trojan 119428

clamwin sent me email of scan (see below) ,,,, The computer was turned off before issue was addressed . Now when I try to startup computer i log on and I see my desktop for a split second and then instant logoff . I have tried Safe Mode with same results . It is a Dell Precision 490 windows xp Service pack 3.
How do I address this issue?? Do I reinstall windows?

Scan Started Mon Jul 20 06:30:00 2009
-------------------------------------------------------------------------------

*** Scanning Programs in Computer Memory ***
*** Memory Scan: using ToolHelp ***


*** Scanned 32 processes - 438 modules ***
*** Computer Memory Scan Completed ***

C:\hiberfil.sys: Permission denied
C:\pagefile.sys: Permission denied
C:\WINDOWS\ServicePackFiles\i386\userinit.exe: Trojan.Agent-119428 FOUND
C:\WINDOWS\ServicePackFiles\i386\userinit.exe: Removed
C:\WINDOWS\system32\config\DEFAULT: Permission denied
C:\WINDOWS\system32\config\SAM: Permission denied
C:\WINDOWS\system32\config\SECURITY: Permission denied
C:\WINDOWS\system32\config\SOFTWARE: Permission denied
C:\WINDOWS\system32\config\SYSTEM: Permission denied
C:\WINDOWS\system32\drivers\fidbox.idx: Permission denied
C:\WINDOWS\system32\userinit.exe: Trojan.Agent-119428 FOUND
C:\WINDOWS\system32\userinit.exe: Removed
C:\WINDOWS\Temp\ZLT006c2.TMP: Permission denied
C:\WINDOWS\Temp\ZLT0766a.TMP: Permission denied

----------- SCAN SUMMARY -----------
Known viruses: 596209
Engine version: 0.94.1
Scanned directories: 6277
Scanned files: 68164
Infected files: 2
Data scanned: 19004.16 MB
Time: 4057.947 sec (67 m 37 s)

Edited by Norman_11, 21 July 2009 - 09:35 AM.

Hi,

I would start out by doing a scan with Malwarebytes...

It can be downloaded from any of these places...

http://www.malwarebytes.org/mbam.php

alternate download link 1 (easiest way)
http://malwarebytes.gt500.org/mbam-setup.exe

alternate download link 2
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html

Double-click on mbam-setup.exe to install the application. (If it will not download, install, or open after installation, change the name of it to whatever you want and change the .exe extension to .bat or .com or .pif or scr and then double click on it to run.)

When the installation begins, follow the prompts and do not make any changes to default settings. When installation has finished, make sure you leave both of these checked:

Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware

Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.

Make sure the "Perform Quick Scan" option is selected. Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.

When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found". Click OK to close the message box and continue with the removal process.

After running that scan, post the complete log of the results here and then download, install, update and run a quick scan with SuperAntiSpyware and post the complete log of the results here. This scan may take some time to complete so please be patient.

That can be downloaded from SuperAntiSpyware.com

If it will not download, install, or open after installation, change the name of it to whatever you want and change the .exe extension to .bat or .com or .pif or scr and then double click on it to run.

If possible, both programs should be run in regular Windows, not safe mode. Allow both programs to remove whatever they find and if they tell you that you need to reboot your computer to complete the removal process, reboot into normal Windows.

But first I need to be able to get logged on my computer . Note

Now when I try to startup computer i log on and I see my desktop for a split second and then instant logoff

..........

Ooops, I missed that, sorry.

Hopefully someone will come along soon and be able to help you with that

If you cannot bootup or logon in normal or safe mode, then your options are limited. You may be able to use a Windows XP bootable Floppy Disk to boot from a diskette instead of your hard drive. If your hard drive's boot sector or Windows' basic boot files have been corrupted, this disk will circumvent the problem and boot you into Windows. If you don't have an emergency boot floppy, you may be able to use one created on another PC running Windows XP but there's no guarantee that it will boot your machine.

• Resolving Boot Issues with a Boot Floppy Disk.
• How to obtain Windows XP Setup boot disks and select the download that's appropriate for your Operating System. The Setup boot disks are available so that you can run the Setup program on computers that cannot use a bootable CD-ROM.

Another option is to create a Bootable CD:

• How To Boot your Computer from a Bootable CD or DVD
• How to Create a Bootable Windows XP Setup Disk on a Preinstalled/Preloaded Windows System
• Bart's way to create bootable CD-Roms, Bart's Preinstalled Environment (BartPE)
• Making a bootable Windows 2000 CD
• Making a Bootable Windows 2000 CD with Service Pack integrated

These are links to Anti-virus vendors that offer free LiveCD or Rescue CD utilities that are used to boot from for repair of unbootable and damaged systems, rescue data, scan the system for virus infections. Burn it as an image to a disk to get a bootable CD. All (except Avira) are in the ISO Image file format. Avira uses an EXE that has built-in CD burning capability.

• Avira AntiVir Rescue System - Tutorial for Avira Rescue CD.
  If you encounter problems running the Rescue Disk, you can get further assistance at the Avira Support Forum.
• Dr Web LiveCD. Be sure to print out and follow the instructions provided in the User Manual.
• F-Secure Rescue CD - Rescue CD 3.01 released.
  Video: How to Remove Malware with F-Secure Rescue CD
  If you encounter problems running the Rescue CD, you can get further assistance at the F-Secure Support Forum.
• BitDefender LiveCD - Index of /rescue_cd
  If you encounter problems running the Rescue CD, you can get further assistance at the BitDefender Support Forum.
• Kaspersky RescueDisk - Index of /devbuilds/RescueDisk/
  If you encounter problems running the RescueDisk, you can get further assistance at the Kaspersky Support Forum.

If you are not sure how to burn an image, please read How to write a CD/DVD image or ISO. If you need a FREE utility to burn the ISO image, download and use ImgBurn.

Note: In order to use a rescue disk, the boot order must be set to start from the CD-ROM drive. If the CD is not first in the boot order, the computer will attempt to start normally by booting from the hard drive. The boot order is a setting found in the computer’s BIOS which runs when it is first powered on. This setting controls the order that the BIOS uses to look for a boot device from which to load the operating system. The default will normally be A:, C:, CD-ROM. Different computers have different ways to enter the BIOS. If you're not sure how to do this, refer to:

• Changing Your Computers Boot Order
• How to Change the Boot Order in BIOS

If at some point, you are able to boot up but have difficulty running programs, you can try using VIPRE PC Rescue. This is a command-line utility that will scan and clean a computer which is so badly infected that programs cannot be easily run. Be sure to print out and follow the instructions provided on the same page.

Heres what I did . I deleted partition and reinstalled OS .