Author Topic: Error: Access is Denied (5) (HELP!)  (Read 24852 times)

0 Members and 1 Guest are viewing this topic.

Offline Viewpoint

  • Newbie
  • *
  • Posts: 16
Error: Access is Denied (5) (HELP!)
« on: March 20, 2010, 05:30:28 PM »
Hello, Thank you for clicking on my post.

Recently I fully scanned my computer with Avast and it found the following threats:
Quote

Threat: JS:downloader-FT [Trj]

Location: Windows/Temporary internet Files/Low/Content.IE5/4IOA5RG9/go[1].htm

Severity: High


And


Quote
Threat: JS:downloader-FE [Trj]


Location: Windows/Temporary internet Files/Low/Content.IE5/KJ35SUOL/in[1].htm


Severity: High


I tried the ''Delete, Move to Chest,  and Repair'' options and every time I clicked apply I get: Error: Access is Denied (5)

So then I tried looking for them manually but I couldn't find the folder cause it didn't exist. So then I thought avast deleted already, so I rescanned and it found it again. Can someone please help me remove these Trojans?


P.S. Thank you very much for your time.


Edit- My other Anti-virus programs don't find them. ''Clean''. \

Edit- it also found to more threats:

Threat: Jave:Agent-B [Trj]
&
Threat: Jave:Agent-B [Trj]

Edit- I am using Vista
« Last Edit: March 20, 2010, 05:49:30 PM by Viewpoint »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83286
  • No support PMs thanks
Re: Error: Access is Denied (5) (HELP!)
« Reply #1 on: March 20, 2010, 06:00:28 PM »
Clear your browser cache/temp internet files.

I doubt that this JS:downloader-FE [Trj] malware is detected by many other AVs as it is contained within the javascript in .htm pages.

Where were the Jave:Agent-B [Trj] detections found, file name and location, thanks ?

What avast version are you using 4.8 or 5.0 ?
- If you have Win2k, XP, vista or Win7 (all 32bit), you could enable a boot time scan.
For 4.8 - Right click the avast icon, select Start avast! Antivirus, a memory scan will take place followed by the opening of the Simple User Interface, Menu, 'Schedule boot-time scan...' Or see http://www.digitalred.com/avast-boot-time.php. Don't opt for deletion (you have no options left), always send to the chest and investigate.
 
Look in the C:\Program Files\Alwil Software\Avast4\DATA\report\aswBoot.txt file, check this file using notepad and copy and past the info on the detection.

For 5.0 - From the avast UI, Scan Computer, Boot-time Scan, Schedule Now button and reboot. Send any detections to the chest.
« Last Edit: March 20, 2010, 06:02:50 PM by DavidR »
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Viewpoint

  • Newbie
  • *
  • Posts: 16
Re: Error: Access is Denied (5) (HELP!)
« Reply #2 on: March 20, 2010, 06:17:24 PM »
Clear your browser cache/temp internet files.

I doubt that this JS:downloader-FE [Trj] malware is detected by many other AVs as it is contained within the javascript in .htm pages.

Where were the Jave:Agent-B [Trj] detections found, file name and location, thanks ?

What avast version are you using 4.8 or 5.0 ?
- If you have Win2k, XP, vista or Win7 (all 32bit), you could enable a boot time scan.
For 4.8 - Right click the avast icon, select Start avast! Antivirus, a memory scan will take place followed by the opening of the Simple User Interface, Menu, 'Schedule boot-time scan...' Or see http://www.digitalred.com/avast-boot-time.php. Don't opt for deletion (you have no options left), always send to the chest and investigate.
 
Look in the C:\Program Files\Alwil Software\Avast4\DATA\report\aswBoot.txt file, check this file using notepad and copy and past the info on the detection.

For 5.0 - From the avast UI, Scan Computer, Boot-time Scan, Schedule Now button and reboot. Send any detections to the chest.

Thank you very much for your reply, I am using 5.0
It says bootscan is for 34bits only

Java's location: Appdata/Locallow/sun/java/deployment/cache/6.0/36/4ba76d23-115af355l>myf/y/appletx.class

&

Appdata/Locallow/sun/java/deployment/cache/6.0/36/4ba76d23-115af355l>myf/y/LoaderX.class

Where do I go to clear the browser Cache?

P.S. Thank you so much.

« Last Edit: March 20, 2010, 06:20:15 PM by Viewpoint »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36682
Re: Error: Access is Denied (5) (HELP!)
« Reply #3 on: March 20, 2010, 06:34:43 PM »
Quote
Where do I go to clear the browser Cache?
You can use ATF cleaner http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25
click the red download link

Offline Viewpoint

  • Newbie
  • *
  • Posts: 16
Re: Error: Access is Denied (5) (HELP!)
« Reply #4 on: March 20, 2010, 06:39:03 PM »
Quote
Where do I go to clear the browser Cache?
You can use ATF cleaner http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25
click the red download link
Thank you! =)

Offline Viewpoint

  • Newbie
  • *
  • Posts: 16
Re: Error: Access is Denied (5) (HELP!)
« Reply #5 on: March 20, 2010, 06:42:46 PM »
Quote
Where do I go to clear the browser Cache?
You can use ATF cleaner http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25
click the red download link

