Unable to delete unknown files in winsock lsp found by hijack this.

After running Hijack This and deleting found nasty processes I am unable to delete 4 unknown files in Winsock lsp.  I am fighting a browser hijacker called search 200.  When Internet Explorer loads and you check the allowed sites in the pop up blocker settings it always lists lop.com and search200.com as allowed.  following is the hijackthis log.
Logfile of HijackThis v1.98.2
Scan saved at 12:20:56 PM, on 11/16/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\GP Motor Sports\Desktop\hijackthis\HijackThis.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\aplsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aplsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aplsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aplsp.dll

rider164Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SheharyaarSaahilCommented:
Hello rider164 =)

Use LSPFix to delete those O10 files >> http://www.spychecker.com/program/lspfix.html
0
rider164Author Commented:
Thanks for the quick reply.
I ran LSPFix and it did not identify any problem lsp files.
It listed mswsock, winmr.dll, aplsp.dll and rsvpsp.dll but did not recomend removal of any of these.
0
SheharyaarSaahilCommented:
hmmmmm aplsp.dll is really Nasty one, so we are sure that we have to remove it, and so you can Manually remove it using LSPFix :)
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

rider164Author Commented:
I removed aplsp.dll.  Now lop.com and search200.com do not show up in allowed sites in the pop up blocker.  I am still getting a search toolbar across the bottom of the internet explorer page which I thought was from search200 but I am not sure.
0
SheharyaarSaahilCommented:
hmmmm try Using ToolbarCop to remove the unwanted Toolband, Toolbar Icons and BHO:
http://windowsxp.mvps.org/toolbarcop.htm

Also make sure that you have these tools on your system,
========================================================
AdAware ==> http://www.spychecker.com/program/adaware.html
SpyBot  ==> http://www.spychecker.com/program/spybot.html
CoolWebShredder ==> http://www.softpedia.com/public/cat/10/17/10-17-150.shtml
Stinger ==> http://vil.nai.com/vil/stinger
========================================================

Turn off ur System Restore before cleaning the system if its WinME\XP >> http://www.pchell.com/virus/systemrestore.shtml
Then Run all of them one by one in safemode and delete everything they detect.
Then delete the temporary internet files and history of IE
and run Disk Cleanup on ur hard drive to delete those temp and junk files.
Restart back in Normal Mode to check for the problems now ?? :)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rider164Author Commented:
It appears that I am hijacker free.  I am running windows XP, Norton Internet Security, Adaware, Spybot, CoolWebShredder and Stinger.  I ran these in safe mode and cleaned the hard drive per your instructions.  It looks like all is well at this time.
Thanks, Rider164
0
SheharyaarSaahilCommented:
Excellent.... Good Job!! ^_^
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.