Eh, attempted to fix another comp heavily infested with a worm.
Ran McAfee AV. It cleaned some files, I quaranteed others, and deleted the rest.
It told me to reboot so I did.
I ran every thing on the Rescue Disk and it found nothing.

After I choose a user and enter Windows XP (home) everything appears to be fine but then all the desktop icons disappear, the taskbar disappears, but there are processes running. What the hell did I do?

Edit ~ Here are some error messages

rundll32.exe
The instruction at 0x61002958 referenced memory at 0x00a7088c. The memory could not be "read".

McAfee VirusScan
Some components of ActiveShield are either missing or might not have been installed properly. Please reinstall ActiveShield.
(i think i installed this in safe mode with networking)
x2

System Configuration Utility window pops up and says something, but I can't read it :\

Hi,
Do you get icons and taskbar in safe mode?

Let's try this one, open NotePad, and copy the contents of the below "Code" box:-
Go to File Menu > Save As, and save the file with the name Test.bat and exit from NotePad.

Double-Click on the file Test.bat, a small DOS type window should open and close immediately. After this, there would be a file called Info.txt in the same location where Test.bat was present. Open the Info.txt and post it's contents here.

yeah everything is fine in safe mode. i will try this and report back. thanks!

here are the results....

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize"
"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"
"LTSMMSG"="LTSMMSG.exe"
"ezShieldProtector for Px"="C:\\WINDOWS\\System32\\ezSP_Px.exe"
"Share-to-Web Namespace Daemon"="D:\\HP Share-to-Web\\hpgs2wnd.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb06.exe"
"THGuard"="\"C:\\Program Files\\TrojanHunter 4.2\\THGuard.exe\""
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1120928620\\EE\\AOLHostManager.exe"
"AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"
"AOL Spyware Protection"="\"C:\\PROGRA~1\\COMMON~1\\AOL\\AOLSPY~1\\AOLSP Scheduler.exe\""
"Pure Networks Port Magic"="\"C:\\PROGRA~1\\PURENE~1\\PORTMA~1\\PortAOL.exe\" -Run"
"lrtt"="C:\\WINDOWS\\System32\\lrtt.exe"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\McUpdate.exe"
"lmi"="C:\\WINDOWS\\System32\\lmi.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"AOL Fast Start"="\"D:\\Program Files\\America Online 9.0\\AOL.EXE\" -b"

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091

~

I've been working on this comp from 3:30am (PST) and still working on it... it's 1:16pm lol. I don't give up. I ran Ewido, HJT, Killbox (can't get rid of svchost.exe), trendmicro housecall, mcafee antivirus, and trojan hunter. The computer is infected with W32/Pate.b and no matter how many times I run mcafee it doesn't get it all. I even got the worm killer thing from the microsoft website (supposed to remove sasser and others) and that didn't work. When I went to "end task" on 4 running instances of svchost.exe, one of them made the comp shutdown with a 45sec timer.

Hi,
Can you connect to Internet from that PC? If yes, please upload and scan these files at http://virusscan.jotti.org/
C:\WINDOWS\System32\lrtt.exe
C:\WINDOWS\System32\lmi.exe

Also, perform a virus scan at http://housecall.trendmicro.com/ and http://www.pandasoftware.com/activescan/

File: lrtt.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 c5d1bd0c682106929f3fb2efbebc7f48
Packers detected: PE_PATCH.PECOMPACT, PECBUNDLE, PECOMPACT
Scanner results
AntiVir Found TR/Dldr.Lastad.P
ArcaVir Found Trojan.Downloader.Lastad.P
Avast Found nothing
AVG Antivirus Found Downloader.Generic.YH
BitDefender Found Trojan.Downloader.Lastad.P
ClamAV Found Worm.Mytob.FJ
Dr.Web Found Trojan.DownLoader.2905
F-Prot Antivirus Found nothing
Fortinet Found W32/Lastad.P-tr
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Lastad.p
NOD32 Found Win32/TrojanDownloader.Lastad.P
Norman Virus Control Found W32/Lastad.P
UNA Found nothing
VBA32 Found Trojan-Downloader.Win32.Lastad.p

and

File: lmi.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 bc6e9fb694c51177a22071705c1a9b43
Packers detected: PE_PATCH.PECOMPACT, PECBUNDLE, PECOMPACT
Scanner results
AntiVir Found TR/Dldr.Lastad.h.1
ArcaVir Found Trojan.Downloader.Lastad.H
Avast Found Win32:Trojano-1516
AVG Antivirus Found Downloader.Generic.RE
BitDefender Found Trojan.Downloader.Lastad.H
ClamAV Found Worm.Mytob.FJ
Dr.Web Found Trojan.DownLoader.2991
F-Prot Antivirus Found W32/Downloader.CRT
Fortinet Found W32/Lastad.H-tr
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Lastad.h
NOD32 Found probably unknown NewHeur_PE (probable variant)
Norman Virus Control Found W32/Lastad.H
UNA Found TrojanDownloader.Win32.Lastad
VBA32 Found Trojan-Downloader.Win32.Lastad.h

Hmm, this folder is caked with this stuff. Almost every single *.exe file on this comp is infected with whatever worm this is. Er, that's what McAfee is pointing to as well.

Hi,
To remove these file's registry entry, follow these steps, Open NotePad, and copy the contents of the below "Code" box:-
Go to File Menu > Save As, and save the file with the name Remove.reg and exit from NotePad.
Double-Click on the file Remove.reg, and choose "Yes" to merge it with Registry.

There may be some more viruses, try HouseCall or/and Panda Scan.

The first time around when I did house call, it found well over 2K infected files. When it went to the Recover process, it didn't list any of the 2K+ and it wouldn't let me do anything. Every time I open something a window pops open for a brief sec, a Windows Installer window.... I'm about to toss this heap out the window even though it's not mine.

Hi,
IT seems that there are a lot of infected files. Try to perform the scans in Saf mode with networking option. You can go to "Safe Mode with Networking" mode, by doing this:-
1] Restart (or switch ON) the PC.
2] Then, keep tapping the F8 Key.
3] From the menu that will be displayed, out of which choose Safe Mode with Networking and press Enter.

Well, after many hours, 18+ with no breaks, I finally managed to completely rid this computer of all the junk and crud. Thanks very much for your help! I clicked around, manually deleted 276kb size files in c:\windows\system32 folder, downloaded AOL 9.0SE for the free McAfee AntiVirus (have an account), ran that a few times, uninstalled AOL and McAfee, ran every other program I had available at least twice to make sure I got every thing out. Online virus scan wasn't showing me any results. Something was bugged with Internet Explorer. Oh well, I got to job done though I made it harder than it was.