Could anyone help me please and see if there is anything bad on my computer that shouldnt be there.
Have current version 0443-0)
Windows XP Home Edition Version 2002 Service Pack 1
Have a normal firewall, security settings default and so is privacy settings. Also got Ad-Aware SE Personal. If you need anymore info just say so. Have a AMD Athon XP 2000, 512 MB of Ram and it is made by Jal Computers. Also use internet explorer as a browser.
Your system is loaded with malware.
1] Fix evreything that is reported as “nasty” on THIS SITE
2] Run HijackThis again an create a new log. Analyze that with my Hijackthis log analyzer (see page in my signature)
3] Fix everything that is reported as bad.
4] Run HJT again and create a new log.
5] Post a new log here.
i RAN lOG anALYZER AND it said the system file is not suitable for running MS-DOS AND MICROSOFT WINDOWS. What should i do friend?
Run a online anti virus scanner and let it remove the infection (or whatever it can), reboot and try again.
Hey hows this log? thanx for your help mate. Where ya from? 
Still tons of things that need to be fixed. I have to analyzes for you
HijackThis.de
My analyzer
Fix everything that is reported as nasty/bad.
HEY MAN. hows is it now?
You are using the latest version of HijackThis.
Old version of Internet Explorer detected, please update.
Your Operating System is not up-to-date. (Latest service pack not installed)
\docume~1\mrfenn~1\locals~1\temp\9.tmp.exe
\windows\system32\cmprops6.exe
\windows\system32\clb33227.exe
\windows\system32\wupdt32x.exe
\documents and settings\mr fennings\application data\abcc.exe
\windows\system32\vpc32.exe
r1 - hkcu\software\microsoft\internet explorer\main,search bar = file://c:\windows\system32\searchbar.htm
o4 - hklm..\run: [[ephemeral 2.5] by treehugger, ] c:\docume~1\mrfenn~1\locals~1\temp\9.tmp.exe
o4 - hklm..\run: [microsoft update machine] wupdt32x.exe
o4 - hklm..\run: [microsoft update] vpc32.exe
o4 - hklm..\runservices: [microsoft update] vpc32.exe
o4 - hklm..\runservices: [microsoft update machine] wupdt32x.exe
o4 - hkcu..\run: [tdes] c:\documents and settings\mr fennings\application data\abcc.exe
o4 - hkcu..\run: [microsoft update] vpc32.exe
o4 - hkcu..\run: [microsoft update machine] wupdt32x.exe
And HERE is what the online analyzer tells you. You still haven’t fixed the things. Perhaps you better follow ALL steps as explained on the page in my signature.
hey man, ok i did what it said and the microsoft updates keep coming back how do I delete AND should i delete them, and if so do i do it manually cause i keep fixing them and i scan after that and they reappear.
Click on the link in my signature and follow all steps as explained there. Please take your time to read and do as stated there. Better slow and sure than fast and sorry 
Have you disabled system RESTORE… ?
if not, do so FIRST, then reboot to safeMode (F8-Boot) and try deleting the files there manually
or (in SafeMode) start hijackthis & scan, then go CONFIG → MiscTools → Process manager and KILL the processes belonging to the bad entries;
THEN fix with Hijackthis and delete the files, then reboot
P.S.: First, you might want to email the files in a password-protected ZIP to
virus (at) avast.com
More Details/how-to’s: see link “VirusRemoval” below in my sig
or go
Start → Run, enter SERVICES.MSC
in the services panel, see if you can identify the nasties by their names (or with rightclick->properties: look for the filenames) and then stop & deactivate the service
hey i ran comp in safe mode with system restore turned off and deleted some stuff on hijackthis. how is this scan guys? thanx for your help by the way! i have recently installed, and set as default, mozilla’s firefox browser. I have not installed service pack 2 because it seems to slow the system down. I dont use IE anymore because it is not as security orientated as opposed to firefox or netscape or opera.
It’s getting better I only see these two still :
\docume~1\mrfenn~1\locals~1\temp\9.tmp.exe
o4 - hklm..\run: [[ephemeral 2.5] by treehugger, ] c:/docume~1\mrfenn~1\locals~1\temp\9.tmp.exe
Use HijackThis or StartUp.cpl to remove the “o4”, reboot and delete everything in \docume~1\mrfenn~1\locals~1\temp, reboot again and see if it stays away.
hey man, shall i disable or delete the tree hugger file with startup control panel and do you mean delete or disable the other file with startup control panel or with some other application? thanx
o4 - hklm..\run: [ephemeral 2.5] by treehugger, ] c:/docume~1\mrfenn~1\locals~1\temp\9.tmp.exe
This one makes sure the file is loaded when you start windows. Delete it with HijackThis or StartUp.cpl.
Reboot to make the change effective.
Delete all files in that folder.
Reboot again (just to make sure)
Check if it still is gone.
When it is, your system seems clean again to me 
in my documents i have this windows 32 cabinet self-extractor, is it a good program do you know? everything else in there looks ok.
Never heard of that one, but why not just use winzip (or simulair) for it?
And Windows has a build in extracter for cab files.
ok man, thanx for all ya help. i’ll probably need your help soon. Hopefully with all your advice and help this computer can be clean indefinately, more or less!