Not able to remove spy wallpaper
Nick
My computer was infected with spyware, I already use microsoft
anti-spyware and ad-adware. But still not able to remove the problem
with my wallpaper as well as my homepage. when I tried to change the
wallpaper on my desktop, it didn't even give me that option. I cannot
click on anything to change it. Please help. thank you.
nick
Malke
Here are general malware removal steps which you may want to go through:
http://www.elephantboycomputers.com/page2.html#Removing_Malware
And here is information on fixing the desktop wallpaper set by malware:
Go to the Display applet in Control Panel and look on the Desktop tab.
Click on Customize Desktop, and then click on the Web tab. You will see
that there are checkmarks next to "My Current Home Page" and probably
"Lock Desktop Items". Uncheck these. By highlighting the "My Current
Home Page" and clicking on the Properties button, you will be able to
determine the name of the file that is the message. It might be called
something like "security.html" or the like.
Click Apply and OK out when you've made your changes. Then you want to
find the *.html malware file and delete it.
If you can't enable desktop backgrounds after a virus, MVP Kelly Theriot
has a fix. Look under Wallpaper-Desktop-Disable Changing here:
http://www.kellys-korner-xp.com/xp_w.htm
If Display tabs are missing, run Kelly's registry edit on line 285,
right-hand side "Restore all display tabs".
Malke
--
MS-MVP Windows User/Shell
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic"
Ali Akbar
You may want to print out or make a copy of these instructions before
starting, because you will not be able to connect to the internet during
most of this fix.
Please download smithrem.zip and save it to your desktop
http://216.122.228.48/downloads/smithrem.zip
Right click on the file and extract it to its own folder on the desktop.
Please download, install, and update the free version of Ewido Security
Suite:
When installing, under "Additional Options" uncheck "Install background
guard" and "Install scan via context menu"
http://216.122.228.48/downloads/ewidosetup.exe .
From the main Ewido screen, click on update in the left menu, then click the
Start update button.
After the update finishes, the status bar at the bottom will display "Update
successful"
Exit Ewido. DO NOT run a scan yet.
If you do not already have Ad-Aware SE 1.06 installed, download
http://216.122.228.48/downloads/aawsepersonal.exe
Again, do NOT run a scan yet.
Next, please reboot your computer in Safe Mode by doing the following:
Restart your computer
After hearing your computer beep once during startup, but before the Windows
icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.
Now scan with HJT http://216.122.228.48/downloads/HijackThis1.zip and place
a checkmark next to each of the following items if available:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http:://www.quicknavigate.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http:://www.quicknavigate.com/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http:://www.quicknavigate.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http:://www.quicknavigate.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http:://www.quicknavigate.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http:://www.quicknavigate.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page
=http:://www.quicknavigate.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http:://www.startsearches.net/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http:://www.startsearches.net/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http:://www.startsearches.net/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http:://www.startsearches.net/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http:://www.startsearches.net/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http:://www.startsearches.net/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
http:://www.startsearches.net/
O2 - BHO: VMHomepage Class - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF} -
C:\WINDOWS\System32\hp6DD8.tmp
O4 - HKCU\..\Run: [WindowsFY] c:\wp.exe
O4 - HKCU\..\Run: [WindowsFY] c:\bsw.exe
O4 - HKLM\..\Run: [WindowsFZ] C:\WINDOWS\ZLOADER3.EXE
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security
iGuard\Security iGuard.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O9 - Extra button: Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} - C:\WINDOWS\System32\wldr.dll
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} - C:\WINDOWS\System32\wldr.dll
O9 - Extra button: Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} - C:\WINDOWS\System32\wldr.dll (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} - C:\WINDOWS\System32\wldr.dll (HKCU)
Delete any other malware files not associated with the smitfraud variants
and SpySheriff.
Open the smithrem folder, then double click the RunThis.bat file to start
the tool. Follow the prompts on screen. Your desktop and icons will
disappear and then reappear again ---this is normal.
Wait for the tool to complete and Disk Cleanup to finish --- this may take a
while; please be patient.
Next, run Ad-aware and perform a full scan. Remove everything found.
Now open Ewido Security Suite
Click on Scanner
Click on Complete System Scan and the scan will begin.
NOTE: During some scans with ewido it is finding cases of false positives.
You will need to step through the process of cleaning files one-by-one. If
ewido detects a file you KNOW to be legitimate, select none as the action.
DO NOT select "Perform action on all infections"
When the scan is finished, click the Save report button at the bottom of the
screen.
Save the report to your desktop
Close Ewido
Next go to Start -> Control Panel, click Display -> Desktop -> Customize
Desktop -> Web -> Uncheck "Security Info" if present.
Restart your computer in normal mode.
Run Panda's online virus scan and perform a full system scan
http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm .
Make sure the Autoclean box is checked!
Finally, restart your computer once more, and please post a new HijackThis
log as well as the log from the Ewido scan and the log from the smitRem
tool, which will be located at C:\smitfiles.txt.
Let me know if any problems persist.
"Nick" <nichola...@gmail.com> wrote in message
news:1129770033....@g14g2000cwa.googlegroups.com...
Blake Handler
BEFORE YOU DOWNLOAD MORE STUFF!
While many people now know to keep their AntiSpyware programs updated --
most are oblivious that the software's default settings do NOT scan for all
possible problems!
Software manufactures state that users donāt want to wait a long time for
scanning, so they choose a (quicker) default scanning time. So to "properly"
configure the software:
--------------------------------------------------------------------------------
Lavasoftās AdAware
1) Launch program and check for (& install) updates [click on "Check for
updates now" -- click "Connect" to continue, then "Finish"]
2) Click "Start" to begin scanning.