I ran it it removed some stuff, then it said No Files Where Removed, I rescan'd and I still have the same 4 threats =\

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36682
Re: Error: Access is Denied (5) (HELP!)
« Reply #6 on: March 20, 2010, 06:46:16 PM »
Are you using Firefox or Opera ? see the toolbar on top of the program

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36682
Re: Error: Access is Denied (5) (HELP!)
« Reply #7 on: March 20, 2010, 06:50:25 PM »
In post #1 you say

Quote
Edit- My other Anti-virus programs don't find them. ''Clean''. \
What do you mean " other antivirus program " are you running moore than one ?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83286
  • No support PMs thanks
Re: Error: Access is Denied (5) (HELP!)
« Reply #8 on: March 20, 2010, 06:50:39 PM »
<snip>
Thank you very much for your reply, I am using 5.0
It says bootscan is for 34bits only

Java's location: Appdata/Locallow/sun/java/deployment/cache/6.0/36/4ba76d23-115af355l>myf/y/appletx.class

&

Appdata/Locallow/sun/java/deployment/cache/6.0/36/4ba76d23-115af355l>myf/y/LoaderX.class

Where do I go to clear the browser Cache?

You're welcome.

Unfortunately it will be a little while longer before  the boot-time scan will be available for 64bit OSes in avast, it is hoped it will be in avast 5.1 when released around the Summer of this year, though no firm dates are given.

Looks like your Java version may not be fully up to date as this is normally how Java exploits get in.
- I would also suggest a visit to this site, which scans your system for out of date programs that have patches to close vulnerabilities, http://secunia.com/software_inspector/.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83286
  • No support PMs thanks
Re: Error: Access is Denied (5) (HELP!)
« Reply #9 on: March 20, 2010, 06:52:15 PM »
Are you using Firefox or Opera ? see the toolbar on top of the program

Given the info in the first post (IE), the detection was found in the IE temp internet files location:
Location: Windows/Temporary internet Files/Low/Content.IE5/KJ35SUOL/in[1].htm
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Viewpoint

  • Newbie
  • *
  • Posts: 16
Re: Error: Access is Denied (5) (HELP!)
« Reply #10 on: March 20, 2010, 06:54:11 PM »
<snip>
Thank you very much for your reply, I am using 5.0
It says bootscan is for 34bits only

Java's location: Appdata/Locallow/sun/java/deployment/cache/6.0/36/4ba76d23-115af355l>myf/y/appletx.class

&

Appdata/Locallow/sun/java/deployment/cache/6.0/36/4ba76d23-115af355l>myf/y/LoaderX.class

Where do I go to clear the browser Cache?

You're welcome.

Unfortunately it will be a little while longer before  the boot-time scan will be available for 64bit OSes in avast, it is hoped it will be in avast 5.1 when released around the Summer of this year, though no firm dates are given.

Looks like your Java version may not be fully up to date as this is normally how Java exploits get in.
- I would also suggest a visit to this site, which scans your system for out of date programs that have patches to close vulnerabilities, http://secunia.com/software_inspector/.


Thank you very much DavidR
Aside from the Java one, what should I do about the Other [Trj]
I clean'd the temp files and it is still there.

Regards,
Viewpoint

Offline Viewpoint

  • Newbie
  • *
  • Posts: 16
Re: Error: Access is Denied (5) (HELP!)
« Reply #11 on: March 20, 2010, 06:55:06 PM »
In post #1 you say

Quote
Edit- My other Anti-virus programs don't find them. ''Clean''. \
What do you mean " other antivirus program " are you running moore than one ?
Well Runing as in scanning not Real-Time Protection.

Mcafee is the one running on Real time scanning

The ones I used to scan where: Mcafee, Malwarebytes, Avast, Superantispyware, and Avast Anti-rootkit

(Running a spybot scan as we speak.)
« Last Edit: March 20, 2010, 07:00:12 PM by Viewpoint »

Offline Viewpoint

  • Newbie
  • *
  • Posts: 16
Re: Error: Access is Denied (5) (HELP!)
« Reply #12 on: March 20, 2010, 06:56:30 PM »
Are you using Firefox or Opera ? see the toolbar on top of the program

I am using Firefox with a Crawler Search toolbar

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83286
  • No support PMs thanks
Re: Error: Access is Denied (5) (HELP!)
« Reply #13 on: March 20, 2010, 07:01:01 PM »
<snip>
Thank you very much DavidR
Aside from the Java one, what should I do about the Other [Trj]
I clean'd the temp files and it is still there.

There may be something else protecting it or restoring:
If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file). I don't know for sure if these work on 64bit OS you will need to check.

Don't worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83286
  • No support PMs thanks
Re: Error: Access is Denied (5) (HELP!)
« Reply #14 on: March 20, 2010, 07:03:04 PM »
Are you using Firefox or Opera ? see the toolbar on top of the program

I am using Firefox with a Crawler Search toolbar

Get rid of the crawler search tool bar, it brings nothing to the table that isn't already there and it gathers marketing information that could result in targeted adverts.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro