Not able to remove spy wallpaper

[Nick]

Hi,

My computer was infected with spyware, I already use microsoft
anti-spyware and ad-adware. But still not able to remove the problem
with my wallpaper as well as my homepage. when I tried to change the
wallpaper on my desktop, it didn't even give me that option. I cannot
click on anything to change it. Please help. thank you.


nick

 

[Malke]

Hi,

My computer was infected with spyware, I already use microsoft
anti-spyware and ad-adware. But still not able to remove the problem
with my wallpaper as well as my homepage. when I tried to change the
wallpaper on my desktop, it didn't even give me that option. I cannot
click on anything to change it. Please help. thank you.

Here are general malware removal steps which you may want to go through:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

And here is information on fixing the desktop wallpaper set by malware:

Go to the Display applet in Control Panel and look on the Desktop tab.
Click on Customize Desktop, and then click on the Web tab. You will see
that there are checkmarks next to "My Current Home Page" and probably
"Lock Desktop Items". Uncheck these. By highlighting the "My Current
Home Page" and clicking on the Properties button, you will be able to
determine the name of the file that is the message. It might be called
something like "security.html" or the like.

Click Apply and OK out when you've made your changes. Then you want to
find the *.html malware file and delete it.

If you can't enable desktop backgrounds after a virus, MVP Kelly Theriot
has a fix. Look under Wallpaper-Desktop-Disable Changing here:

http://www.kellys-korner-xp.com/xp_w.htm

If Display tabs are missing, run Kelly's registry edit on line 285,
right-hand side "Restore all display tabs".

Malke

 

[Ali Akbar]

Windows XP/2K (includes Ewido)

You may want to print out or make a copy of these instructions before
starting, because you will not be able to connect to the internet during
most of this fix.

Please download smithrem.zip and save it to your desktop
http://216.122.228.48/downloads/smithrem.zip
Right click on the file and extract it to its own folder on the desktop.

Please download, install, and update the free version of Ewido Security
Suite:
When installing, under "Additional Options" uncheck "Install background
guard" and "Install scan via context menu"
http://216.122.228.48/downloads/ewidosetup.exe .

From the main Ewido screen, click on update in the left menu, then click the
Start update button.
After the update finishes, the status bar at the bottom will display "Update
successful"
Exit Ewido. DO NOT run a scan yet.

If you do not already have Ad-Aware SE 1.06 installed, download
http://216.122.228.48/downloads/aawsepersonal.exe
Again, do NOT run a scan yet.


Next, please reboot your computer in Safe Mode by doing the following:
Restart your computer
After hearing your computer beep once during startup, but before the Windows
icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.
Now scan with HJT http://216.122.228.48/downloads/HijackThis1.zip and place
a checkmark next to each of the following items if available:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http:://www.quicknavigate.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http:://www.quicknavigate.com/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http:://www.quicknavigate.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http:://www.quicknavigate.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http:://www.quicknavigate.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http:://www.quicknavigate.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page
=http:://www.quicknavigate.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http:://www.startsearches.net/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http:://www.startsearches.net/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http:://www.startsearches.net/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http:://www.startsearches.net/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http:://www.startsearches.net/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http:://www.startsearches.net/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
http:://www.startsearches.net/
O2 - BHO: VMHomepage Class - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF} -
C:\WINDOWS\System32\hp6DD8.tmp
O4 - HKCU\..\Run: [WindowsFY] c:\wp.exe
O4 - HKCU\..\Run: [WindowsFY] c:\bsw.exe
O4 - HKLM\..\Run: [WindowsFZ] C:\WINDOWS\ZLOADER3.EXE
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security
iGuard\Security iGuard.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O9 - Extra button: Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} - C:\WINDOWS\System32\wldr.dll
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} - C:\WINDOWS\System32\wldr.dll
O9 - Extra button: Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} - C:\WINDOWS\System32\wldr.dll (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} - C:\WINDOWS\System32\wldr.dll (HKCU)


Delete any other malware files not associated with the smitfraud variants
and SpySheriff.