3) The first time requires that we configure the settings -- click on
"Customize" (Change all items that are RED "X" (not grey) to GREEN "Check")
-- Select ALL of your local hard drives
4) Click "Customize" to select this type of scanning
5) Click "Next" to begin scanning.
--------------------------------------------------------------------------------
Microsoftās AntiSpyware
1) Launch program and check for (& install) updates (under the File
pull-down menu)
2) Click on āScan Optionsā
3) Select āRun a full system scanā
4) Ensure that all check boxes are selected (as well as ALL of your local
hard drives)
5) Click on āSave these optionsā then āRun Scan Nowā
Nepatsfan
Nick,
I'm posting this reply for your benefit as well as anyone else
who may read it.
Never, ever download a program or file from a link that starts
with an IP address. If the URL doesn't include the entire
domain name, somebody may be trying to hide something.
Whenever you're advised to download anything in these forums,
make sure that you're directed to a trusted source or the
developer's web site. The link that Malke gave you does exactly
that. Her site includes links to web sites where you can
download legitimate versions of the latest release of those
programs. Downloading and running a program from an anonymous
source could make a bad situation worse than it already is.
The links that have been posted by "Ali Akbar" direct you to
the web site of someone who previously posted under the name
pcbutts1. Pcbutts1 is an arrogant, delusional fraud who is a
well known menace in these newsgroups. Anything associated with
him or his personal web site should be viewed as being highly
suspect.
Good luck
Nepatsfan
Nepatsfan
creative than "Ali Akbar". Hopefully, your friend Leythos will
stop by to say hello.
Nepatsfan
Tom Jones
the problem and it works. Not guesses, and your reply certainly does not fix
the issue. If you don't know the answer then don't reply. All you are doing
is throwing accusations around that cannot be proven because you don't like
the guy. This helps no one. Prove that those files are bad and then maybe I
will believe you.
"Nepatsfan" <nepa...@SBXXXIX.com> wrote in message
news:Y7adnV_SNvV...@comcast.com...
Nepatsfan
matter of "I don't trust the guy". Anyone who has to post under
different names raises my suspicions. For instance, do these
look familiar?
NNTP-Posting-Host: cbuttsmac.jpl.nasa.gov 128.149.220.108
NNTP-Posting-Host: macosxpcb.jpl.nasa.gov 128.149.220.108
The first is from a message posted to this newsgroup on 10/16
by "mem", one of the known aliases used by pcbutts1. The second
is from your message. What a shock! What happened? Did
Microsoft and your ISP conspire against you so that you can't
post from home as pcbutts1? Is that why you're now posting as
"Ali Akbar"? For a self-proclaimed "security expert", you don't
do a very good job of hiding your tracks.
The problem I have with you is that you participate in these
newsgroups for all the wrong reasons. You're not here to help
people. You're not here to share your knowledge for the benefit
of others. You're here to pump up your fragile ego. You try to
leave people with the impression that you, and only you, know
all the answers. Instead of setting up a web site with a
tutorial that includes links to the site of the developer's who
actually wrote the programs you recommend, you try to leave
unsuspecting users with the impression that those are your
programs. If your advice consisted of links to the developer's
web site along with legitimate sites to post HijackThis logs,
you wouldn't find yourself being treated like a pariah.
These newsgroups are communities where people can share
information and ideas. Like all communities, there are rules,
both written and unwritten, that are meant to maintain some
sense of order. They're not your personal forums. As soon as
you start following those guidelines, you'll stop hearing from
people who object to your behavior. Until that time, you're
going to have to learn to live with, as you put it, being
"stalked" and "persecuted".
Nepatsfan
Plato
Best bet is NOT to install spyware in the first place. As, even if you
remove it, the damage it causes often remains.
Nick
try it out now.
Michael Stevens
Nepatsfan <nepa...@SBXXXIX.com> replied with a ;-)
Well put Nepatsfan,
Consider this the equivalent of neighborhood watch. None of us really have
the power to physically do anything about pcButts and his many personas, but
we can make the unsuspecting poster aware of his agenda and level the
playing field.
There is something inherently suspicious about someone that is not willing
to play by the rules, especially internet and newsgroup rules that are
probably the most lenient of all restrictions you will ever encounter, which
also makes the online community so venerable to the likes of pcButts.. We
have to self medicate when a disease like pcbutts is detected and protect
the unknowing public of the potential danger.
--
Michael Stevens MS-MVP XP
xpn...@bogusmichaelstevenstech.com
http://www.michaelstevenstech.com
For a better newsgroup experience. Setup a newsreader.
http://www.michaelstevenstech.com/outlookexpressnewreader.htm
Incognitus
"Michael Stevens" <mste...@bogusmvps.org> wrote in message
news:OVHlLYi1...@tk2msftngp13.phx.gbl...
It also makes one wonder about his role with nasa.gov, janitor perhaps.
Tom Jones
working verified direct solutions that work. You can't dispute that, nobody
can because my answers are correct. Since my answers can't be disputed you
lamers have to attack the way I give my answers. Do you really think the
person with the problems care about whether he clicks thru a manufactures
site just to download a free program?.They want the problem fixed which is
why they came here in the first place. They want answers. They do not ant to
be shoved off to another forum or website, have to register, retype their
issue, then wait again for another answer, in the mean time they still have
a problem. When you send them to a link and say try this, this may help,
those are guesses and there is nothing wrong with that because there is an
attempt to fix the problem. Sending them to another group to ask again is
not helping. I give answers. My answers have never been wrong. You ,Leythos,
David, Max, and now Nepatsfan have nothing better to do but attack me. I
changed my name to stay away from people like you and this group has been
better off because of it. I have made well over 25 posts to this group alone
this week and because you did not know who was me everything was ok. Why is
it such a big deal to you where I work? Is it because there is nobody to
complain too? are you afraid someone going to be knocking at your door?.
