Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/a26f9f83/public_html/articles/includes/config.php on line 159
How To Clean the Spies In Your Computer? > NetSparsh - Viral Content you Love & Share

How To Clean the Spies In Your Computer?

Manual Spy Bot Removal > BookedSpace

BookedSpace is an Internet Explorer Browser Helper Object used to show advertising.

Free PC Health Check - find bad files fast! How many corrupt and redundant files are lurking inside your PC ready to cause harmful errors? Find these harmful "time-bomb" files instantly and keep your computer ERROR FREE 24 hours a day!

Variants
BookedSpace/Remanent : early variant (around July 2003) with filename rem00001.dll, controlling server 66.225.192.199.

BookedSpace/BS2 and BookedSpace/BS3 : newer revisions (August 2003) with filename bs2.dll or bs3.dll, controlling server www.bookedspace.com.

Distribution
BookedSpace/Remanent is silently installed by MThree MP3 to WAV converter. BookedSpace/BS2 is silently installed by FreeWire's FreeMP3Player. The origin of BookedSpace/BS3 is currently unknown.

Advertising
Yes. BookedSpace can contact its controlling server when a new page is visited, which may direct it to open pop-up ads.

Privacy violation
Yes. When the controlling server is contacted, the URL of the current page is passed along with a user ID for tracking purposes.

Security issues
Yes. May download and install third-party software as directed by its controlling server. BookedSpace/BS2 has been seen to install the BargainBuddy , nCase and eBates parasites.

Stability problems
Seems to stop IE address bar searches from working.

Removal
Open a DOS command prompt windows (from Start->Programs->Accessories), and enter the following commands, for the Remanent variant:

cd "%WinDir%System"
regsvr32 /u ".. em00001.dll"
Or, for the BS2 variant:

cd "%WinDir%System"
regsvr32 /u "..s2.dll"
Or, for the BS3 variant:

cd "%WinDir%System"
regsvr32 /u "..s3.dll"

Next, for BS2 and BS3, open the registry (click 'Start', choose 'Run', enter 'regedit'), find the key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun, and delete the entry 'BookedSpace' (BS2 variant) or 'Bsx3' (BS3 variant).

Restart the computer and you should be able to delete the 'rem00001.dll', 'bs2.dll' or 'bs3.dll' file in the Windows folder. You can also open the registry and delete the key HKEY_LOCAL_MACHINESoftwareRemanent or HKEY_LOCAL_MACHINE_SoftwareBookedSpace to clean up, if you like.

Free PC Health Check - find bad files fast! How many corrupt and redundant files are lurking inside your PC ready to cause harmful errors? Find these harmful "time-bomb" files instantly and keep your computer ERROR FREE 24 hours a day!

MS Media Player GUID

Overview
MS Media Player GUID is a warning that the Window Media player may transmits an anonymous Global Uniquie IDentifier (GUID) to the streaming servers when you download content.

The following is the information given at Microsoft Security Bulletin MS01-029: "... a potential privacy vulnerability that was recently identified. This issue could be exploited by a malicious set of web sites to distinguish a user. While this issue would not by itself enable a web site to identify the user, it could enable the correlation of user information to potentially build a composite description of the user." Source

The existance of this GUID on your system may also indicated that your system does not have all critical updates and service packs installed.

Detection
Bazooka Adware and Spyware Scanner detects MS Media Player GUID. Bazooka is freeware and detects spyware, adware, foistware, trojan horses, viruses, worms and other potentially unwanted applications. Read more »

How to remove the GUID

Go to www.windowsupdate.com and install all critical updates and service packs. Go on with the following steps if Bazooka still reports MS Media Player GUID.

Windows Media Player 6.4 users: the privacy setting is selected via a new option, which can be reached by going to the menu item View / Options then selecting the player tab and de-selecting "Allow Internet sites to uniquely identify your player".

Windows Media Player 7.1 users: the privacy setting is toggled via the existing option under the tools menu, on the player tab and deselect the option "Allow Internet sites to uniquely identify your player". Windows Media Player 9.0 users: Click Tools -> Options -> Privacy, uncheck "Send unique Player ID to content providers."

If Bazooka still reports MS Media Player GUID, go on with the following steps.

Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)

Delete 'HKEY_CURRENT_USER Software Microsoft MediaPlayer Player Settings Client ID'.

Exit the registry editor.

Problems uninstalling? Click here.

Please support me
Thank you for using my site. Please help me to keep this site and software up-to-date.

Contact information for MS Media Player GUID's vendor In order to provide correct, accurate and updated information about MS Media Player GUID I encourage the vendor to contact me if any part of this write-up needs a revision.