Open the smithrem folder, then double click the RunThis.bat file to start
the tool. Follow the prompts on screen. Your desktop and icons will
disappear and then reappear again ---this is normal.
Wait for the tool to complete and Disk Cleanup to finish --- this may take a
while; please be patient.

Next, run Ad-aware and perform a full scan. Remove everything found.

Now open Ewido Security Suite
Click on Scanner
Click on Complete System Scan and the scan will begin.
NOTE: During some scans with ewido it is finding cases of false positives.
You will need to step through the process of cleaning files one-by-one. If
ewido detects a file you KNOW to be legitimate, select none as the action.
DO NOT select "Perform action on all infections"
When the scan is finished, click the Save report button at the bottom of the
screen.
Save the report to your desktop
Close Ewido

Next go to Start -> Control Panel, click Display -> Desktop -> Customize
Desktop -> Web -> Uncheck "Security Info" if present.


Restart your computer in normal mode.

Run Panda's online virus scan and perform a full system scan
http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm .
Make sure the Autoclean box is checked!

Finally, restart your computer once more, and please post a new HijackThis
log as well as the log from the Ewido scan and the log from the smitRem
tool, which will be located at C:\smitfiles.txt.
Let me know if any problems persist.

 

[Guest]

But I'd like to add my 2 cents worth on the topic of AntiSpyware

BEFORE YOU DOWNLOAD MORE STUFF!

While many people now know to keep their AntiSpyware programs updated --
most are oblivious that the software's default settings do NOT scan for all
possible problems!

Software manufactures state that users don’t want to wait a long time for
scanning, so they choose a (quicker) default scanning time. So to "properly"
configure the software:


--------------------------------------------------------------------------------
Lavasoft’s AdAware

1) Launch program and check for (& install) updates [click on "Check for
updates now" -- click "Connect" to continue, then "Finish"]
2) Click "Start" to begin scanning.
3) The first time requires that we configure the settings -- click on
"Customize" (Change all items that are RED "X" (not grey) to GREEN "Check")
-- Select ALL of your local hard drives
4) Click "Customize" to select this type of scanning
5) Click "Next" to begin scanning.

--------------------------------------------------------------------------------

Microsoft’s AntiSpyware

1) Launch program and check for (& install) updates (under the File
pull-down menu)
2) Click on “Scan Optionsâ€
3) Select “Run a full system scan’
4) Ensure that all check boxes are selected (as well as ALL of your local
hard drives)
5) Click on “Save these options†then “Run Scan Nowâ€

 

[Nepatsfan]

Hi,

My computer was infected with spyware, I already use
microsoft anti-spyware and ad-adware. But still not able to
remove the problem with my wallpaper as well as my homepage.
when I tried to change the wallpaper on my desktop, it
didn't even give me that option. I cannot click on anything
to change it. Please help. thank you.


nick

Nick,

I'm posting this reply for your benefit as well as anyone else
who may read it.

Never, ever download a program or file from a link that starts
with an IP address. If the URL doesn't include the entire
domain name, somebody may be trying to hide something.

Whenever you're advised to download anything in these forums,
make sure that you're directed to a trusted source or the
developer's web site. The link that Malke gave you does exactly
that. Her site includes links to web sites where you can
download legitimate versions of the latest release of those
programs. Downloading and running a program from an anonymous
source could make a bad situation worse than it already is.

The links that have been posted by "Ali Akbar" direct you to
the web site of someone who previously posted under the name
pcbutts1. Pcbutts1 is an arrogant, delusional fraud who is a
well known menace in these newsgroups. Anything associated with
him or his personal web site should be viewed as being highly
suspect.

Good luck

Nepatsfan

 

[Nepatsfan]

Nice try, couldn't you come up with something a little more
creative than "Ali Akbar". Hopefully, your friend Leythos will
stop by to say hello.