Thank you for reading my headers, you pointed out a mistake in my host name
so I changed it. All of you are acting like little jealous kids and you need
to grow up. You have already admitted that you can't stop me so why do you
insist on wasting you time trying. Don't hate the player hate the game.
"Michael Stevens" <mste...@bogusmvps.org> wrote in message
news:OVHlLYi1...@tk2msftngp13.phx.gbl...
Nepatsfan
Thanks, Michael.
You're right on the money with the "self medicate" advice. And
with a name like pcbutts1, Preperation H might just do the
trick.
Nepatsfan
Nepatsfan
was correct. You only participate in these newsgroups to boost
your fragile ego. Who are you kidding! You're not here to help
people. If you were, you wouldn't be directing people to
download programs from your personal web site. Let's consider
why these people are asking for assistance. The vast majority
of the questions you respond to are posted by people who
somehow downloaded and installed a piece of spyware. They
blindly trusted that the application was benign. So what do you
do? You tell them to do the exact same thing, download an
unknown application from an unknown web site. Instead of
educating them on how to protect themselves from internet
pests, you simply reinforce the behavior that got them in
trouble in the first place.
As for directing people to the developer's web site, I don't
know how long you've been in this country but in the USA
there's such a thing as respecting the rights that other people
have to their property, both real and intellectual. I know if
it was my work you were stealing, the ISP hosting your web site
would be hearing from my lawyer.
This statement of yours says it all, "I give answers. My
answers have never been wrong". That's priceless! No one who
participates in these newsgroups would make that statement if
they weren't dangerously arrogant. Do you know what the worst
flaw of a truly arrogant individual is? Nothing is ever their
fault. It's always someone else who messed up. They can never
admit they made a mistake. It's that flaw that makes them a
poor source of advice. When their suggested course of action
goes awry, they walk away from the chaos they've helped create
and blame it on the person who asked for their assistance.
You might want to take some of your own advice. Grow up! Start
acting like a responsible adult and you'll be treated like one.
Nepatsfan
Tom Jones
program. The program I told him to get can ONLY be download from me because
I wrote it. You have a lot to learn about spyware, what it does and how to
remove it. It is obvious to me that you know NOTHING!. I have a right to be
arrogant when people like you attack my character and accuse me of illegally
hosting files and stealing others work. If I was stealing work and illegally
hosting files then the Author of those files would make me stop. The fact
of the matter is You think I am pcbutts1, your ignorance thinks that that is
my real name so when you report me you tell them that pcbutts1 is doing this
illegally. Their initial reaction is to deny that I have permission. When
they contact me and I identify myself then everything is ok. Why the hell do
you think I am still doing it. Do you think people like Lavasoft, PepiMK,
Ewido, Steve Gould, Steve Gibson, Sysinternals, Ipswitch, Cederick,
Symantec, Watchnet, Network Solutions, and the 20 or so other vendors,
authors, and manufactures I do business with are Idiots? Let me see you
hosts somebody's files and watch how fast it gets snatched. They don't play
around. Your problem is you are pissed because you can't stop me and you
can't prove anything because I have done nothing wrong.
Are far as my name changing, it was done at the request of MS to avoid flame
wars in their NG by people like you and to not embarrass those MVP's
including Mr. Eddy because of their bias in this situation and my name
changes only in the MS NG.
Now get lost.
"Nepatsfan" <nepa...@SBXXXIX.com> wrote in message
news:UK6dnaaikdreBcfe...@comcast.com...
Tom Jones
"Leythos" <vo...@nowhere.lan> wrote in message
news:Ljz6f.147355$lI5....@tornado.ohiordc.rr.com...
> In article <#bLhpc11...@tk2msftngp13.phx.gbl>, t...@nowaay.net
> says...
>> Subject: Re: Not able to remove spy wallpaper
>> From: Tom Jones <t...@nowaay.net>
>> Newsgroups: microsoft.public.windowsxp.general
>>
>> Why don't you tell the op how to fix his system without downloading a
>> program. The program I told him to get can ONLY be download from me
>> because
>> I wrote it. You have a lot to learn about spyware, what it does and how
>> to
>> remove it. It is obvious to me that you know NOTHING!. I have a right to
>> be
>> arrogant when people like you attack my character and accuse me of
>> illegally
>> hosting files and stealing others work. If I was stealing work and
>> illegally
>> hosting files then the Author of those files would make me stop.
>
> And it appears from what we've seen that vendors are asking you to stop,
> and that some have even posted here asking it. For most of them, going
> after some KID/JA doing this is not worth their time or expense as
> you're about as small-potatoes as it gets. If they see that you are
> gaining more downloads and such, that you become a real PITA, they will
> go to your hosting company - which has clear rules about hosting files.
>
>> The fact
>> of the matter is You think I am pcbutts1, your ignorance thinks that that
>> is
>> my real name so when you report me you tell them that pcbutts1 is doing
>> this
>> illegally. Their initial reaction is to deny that I have permission. When
>> they contact me and I identify myself then everything is ok. Why the hell
>> do
>> you think I am still doing it. Do you think people like Lavasoft, PepiMK,
>> Ewido, Steve Gould, Steve Gibson, Sysinternals, Ipswitch, Cederick,
>> Symantec, Watchnet, Network Solutions, and the 20 or so other vendors,
>> authors, and manufactures I do business with are Idiots?
>
> As for you hosting files, it doesn't matter what NAME you post under,
> the vendors go by your hosting company/address where you host them -
> they don't care what name you use.
>
> How come you can't explain why they still say you have no permission to
> host those files?
>
>> Let me see you
>> hosts somebody's files and watch how fast it gets snatched. They don't
>> play
>> around.
