Abhilash 0 Posted April 9, 2022 Share Posted April 9, 2022 Eset endpoint protection found vulnerabilities in PDf files which are in rar folder and deleted them. I believe this is a false positive since no other antvirus detected the issue in any other virus in the PDF files. Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 3/12/2022 11:50:36 AM;HTTP filter;file;https://mgtuts.com/autocad/what-is-the-command-for-arrow-in-autocad.html;HTML/ScrInject.B trojan;connection terminated;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the web by the application: C:\Program Files\Google\Chrome\Application\chrome.exe (38940CA688B8DD8974E072E9349FDE9A0DE13E52).;47E78286F97EA5888ADD79A108B25F12AE75413D; 4/5/2022 11:16:55 AM;Real-time file system protection;file;\\10.102.110.10\common\Earthing and LPS Shop drawing\RUH-EX10-08-MWC-EL-SHD-00001-PDF(R0)-BASEMENT-EARTHING & LIGHTNING PROTECTION LAYOUT-OVERALL.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDF.exe (59EAF6D680DCC47CBF3787EA7392504AA81961EE).;8B4DB006C700D624B07FA4FD03E4F2CF925AFC0F; 4/9/2022 9:14:37 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00086-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;92A2386BE20747E119C1C16125E4F2F29944A80A;4/9/2022 9:14:33 AM 4/9/2022 9:44:28 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa7288.31869\1HMRA10-HMRA-08-SPM-CC-SHD-00087-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;E800D5D24BCE3952EDF9FD64B82B4CBA3E475929;4/9/2022 9:44:23 AM 4/9/2022 9:51:52 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00086-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Program Files\ESET\ESET Security\egui.exe (4F30FCF207F7A54CD50DC7631B485DA79987C1E9).;92A2386BE20747E119C1C16125E4F2F29944A80A;4/9/2022 9:32:04 AM 4/9/2022 10:00:20 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa8928.27183\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:00:16 AM 4/9/2022 10:02:17 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Windows\System32\smartscreen.exe (C7E52AF63FA04C7F45476D3FB69614EE53417495).;6533D090BF5BC566853349F23B65598728C610F3;4/9/2022 10:00:52 AM 4/9/2022 10:12:31 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\PDF\1HMRA10-HMRA-08-SPM-CC-SHD-00084-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;NT AUTHORITY\SYSTEM;Event occurred during an attempt to access the file by the application: C:\Windows\System32\SearchProtocolHost.exe (7BAD7F7D33C1E21331E7D895F387751D7966A1C0).;C400954F38C86E57D9A4FF6415D792E3FBFA04AA;4/9/2022 10:08:59 AM 4/9/2022 10:18:57 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00092-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;74B6EBD0E22CB417C004FB4584F9A92BCA95A17C;4/9/2022 10:18:43 AM 4/9/2022 10:18:58 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00090-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;28FA3E270BEC291DD56CF1B2F3B2E6E303F3D2B1;4/9/2022 10:18:43 AM 4/9/2022 10:18:58 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00088-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;F1658B59AEC02871F16F8729BB77374C24518B89;4/9/2022 10:18:43 AM 4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00091-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;53CC58ED420D586DA0243370DFB3EA5BA2C70BCA;4/9/2022 10:18:43 AM 4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00089-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;2A9DFC3F87EC45F36C7D5D6FAE2EE9ED1BDC5EB3;4/9/2022 10:18:43 AM 4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00086-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;92A2386BE20747E119C1C16125E4F2F29944A80A;4/9/2022 10:18:43 AM 4/9/2022 10:18:59 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DRa6920.37860\raft\pdf\1HMRA10-HMRA-08-SPM-CC-SHD-00087-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;E800D5D24BCE3952EDF9FD64B82B4CBA3E475929;4/9/2022 10:18:43 AM 4/9/2022 10:25:54 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa4420.30532\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:25:49 AM 4/9/2022 10:32:14 AM;Real-time file system protection;file;C:\Users\Wasim\AppData\Local\Temp\Rar$DIa4420.18460\1HMRA10-HMRA-08-SPM-CC-SHD-00083-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;74572C8FEFBFBB15C69FB77449F485362A770BCB;4/9/2022 10:32:09 AM 4/9/2022 10:33:29 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred during an attempt to access the file by the application: C:\Windows\System32\smartscreen.exe (C7E52AF63FA04C7F45476D3FB69614EE53417495).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:27:10 AM 4/9/2022 10:37:47 AM;Real-time file system protection;file;C:\Users\Wasim\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Wasim;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 10:37:43 AM 4/9/2022 11:07:20 AM;Real-time file system protection;file;C:\Users\ADMINI~1\AppData\Local\Temp\Rar$DIa18316.29119\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Administrator;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (D10CF48E6453705ED69D6C755CB77F17033BD3DA).;3954BAA155515BCC1A018B7EE78EC824C47D9383;4/9/2022 11:07:15 AM 4/9/2022 11:29:29 AM;Real-time file system protection;file;C:\Users\Administrator\Desktop\1HMRA10-HMRA-08-SPM-CC-SHD-00082-00.pdf;PDF/Phishing.A.Gen trojan;cleaned by deleting;SPEXIT10-D016\Administrator;Event occurred during an attempt to access the file by the application: C:\Windows\System32\smartscreen.exe (C7E52AF63FA04C7F45476D3FB69614EE53417495).;F4FF43D7467AA45287FA9D9F62A830E6D2F1650A;4/9/2022 11:08:13 AM Request for help to resolve the issue. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,929 Posted April 9, 2022 Administrators Share Posted April 9, 2022 There is a link to a non-existing website which was blocked due to phishing. The pdf files will be undetected shortly. Link to comment Share on other sites More sharing options...
Recommended Posts