Nepatsfan

Windows XP/2K (includes Ewido)

You may want to print out or make a copy of these
instructions before starting, because you will not be able
to connect to the internet during most of this fix.

Please download smithrem.zip and save it to your desktop
http://216.122.228.48/downloads/smithrem.zip
Right click on the file and extract it to its own folder on
the desktop.
Please download, install, and update the free version of
Ewido Security Suite:
When installing, under "Additional Options" uncheck "Install
background guard" and "Install scan via context menu"
http://216.122.228.48/downloads/ewidosetup.exe .

From the main Ewido screen, click on update in the left
menu, then click the Start update button.
After the update finishes, the status bar at the bottom will
display "Update successful"
Exit Ewido. DO NOT run a scan yet.

If you do not already have Ad-Aware SE 1.06 installed,
download http://216.122.228.48/downloads/aawsepersonal.exe
Again, do NOT run a scan yet.


Next, please reboot your computer in Safe Mode by doing the
following: Restart your computer
After hearing your computer beep once during startup, but
before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.
Now scan with HJT
http://216.122.228.48/downloads/HijackThis1.zip and place a
checkmark next to each of the following items if available:

R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http:://www.quicknavigate.com/search.php?qq=%1 R1 -
HKCU\Software\Microsoft\Internet Explorer\Main,Search
Bar = http:://www.quicknavigate.com/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Page = http:://www.quicknavigate.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http:://www.quicknavigate.com/search.php?qq=%1 R1 -
HKCU\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
http:://www.quicknavigate.com/search.php?qq=%1 R1 -
HKCU\Software\Microsoft\Internet
Explorer\SearchURL,(Default) =
http:://www.quicknavigate.com/search.php?qq=%1 R0 -
HKCU\Software\Microsoft\Internet Explorer\Main,Local
Page =http:://www.quicknavigate.com/
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http:://www.startsearches.net/search.php?qq=%1 R1 -
HKCU\Software\Microsoft\Internet Explorer\Main,Search
Bar = http:://www.startsearches.net/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Page = http:://www.startsearches.net/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http:://www.startsearches.net/search.php?qq=%1 R1 -
HKCU\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
http:://www.startsearches.net/search.php?qq=%1 R1 -
HKCU\Software\Microsoft\Internet
Explorer\SearchURL,(Default) =
http:://www.startsearches.net/search.php?qq=%1 R0 -
HKCU\Software\Microsoft\Internet Explorer\Main,Local
Page = http:://www.startsearches.net/
O2 - BHO: VMHomepage Class -
{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF} -
C:\WINDOWS\System32\hp6DD8.tmp O4 - HKCU\..\Run: [WindowsFY]
c:\wp.exe
O4 - HKCU\..\Run: [WindowsFY] c:\bsw.exe
O4 - HKLM\..\Run: [WindowsFZ] C:\WINDOWS\ZLOADER3.EXE
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security
iGuard\Security iGuard.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program
Files\PSGuard\PSGuard.exe O9 - Extra button: Microsoft
AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} -
C:\WINDOWS\System32\wldr.dll O9 - Extra 'Tools' menuitem:
Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} -
C:\WINDOWS\System32\wldr.dll O9 - Extra button: Microsoft
AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} -
C:\WINDOWS\System32\wldr.dll (HKCU) O9 - Extra 'Tools'
menuitem: Microsoft AntiSpyware helper -
{D5BC2651-6A61-4542-BF7D-84D42228772C} -
C:\WINDOWS\System32\wldr.dll (HKCU)

Delete any other malware files not associated with the
smitfraud variants and SpySheriff.


Open the smithrem folder, then double click the RunThis.bat
file to start the tool. Follow the prompts on screen. Your
desktop and
icons will disappear and then reappear again ---this is
normal.
Wait for the tool to complete and Disk Cleanup to finish ---
this may take a while; please be patient.

