« previous next »
Pages: [1]   Go Down

Author Topic: Threat: HTML:EvilCursor-B [Trj] - Action: Delete - Error: Access is denied (5)  (Read 9722 times)

0 Members and 1 Guest are viewing this topic.

Offline jeffstones0987

  • Newbie
  • *
  • Posts: 3
Threat: HTML:EvilCursor-B [Trj] - Action: Delete - Error: Access is denied (5)
« on: March 26, 2020, 01:52:52 PM »
Hi,

I've just had this threat recognised during a full scan. I have attached images of the scan result. The first 2 items were deleted but the next 2 came up with Error: Access is denied (5). I have since run another full scan and boot-time scan and no infected files were found. Is this threat something I should be worried about and are there any further steps that need to be taken to ensure it is gone? TIA
Logged

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>> Avast Forum - Deutschsprachiger Bereich <<<
Re: Threat: HTML:EvilCursor-B [Trj] - Action: Delete - Error: Access is denied (5)
« Reply #1 on: March 26, 2020, 02:27:05 PM »
Start a topic in V&W and post your logs there: https://forum.avast.com/index.php?action=post;board=4
Instructions (basic diagnostic logs): https://forum.avast.com/index.php?topic=194892.0
Logged
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37527
  • Not a avast user
Re: Threat: HTML:EvilCursor-B [Trj] - Action: Delete - Error: Access is denied (5)
« Reply #2 on: March 26, 2020, 03:02:25 PM »
HTML:EvilCursor-B [Trj] = FakeAlert / Cursor hijacker

If you clear chrome surf history cache it should be gone if avast did not do it

https://www.digitalinformationworld.com/2019/03/google-chrome-fix-evil-cursor-bug.html

https://blog.malwarebytes.com/cybercrime/2018/09/partnerstroka-large-tech-support-scam-operation-features-latest-browser-locker/


==========================================================
The evil cursor
There are many different documented techniques that can be used to prevent users from closing a tab or browser window, and often times those are specific to each browser. For instance, Edge and Firefox users will often get the authentication required prompt in a loop, while Chrome users are served with more nasty stuff, such as actual attempts to freeze the browser or trigger thousands of downloads.

In early September, we came across the Partnerstroka group again and noticed that they had incorporated a browser locker technique that was working against the latest version of Google Chrome (69.0.3497.81). Similar to other tricks, it effectively prevented from closing the offending page because the mouse cursor had been hijacked.
============================================================



« Last Edit: March 26, 2020, 04:29:41 PM by Pondus »
Logged

Offline jeffstones0987

  • Newbie
  • *
  • Posts: 3
Re: Threat: HTML:EvilCursor-B [Trj] - Action: Delete - Error: Access is denied (5)
« Reply #3 on: March 26, 2020, 06:15:40 PM »
Thanks Asyn, I have started a new topic with the Malwarebytes & FRST logs.

& Thanks Pondus, I have cleared Chrome surf history as well.
Logged

Offline franKENstin

  • Newbie
  • *
  • Posts: 1
Re: Threat: HTML:EvilCursor-B [Trj] - Action: Delete - Error: Access is denied (5)
« Reply #4 on: June 16, 2020, 01:21:54 AM »
I have had the mouse hijack in the past(not log ago) never had it ided until I installed/ran avast full scan. It did stop me from having mouse/click interaction on web page's. I did a history delete/clean and full scan comes up with nothing ! Hop this helps ppl
Logged
Pages: [1]   Go Up
« previous next »