>
> Wrong, most of us, that do host files, properly posts links to a web-
> page showing the VENDORS links or a web-page that is a properly
> identified MIRROR for the vendor. Your site is not a link or mirror for
> anyone - and you don't show up on their sites as a mirror either.
>
>> Your problem is you are pissed because you can't stop me and you
>> can't prove anything because I have done nothing wrong.
>
> The nice thing is that we don't have to STOP you, all we have to do is
> point out how unethical your actions are, and that you violate security
> norms by asking people to download files without any proof they are the
> real files.
>
>> Are far as my name changing, it was done at the request of MS to avoid
>> flame
>> wars in their NG by people like you and to not embarrass those MVP's
>> including Mr. Eddy because of their bias in this situation and my name
>> changes only in the MS NG.
>
> No moderator/admin at MS asked you to change your name - they did start
> killing your posts under the PCBUTTS1 nickname. You can't post to the MS
> groups under the PCBUTTS1 name because they will delete it - maybe you
> should ask why the rest of us can when you are not able - consider your
> actions and what they earned you.
>
>
> --
>
> spam9...@rrohio.com
> remove 999 in order to email me
Nepatsfan
Dave's World
http://www.noahdfear.geekstogo.com/
Smitrem.exe
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1
It's amazing how similar his program is to the one you say you
wrote.
In case you're not familiar with the term, that's plagiarism. I
can think of only a few things in this world that are worse
than being a plagiarist. And please don't tell me you're Dave.
This split personality thing you've got working is starting to
get out of hand.
Or how about Microsoft. Did you ask them for permission to
include taskkill.exe as part of your smithrem.zip folder?
Taskkill.exe is only included with the XP Professional Support
Tools. There's no way you got permission to provide a Microsoft
product through your web site.
Nepatsfan
noahdfear
Nepatsfan Wrote:
> Did you ask this guy before you stole his program?
>
> Dave's World
> http://www.noahdfear.geekstogo.com/
>
> Smitrem.exe
>
> It's amazing how similar his program is to the one you say you
> wrote.
>
> In case you're not familiar with the term, that's plagiarism. I
> can think of only a few things in this world that are worse
> than being a plagiarist. And please don't tell me you're Dave.
> This split personality thing you've got working is starting to
> get out of hand.
>
> Or how about Microsoft. Did you ask them for permission to
> include taskkill.exe as part of your smithrem.zip folder?
> Taskkill.exe is only included with the XP Professional Support
> Tools. There's no way you got permission to provide a Microsoft
> product through your web site.
>
> Nepatsfan
>
> Why don't you tell the op how to fix his system without
> downloading a program. The program I told him to get can
> ONLY be download from me because I wrote it. You have a lot
> to learn about spyware, what it does and how to remove it.
> It is obvious to me that you know NOTHING!. I have a right
> to be arrogant when people like you attack my character and
> accuse me of illegally hosting files and stealing others
> work. If I was stealing work and illegally hosting files
> then the Author of those files would make me stop.
Tom Jones, pcbutts1, Ali Akbar, whatever you choose to call yourself,
You did not write the smitRem (or smithrem as you have renamed it), I
did. I see you have updated it to the latest version however, which is
2.7 and uses swreg.exe and process.exe instead of the MS files reg.exe
and taskkill.exe........problem is, you're such an idiot that you
failed to replace my name with yours everywhere it appears in the tool.
I'd bet you don't even know where swreg comes from..........or why it's
required.
Please remove my tool from your site, and refrain from stealing other
people's work in the future. You should also stop illegally hosting
known trusted applications, such as Spybot and Ad-aware, without their
consent. It's all just very unethical and will gain you nothing but a
reputation for the same.
--
noahdfear
flrman1
I'm just backing up noahdfear here. I have personally witnessed the
development of the smitrem tool and even participated in it's
development somewhat indirectly. I do know for a fact that he is the
author and you are not Tom Jones, pcbutts1 or whoever the heck you are.
I can guarantee you that this little charade of yours is going to get a
lot of attention now and the appropriate actions will be taken. Your
days are numbered!
noahdfear Wrote:
> Tom Jones, pcbutts1, Ali Akbar, whatever you choose to call yourself,
>
> You did not write the smitRem (or smithrem as you have renamed it), I
> did. I see you have updated it to the latest version however, which is
> 2.7 and uses swreg.exe and process.exe instead of the MS files reg.exe
> and taskkill.exe........problem is, you're such an idiot that you
> failed to replace my name with yours everywhere it appears in the tool.
> I'd bet you don't even know where swreg comes from..........or why it's
> required.
>
> Please remove my tool from your site, and refrain from stealing other
> people's work in the future. You should also stop illegally hosting
> known trusted applications, such as Spybot and Ad-aware, without their
> consent. It's all just very unethical and will gain you nothing but a
> reputation for the same.
--
flrman1
racooper
noahdfear Wrote:
> Tom Jones, pcbutts1, Ali Akbar, whatever you choose to call yourself,
>
> You did not write the smitRem (or smithrem as you have renamed it), I
> did. I see you have updated it to the latest version however, which is
> 2.7 and uses swreg.exe and process.exe instead of the MS files reg.exe
> and taskkill.exe........problem is, you're such an idiot that you
> failed to replace my name with yours everywhere it appears in the tool.
> I'd bet you don't even know where swreg comes from..........or why it's
> required.
>
> Please remove my tool from your site, and refrain from stealing other
> people's work in the future. You should also stop illegally hosting
> known trusted applications, such as Spybot and Ad-aware, without their
> consent. It's all just very unethical and will gain you nothing but a
> reputation for the same.
I also have to insist that you remove *nailfix.exe* from your download
site. Neither I, nor Swandog46, nor Miekemoes have authorized you to
host this file. Considering the number of unauthorized files you are
hosting, I will be contacting your ISP and hosting provider to have
your site suspended until the unauthorized files are removed. I am
aware that Lavasoft, Microsoft and other publishers/authors of the
unauthorized downloads you are hosting are being contacted, and several
of those are in a position to pursue legal action as well.
