Abhilash 0 Posted April 9 Share Posted April 9 Eset endpoint protection found vulnerabilities in PDf files which are in rar folder and deleted them. I believe this is a false positive since no other antvirus detected the issue in any other virus in the PDF files. Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 3/12/2022 11:50:36 AM;HTTP filter;file;https://mgtuts.com/autocad/what-is-the-command-for-arrow-in-autocad.html;HTML/ScrInject.B trojan;connection terminated;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the web by the application: C:\Program Files\Google\Chrome\Application\chrome.exe (38940CA688B8DD8974E072E9349FDE9A0DE13E52).;47E78286F97EA5888ADD79A108B25F12AE75413D; 4/5/2022 11:16:55 AM;Real-time file system protection;file;\\10.102.110.10\common\Earthing and LPS Shop drawing\RUH-EX10-08-MWC-EL-SHD-00001-PDF(R0)-BASEMENT-EARTHING & LIGHTNING PROTECTION LAYOUT-OVERALL.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDF.exe (59EAF6D680DCC47CBF3787EA7392504AA81961EE).;8B4DB006C700D624B07FA4FD03E4F2CF925AFC0F; 4/9/2022 9:14:37 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00086-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;92A2386BE20747E119C1C16125E4F2F29944A80A;4/9/2022 9:14:33 AM 4/9/2022 9:44:28 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa7288.31869\1HMRA10-HMRA-08-SPM-CC-SHD-00087-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;E800D5D24BCE3952EDF9FD64B82B4CBA3E475929;4/9/2022 9:44:23 AM 4/9/2022 9:51:52 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00086-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Program Files\ESET\ESET Security\egui.exe (4F30FCF207F7A54CD50DC7631B485DA79987C1E9).;92A2386BE20747E119C1C16125E4F2F29944A80A;4/9/2022 9:32:04 AM 4/9/2022 10:00:20 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa8928.27183\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:00:16 AM 4/9/2022 10:02:17 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Windows\System32\smartscreen.exe (C7E52AF63FA04C7F45476D3FB69614EE53417495).;6533D090BF5BC566853349F23B65598728C610F3;4/9/2022 10:00:52 AM 4/9/2022 10:12:31 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\PDF\1HMRA10-HMRA-08-SPM-CC-SHD-00084-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;NT AUTHORITY\SYSTEM;Event occurred during an attempt to access the file by the application: C:\Windows\System32\SearchProtocolHost.exe (7BAD7F7D33C1E21331E7D895F387751D7966A1C0).;C400954F38C86E57D9A4FF6415D792E3FBFA04AA;4/9/2022 10:08:59 AM 4/9/2022 10:18:57 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00092-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;74B6EBD0E22CB417C004FB4584F9A92BCA95A17C;4/9/2022 10:18:43 AM 4/9/2022 10:18:58 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00090-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;28FA3E270BEC291DD56CF1B2F3B2E6E303F3D2B1;4/9/2022 10:18:43 AM 4/9/2022 10:18:58 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00088-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;F1658B59AEC02871F16F8729BB77374C24518B89;4/9/2022 10:18:43 AM 4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00091-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;53CC58ED420D586DA0243370DFB3EA5BA2C70BCA;4/9/2022 10:18:43 AM 4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00089-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;2A9DFC3F87EC45F36C7D5D6FAE2EE9ED1BDC5EB3;4/9/2022 10:18:43 AM 4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00086-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;92A2386BE20747E119C1C16125E4F2F29944A80A;4/9/2022 10:18:43 AM 4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00087-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;E800D5D24BCE3952EDF9FD64B82B4CBA3E475929;4/9/2022 10:18:43 AM 4/9/2022 10:25:54 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa4420.30532\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:25:49 AM 4/9/2022 10:32:14 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa4420.18460\1HMRA10-HMRA-08-SPM-CC-SHD-00083-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;74572C8FEFBFBB15C69FB77449F485362A770BCB;4/9/2022 10:32:09 AM 4/9/2022 10:33:29 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Windows\System32\smartscreen.exe (C7E52AF63FA04C7F45476D3FB69614EE53417495).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:27:10 AM 4/9/2022 10:37:47 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:37:43 AM 4/9/2022 11:07:20 AM;Real-time file system protection;file;C:\Users\ADMINI~1\AppData\Local\Temp\Rar$DIa18316.29119\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Administrator;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 11:07:15 AM 4/9/2022 11:29:29 AM;Real-time file system protection;file;C:\Users\Administrator\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Administrator;Event occurred during an attempt to access the file by the application: C:\Windows\System32\smartscreen.exe (C7E52AF63FA04C7F45476D3FB69614EE53417495).;F4FF43D7467AA45287FA9D9F62A830E6D2F1650A;4/9/2022 11:08:13 AM Request for help to resolve the issue. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,198 Posted April 9 Administrators Share Posted April 9 There is a link to a non-existing website which was blocked due to phishing. The pdf files will be undetected shortly. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.