Thank you very much.Below are the results of the virus scan showing the viruses that could not be cleaned.Meanwhile I will finish the rest of the procedures and keep you posted.

Virus Scan 0 virus cleaned, 0 virus deleted

Results:We have detected 5 infected file(s) with 5 virus(es) on your computer: - 5 virus(es) passed, 0 virus(es) no action available
- 0 virus(es) cleaned, 0 virus(es) uncleanable
- 0 virus(es) deleted, 0 virus(es) undeletable
- 0 virus(es) not found, 0 virus(es) unaccessible
Detected File Associated Virus Name Action Taken
C:\_RESTORE\ARCHIVE\FS6.CAB- A0071489.CPY TROJ_DLOADER.PX Pass
C:\_RESTORE\ARCHIVE\FS7.CAB- A0071649.CPY TROJ_DLOADER.PX Pass
C:\_RESTORE\ARCHIVE\FS26.CAB- A0081006.CPY TROJ_SMALL.AFF Pass
C:\WINDOWS\SYSTEM\vxh8jkdq5.exe TROJ_SMALL.AFK Pass
C:\WINDOWS\svchost.exe TROJ_DLOADER.PX Pass

Trojan/Worm Check 0 worm/Trojan horse deleted

What we checked:Malicious activity by a Trojan horse program. Although a Trojan seems like a harmless program, it contains malicious code and once installed can cause damage to your computer.
Results:We have detected 1 Trojan horse program(s) and worm(s) on your computer: - 0 worm(s)/Trojan(s) passed, 0 worm(s)/Trojan(s) no action available
- 0 Worm(s)/Trojan(s) deleted, 0 worm(s)/Trojan(s) undeletable
Trojan/Worm Name Trojan/Worm Type Action Taken
VBS_REDLOF Others Unknown

Spyware Check 12 spyware programs removed

What we checked:Whether personal information was tracked and reported by spyware. Spyware is often installed secretly with legitimate programs downloaded from the Internet.
Results:We have detected 13 spyware(s) on your computer: - 1 spyware(s) passed, 0 spyware(s) no action available
- 12 spyware(s) removed, 0 spyware(s) unremovable
Spyware Name Spyware Type Action Taken
COOKIE_1433 Cookie Pass
ADW_RBLASTDLL.A Adware Removal successful
SPYW_SITEBAR.A Spyware Removal successful
ADW_ISTBAR.C Adware Removal successful
SPYW_DUMARIN.O Spyware Removal successful
ADW_WUPD.F Adware Removal successful
SPYW_AGENT.HS Spyware Removal successful
SPYW_DYFUCA.L Spyware Removal successful
SPYW_MEDACCESS.A Spyware Removal successful
ADW_BLAZE.B Adware Removal successful
ADW_WINAD.L Adware Removal successful
ADW_ISTBAR.R Adware Removal successful
ADW_MEDACCESS.A Adware Removal successful

