admin,
The Cleaner is a good software, infact as you told there was a trojan, but not only one!! This software found 13 trojans on my system
!! Here is another HijackThis Log:
Logfile of HijackThis v1.97.7
Scan saved at 18:01:37, on 16/04/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\PROGRAM FILES\STOMPSOFT\SPYWARE X-TERMINATOR\PPMEMCHECK.EXE
C:\PROGRAM FILES\STOMPSOFT\SPYWARE X-TERMINATOR\COOKIEPATROL.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WEBCHECK.EXE
C:\WINDOWS\TWAIN_32\CIS600X\WATCH.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\THE CLEANER\TCA.EXE
C:\PROGRAM FILES\THE CLEANER\TCM.EXE
C:\WINDOWS\DESKTOP\PROGAMS\HIJACKTHIS\HIJACKTHIS.EXE
F1 - win.ini: run=hpfsched
O2 - BHO: SafeGuard Popup Blocker - {B824E7B0-E8E3-4D75-895E-2C309EA4CC5D} - C:\PROGRAM FILES\SAFEGUARD POPUP BLOCKER PRO\SGPOPUPBLOCKER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Popup Blocker Updater] regsvr32 /s C:\WINDOWS\SYSTEM\SFG18B1.DLL
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\BIN\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\BIN\REGIST~1.EXE
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [System32] System32.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [MailDefense] C:\Program Files\InDefense\MailDefense\maildefense.exe 0
O4 - HKLM\..\Run: [ndpwatch] C:\Program Files\InDefense\MailDefense\ndpwatch.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\STOMPS~1\SPYWAR~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\STOMPS~1\SPYWAR~1\CookiePatrol.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [tcactive] C:\PROGRAM FILES\THE CLEANER\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\PROGRAM FILES\THE CLEANER\tcm.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [System32] System32.exe
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\BIN\REGIST~1.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [System Update] C:\WINDOWS\System\webcheck.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Startup: Watch.lnk = C:\WINDOWS\TWAIN_32\CIS600X\WATCH.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Popup Blocker Options (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O10 - Unknown file in Winsock LSP: c:\program files\indefense\maildefense\ndpwsspr.dll
O10 - Unknown file in Winsock LSP: c:\program files\indefense\maildefense\ndpwsspr.dll
O10 - Unknown file in Winsock LSP: c:\program files\indefense\maildefense\ndpwsspr.dll
O10 - Unknown file in Winsock LSP: c:\program files\indefense\maildefense\ndpwsspr.dll
O10 - Unknown file in Winsock LSP: c:\program files\indefense\maildefense\ndpwsspr.dll
O10 - Unknown file in Winsock LSP: c:\program files\indefense\maildefense\ndpwsspr.dll
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.ma...ash/swflash.cabO16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) -
http://http.gamezone...0.20/tukati.cabO16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} (Matrix Class) -
http://acceso.masmin.../aplicacion.cabO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com...ex/qtplugin.cabO16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
http://us.chat1.yimg...v45/yacscom.cabO16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
http://www.installen...gine/isetup.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cabO16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) -
http://files.ea.com/...h/v2/EARTPX.cabWhat do you say about this log? I Hope that my pc is clean!
Thank You very much for your patience