unable to remove viruses

[meweasel]

The following is a list of viruses that Avast found but says it can not find the file specified!!  They are all located on my drive at "D:\Documents and Settings\Dad\Local Settings\Temp.  When I try to click on this folder through windows explorer it says access is denied and it also will not let me delete this folder.  Please help me with this as my system boots up to a blank black screen!!!!!

win32:Induc
win32:Krap-UO[Trj]
win32:SuspBehav-B[Heur]
win32:Oficla-D[Trj]

[DavidR]

Well the Temp folder shouldn't have any access denied issues, unless your were scanning an area of another user account from a limited user account. So I would say that there is something not right about that to start with.

Have you tried a boot-time scan by avast ?
You could enable a boot time scan. From the avastUI, Scan Computer, Boot-time Scan, Schedule Now button and reboot.
 
Look in the C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\report\aswBoot.txt file, check this file using notepad for info on the scan/detections, etc.

Now this might not resolve the blank black screen but it should be able to get to these files, when detected send to the avast chest, don't delete.

Are you able boot into safe mode ?

If so you might try these other applications, MBAM should be able to be installed from safe mode.
If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

• 1.  MalwareBytes Anti-Malware (MBAM), On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.
• 2. SUPERantispyware (SAS). On-Demand only in free version.

Don't worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
Also available a portable version of SAS, http://www.superantispyware.com/portablescanner.html, no installation required.

[meweasel]

I am sorry but I forgot to tell you that I have 2 hard drives.  I installed my home xp pro on one drive(C), the other (D) has xp pro also but is a corporate version for my work.  I can not get to safe mode, it only gives me the options of which drives I want to boot from.  Since I reinstalled the xp on C drive if I press F8 I can select to boot xp pro corporate or xp pro.  If I drive to boot directly from D drive I just get a blank screen. The infected folder is the only one that has this access issue.  Will the boot-scan still work if its booting to a blank screen?

[DavidR]

It could be that the second hard disk or its MFT is damaged.

I would have thought there would have to be a way to select a safe mode boot even with a dual boot system. Unfortunately I can't be much help as I have never used dual boot, so I don't know if when selecting a boot-time scan from the drive that is working if it will be able to comply.

So which drive are these detections in ?
I suspect they may be in the other drive and not the one you are running the scan from.

[meweasel]

I am running the scan from the infected drive.  I must boot up on the slave drive and then select the other drive for op system.  I was able to get to safe mode, again initially booting from slave, on infected drive but it still will not let me access infected folder.  even tried restore to 1st of June but no luck.  I will try the boot scan and let you know.  The master drive is ntfs and the slave is fat32, can this be a problem with access?  Trying not to have to do a complete reinstall on master drive.  The problem did occur for both drives but once I reinstalled xp pro on slave I was able to boot up to it.  Is there a master boot file for each drive that I could possibly copy and replace from another computer?  Thanks for all your help people!!

[DavidR]

I believe there shouldn't be any problem with ntfs/fat32 formatted drives.

System restore isn't infallible and isn't really a back-up sp going back may not give the desired results.

There should be a master file table (that is what I was on about) for each partition/drive, however there is a Master Boor Record (MBR) for each disk and I would doubt that they are really interchangeable given that you have a dual boot system. So I'm not sure if either is what you mean by master boot 'file' ?

See http://en.wikipedia.org/wiki/Master_boot_record also http://www.tech-recipes.com/rx/483/xp_repair_fix_master_boot_record_recovery_console/.

http://en.wikipedia.org/wiki/Multi_boot and http://support.microsoft.com/kb/306559

[mkis]

can you boot into the drive that allows you to boot and go to Admin tools and take a screenshot of yr drives

Start ->right click (My) computer and choose Manage->click into Manage and open Disk Management and take a screenshot

Screenshot - up right on keyboard go to Printscreen Key and click
Open Paint in the start menu - Start ->(All) Programs->Accessories->choose Paint from the dropdown menu
once in Paint go to Edit on the toolbar and select Paste from the dropdown menu and this will give you the screenshot
save the screenshot on the desktop for easy access as a jpeg file or gif file

reply post here with results of scan you are running and upload the screenshot to the forum using Additional Options...(down left corner)

[meweasel]

I did the startup scan.  Sorry but it did take forever to do.  The attached screen prints you asked for are here.  Must post two times because file size is too large.  The startup scan was able to put everything in the chest but the "D" drive will still not boot up.  Thanks again.