--
racooper
miekiemoes
Tom Jones Wrote:
> The program I told him to get can
> ONLY be download from me because I wrote it.
If YOU wrote the program.. How does it come I don't know you? And why
is my name in it then??
I hope you'll learn your lesson very soon!!!!
--
miekiemoes
Kat
As an Administrator for GeeksToGo.com, I can personally vouch for
noahdfears' credibility. Not only is he a fellow Staff member, he is
also a close personal friend. I have personally witnessed the creation
of this tool, as well as all subsequent updates and revisions. I even
sat on the phone talking to Dave not long ago as he worked on this last
update.
It is pathetic and sad that you continue to try and claim this work as
your own. After visiting your site, I recognized more than 20
programs/tools that you do NOT own, did NOT write, and I guarantee do
NOT have authorization to be offering for download.
Count me in as another person contacting the proper authorities
tomorrow, both online ones, and ones in your hometown.
Kat
GeeksToGo.com Admin Team
noahdfear Wrote:
> Tom Jones, pcbutts1, Ali Akbar, whatever you choose to call yourself,
>
> You did not write the smitRem (or smithrem as you have renamed it), I
> did. I see you have updated it to the latest version however, which is
> 2.7 and uses swreg.exe and process.exe instead of the MS files reg.exe
> and taskkill.exe........problem is, you're such an idiot that you
> failed to replace my name with yours everywhere it appears in the tool.
> I'd bet you don't even know where swreg comes from..........or why it's
> required.
>
> Please remove my tool from your site, and refrain from stealing other
> people's work in the future. You should also stop illegally hosting
> known trusted applications, such as Spybot and Ad-aware, without their
> consent. It's all just very unethical and will gain you nothing but a
> reputation for the same.
--
Kat
John_L
Kat Wrote:
> As an Administrator for GeeksToGo.com, I can personally vouch for
> noahdfears' credibility. Not only is he a fellow Staff member, he is
> also a close personal friend. I have personally witnessed the creation
> of this tool, as well as all subsequent updates and revisions. I even
> sat on the phone talking to Dave not long ago as he worked on this last
> update.
> It is pathetic and sad that you continue to try and claim this work as
> your own. After visiting your site, I recognized more than 20
> programs/tools that you do NOT own, did NOT write, and I guarantee do
> NOT have authorization to be offering for download.
> Count me in as another person contacting the proper authorities
> tomorrow, both online ones, and ones in your hometown.
>
> Kat
> GeeksToGo.com Admin Team
1234567899
--
John_L
P3-450
What a complete utter idiot you really are
You think you can get away with claiming this to be your work when it's
clearly not?
What's wrong, are you jealous of noahdfear's hard work so you have to
STEAL it?
Just give it up, we out number you big time.
As said above the proper authorities will be contacted.
--
P3-450
therock247uk
> Originally Posted by Tom Jones
> The program I told him to get can
> ONLY be download from me because I wrote it
You did not make the program I hope you get whats coming to you. You
sad pathetic losser.
--
therock247uk
rstones12
> Originally Posted by Tom Jones
> The program I told him to get can
> ONLY be download from me because I wrote it
>
USERS BEWARE
Tom Jones, pcbutts1, Ali Akbar or what ever this lowlifes user name
is:
IS A FRAUD A LIAR AND A THIEF....
The proper authorities will be notified and you will not have a pot to
**** in.
Clean up that.....
--
rstones12
Skate_Punk_21
Hell hath no fury like the determination of a society YOU ****ed off.
you took a chance, and now i hope you burn! :D
--
Skate_Punk_21
Efwis
noahdfear Wrote:
>
> Tom Jones, pcbutts1, Ali Akbar, whatever you choose to call yourself,
>
> You did not write the smitRem (or smithrem as you have renamed it), I
> did. I see you have updated it to the latest version however, which is
> 2.7 and uses swreg.exe and process.exe instead of the MS files reg.exe
> and taskkill.exe........problem is, you're such an idiot that you
> failed to replace my name with yours everywhere it appears in the tool.
> I'd bet you don't even know where swreg comes from..........or why it's
> required.
>
> Please remove my tool from your site, and refrain from stealing other
> people's work in the future. You should also stop illegally hosting
> known trusted applications, such as Spybot and Ad-aware, without their
> consent. It's all just very unethical and will gain you nothing but a
> reputation for the same.
You know it's really pathetic when somone has to steal from someone
else. I saw all the conception of Nailfix.exe, and smitre, and I know
you didn't make them because they were primarily made and tested at
Geekstogo.com.
I can also guarantee if I find that you have other fellow malware
removal programs that friends of mine made, they will be notified. I
think its convenient how you hide the parent list of files you are
stealing so no one else can find out what you're doing.
for this I only have one thing to say....ROT IN HELL YOU THEIF.
--
Efwis
~Mark
Narcissists, like this jerk, love the attention.. Can't get enough of
it.
Hope you've had your fill. Bye-bye.
--
~Mark
don77
1- people are looking for help
2 -help them fix their problems with valid
working verified direct solutions that work.
The fact we know smitrem works is it has been tested over and over
again modified, updated and monitored by the creator of this tool
*noahdfear* and many other highly regarded and respected members of the
community. I like flrman have seen and been involved both directly and
indirectly along with most of the most recent poster to this topic from
the start of this project. Countless hours were and still are put into
this tool and its upkeep and maintaining it.
You can claim that "Leythos,
David, Max, and now Nepatsfan " have nothing better to do then to
follow you around and change your name so you can hide, I can tell you
that the recent replies are just a small amount of the many that will
follow that have seen first hand the hard work noahdfear has put into
this tool.
