the other guy was getting nowhere. Have any of you made any offer of
help?
"Michael Stevens" <mste...@bogusmvps.org> wrote in message
news:efFnao22...@TK2MSFTNGP09.phx.gbl...
Alias Smith
"Leythos" <vo...@nowhere.lan> wrote in message
news:Txg8f.160937$lI5....@tornado.ohiordc.rr.com...
> In article <#w0F3o22...@TK2MSFTNGP09.phx.gbl>, a...@jones.com says...
>> Who are you? can you help him? are attachments allowed in this group? I
>> can
>> send attachments if they are allowed. Is this a private group? I didn't
>> know
>> that everybody here knew each other. It's not like that in other groups.
>
> In Usenet you don't post that you can help someone if they email you -
> since this is PUBLIC and not email, not private, then you help them here
> in public where everyone can benefit from your experience and help.
>
> It also means that you are ethical and not going to back-door the person
> seeking help.
>
> It's also a way for others to help you learn.
>
> If you need them to post logs/hijack files, there are public Forums for
> that as well as Usenet groups for it.
>
> In most cases posting of logs is not needed.
>
> So, when there is a PUBLIC post seeking help, all the red flags go up
> when you ask them to contact you privately for the help they need -
> especially when we all do it publically here all the time.
Michael Stevens
Alias Smith <a...@jones.com> replied with a ;-)
> What is this who is pcbutt1, are all MS groups like this. I offered
> to help because the other guy was getting nowhere. Have any of you
> made any offer of help?
>
>
<groan> That would be you, but I guess you have changed your name so much
you are now having an identity crisis. BTW, you are pcbutts1, not pcbutt1.
So sad you continue this pathetic charade after being so thoroughly
documented as a thief of noahdfear's intellectual property.
Are you really so stupid to think password protecting your web site makes
you look less guilty? Plus, I guess this really put a big hit in your web
site revenue. You really must have something you don't want people to see.
LOL You need not bother, we already have all the files you plagiarized
before you were confronted by the real author of smitRem.exe. The more you
post, the more you validate you're a fraud and the deeper you dig your
grave.
Oh! BTW, it's munged, not mungled. But it was good advice if you had got it
right. LOL
Nightowl
>Who are you? can you help him? are attachments allowed in this group? I can
>send attachments if they are allowed. Is this a private group? I didn't know
>that everybody here knew each other. It's not like that in other groups.
http://groups.google.com/group/microsoft.public.windowsxp.general/msg/1afc7fb15bdd81e6
Why, pcbutts1, suffering an attack of amnesia? Never mind, surely you
should know by now that everyone in this group knows *you*, posting
from:
NNTP-Posting-Host: ppp-69-229-163-39.dsl.bkfd14.pacbell.net 69.229.163.39
You see, you did the same posting as "Jim" <jim...@wahoo.net>, in the
thread "Not able to remove spy wallpaper" where you were revealed as a
thief. You even helpfully identified yourself, writing:
>I, pcbutts1, want to set the record straight>
http://groups.google.com/group/microsoft.public.windowsxp.general/msg/5c79b962a256394b
So don't bother trying to deny "Alias Smith" is the latest in the long
line of your multiple personalities.
LOL
--
Nightowl
Alias Smith
"Nightowl" <owl@[127.0.0.1]> wrote in message
news:FNCaWpby...@black.hole...
Alias Smith
to dispute it he will have to sue me. My hosting company has closed the
case.
"Michael Stevens" <mste...@bogusmvps.org> wrote in message
news:uYx7Gn42...@TK2MSFTNGP09.phx.gbl...
duke
icons.. however i cannot click on anything
not even the start button. i tried wat u told me with the crtl, alt, del,
but wen i enter it in "new task" it says it cannot be found. I was having
problems with explorer prior to this...it would just close automatically.. so
i used msn explorer instead
with "new tast" i can open msn explorer but i can't sign in.. there mite be
a problem with internet connection..i use wireles with a router.. waiting for
help.
David H. Lipman
| David i can start my computet, i dont' see my background but i can see the
| icons.. however i cannot click on anything
| not even the start button. i tried wat u told me with the crtl, alt, del,
| but wen i enter it in "new task" it says it cannot be found. I was having
| problems with explorer prior to this...it would just close automatically.. so
| i used msn explorer instead
| with "new tast" i can open msn explorer but i can't sign in.. there mite be
| a problem with internet connection..i use wireles with a router.. waiting for
| help.
You should be able execute any program by bringing up the Task Manager bit hitting the
"Ctrl + Alt + Del" key combo.
Then in Task Manger go to File --> New Task
You can then execute; c:\windows\explorer.exe
You can also execute; c:\windows\system32\USERINIT.EXE
You can also execute; "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
http://www.ik-cs.com/programs/virtools/SmitFraud.exe
and save SmitFraud.exe to c:\
You can then execute; c:\SmitFraud.exe { you must accept the default of C:\AV-CLS }
You can then execute; C:\AV-CLS\StartMenu.BAT
noahdfear
"Alias Smith" wrote:
> I already proved to my hosting company that the file was mine. If he wants
> to dispute it he will have to sue me. My hosting company has closed the
> case.
You did not prove anything, but I did, and I will again. You know I dispute
it and you know you wrote nothing except for your name in place of mine. See
you in court!
David,
It's likely that wininet is infected and has explorer shut down. If he can
get smitRem.exe on a floppy, or even the replace.cmd and delfiles.cmd files,
copy them to C: via task manager, then run replace.cmd and reboot, if there's
a good copy on the drive the infected file will be replaced and explorer and
IE should both work again.