Admin account not working

Hi, im using windows xp, i have one admin account and one guest account

but when i log into admin it freezes but the guest account works fine

when i run the the avast antivirus it from the guest account it does not check the admin account
and odes not let me take action against viruses from the guest account as it creates an error


http://img150.imagevenue.com/loc765/th_68313_ScreenHunter_02_May._02_13.43_122_765lo.jpg

so i cant download any other programs to check whats wrong (since i cant check admin account)

the antimalwarebytes found 5 trojans/viruses which needs to be deleted on reboot, but the always reappear as soon as i run the antimalwarebytes again

can anyone help
here is the script that malware produced after i tried to take action (ive also done thorough scan but makes no differnce)

Malwarebytes’ Anti-Malware 1.36
Database version: 2028
Windows 5.1.2600 Service Pack 3

02/05/2009 13:15:17
mbam-log-2009-05-02 (13-15-17).txt

Scan type: Quick Scan
Objects scanned: 68940
Time elapsed: 11 minute(s), 35 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 3
Registry Data Items Infected: 2
Folders Infected: 2
Files Infected: 6

Memory Processes Infected:
C:\WINDOWS\system32\userinit32.exe (Trojan.Agent) → Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) → Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastia (Trojan.FakeAlert) → Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Userinit (Trojan.Agent) → Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) → Data: c:\windows\system32\userinit32.exe → Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) → Bad: (C:\WINDOWS\system32\userinit.exe,userinit.exe,C:\WINDOWS\system32\userinit32.exe,) Good: (userinit.exe) → Quarantined and deleted successfully.

Folders Infected:
C:\WINDOWS\system32\twain_32 (Backdoor.Bot) → Delete on reboot.
C:\WINDOWS\system32\mac32 (Stolen.Data) → Delete on reboot.

Files Infected:
C:\WINDOWS\system32\twain_32\local.ds (Backdoor.Bot) → Delete on reboot.
C:\WINDOWS\system32\twain_32\user.ds (Backdoor.Bot) → Delete on reboot.
C:\WINDOWS\system32\mac32\cbt.lc (Stolen.Data) → Delete on reboot.
C:\WINDOWS\system32\mac32\cc.lc (Stolen.Data) → Delete on reboot.
C:\WINDOWS\system32\userinit32.exe (Trojan.Agent) → Delete on reboot.
C:\Documents and Settings\fam\Application Data\userinit32.exe (Trojan.Agent) → Quarantined and deleted successfully.

Hi zapstar, welcome to the forum
Can you try selecting the MBAM icon with a right click, and then select “run as > administrator”
Not sure this will work, but it is worth a crack until someone comes up with something better.

If MBAM asks for a reboot following the scan, please do so promptly.

Do you happen to have the XP disk, or is it pre-installed on the computer?

Try a couple of things,first run MBAM in safe mode.Also from another pc download a couple of rescue disks
Try Avira first,simply download file from clean pc double click,insert CD burn to disc,insert into bad pc reboot.
With Kaspersky, it is an iso file, you need to use your burning software to burn as an image You can use free Imgburn if necessary

http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

tutorial http://forum.avira.com/wbb/index.php?page=Thread&postID=730130#post730130

Kaspersky http://dnl-eu10.kaspersky-labs.com/devbuilds/RescueDisk/

tutorial http://www.raymond.cc/blog/archives/2008/06/16/kaspersky-offers-free-rescue-disk-to-clean-virus-without-booting-in-windows/

Imgburn http://filehippo.com/download_imgburn/

thanx :slight_smile:

i am currently runnng it as admin hope it works

i dont have xp disk

thanx it worked

;D

luckily i had a guest account or i would have had it

Excellent.
But what worked? Running MBAM as admin? or an online scan?
What was the malware MBAM detected and presumably fixed?