What your doing is criminal and like most criminals you try to hide
your identity
> Do you really think the
> person with the problems care about whether he clicks thru a
> manufactures
> site just to download a free program?.
This is a mind blowing comment, So what your saying is people should
just click on a download that claims to help them, Hmm don't ya think
for one second its probably what got them in the first place ?
Again your right the tool does work the problem is , Its not your work
so stop trying to pass it off as that,
> I also have to insist that you remove nailfix.exe from your download
> site. Neither I, nor Swandog46, nor Miekemoes have authorized you to
> host this file.
From racopper ^
And we will and can all confirm that is their work as well,
I have come to know most of these people for some time and had the
honor and pleasure to work very closely with them and they are all
stand up people, They are brilliant people and kind enough to share
their knowledge and with the creation of their tools allow many of us
the ability to help thousands of people.
And we don't bounce forum to forum pretending to be something we are
not or someone we are not.
In short the simple answer is do the right thing !!!!
--
don77
dobhar
What a tool!!!
I honestly hope you get what coming to you. I think it's time your
Mommie and Dady took away your Barbie Computer.
noadhfear's "*smitrem*" tool has been a godsend to the victims who have
been infected by the "Nasty's" and for you to call it yours is just pure
evil.
By the way love your new Web Site = http://www.ik-cs.com/ripper...
LOLOLOLOLOL
What a tool!!!
--
dobhar
illukka
i bet he doesnt like the attention i'd be giving him
i my country we have a way to deal with scum like him:
take em behind the sauna and shoot them in the head
dobhar, i just love that webpage MUHAHAHAHAHAHAHAHAH
--
illukka
Rawe
illukka Wrote:
> i bet he doesnt like the attention i'd be giving him
>
> i my country we have a way to deal with scum like him:
> take em behind the sauna and shoot them in the head
>
> dobhar, i just love that webpage MUHAHAHAHAHAHAHAHAH
I agree, Illukka. I'm not sure what's your problem, but I can say for
sure Noahdfear wrote SmitRem. Get that file the hell out of your list
along with other files you DID NOT WRITE.
> i my country we have a way to deal with scum like him:
> take em behind the sauna and shoot them in the head
Perfect plan.
--
Rawe
ChrisRLG
I am another MS MVP - Windows Security.
http://tinyurl.com/ckzsj
I confirm noahdfear is the creater of this tool, Not the other low
life.
--
ChrisRLG
Crustyoldbloke
noahdfear Wrote:
> Tom Jones, pcbutts1, Ali Akbar, whatever you choose to call yourself,
>
> You did not write the smitRem (or smithrem as you have renamed it), I
> did.
I am a malware remover at Geeks to Go, and I am very proud to be
associated with some of the best people in the business. Not only are
these exceptional people intelligent, they are also the most helpful
people I have ever met.
If I ever have a problem with malware that the appropriate tool does
not solve, I talk or write to the author. I can confirm that I have
written to Noahdfear as the author of the smitrem and received useful
advice in return.
To my knowledge I have never written to you under the veil of any of
the aliases you use, simply because you are not the author.
You should desist from claiming to be the author, remove the programme
from your site forthwith and apologise publicly. However having
witnessed your despicable behaviour in this thread and elsewhere, I am
going to predict that you will not; your ego is too big.
I am of the opinion that the full weight of the judicial system should
be used against you, and furthermore, that you should be used as an
example to others who may wish to blatantly dupe the public as to their
credentials.
I hope my post here is the harbinger of justice and your punishment.
--
Crustyoldbloke
Indrid_Cold
Something wicked this way comes butts!
So where to next fool? food.com to expound on how you invented the
George Foreman grill and the veg-o-matic?
--
Indrid_Cold
jedi
Hi IC.
I can also confirm that you are a lying thieving scumbag, butthead. You
didn't and couldn't write these tools. You have also stepped on the
wrong toes.
Dead man walking!
--
jedi
g2i2r4
ChrisRLG Wrote:
> I confirm noahdfear is the creater of this tool.
All helpers at legitimate sites KNOW noahdfear is the creator of this
tool.
It a shame to see someone stealing this just to look smart!
You should be banned from the internet for life.
--
g2i2r4
Atribune
I, like Miekemoes, find it very interesting that my name, Atribune, is
used in a tool that I do not know the author of. When Miekemoes and I
wrote the shudderfix part of smitRem ( Noahdfears tool) We made it
specifically for use in his tool. The code was not given to anyone
else.
Why not write your own fixes? Why steal something that is free? heh It
just doesn't make any sense.
I know exactly how much time Noahdfear put's into his tools, I write
my own tools and know how time consuming it is, we spend hours, days,
weeks, and sometimes even months developing some of these tools.
I havent been notified about any of my tools being hosted or stolen by
you, If you are claiming any to be your own and/or are hosting my tools
please remove them immediately as you are either stealing my code or not
a legitimate host of my code. Either way the proper people have been
notified of your wrong doings and I hope they seek retribution.
--
Atribune
Corrine
> All helpers at legitimate sites KNOW noahdfear is the creator of this
> tool.
Indeed we do! Go to the ASAP (Alliance of Security Analysis Professionals
http://asap.maddoktor2.com/ ) member sites and you will find us using
noahdfear's SmitRem tool. Not only do we all know and respect him, we
respect the copyright laws.
What this person of many names does not realize is that these tools are
worked on and tested at various locations, not accessible to the general
public, but accessible to legitmate members of the security community. There
are many, many witnesses to the work done by noahdfear and other developers.