[meweasel]

Here is the scan log results of the last scan.

[mkis]

I am sorry but I forgot to tell you that I have 2 hard drives.  I installed my home xp pro on one drive(C), the other (D) has xp pro also but is a corporate version for my work.  I can not get to safe mode, it only gives me the options of which drives I want to boot from.  Since I reinstalled the xp on C drive if I press F8 I can select to boot xp pro corporate or xp pro.  If I drive to boot directly from D drive I just get a blank screen. The infected folder is the only one that has this access issue.  Will the boot-scan still work if its booting to a blank screen?

start tapping the F8 key immediately after you have selected to boot from D: drive and see if you can reach Safe Mode that way

I think yr immediate problem may be that you have set backup volume as Primary.
Can you set the D: drive to Primary by adjusting the jumpers so that it is Master and then unhook yr current C: drive altogether
do you know how to do this? (and obviously turn power off completely before you do this - unhook from AC power source at wall)
- then you will be left with one hard disk which will be yr local Disk (C:) and may be able to boot into Safe Mode

- was the OS on yr Local disk (currently on D:) compatible with yr  hardware?
- that is, was it originally installed to this hardware, so that OS is compatible with this motherboard?

Otherwise, you say you installed both of the OS on the two hard disks, so you must have the installation CDs

[meweasel]

The reason I have backup as primary is that D drive will not boot even to safe mode.  I set D drive back to primary and boots to blank screen.  If I press the F8 key I get the options to select which drive I wish to boot from.  If I select D I get the blank screen, so I select the slave (C) then it gives me the option to pick which OS I wish to boot up.  I am sure it has to do something with D drives boot files, possibly corrupted from viruses.  I was hoping to fix this without having to reinstall the OS on D drive.  Yes, I do have both installation disks for OS.  I did not change any jumpers on the drives.  Yes, I do know how to change them.  When I changed which drive to boot from, I did so by hitting delete key and changed boot sequence there.  I put it back to original now.  I start my system not by hitting the F8 key at start up, select the backup drive to boot from, then select the OS I wish to use.  Thanks for all the help. 

[mkis]

yes I see what you mean - I just needed clarification so i could compare amongst my experiences,
it is annoyance situation and you can hit DEL and go into BIOS but as you have said but options there are limited

you can use yr installation CD to boot into recovery console
http://support.microsoft.com/kb/314058

you may already have looked at options here - boot into CD and choose R for repair at first prompt
you are then asked which installation you want to boot into and you can choose yr current D: drive
you will have access to directories so that you can repair yr Windows
or you can type help at prompt and choose from a list of commands

use yr installation CD with reference to knowledge base articles in Microsoft Support as in kb article above

also, you will be able to set up yr current D: as Primary, unhook yr backup disk, and run installation CD
so that you can work on just yr system drive
- obviously you would want to repair to boot into this system - but again you might find options limited e.g fixing the boot

you could pas through Recovery console option by pressing Enter instead of R at the first prompt
then pass through eula page (press F8) and go to options at Windows installation page
here you can choose to Repair the current installation
- you will need to have yr current D: drive set up as Local Disk(c:) to do this
- the Windows installation will be repaired and returned to default settings without harming yr documents
- but you will have to bring the system back up to date once again - e.g service packs, internet explorer, maybe drivers, etc...
- run a boot-time scan with avast immediately as viruses survive through Repair installations

you may have tried these options already  
if not, then take yr time, and Microsoft Support and google search can be  especially helpful in these situations