Error: Access is Denied (5) (HELP!)

Hello, Thank you for clicking on my post.

Recently I fully scanned my computer with Avast and it found the following threats:

[b] Threat: JS:downloader-FT [Trj]

Location: Windows/Temporary internet Files/Low/Content.IE5/4IOA5RG9/go[1].htm

Severity: High[/b]

[b]


And

[b]Threat: JS:downloader-FE [Trj]

Location: Windows/Temporary internet Files/Low/Content.IE5/KJ35SUOL/in[1].htm

Severity: High[/b]

I tried the ‘‘Delete, Move to Chest, and Repair’’ options and every time I clicked apply I get: Error: Access is Denied (5)

So then I tried looking for them manually but I couldn’t find the folder cause it didn’t exist. So then I thought avast deleted already, so I rescanned and it found it again. Can someone please help me remove these Trojans?

P.S. Thank you very much for your time.

Edit- My other Anti-virus programs don’t find them. ‘‘Clean’’. \

Edit- it also found to more threats:

Threat: Jave:Agent-B [Trj]
&
Threat: Jave:Agent-B [Trj]

Edit- I am using Vista

Clear your browser cache/temp internet files.

I doubt that this JS:downloader-FE [Trj] malware is detected by many other AVs as it is contained within the javascript in .htm pages.

Where were the Jave:Agent-B [Trj] detections found, file name and location, thanks ?

What avast version are you using 4.8 or 5.0 ?

  • If you have Win2k, XP, vista or Win7 (all 32bit), you could enable a boot time scan.
    For 4.8 - Right click the avast icon, select Start avast! Antivirus, a memory scan will take place followed by the opening of the Simple User Interface, Menu, ‘Schedule boot-time scan…’ Or see http://www.digitalred.com/avast-boot-time.php. Don’t opt for deletion (you have no options left), always send to the chest and investigate.

Look in the C:\Program Files\Alwil Software\Avast4\DATA\report\aswBoot.txt file, check this file using notepad and copy and past the info on the detection.

For 5.0 - From the avast UI, Scan Computer, Boot-time Scan, Schedule Now button and reboot. Send any detections to the chest.

Thank you very much for your reply, I am using 5.0
It says bootscan is for 34bits only

Java’s location: Appdata/Locallow/sun/java/deployment/cache/6.0/36/4ba76d23-115af355l>myf/y/appletx.class

&

Appdata/Locallow/sun/java/deployment/cache/6.0/36/4ba76d23-115af355l>myf/y/LoaderX.class

Where do I go to clear the browser Cache?

P.S. Thank you so much.

Where do I go to clear the browser Cache?
You can use ATF cleaner http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25 click the red download link

Thank you! =)

I ran it it removed some stuff, then it said No Files Where Removed, I rescan’d and I still have the same 4 threats =\

Are you using Firefox or Opera ? see the toolbar on top of the program

In post #1 you say

Edit- My other Anti-virus programs don't find them. ''Clean''. \
What do you mean " other antivirus program " are you running moore than one ?

You’re welcome.

Unfortunately it will be a little while longer before the boot-time scan will be available for 64bit OSes in avast, it is hoped it will be in avast 5.1 when released around the Summer of this year, though no firm dates are given.

Looks like your Java version may not be fully up to date as this is normally how Java exploits get in.

Given the info in the first post (IE), the detection was found in the IE temp internet files location:
Location: Windows/Temporary internet Files/Low/Content.IE5/KJ35SUOL/in[1].htm

Thank you very much DavidR
Aside from the Java one, what should I do about the Other [Trj]
I clean’d the temp files and it is still there.

Regards,
Viewpoint

Well Runing as in scanning not Real-Time Protection.

Mcafee is the one running on Real time scanning

The ones I used to scan where: Mcafee, Malwarebytes, Avast, Superantispyware, and Avast Anti-rootkit

(Running a spybot scan as we speak.)

I am using Firefox with a Crawler Search toolbar

There may be something else protecting it or restoring:
If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file). I don’t know for sure if these work on 64bit OS you will need to check.

Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

Get rid of the crawler search tool bar, it brings nothing to the table that isn’t already there and it gathers marketing information that could result in targeted adverts.

I already have this program downloaded, I tried looking where the reports are stored (Using 5.0) I couldn’t find it.

Regards,
Viewpoint

What McAfee product ?

So where is avast running as that is also a resident AV ?

Having two resident scanners installed is not recommended as rather than provide twice the protection it can cause conflicts that could leave you more vulnerable.

Two antivirus installed
http://www.bleepingcomputer.com/forums/index.php?s=650c478bbb23211597b6e144af56048d&showtopic=260844&view=findpost&p=1441638

Clash Of The Antivirus Apps
http://www.smartcomputing.com/editorial/article.asp?article=articles/2003/s1407/38s07/38s07.asp

Which program there were two mentioned MBAM & SAS ?

If MBAM, Open the program and click the ‘Logs’ tab, easy to find.
IF SAS, Open and select Preferences, Statistics/Logs.

Uninstalled that toolbar.