Jim
at the request of a friend. It was not the same file that you say noahdfear
wrote. My file was stolen and modified. I don't know who did it but it
looked good. I left it at that, so what, it is just a simple .bat file. It
was free when I wrote it, it is still free. I found it browsing some forum
and realized it was mine. Who ever modified it did a good job and the tool
works. It took me a few days to contact my friend and ask him what he did
with it. When I snatched the file back I modified it again and I still use
it on 3 of my websites and at work. THE FILE IS MINE plain and simple.
Whoever stole it from me and used it as their own is a fool to come here and
complain about it. If it is yours then send the required info to my hosting
company as I have already done as they have requested. Let their legal dept
decide. All you crazy wacks keep posting from Google trying make me look
like a thief. The proof is in the pudding. Put up or shut up, send that info
to my hosting company like they requested. When this case is closed I will
post the decision for all to see and then we will see who the thief is,
noahdfear.
"g2i2r4" <g2i2r4...@pcbanter.net> wrote in message
news:g2i2r4...@pcbanter.net...
~Mark
Sure took you long enough to pull the ol' Switch-A-Roo bit.
Please tell your imaginary friend to wipe all that sweat off your posts
before you submit.
--
~Mark
Bobbi Flekman
If the file is yours, how about backing up your claims? Give us proof,
not words. All I know is that this fix uses of my tools, and since you
claim to have written this, you indirectly claim to have written my
program. You have proof about that? You could at least give us a line
by line explanation as to what it is that it is doing? And why it
works.... If you're the author you should be able to that.
In your line of reasoning, taking an idea and modifying it
automatically places the complete works in your hands. There is a flaw
there, buddy! If that were the case then Microsoft would have been out
of business years ago, since they took the idea of a Graphical User
Interface from another company (Apple). So walk your defense, that
would automatically make Apple owner of Windows. Steve Jobs will be
glad to hear how you solved his problems!
You forget one thing, and that is called intellectual ownership. Look
it up on the internet, maybe you'll understand all these terms when
people from the legitimate corporations like Lavasoft or Ewido come
down on you.
> Put up or shut up, send that info to my hosting company like they
> requested.I have seen no request about that. Plus it is not something a hosting
company keeps itself busy with. They have other things to do.
Smart move to authenticate entrance to your downloads directory. If you
think that will stop the crusade, think again.
You can start all the threads you want on Usenet or the Internet, your
days are over.
Enjoy your time,
Bobbi.
--
Bobbi Flekman
Bobbi Flekman
that you ripped noahdfear of. Because you can edit your post and not
mine I thought I'd do you a favor by making this permanent.
Thank you.
--
Bobbi Flekman
noahdfear
Jim Wrote:
> Put up or shut up, send that info
> to my hosting company like they requested. When this case is closed I
> will
> post the decision for all to see and then we will see who the thief
> is,
> noahdfear.
is today. And everyone already knows who the thief is.........YOU! We
all know you don't have the skills to write such a tool. You haven't
even figured out how to use the replace all feature in notepad, which
is why you previously failed to remove my name at every occurence in
the tool. Back to basic computing 101 for you.
So tell us, when did you supposedly start working on 'your tool'? And
when did smitfraud first become a problem accross the internet? And who
was the HJT advisor that first got to the root of the problem, and
where? And which of the infections that the tool targets began
infecting wininet? What version did 'your tool' begin seeking a
replacement for the infected wininet? Nevermind......I know you can't
answer those questions because you not only didn't write it, you had
nothing to do with it's writing or updating.
Give it up and admit you're a pathetic thief, Chris.
--
noahdfear
evri
Download microsoft antispyware program and scan your computer to remove
any installed spyware. if ms antispyware program can not find anything
follow these steps.
in search for files section on start menu than type *.scr to scan
all screen saver files.
if you can see the screen saver files as name as spyware as yu said,
than erase it.
another way
click start menu, click run than type msconfig. than click last tab
menu the name is boot option or start.
in the window you will see little boxes and checked. look for the name
of screen saver and if you find it uncheck it.
your problem will be solved.
good luck.
Michael Stevens
Jim <jim...@wahoo.net> replied with a ;-)
> I, pcbutts1, want to set the record straight. I wrote that file. I
> wrote it at the request of a friend. It was not the same file that
> you say noahdfear wrote. My file was stolen and modified. I don't
> know who did it but it looked good. I left it at that, so what, it is
> just a simple .bat file. It was free when I wrote it, it is still
> free. I found it browsing some forum and realized it was mine. Who
> ever modified it did a good job and the tool works. It took me a few
> days to contact my friend and ask him what he did with it. When I
> snatched the file back I modified it again and I still use it on 3 of
> my websites and at work. THE FILE IS MINE plain and simple. Whoever
> stole it from me and used it as their own is a fool to come here and
> complain about it. If it is yours then send the required info to my
> hosting company as I have already done as they have requested. Let
> their legal dept decide. All you crazy wacks keep posting from Google
> trying make me look like a thief. The proof is in the pudding. Put up
> or shut up, send that info to my hosting company like they requested.
> When this case is closed I will post the decision for all to see and
> then we will see who the thief is, noahdfear.
>
>
For someone so innocent, you sure look guilty. I find it curious that all
the files in your smitrem.zip files all have the time stamp of 10/24/2005
all updated between 8:38 AM to 8:40 AM, a day after noahdfear exposed you as
a thief of his intellectual property.
The files in your(pcbutts) zip have the same size but a different time
stamp: pcButts files because you had to remove the reference to "noahdfear"
you missed when you originally plagerized the file.
delfiles.cmd 4KB 10/24/2005 8:40 AM
Process.exe 52 KB 10/24/2005 8:39 AM
replace.cmd 17 KB 10/24/2005 8:39 AM
RunThis.bat 227KB 10/24/2005 8:37 AM
swreg.exe 42 KB 10/24/2005 8:38 AM
The files in his smitRem.exe have time stamp dates of:
delfiles.cmd 4KB 7/23/2005 3:04 AM
Process.exe 52 KB 6/5/2005 9:13 PM
replace.cmd 17 KB 7/23/2005 8:18 AM
RunThis.bat 227KB 10/14/2005 5:06 PM
swreg.exe 42 KB 10/7/2005 8:29 PM
Who can you believe?
pcButts, who now has password protection to block access to his alleged
legitimate files to domains such as mine and anyone that questions his
claims he is the author of software he has stolen and does not have
authorization to host on his web site.