Free PC Health Check - find bad files fast! How many corrupt and redundant files are lurking inside your PC ready to cause harmful errors? Find these harmful "time-bomb" files instantly and keep your computer ERROR FREE 24 hours a day!

W32.Backdoor.Nibu

Overview
W32.Backdoor.Nibu is a trojan horse, with many variants. You can read more at Symantec.

Classification
Trojan Horse

Files
load32.exe, Dllreg.exe, Vxdmgr32.exe, Rundllw.exe, patch.exe, netda.exe, swchost.exe

Log references
[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14]

Detection
Bazooka Adware and Spyware Scanner detects W32.Backdoor.Nibu. Bazooka is freeware and detects spyware, adware, foistware, trojan horses, viruses, worms and other potentially unwanted applications. Read more »

Uninstall procedure
Please go to the anti-virus recommendation page. You can find both free products or use one of the trials to remove the virus.

Manual removal
Please follow the instructions below if you would like to remove W32.Backdoor.Nibu manually. Please notice that you must follow the instructions very carefully and delete everything that is mentioned. In most cases the removal will fail if one single item is not deleted. If W32.Backdoor.Nibu remains on your system after stepping through the removal instructions, please double-check by stepping through them again. Start your computer in safe mode.

Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)

Browse to the key:

'HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows CurrentVersion Run'
In the right pane, delete the value called 'load32', if it exists.
Exit the registry editor.
Restart your computer.
Start Windows Explorer and delete:
%SystemDir%swchost.exe
%SystemDir% etda.exe
%SystemDir%load32.exe
Note: %SystemDir% is a variable (?). By default, this is C:WindowsSystem (Windows 95/98/Me), C:WINNTSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).

Free PC Health Check - find bad files fast! How many corrupt and redundant files are lurking inside your PC ready to cause harmful errors? Find these harmful "time-bomb" files instantly and keep your computer ERROR FREE 24 hours a day!

FavoriteMan has many variants:

FavoriteMan/Lwz installs lwz.dll. Data file is SysLdr.dll. Controlling server is www.f1organizer.com.
FavoriteMan/F1 installs F1.dll. Data file is SysLdr.dll. Controlling server is www.prize4all.com.
FavoriteMan/FOne
FavoriteMan/FOne is a replacement for the Lwz variant. Filename is FOne.dll, data file is SysLdr.dll. Controlling server is www.f1organizer.com.
FavoriteMan/Ofrg's program file is called ofrg.dll. It stores its data in a file called favboot.dll. Its controlling server is www.yourspecialoffers.com. FavoriteMan/Favorite installs favorite.dll. Data file is FavMan.dll. Controlling server is also www.yourspecialoffers.com.

FavoriteMan/SpyAssault
FavoriteMan sometimes causes IE to lock up for a variable period of time, occasionally indefinitely, when a new browser process is started. This may be something to do with its trying to contact its servers on startup. Also crashes may occur when very long URLs are used.

How to Remove FavoriteMan?

FavoriteMan/F1 and FavoriteMan/ZZ offer a removal feature: Click Start >Settings > Control Panel > Add/Remove programs, choose 'F1' or 'ZZ' and click 'Remove'.

To manually remove other variants of FavoriteMan:

Unregister FavoriteMan. Open a DOS command prompt window (Click Start > Run, type 'command'(for Windows 98/Me) or 'cmd' (for Windows 2000/XP) and enter the following commands: cd "%WinDir%System" regsvr32 /u favorite.dll

Note: Change the filename 'favorite.dll' to match the variant you have. This can be ofrg.dll, favorite.dll, lwz.dll, F1.dll, ZZ.dll, mpz300.dll, trk.dll, Gr02.dll, Aess.dll, Ss32.dll or emesx.dll; in in the case of the IMZ variant it will have a random eleven-letter filename. (eg. troallystbr.dll). You can usually find the culprit by opening the System folder choosing View->Arrange icons by->Modified, then looking near the bottom of the window.

Restarting the computer.

Delete the program file. The software can be found in the System folder. On Windows 95/98/Me this is the folder called 'System' in the Windows folder; on Windows NT, 2000 and XP it is called 'System32'. Look for one of the filenames listed above.

Delete the data file favboot.dll, FavMan.dll, SysLdr.dll, mbr32.dll, im64.dll or dlh0st.dll in the same folder (it isn't a DLL at all). Open the registry editor ( Start > Run, type regedit) , locate the key 'HKEY_CURRENT_USERSoftwareMicrosoftWindows',find and delete the entries 'Counter', 'Server' and 'Object' in it.

