# Imon.dll and other HJT 010 lsp dlls not to fix



## dvk01 (Dec 14, 2002)

If anyone looking in a hijackthis log sees an entry for 
O10 - Broken Internet access because of LSP provider 'imon.dll' missing

check whether the user is using NOD32 as their antivirus. If so DO NOT FIX IT and if using LSP fix also do not remove any entries for imon.dll

Imon.dll is an essential part of NOD32 antivirus, but because of the way HJT & LSPfix work they see it as missing and the cure destroys the email protection part of NOD32.

other good O10 entries are 

antiy (ghostbusters)
Spamsubtract


----------



## IMM (Feb 1, 2002)

Yeah, you could wish that NOD32 would put the path to the file into the winsock2 protocol catalog entry 

i've made the mistake (or come close) with nmtracer.dll - which I think belongs to Norman antivirus (sometimes)


----------



## winchester73 (Aug 18, 2003)

Thanks for the heads-up Derek ... I just saw 'imon.dll' missing in one elsewhere, and was trying to find some information on it. 

You saved me ... :up:


----------



## winchester73 (Aug 18, 2003)

Checking around, I was directed to this list of what HTJ may report as an 010 entry (complied by Pieter/Metallica):

DRWHOOK.DLL Dr Web Antivirus
nl_lsp.dll http://www.netlimiter.com/
iss_slsp.dll http://www.intel.com/anypoint/
lspcs.dll http://www.cybersitter.com/
hclsock5.dll http://www.hummingbird.com/
espsock2.dll http://www.esafe.com/
wshbth.dll http://www.bluetooth.com/tech/works/glossary.asp
pnrpnsp.dll http://support.microsoft.com/?kbid=817778
csesck32.dll Fortis bank secure layer
Armor2net.exe armor2net personal firewall
pxlsp.dll http://www.proxyconn.com/
wins4f.dll http://www.s4f.com/ Internet content filtering solutions
_easywall.dll http://www.tinasoft.com/easycafe/
nutafun4.dll http://www.mkssoftware.com/products/tk/ds_tkedev.asp
cplsp.dll http://www.surfcontrol.com/
ippsp.dll http://www.pcinternetpatrol.com/index.php
vetredir.dll http://www.vet.com.au/
sselsp.dll http://www.steganos.com/en/sia/
pavlsp.dll panda titanium antivirus 2004
sliplsp.dll http://www.slipstreamdata.com/sp.html
adlsp.dll http://www.aladdinsys.com/win/cleanup/index.html
cwhook.dll http://www.contentwatch.com/?cid=67;0;0
ictload.dll Accelenet client by ICT
agbfilt.dll http://www.antiy.net/


----------



## Sephiroth11 (Sep 24, 2003)

Thanks, dvk01!


----------



## FinestRanger (Oct 13, 2003)

I "fixed" it with LSP Fix and hijack this last night...oops...it's been replaced with the backup.


----------



## dvk01 (Dec 14, 2002)

and this one 'c:\windows\system32\netware\nwws2nds.dll' 
which netware lsp winsock entry


----------



## Flrman1 (Jul 26, 2002)

I'm adding this one to the list so we'll remember it too:

*ua_lsp* xfire instant gaming messenger = legit


----------



## Rollin' Rog (Dec 9, 2000)

Broken Internet access because of LSP provider *'spsublsp.dll'*missing

This is SpamSubtract


----------



## Flrman1 (Jul 26, 2002)

Anyone ever seen this one before?:

O10 - Unknown file in Winsock LSP: c:\program files\msn\msnsharedfiles\pclsp.dll


----------



## dvk01 (Dec 14, 2002)

> _Originally posted by flrman1:_
> *Anyone ever seen this one before?:
> 
> O10 - Unknown file in Winsock LSP: c:\program files\msn\msnsharedfiles\pclsp.dll *


as far as I can see it's part of Microsoft LAN manager, but I'm not 100% guaranteeing that


----------



## Flrman1 (Jul 26, 2002)

Another for the legit list.

ZoneLabs IM Secure:

*O10 - Broken Internet access because of LSP provider 'imslsp.dll' missing*


----------



## dvk01 (Dec 14, 2002)

The up to date definitive list of LSP entries is being kept & maintained here by Zupe

http://www.angeltowns.com/members/zupe/lsps.html


----------



## buckaroo (Mar 25, 2001)

Fantastic Derek. :up: 

Thanks.


----------



## winchester73 (Aug 18, 2003)

That will make things a lot easier ... thanks for the link ... :up:


----------



## $teve (Oct 9, 2001)

Another one for your lists:
xfilter.dll http://www.xstop.com/index.htm
Content Security - R3000 Enterprise Filter
:up:


----------



## $teve (Oct 9, 2001)

The*ua_lsp.dll* entry is also linked to
Ultimate-Arena online gaming.


----------



## stillearning (Mar 15, 2004)

Another one, though it should be obvious. 
c:\program files\indefense\maildefense\ndpwsspr.dll


----------



## mobo (Feb 23, 2003)

Another I have recently come across:

ipsp.dll ------which is attributed to http://www.softforyou.com/ip-index.html


----------



## mobo (Feb 23, 2003)

Another not seen by my eyes :

prplsf.dll

Due to this program so its safe to leave as well http://www.access4less.net/FAQ/A4LExpressfaq.htm


----------



## Rollin' Rog (Dec 9, 2000)

Looks like someone else has started keeping track of these:

http://www.angeltowns.com/members/zupe/lsps.html


----------



## Flrman1 (Jul 26, 2002)

New legit one *scopinet.dll*.

From Smart Cop Antivirus.


----------



## Cookiegal (Aug 27, 2003)

These are probably valid and related to Citrix.com:

*Ctxlsp.dll
Ctxnsp.dll*

*Ctxlsp.dll* was on the LSP list as an unknown but was suspected to be connected to Citrix.com

*Ctxnsp.dll * just turned up in a log where the user users Citrix.com


----------

