Options
bestfriends.scr - SaturdaySaviour
Hi, I was hoping someone may still check in this thread. I am having the same problem as the guy in this thread and followed the same process to fix it as well. But when I ran LSPfix, CONNWSP.DLL did not show up on the keep or remove list. There was nothing on the remove list from what I saw. Also I do not have a folder
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
So I had nothing to delete. I've tried clearing all my temp folders and deleted the BSPlayer.exe file that came along with the Aim virus but nothing has changed.
Logfile of HijackThis v1.97.7
Scan saved at 11:13:41 AM, on 10/19/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\WakeMeUp\WMUSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\documents and settings\aaron\desktop\regprot\regprot.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ABC\abc.exe
C:\PROGRA~1\MOZILL~1\THUNDE~1.EXE
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rpinfo.rpi.edu/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [RegProt] c:\documents and settings\aaron\desktop\regprot\regprot.exe /start
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM (HKLM)
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
So I had nothing to delete. I've tried clearing all my temp folders and deleted the BSPlayer.exe file that came along with the Aim virus but nothing has changed.
Logfile of HijackThis v1.97.7
Scan saved at 11:13:41 AM, on 10/19/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\WakeMeUp\WMUSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\documents and settings\aaron\desktop\regprot\regprot.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ABC\abc.exe
C:\PROGRA~1\MOZILL~1\THUNDE~1.EXE
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rpinfo.rpi.edu/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [RegProt] c:\documents and settings\aaron\desktop\regprot\regprot.exe /start
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM (HKLM)
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
0
Comments
TO AVOID CONFUSION, PLEASE DO NOT POST YOUR LOG IN THE THREAD OF SOMEONE ELSE'S LOG.
Which is exactly what you did. Please don't do that, you just made more work for us.
Try going into IE, click Tools -> Internet Options -> Security -> Custom Level, then Reset Custom Settings to Medium and click the RESET button. Click Yes, then OK and OK. Close IE, re-open it, and try some pages.
Let us know if that helps.
Dexter...