Free PC Health Check - find bad files fast! How many corrupt and redundant files are lurking inside your PC ready to cause harmful errors? Find these harmful "time-bomb" files instantly and keep your computer ERROR FREE 24 hours a day!

Online Trojan

Overview
Online Trojan changes your Internet Explorer settings.

Classification
Trojan Horse

Files
svchost.exe, msto32.dll, svchostc.exe, svchosts.exe

Log references
Log 89

Vendor
Unknown

Privacy policy
No privacy policy available.

Detection
Bazooka Adware and Spyware Scanner detects Online Trojan. Bazooka is freeware and detects spyware, adware, foistware, trojan horses, viruses, worms and other potentially unwanted applications. Read more »

Manual removal
Please follow the instructions below if you would like to remove Online Trojan manually. Please notice that you must follow the instructions very carefully and delete everything that is mentioned. In most cases the removal will fail if one single item is not deleted. If Online Trojan remains on your system after stepping through the removal instructions, please double-check by stepping through them again. Start your computer in safe mode.

Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)

Browse to the key:
'HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows CurrentVersion Run'
In the right pane, delete the value called 'Online Service', if it exists.
Exit the registry editor.
Start Windows Explorer and delete:
%WinDir%svchost.exe
%WinDir%msto32.dll
%SystemDir%svchostc.exe
%SystemDir%svchosts.exe
Note: %SystemDir% is a variable (?). By default, this is C:WindowsSystem (Windows 95/98/Me), C:WINNTSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).

Note: %WinDir% is a variable (?). By default, this is C:Windows (Windows 95/98/Me/XP) or C:WINNT (Windows NT/2000).

Start Microsoft Internet Explorer.
In Internet Explorer, click Tools -> Internet Options.
Click the Programs tab -> Reset Web Settings.

Nabaza.com specializes in building, designing, implementing, managing and maintaining corporate website to boost sales of your company. Email william@nabaza.com for information on functional, dynamic webpage designing with affordable packages. Subscribe for free: http://www.nabaza.com/subscribe.htm

Rebrandable ebooks, software for free
Free Advertising Space
Put Nabaza.com In your desktop

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

New York Times

Billionaire Backer of Maria Butina Had Russian Security Ties
New York Times
An oligarch who helped finance a Russian gun rights activist accused of infiltrating American conservative circles has been a discreet source of funds for business ventures useful to the Russian military and security services, according to documents ...
US Jail Transfers Russian National Butina to Minimum Security RegimeSputnik International

all 19 news articles »

HuffPost

Homeland Security Orders FEMA Boss To Pay For Personal Use Of Government Vehicles
HuffPost
Homeland Security Secretary Kirstjen Nielsen has ordered Federal Emergency Management Agency Administrator Brock Long to reimburse the government for improper personal use of official vehicles, which was uncovered in an investigation. But he won't ...
US homeland security secretary says disaster management chief won't lose job over investigation into vehicle usageThe Japan Times

all 671 news articles »

Council on Foreign Relations (blog)

CFR Digital Interactive Explores Women's Contributions to Peace and Security
Council on Foreign Relations (blog)
While recurrent armed conflicts, expanded extremist networks, and record levels of displacement remain defining features of global security, standard peacemaking methods continue to overlook a proven strategy to reduce conflict and advance stability ...

and more »

MyAJC

Security camera catches repairman sniffing, stealing child's underwear
MyAJC
A California man is warning other parents after the security camera in his young daughters' bedroom caught a repairman rifling through the children's clothes hamper, sniffing what appeared to be a pair of underwear and stashing another pair in his pocket.
Home security video shows repairman examining child's underwearKABC-TV
Nanny Cam Catches Repairman In Disturbing Act Involving UnderwearCBS Los Angeles
Playa Vista Father Shares Video of Repairman Sniffing His Young Daughters' UnderwearKTLA

all 68 news articles »

