Hijack This Log

Hi--
Could someone please look at this Hijack This log? I think something got into my system. Thanks.

Logfile of HijackThis v1.98.0
Scan saved at 5:20:17 PM, on 7/7/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\TCDPLAY.DRV
C:\WINDOWS\SYSTEM\TWBROWSE.DRV
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\INETSRV\SERVICES.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\TOSHIBA\MOUSE\TMOUSE.EXE
C:\WINDOWS\SYSTEM\TOSHIBSU.EXE
C:\WINDOWS\SYSTEM\PSPCCARD.EXE
C:\WINDOWS\SYSTEM\PWRTRAY.EXE
C:\WINDOWS\SYSTEM\TESCKEY.EXE
C:\WINDOWS\SYSTEM\TFUNCKEY.EXE
C:\WINDOWS\SYSTEM\THOTKEY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\N32RMD.EXE
C:\WINDOWS\SYSTEM\HPZTSB03.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\PROGRAM FILES\IOMEGA HOTBURN\AUTOLAUNCH.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\FINDFAST.EXE
C:\WINDOWS\TPPSTRAY.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\PRCVIEW\FILES\PRCVIEW.EXE
C:\PROGRAM FILES\HIJACK THIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://c:\windows\TEMP\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:\windows\TEMP\sp.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchportal.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://c:\windows\TEMP\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:\windows\TEMP\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://c:\windows\TEMP\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://0cj.net/srchasst.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://c:\windows\TEMP\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://0cj.net/srchasst.html
F1 - win.ini: run=C:\WINDOWS\INETSRV\SERVICES.EXE
O2 - BHO: sr - {FC2593E3-3E5A-410F-AF3D-82613CCE58E5} - C:\WINDOWS\SR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {8D20C542-CFF2-11D8-B195-4445B831AE2A} - C:\WINDOWS\SYSTEM\AGOGH.DLL (file missing)
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [s3syskey] s3syskey.exe
O4 - HKLM\..\Run: [TMOUSE] C:\Toshiba\Mouse\tmouse.exe
O4 - HKLM\..\Run: [TOSHIBSU] TOSHIBSU.EXE
O4 - HKLM\..\Run: [PsPCCard] PsPCCard.EXE
O4 - HKLM\..\Run: [PowerTray] PwrTray.EXE
O4 - HKLM\..\Run: [TEscKey] TESCKEY.EXE
O4 - HKLM\..\Run: [TFunckey] TFUNCKEY.EXE
O4 - HKLM\..\Run: [THotkey] THotkey.Exe
O4 - HKLM\..\Run: [Norton AntiVirus Reminder] C:\PROGRA~1\NORTON~1\N32RMD.EXE /RES
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb03.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Remndr] "C:\PROGRAM FILES\CASINOONLINE\CSREMND.EXE"
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn\Autolaunch.exe"
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\INETSRV\SERVICES.EXE
O4 - HKLM\..\Run: [ist service uninstall x] C:\WINDOWS\SIMPLE1.EXE /u
O4 - HKLM\..\RunServices: [THotkey] !NULL!
O4 - HKLM\..\RunServices: [TCDPlay] TCDPlay.Drv
O4 - HKLM\..\RunServices: [TWBrowse] TWBrowse.Drv
O4 - HKLM\..\RunServices: [Encompass_ENCMONTR] C:\Program Files\Encompass\ENCMONTR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] c:\windows\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\INETSRV\SERVICES.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O15 - Trusted Zone: www.mt-download.com
O16 - DPF: {C2583908-FD48-11D2-822E-00600805A87F} (ToshUtil Control) - file://c:\Toshiba\ActDesk\toshutil.cab
O18 - Protocol: start - {53B95211-7D77-11D2-9F81-00104B107C96} - C:\WINDOWS\SYSTEM\MSXWORD.DLL
O18 - Protocol hijack: about - {53B95211-7D77-11D2-9F81-00104B107C96}

 

Did you go to this link and follow the directions on how to run it (at the bottom) and read the output? It has links to 2 sites where you can check out some entry's yourself and then post back only the ones your not sure of.
http://forums.majorgeeks.com/vb/showthread.php?t=35407
"please close ALL running programs before you run it. This includes your web browser, email, firewall, anti-virus and programs running in your system tray (icons in the very bottom right)"
I've narrowed down my log doing this, but still wil be adding a post for it. Sorry I can't help more.

 

Thank you BlueStar. I just joined the forum yesterday after many hours of frustration. Unfortunately, I did not see the link regarding analyzing a Hijack This log until after I posted my thread. I worked on it last night and was able to identify a number of malicious programs. There are still a few lines on the log I haven't been able to identify, but I want to work on it a bit more myself and hopefully I can figure it out. If not, I will post only those items. Thank you very much for your reply!

 

Came here for the same reason, trying to find answers to things. I looked at your thread because I have W98SE too and had questions about my log which was no where near as long as yours, but I run with a lot of stuff off. I lucked out and found the link before I found the program. Only thing I found confusing at first is the link to check out program names, when one name has more than one caption about it in different sections and it boils down to where the program is located as to wheter it is the right one. I was only 3 deep before I noticed one program name can have more than one section about it (good & bad ones) .
Glad I was able to guide you in the right direction and find out the program works really great for finding problems. It didn't solve what I was looking for though so it's back to the drawing board .