Next, run Ad-aware and perform a full scan. Remove
everything found.
Now open Ewido Security Suite
Click on Scanner
Click on Complete System Scan and the scan will begin.
NOTE: During some scans with ewido it is finding cases of
false positives. You will need to step through the process of
cleaning files
one-by-one. If ewido detects a file you KNOW to be
legitimate, select none as the action. DO NOT select "Perform
action on all infections"
When the scan is finished, click the Save report button at
the bottom of the screen.
Save the report to your desktop
Close Ewido

Next go to Start -> Control Panel, click Display -> Desktop
-> Customize Desktop -> Web -> Uncheck "Security Info" if
present.

Restart your computer in normal mode.

Run Panda's online virus scan and perform a full system scan
http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm
. Make sure the Autoclean box is checked!

Finally, restart your computer once more, and please post a
new HijackThis log as well as the log from the Ewido scan and
the log from
the smitRem tool, which will be located at C:\smitfiles.txt.
Let me know if any problems persist.

Hi,

My computer was infected with spyware, I already use
microsoft anti-spyware and ad-adware. But still not able
to remove the problem with my wallpaper as well as my
homepage. when I tried to change the wallpaper on my
desktop, it didn't even give me that option. I cannot
click on anything to change it. Please help. thank you.
nick

 

[Tom Jones]

The post by Ali Akbar was direct, precise and to the point on how to fix
the problem and it works. Not guesses, and your reply certainly does not fix
the issue. If you don't know the answer then don't reply. All you are doing
is throwing accusations around that cannot be proven because you don't like
the guy. This helps no one. Prove that those files are bad and then maybe I
will believe you.

 

[Nepatsfan]

It's not a matter of "because you don't like the guy". It's a
matter of "I don't trust the guy". Anyone who has to post under
different names raises my suspicions. For instance, do these
look familiar?

NNTP-Posting-Host: cbuttsmac.jpl.nasa.gov 128.149.220.108

NNTP-Posting-Host: macosxpcb.jpl.nasa.gov 128.149.220.108

The first is from a message posted to this newsgroup on 10/16
by "mem", one of the known aliases used by pcbutts1. The second
is from your message. What a shock! What happened? Did
Microsoft and your ISP conspire against you so that you can't
post from home as pcbutts1? Is that why you're now posting as
"Ali Akbar"? For a self-proclaimed "security expert", you don't
do a very good job of hiding your tracks.

The problem I have with you is that you participate in these
newsgroups for all the wrong reasons. You're not here to help
people. You're not here to share your knowledge for the benefit
of others. You're here to pump up your fragile ego. You try to
leave people with the impression that you, and only you, know
all the answers. Instead of setting up a web site with a
tutorial that includes links to the site of the developer's who
actually wrote the programs you recommend, you try to leave
unsuspecting users with the impression that those are your
programs. If your advice consisted of links to the developer's
web site along with legitimate sites to post HijackThis logs,
you wouldn't find yourself being treated like a pariah.

These newsgroups are communities where people can share
information and ideas. Like all communities, there are rules,
both written and unwritten, that are meant to maintain some
sense of order. They're not your personal forums. As soon as
you start following those guidelines, you'll stop hearing from
people who object to your behavior. Until that time, you're
going to have to learn to live with, as you put it, being
"stalked" and "persecuted".

Nepatsfan

 

[Plato]

My computer was infected with spyware, I already use microsoft
anti-spyware and ad-adware. But still not able to remove the problem
with my wallpaper as well as my homepage. when I tried to change the
wallpaper on my desktop, it didn't even give me that option. I cannot
click on anything to change it. Please help. thank you.

Best bet is NOT to install spyware in the first place. As, even if you
remove it, the damage it causes often remains.

 

[Nick]

Thanks so much for all your inputs. I really appreciate it. I will
try it out now.

 

[Michael Stevens]

In

It's not a matter of "because you don't like the guy". It's a
matter of "I don't trust the guy". Anyone who has to post under
different names raises my suspicions. For instance, do these
look familiar?