I believe the example above is a very telling example of his attempts to
distort the truth.
I am very dismayed that the people at jpl.nasa.gov can allow this type of
devious individual that steals the intellectual properties of software
authors to be associated and defame their obvious perceived but now
questionable integrities.
--
Michael Stevens MS-MVP XP
xpn...@bogusmichaelstevenstech.com
http://www.michaelstevenstech.com
For a better newsgroup experience. Setup a newsreader.
http://www.michaelstevenstech.com/outlookexpressnewreader.htm
RA
> I, pcbutts1, want to set the record straight. I wrote that file. I
> wrote it at the request of a friend. It was not the same file that
> you say noahdfear wrote. My file was stolen and modified. I don't
> know who did it but it looked good. I left it at that, so what, it is
> just a simple .bat file. It was free when I wrote it, it is still
> free. I found it browsing some forum and realized it was mine. Who
> ever modified it did a good job and the tool works. It took me a few
> days to contact my friend and ask him what he did with it. When I
> snatched the file back I modified it again and I still use it on 3 of
> my websites and at work. THE FILE IS MINE plain and simple. Whoever
> stole it from me and used it as their own is a fool to come here and
> complain about it. If it is yours then send the required info to my
> hosting company as I have already done as they have requested. Let
> their legal dept decide. All you crazy wacks keep posting from Google
> trying make me look like a thief. The proof is in the pudding. Put up
> or shut up, send that info to my hosting company like they requested.
> When this case is closed I will post the decision for all to see and
> then we will see who the thief is, noahdfear.
Wow! That is the LAMEST attempt at trying to recover credibility I have ever
seen.
How stupid can you be to pretend that everyone can't see right through this
sham?
It comes from what appears to be a twelve year old brain trying to pass
himself off as a bona fide adult,.or from a pathological liar who will never
learn that most normal people can see right through the lies.
You could have a great career ahead of you in politics, but you are severely
lacking the charisma and charm that pathological liars need to succeed in
the world.
winchester73
"Who ever modified it did a good job and the tool works" ... that's quite a
humorous interpretation of things.
Go crawl back under a rock ...
RA
> I, pcbutts1, want to set the record straight. I wrote that file. I
> wrote it at the request of a friend. It was not the same file that
> you say noahdfear wrote. My file was stolen and modified. I don't
> know who did it but it looked good. I left it at that, so what, it is
> just a simple .bat file. It was free when I wrote it, it is still
> free. I found it browsing some forum and realized it was mine. Who
> ever modified it did a good job and the tool works. It took me a few
> days to contact my friend and ask him what he did with it. When I
> snatched the file back I modified it again and I still use it on 3 of
> my websites and at work. THE FILE IS MINE plain and simple. Whoever
> stole it from me and used it as their own is a fool to come here and
> complain about it. If it is yours then send the required info to my
> hosting company as I have already done as they have requested. Let
> their legal dept decide. All you crazy wacks keep posting from Google
> trying make me look like a thief. The proof is in the pudding. Put up
> or shut up, send that info to my hosting company like they requested.
> When this case is closed I will post the decision for all to see and
> then we will see who the thief is, noahdfear.
Are we going to read about this in the Seattle Times also???
Bobbi Flekman
Nick, do you still need any help?
--
Bobbi Flekman
Jim
post here.
"RA" <none> wrote in message news:eukE2rw...@TK2MSFTNGP10.phx.gbl...
RA
believes anything you say.
cleveland
"RA" <none> wrote in message news:e9jlogy2...@tk2msftngp13.phx.gbl...
UKBiker
hey, pcbutts1, Chris, whatever your name is today,
Surely you must have realised that you would be called to account for
your actions? Payback time.
UKBiker
--
UKBiker
Bob I
cleveland
"Bob I" <bir...@yahoo.com> wrote in message
news:uonADdz2...@tk2msftngp13.phx.gbl...
Nellie2
Just to add my tuppence worth, I think it is deplorable that anyone
would deliberately steal another persons work and pass it off as their
own? Why?
Download sites of these tools are restricted for good reason, as the
tools are updated they need to be replaced with the most current
version. The tools we use are always a work in progress and they
develop as the infection they target develops.
I watched the development and testing of smitRem by Noahdfear, it was
given freely to our community and nothing was asked in return. So
credit where it is due, Noahdfear gave us this tool and you pcbutts or
what ever you call yourself should be totally ashamed of yourself
Gwynne Brothwood
MS MVP - Windows Security
--
Nellie2
No one you know
coming back with your garbage. You are a pathetic, theiving, lying sack of
sh*t. Go away and don't come back under any name and no one will stalk you.
You are lucky no one has hunted you down and blown you away.
Bobbi Flekman
Hey Man With The Many Names,
when are you going to give answers, instead of obscenities?
--
Bobbi Flekman
pomp86
Wow... That is soo unethical what you did! You should be extremely
ashamed of yourself.
--
pomp86
Bobbi Flekman
The kid says on Usenet that he shown proof of ownership to his ISP...
When asked to show the proof to us, he doesn't answer. In other words,
he can't show it.
In the meantime a lot of threads have started on Usernet by seƱor
Butts... So, if you wanna stay in the loop I suggest to check out
Google groups or simply use a program to check out alt.privacy.spyware.
--
Bobbi Flekman