NPR

Hacks, Security Gaps And Oligarchs: The Business Of Voting Comes Under Scrutiny
NPR
"Election officials have been doing a ton around election security, but if that same thing isn't going on at the vendor level, then that creates a really big potential vulnerability for the entire system," said Edgardo Cortéz, an election security ...
Tensions Flare as Hackers Root Out Flaws in Voting MachinesWall Street Journal
Indictment - Department of JusticeDepartment of Justice
Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 ElectionThe Intercept
Center for Internet Security -YouTube
all 115 news articles »

wtvr.com

Woman accused of hitting security guard with fanny pack filled with pigeon
wtvr.com
The security guard noticed 56-year-old Laurie Weaver, of New York, yelling at employees inside the Social Security Administration Office in Fairfax County, according to WDCW. When the security guard approached, Weaver hit him in the head with her fanny ...
Woman pulls knife on security guard, then hits him with bag that had pigeon insideThe Independent
Woman hits security guard with fanny pack containing pigeon, police sayAtlanta Journal Constitution
Woman pulls knife on security guard, hits him with fanny pack that had pigeon insideWashington Post
Boing Boing (blog) -WUSA9.com
all 76 news articles »

WIRED

Clouldflare and Google Will Help Sync the Internet's Clocks—and Make You Safer
WIRED
The internet's decentralized nature means that the clocks behind every web browser and web application can actually have major discrepancies, which in turn can undermine security protections. In a step toward addressing these inconsistencies, the ...

and more »

Dark Reading

6 Security Training Hacks to Increase Cyber IQ Org-Wide
Dark Reading
Some of security's toughest nuts to crack are the vulnerabilities introduced by the human element. Users are duped by phishers every day. IT operations staff configure infrastructure insecurely over and over again. Developers repeatedly write code in ...


Data Manipulation: How Security Pros Can Respond to an Emerging Threat
Dark Reading
The flaw, if not proactively found, would have allowed hackers to run malicious code on its systems and manipulate data. It's the latest example of an emerging threat that has industry leaders scrambling and requires new thinking from security ...


Reuters

Trump administration a threat to international peace and security: Iran's Zarif
Reuters
“It is true that there is a real threat to our region and to international peace and security: That threat is the Trump Administration's sense of entitlement to destabilize the world along with rogue accomplices in our region,” Zarif said. “The US must ...

and more »
Google News

Spyware Removal

Spyware SolutionProbably Today's Biggest Computer Problem. You Suffer Without Knowing... Read More

Steganography ? The Art Of Deception & Concealment

The Message Must Get Through ----------------------------- The year is 300A.D.,... Read More

Network Security 101

As more people are logging onto the Internet everyday, Network... Read More

How to Know Whether an Email is a Fake or Not

A few nights ago I received an email from "2CO"... Read More

How to Fight Spyware

If you are wondering how to fight spyware for safe... Read More

Hacking Threats and Protective Security

The 1998 Data Protection Act was not an extension to,... Read More

Spyware Attacks! Windows Safe Mode is No Longer Safe

Many of us have run into an annoying and time-consuming... Read More

Phishing - Identity Theft & Credit Card Fraud

What is Phishing? Phishing is a relatively newly coined term... Read More

With the Rise of Internet Crimes, Users are Turning to High-Tech ?PI?s? for Solutions

High-tech private investigators are becoming the answer for many Internet... Read More

Don?t Become An Identity Fraud Statistic!

"You've just won a fabulous vacation or prize package! Now,... Read More

How Free Scripts Can Create Security Problems

With the Internet entering our lives in such an explosive... Read More

The Importance of Protecting Your PC from Viruses and Spam

Today the internet is a mine field of malicious code... Read More

Parental Control - Dangers To Your Child Online & Internet Child Safety Tips

Did you know...? 1 in 5 children who use computer... Read More

Social Engineering - The Real E-Terrorism?

One evening, during the graveyard shift, an AOL technical support... Read More

Types Of Computer Infections

Computer infections can be broken up into 4 main categories... Read More

Why Malicious Programs Spread So Quickly?

It seems that nowadays cybercriminals prefer cash to fun. That... Read More

SPYWARE - Whos Watching Who?

I am in the midst of Oscar Wilde's The Picture... Read More

The One Critical Piece Of Free Software Thats Been Overlooked

Can You Prevent Spyware, Worms, Trojans, Viruses, ... To Work... Read More

Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking

Airport Menace: The Wireless Peeping Tom ---------------------------------------- As a network... Read More

Wireless Network Security

Working from home has its advantages, including no commute, a... Read More

The Bad Guys Are Phishing For Your Personal Information

Do you know what "phishing" is?No, it doesn't mean you... Read More

Internet/Network Security

Abstract Homogeneous symmetries and congestion control have garnered limited interest... Read More

Eliminate Adware and Spyware

Everyone should eliminate spyware and adware from your hard drive... Read More

Viruses and Worms: The Problems and Their Solutions

History and BackgroundThe virus was one of the first ever... Read More

Phishing - Learn To Identify It

Phishing: (fish'ing) (n.)This is when someone sends you an email... Read More