NNTP-Posting-Host: cbuttsmac.jpl.nasa.gov 128.149.220.108

NNTP-Posting-Host: macosxpcb.jpl.nasa.gov 128.149.220.108

The first is from a message posted to this newsgroup on 10/16
by "mem", one of the known aliases used by pcbutts1. The second
is from your message. What a shock! What happened? Did
Microsoft and your ISP conspire against you so that you can't
post from home as pcbutts1? Is that why you're now posting as
"Ali Akbar"? For a self-proclaimed "security expert", you don't
do a very good job of hiding your tracks.

The problem I have with you is that you participate in these
newsgroups for all the wrong reasons. You're not here to help
people. You're not here to share your knowledge for the benefit
of others. You're here to pump up your fragile ego. You try to
leave people with the impression that you, and only you, know
all the answers. Instead of setting up a web site with a
tutorial that includes links to the site of the developer's who
actually wrote the programs you recommend, you try to leave
unsuspecting users with the impression that those are your
programs. If your advice consisted of links to the developer's
web site along with legitimate sites to post HijackThis logs,
you wouldn't find yourself being treated like a pariah.

These newsgroups are communities where people can share
information and ideas. Like all communities, there are rules,
both written and unwritten, that are meant to maintain some
sense of order. They're not your personal forums. As soon as
you start following those guidelines, you'll stop hearing from
people who object to your behavior. Until that time, you're
going to have to learn to live with, as you put it, being
"stalked" and "persecuted".

Nepatsfan

Well put Nepatsfan,
Consider this the equivalent of neighborhood watch. None of us really have
the power to physically do anything about pcButts and his many personas, but
we can make the unsuspecting poster aware of his agenda and level the
playing field.
There is something inherently suspicious about someone that is not willing
to play by the rules, especially internet and newsgroup rules that are
probably the most lenient of all restrictions you will ever encounter, which
also makes the online community so venerable to the likes of pcButts.. We
have to self medicate when a disease like pcbutts is detected and protect
the unknowing public of the potential danger.
--
Michael Stevens MS-MVP XP
(e-mail address removed)
http://www.michaelstevenstech.com
For a better newsgroup experience. Setup a newsreader.
http://www.michaelstevenstech.com/outlookexpressnewreader.htm

 

[Incognitus]

In

Well put Nepatsfan,
Consider this the equivalent of neighborhood watch. None of us really have
the power to physically do anything about pcButts and his many personas,
but we can make the unsuspecting poster aware of his agenda and level the
playing field.
There is something inherently suspicious about someone that is not willing
to play by the rules, especially internet and newsgroup rules that are
probably the most lenient of all restrictions you will ever encounter,
which also makes the online community so venerable to the likes of
pcButts.. We have to self medicate when a disease like pcbutts is detected
and protect the unknowing public of the potential danger.

It also makes one wonder about his role with nasa.gov, janitor perhaps.

 

[Tom Jones]

Helping is the key word here. I help them fix their problems with valid
working verified direct solutions that work. You can't dispute that, nobody
can because my answers are correct. Since my answers can't be disputed you
lamers have to attack the way I give my answers. Do you really think the
person with the problems care about whether he clicks thru a manufactures
site just to download a free program?.They want the problem fixed which is
why they came here in the first place. They want answers. They do not ant to
be shoved off to another forum or website, have to register, retype their
issue, then wait again for another answer, in the mean time they still have
a problem. When you send them to a link and say try this, this may help,
those are guesses and there is nothing wrong with that because there is an
attempt to fix the problem. Sending them to another group to ask again is
not helping. I give answers. My answers have never been wrong. You ,Leythos,
David, Max, and now Nepatsfan have nothing better to do but attack me. I
changed my name to stay away from people like you and this group has been
better off because of it. I have made well over 25 posts to this group alone
this week and because you did not know who was me everything was ok. Why is
it such a big deal to you where I work? Is it because there is nobody to
complain too? are you afraid someone going to be knocking at your door?.
Thank you for reading my headers, you pointed out a mistake in my host name
so I changed it. All of you are acting like little jealous kids and you need
to grow up. You have already admitted that you can't stop me so why do you
insist on wasting you time trying. Don't hate the player hate the game.