Microsoft Vulnerability Check 16 vulnerabilities detected

What we checked:Microsoft known security vulnerabilities. These are issues Microsoft has identified and released Critical Updates to fix.
Results:We have detected 16 vulnerability/vulnerabilities on your computer.Risk Level Issue How to Fix
Highly Critical This vulnerability enables a remote attacker to access a Windows 9x/ME shared file without having to know the entire password assigned to that share, since just by sending a 1-byte password that matches the first character of the real password could allow access to that share. MS00-072
Highly Critical This vulnerability enables a remote attacker to execute arbitrary commands via a malicious web page or e-mail. This is caused by the Microsoft Virtual Machine allowing the security settings of Internet Explorer to be bypassed. MS00-075
Highly Critical This vulnerability enables attackers to launch an attachment automatically by making use of an unusual MIME type that IE handles incorrectly. MS01-020
Critical This vulnerability enables a remote attacker to execute arbitrary code through the use of a malformed Advanced Streaming Format (ASF) file. It is caused by a buffer overflow in Microsoft Windows Media Player 6.4. MS01-056
Critical This vulnerability enables a remote attacker to execute arbitrary codes on the users system. It is caused by Internet Explorer 6.0 believing that the file to be opened is safe to open without user confirmation, due to some changes made in the HTML header.;This vulnerability enables a remote attacker to read any file contained in the users system that could be opened through Internet Explorer 5.5 or 6.0.;This vulnerability enables a remote attacker to represent the file name in the File Download dialogue box of Internet Explorer 5.5 or 6.0 with a different name that could fool users into thinking that the said file is safe to download. MS01-058
Critical This vulnerability allows a remote attacker to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated when buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 is triggered.;A remote attacker could read arbitrary files via malformed requests to the GetObject function because Internet Explorer 5.01, 5.5 and 6.0 bypass some of GetObject's security checks.;File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows the modification of the displayed name of the file through Content-Disposition and Content-Type HTML header fields, which could allow an attacker to trick a user into believing that a file is safe to download.;Because Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Content-Type HTML header field, a remote attacker is allowed to modify which application is used to process a document.;Internet Explorer 5.5 and 6.0 bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made, which could allow a remote attacker to compromise user system through the said vulnerability.;Internet Explorer 5.5 and 6.0 allows the reading of certain files and spoofing of the URL in the address bar through the Document.open function, which could allow a remote attacker to compromise user system through the said vulnerability.;This vulnerability allows a remote attacker to read arbitrary files by specifying a local file as an XML Data Source. This is caused by the XMLHTTP control found in Microsoft XML Core Services 2.6 and later not properly handling Internet Explorer Security Zone settings. MS02-005
Critical This vulnerability enables a remote attacker to run scripts in the Local Computer zone. This is done via a script that is embedded in a cookie that would be saved to the users system.;This vulnerability enables a remote attacker to invoke an executable on the users system via an HTML web page that includes an object tag. MS02-015
Critical This vulnerability enables a remote attacker to execute code via a malformed HTTP request to the Data Stub when the heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0 is triggered. MS02-065
Highly Critical This vulnerability enables a remote attacker to execute any file that can be rendered as text, and be opened as part of a page in Internet Explorer. MS03-014
Critical This vulnerability enables a remote attacker to cause a denial of service and execute arbitrary code through a specially formed web page or HTML e-mail. This is caused by a flaw in the way the HTML converter for Microsoft Windows handles a conversion request during a cut-and-paste operation. MS03-023
Critical This vulnerability enables a remote attacker to execute arbitrary code through a specially crafted MIDI file. This is caused by multiple buffer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL). MS03-030
Highly Critical These vulnerabilities, which are due to Internet Explorer not properly determining an object type returned from a Web server in a popup window or during XML data binding, respectively, could allow an attacker to run arbitrary code on a user's system. MS03-040
Critical This vulnerability could allow an attacker to access information from other Web sites, access files on a user's system, and run arbitrary code on a user's system, wherein this is executed under the security context of the currently logged on user.;This vulnerability could allow an attacker to save a file on the users system. This is due to dynamic HTML events related to the drag-and-drop of Internet Explorer.;This vulnerability, which is due to the incorrect parsing of URLs which contain special characters, could allow an attacker to trick a user by presenting one URL in the address bar, wherein it actually contains the content of another web site of the attackers choice. MS04-004
Critical The MHTML URL Processing Vulnerability allows remote attackers to bypass domain restrictions and execute arbitrary code via script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers.This could allow an attacker to take complete control of an affected system. MS04-013
Critical This update resolves a newly-discovered, publicly reported vulnerability. A vulnerability exists in the HTML Help ActiveX control in Windows that could allow information disclosure or remote code execution on an affected system. MS05-001
Critical This vulnerability exists in the DHTML Editing Component ActiveX Control. This vulnerability could allow information disclosure or remote code execution on an affected system. MS05-013

Done.Thanks a lot for your help.Here is my latest HJT log.

Logfile of HijackThis v1.99.1
Scan saved at 6:38:19 PM, on 6/30/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\MY DOCUMENTS\DALMATION\KNOWLEDGE ECONOMY\2005 DOWNLOADS\TRENDMICRO\HJT\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 90.0.0.1:3128
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

Do you think I am 'safe' now?Somehow my SpywareBlaster cannot download updates.The message I get is "Cannot establish a connection to download".

I think you guys are right about my proxy server being the culprit.I tried to disable the sygate firewall but still I could not update SpywareBlaster.

I use the internet at work - and my computer is part of a large network of computers.My IT knowledge is not the best but I think I am connecting through the Local Area Network (LAN).I am in Africa - by the way.

My sygate frewall tells me that kernel 32.dll wants to connect the internet.Is this something that HJT can cure?