Jump to content

Eset File Scan PDF/Phishing.A.Gen


Recommended Posts

Eset endpoint protection found vulnerabilities in PDf files which are in rar folder and deleted them. I believe this is a false positive since no other antvirus detected the issue in any other virus in the PDF files.

Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
3/12/2022 11:50:36 AM;HTTP filter;file;https://mgtuts.com/autocad/what-is-the-command-for-arrow-in-autocad.html;HTML/ScrInject.B trojan;connection terminated;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the web by the application: C:\Program Files\Google\Chrome\Application\chrome.exe (38940CA688B8DD8974E072E9349FDE9A0DE13E52).;47E78286F97EA5888ADD79A108B25F12AE75413D;
4/5/2022 11:16:55 AM;Real-time file system protection;file;\\10.102.110.10\common\Earthing and LPS Shop drawing\RUH-EX10-08-MWC-EL-SHD-00001-PDF(R0)-BASEMENT-EARTHING & LIGHTNING PROTECTION LAYOUT-OVERALL.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDF.exe (59EAF6D680DCC47CBF3787EA7392504AA81961EE).;8B4DB006C700D624B07FA4FD03E4F2CF925AFC0F;
4/9/2022 9:14:37 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00086-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;92A2386BE20747E119C1C16125E4F2F29944A80A;4/9/2022 9:14:33 AM
4/9/2022 9:44:28 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa7288.31869\1HMRA10-HMRA-08-SPM-CC-SHD-00087-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;E800D5D24BCE3952EDF9FD64B82B4CBA3E475929;4/9/2022 9:44:23 AM
4/9/2022 9:51:52 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00086-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Program Files\ESET\ESET Security\egui.exe (4F30FCF207F7A54CD50DC7631B485DA79987C1E9).;92A2386BE20747E119C1C16125E4F2F29944A80A;4/9/2022 9:32:04 AM
4/9/2022 10:00:20 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa8928.27183\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:00:16 AM
4/9/2022 10:02:17 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Windows\System32\smartscreen.exe (C7E52AF63FA04C7F45476D3FB69614EE53417495).;6533D090BF5BC566853349F23B65598728C610F3;4/9/2022 10:00:52 AM
4/9/2022 10:12:31 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\PDF\1HMRA10-HMRA-08-SPM-CC-SHD-00084-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;NT AUTHORITY\SYSTEM;Event occurred during an attempt to access the file by the application: C:\Windows\System32\SearchProtocolHost.exe (7BAD7F7D33C1E21331E7D895F387751D7966A1C0).;C400954F38C86E57D9A4FF6415D792E3FBFA04AA;4/9/2022 10:08:59 AM
4/9/2022 10:18:57 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00092-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;74B6EBD0E22CB417C004FB4584F9A92BCA95A17C;4/9/2022 10:18:43 AM
4/9/2022 10:18:58 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00090-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;28FA3E270BEC291DD56CF1B2F3B2E6E303F3D2B1;4/9/2022 10:18:43 AM
4/9/2022 10:18:58 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00088-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;F1658B59AEC02871F16F8729BB77374C24518B89;4/9/2022 10:18:43 AM
4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00091-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;53CC58ED420D586DA0243370DFB3EA5BA2C70BCA;4/9/2022 10:18:43 AM
4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00089-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;2A9DFC3F87EC45F36C7D5D6FAE2EE9ED1BDC5EB3;4/9/2022 10:18:43 AM
4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00086-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;92A2386BE20747E119C1C16125E4F2F29944A80A;4/9/2022 10:18:43 AM
4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00087-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;E800D5D24BCE3952EDF9FD64B82B4CBA3E475929;4/9/2022 10:18:43 AM
4/9/2022 10:25:54 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa4420.30532\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:25:49 AM
4/9/2022 10:32:14 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa4420.18460\1HMRA10-HMRA-08-SPM-CC-SHD-00083-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;74572C8FEFBFBB15C69FB77449F485362A770BCB;4/9/2022 10:32:09 AM
4/9/2022 10:33:29 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Windows\System32\smartscreen.exe (C7E52AF63FA04C7F45476D3FB69614EE53417495).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:27:10 AM
4/9/2022 10:37:47 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:37:43 AM
4/9/2022 11:07:20 AM;Real-time file system protection;file;C:\Users\ADMINI~1\AppData\Local\Temp\Rar$DIa18316.29119\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Administrator;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 11:07:15 AM
4/9/2022 11:29:29 AM;Real-time file system protection;file;C:\Users\Administrator\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Administrator;Event occurred during an attempt to access the file by the application: C:\Windows\System32\smartscreen.exe (C7E52AF63FA04C7F45476D3FB69614EE53417495).;F4FF43D7467AA45287FA9D9F62A830E6D2F1650A;4/9/2022 11:08:13 AM

Request for  help to resolve the issue.


 

Link to comment
Share on other sites

  • Administrators

There is a link to a non-existing website which was blocked due to phishing. The pdf files will be undetected shortly.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...