 

[Nepatsfan]

In

Well put Nepatsfan,
Consider this the equivalent of neighborhood watch. None of
us really have the power to physically do anything about
pcButts and his many personas, but we can make the
unsuspecting poster aware of his agenda and level the
playing field. There is something inherently suspicious about
someone that
is not willing to play by the rules, especially internet and
newsgroup rules that are probably the most lenient of all
restrictions you will ever encounter, which also makes the
online community so venerable to the likes of pcButts.. We
have to self medicate when a disease like pcbutts is
detected and protect the unknowing public of the potential
danger. --
Michael Stevens MS-MVP XP
(e-mail address removed)
http://www.michaelstevenstech.com
For a better newsgroup experience. Setup a newsreader.
http://www.michaelstevenstech.com/outlookexpressnewreader.htm

Thanks, Michael.

You're right on the money with the "self medicate" advice. And
with a name like pcbutts1, Preperation H might just do the
trick.

Nepatsfan

 

[Nepatsfan]

Thanks for confirming that my initial impression of you
was correct. You only participate in these newsgroups to boost
your fragile ego. Who are you kidding! You're not here to help
people. If you were, you wouldn't be directing people to
download programs from your personal web site. Let's consider
why these people are asking for assistance. The vast majority
of the questions you respond to are posted by people who
somehow downloaded and installed a piece of spyware. They
blindly trusted that the application was benign. So what do you
do? You tell them to do the exact same thing, download an
unknown application from an unknown web site. Instead of
educating them on how to protect themselves from internet
pests, you simply reinforce the behavior that got them in
trouble in the first place.

As for directing people to the developer's web site, I don't
know how long you've been in this country but in the USA
there's such a thing as respecting the rights that other people
have to their property, both real and intellectual. I know if
it was my work you were stealing, the ISP hosting your web site
would be hearing from my lawyer.

This statement of yours says it all, "I give answers. My
answers have never been wrong". That's priceless! No one who
participates in these newsgroups would make that statement if
they weren't dangerously arrogant. Do you know what the worst
flaw of a truly arrogant individual is? Nothing is ever their
fault. It's always someone else who messed up. They can never
admit they made a mistake. It's that flaw that makes them a
poor source of advice. When their suggested course of action
goes awry, they walk away from the chaos they've helped create
and blame it on the person who asked for their assistance.

You might want to take some of your own advice. Grow up! Start
acting like a responsible adult and you'll be treated like one.

Nepatsfan

 

[Tom Jones]

Why don't you tell the op how to fix his system without downloading a
program. The program I told him to get can ONLY be download from me because
I wrote it. You have a lot to learn about spyware, what it does and how to
remove it. It is obvious to me that you know NOTHING!. I have a right to be
arrogant when people like you attack my character and accuse me of illegally
hosting files and stealing others work. If I was stealing work and illegally
hosting files then the Author of those files would make me stop. The fact
of the matter is You think I am pcbutts1, your ignorance thinks that that is
my real name so when you report me you tell them that pcbutts1 is doing this
illegally. Their initial reaction is to deny that I have permission. When
they contact me and I identify myself then everything is ok. Why the hell do
you think I am still doing it. Do you think people like Lavasoft, PepiMK,
Ewido, Steve Gould, Steve Gibson, Sysinternals, Ipswitch, Cederick,
Symantec, Watchnet, Network Solutions, and the 20 or so other vendors,
authors, and manufactures I do business with are Idiots? Let me see you
hosts somebody's files and watch how fast it gets snatched. They don't play
around. Your problem is you are pissed because you can't stop me and you
can't prove anything because I have done nothing wrong.

Are far as my name changing, it was done at the request of MS to avoid flame
wars in their NG by people like you and to not embarrass those MVP's
including Mr. Eddy because of their bias in this situation and my name
changes only in the MS NG.

Now get lost.

 

[Leythos]

Subject: Re: Not able to remove spy wallpaper
From: Tom Jones <[email protected]>
Newsgroups: microsoft.public.windowsxp.general

Why don't you tell the op how to fix his system without downloading a
program. The program I told him to get can ONLY be download from me because
I wrote it. You have a lot to learn about spyware, what it does and how to
remove it. It is obvious to me that you know NOTHING!. I have a right to be
arrogant when people like you attack my character and accuse me of illegally
hosting files and stealing others work. If I was stealing work and illegally
hosting files then the Author of those files would make me stop.

And it appears from what we've seen that vendors are asking you to stop,
and that some have even posted here asking it. For most of them, going
after some KID/JA doing this is not worth their time or expense as
you're about as small-potatoes as it gets. If they see that you are
gaining more downloads and such, that you become a real PITA, they will
go to your hosting company - which has clear rules about hosting files.

The fact
of the matter is You think I am pcbutts1, your ignorance thinks that that is
my real name so when you report me you tell them that pcbutts1 is doing this
illegally. Their initial reaction is to deny that I have permission. When
they contact me and I identify myself then everything is ok. Why the hell do
you think I am still doing it. Do you think people like Lavasoft, PepiMK,
Ewido, Steve Gould, Steve Gibson, Sysinternals, Ipswitch, Cederick,
Symantec, Watchnet, Network Solutions, and the 20 or so other vendors,
authors, and manufactures I do business with are Idiots?

As for you hosting files, it doesn't matter what NAME you post under,
the vendors go by your hosting company/address where you host them -
they don't care what name you use.

How come you can't explain why they still say you have no permission to
host those files?

Let me see you
hosts somebody's files and watch how fast it gets snatched. They don't play
around.

Wrong, most of us, that do host files, properly posts links to a web-
page showing the VENDORS links or a web-page that is a properly
identified MIRROR for the vendor. Your site is not a link or mirror for
anyone - and you don't show up on their sites as a mirror either.

Your problem is you are pissed because you can't stop me and you
can't prove anything because I have done nothing wrong.

The nice thing is that we don't have to STOP you, all we have to do is
point out how unethical your actions are, and that you violate security
norms by asking people to download files without any proof they are the
real files.

Are far as my name changing, it was done at the request of MS to avoid flame
wars in their NG by people like you and to not embarrass those MVP's
including Mr. Eddy because of their bias in this situation and my name
changes only in the MS NG.

No moderator/admin at MS asked you to change your name - they did start
killing your posts under the PCBUTTS1 nickname. You can't post to the MS
groups under the PCBUTTS1 name because they will delete it - maybe you
should ask why the rest of us can when you are not able - consider your
actions and what they earned you.

 

[Tom Jones]

I see you are still in denial. That is so sad.

 

[Leythos]

I see you are still in denial. That is so sad.

I see you still feel the need to change your posting name, and use
multiple posting hosts in order to get your posts on Usenet where people
might be able to see them.

Funny that you feel you have to do that, none of the rest of us try and
hide anything we do.

 

[Nepatsfan]

Did you ask this guy before you stole his program?

Dave's World
http://www.noahdfear.geekstogo.com/

Smitrem.exe
http://noahdfear.geekstogo.com/click counter/click.php?id=1

It's amazing how similar his program is to the one you say you
wrote.

In case you're not familiar with the term, that's plagiarism. I
can think of only a few things in this world that are worse
than being a plagiarist. And please don't tell me you're Dave.
This split personality thing you've got working is starting to
get out of hand.

Or how about Microsoft. Did you ask them for permission to
include taskkill.exe as part of your smithrem.zip folder?
Taskkill.exe is only included with the XP Professional Support
Tools. There's no way you got permission to provide a Microsoft
product through your web site.

Nepatsfan