application that can be used by intruders to damage your computer or personal data

DamianK · February 25

↓ Log file ↓

Spoiler

Today, 25/02/2024 11:00:44    Process terminated    Setup/Uninstall    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-6UU4Q.tmp    5432    NOCNAZMORA\damia    Initiator    Terminated: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Terminated    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.tmp    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-6UU4Q.tmp    Process
Today, 25/02/2024 11:00:44    Process terminated    HS&E test download for operatives and specialists    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    14816    NOCNAZMORA\damia    Initiator    Terminated: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Terminated    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    Process
Today, 25/02/2024 11:00:44    Process terminated    Setup/Uninstall    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-8HD4E.tmp    8236    NOCNAZMORA\damia    Initiator    Terminated: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Terminated    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.tmp    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-8HD4E.tmp    Process
Today, 25/02/2024 11:00:44    Process terminated    HS&E test download for operatives and specialists    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Terminated: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Terminated    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    Process
Today, 25/02/2024 11:00:44    We found an application that can be used by intruders to damage your computer or personal data.    HS&E test download for operatives and specialists    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Detected: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Detected    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    Process    Behavior analysis
Today, 25/02/2024 11:00:44    A backup copy of the object was created    Setup/Uninstall    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-6UU4Q.tmp    5432    NOCNAZMORA\damia    Initiator    Backup copy created: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Backup copy created    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.tmp    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-6UU4Q.tmp    Process
Today, 25/02/2024 11:00:46    A backup copy of the object was created    HS&E test download for operatives and specialists    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    14816    NOCNAZMORA\damia    Initiator    Backup copy created: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Backup copy created    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    Process
Today, 25/02/2024 11:00:46    A backup copy of the object was created    Setup/Uninstall    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-8HD4E.tmp    8236    NOCNAZMORA\damia    Initiator    Backup copy created: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Backup copy created    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.tmp    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-8HD4E.tmp    Process
Today, 25/02/2024 11:00:47    A backup copy of the object was created    HS&E test download for operatives and specialists    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Backup copy created: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Backup copy created    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    Process
Today, 25/02/2024 11:01:09    Object deleted    Setup/Uninstall    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-6UU4Q.tmp    5432    NOCNAZMORA\damia    Initiator    Deleted: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Deleted    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.tmp    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-6UU4Q.tmp    Process
Today, 25/02/2024 11:01:09    Object deleted    Setup/Uninstall    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-8HD4E.tmp    8236    NOCNAZMORA\damia    Initiator    Deleted: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Deleted    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.tmp    HSE_test_download_for_operatives_and_specialists.tmp    C:\Users\damia\AppData\Local\Temp\is-8HD4E.tmp    Process
Today, 25/02/2024 11:01:09    Object deleted    HS&E test download for operatives and specialists    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Deleted: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Deleted    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    Process
Today, 25/02/2024 11:09:01    We found an application that can be used by intruders to damage your computer or personal data.    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Detected: not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Detected    not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    Process    Behavior analysis
Today, 25/02/2024 11:09:01    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    CITB website.lnk    CITB website.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists    File
Today, 25/02/2024 11:09:01    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    HS&E test download for operatives and specialists help.lnk    HS&E test download for operatives and specialists help.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists    File
Today, 25/02/2024 11:09:01    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    HS&E test download for operatives and specialists.lnk    HS&E test download for operatives and specialists.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists    File
Today, 25/02/2024 11:09:01    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    Support tool.lnk    Support tool.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists\Technical support    File
Today, 25/02/2024 11:09:01    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    Technical support website.lnk    Technical support website.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists\Technical support    File
Today, 25/02/2024 11:09:01    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    Uninstall Health, safety and environment test download for operatives and specialists.lnk    Uninstall Health, safety and environment test download for operatives and specialists.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists    File
Today, 25/02/2024 11:09:01    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    HS&E test download for operatives and specialists.lnk    HS&E test download for operatives and specialists.lnk    C:\Users\Public\Desktop    File
Today, 25/02/2024 11:09:01    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Deleted: not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Deleted    not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Adware    Medium    Exactly    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    Process
Today, 25/02/2024 11:09:01    Rollback completed    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Rollback of application's actions: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Rollback of application's actions    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    hse_test_download_for_operatives_and_specialists.tmp    hse_test_download_for_operatives_and_specialists.tmp    c:\users\damia\appdata\local\temp\is-6uu4q.tmp    Process
Today, 25/02/2024 11:09:01    Rollback completed    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Rollback of application's actions: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Rollback of application's actions    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    hse_test_download_for_operatives_and_specialists.exe    hse_test_download_for_operatives_and_specialists.exe    c:\users\damia\downloads    Process
Today, 25/02/2024 11:09:01    Rollback completed    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Rollback of application's actions: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Rollback of application's actions    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    hse_test_download_for_operatives_and_specialists.tmp    hse_test_download_for_operatives_and_specialists.tmp    c:\users\damia\appdata\local\temp\is-8hd4e.tmp    Process
Today, 25/02/2024 11:09:01    Rollback completed    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Rollback of application's actions: not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Rollback of application's actions    not-a-virus:PDM:AdWare.Win32.Agent.lnk.5    Adware    Medium    Exactly    hse_test_download_for_operatives_and_specialists.exe    hse_test_download_for_operatives_and_specialists.exe    c:\users\damia\downloads    Process
Today, 25/02/2024 11:17:51    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    CITB website.lnk    CITB website.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists    File
Today, 25/02/2024 11:17:51    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    HS&E test download for operatives and specialists help.lnk    HS&E test download for operatives and specialists help.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists    File
Today, 25/02/2024 11:17:51    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    HS&E test download for operatives and specialists.lnk    HS&E test download for operatives and specialists.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists    File
Today, 25/02/2024 11:17:51    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    Support tool.lnk    Support tool.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists\Technical support    File
Today, 25/02/2024 11:17:51    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    Technical support website.lnk    Technical support website.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists\Technical support    File
Today, 25/02/2024 11:17:51    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    Uninstall Health, safety and environment test download for operatives and specialists.lnk    Uninstall Health, safety and environment test download for operatives and specialists.lnk    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HS&E test download for operatives and specialists    File
Today, 25/02/2024 11:17:51    Object deleted    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    File deleted    File deleted        Adware    Informational    Exactly    HS&E test download for operatives and specialists.lnk    HS&E test download for operatives and specialists.lnk    C:\Users\Public\Desktop    File
Today, 25/02/2024 11:17:51    Rollback completed    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Rollback of application's actions: not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Rollback of application's actions    not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Adware    Medium    Exactly    hse_test_download_for_operatives_and_specialists.tmp    hse_test_download_for_operatives_and_specialists.tmp    c:\users\damia\appdata\local\temp\is-6uu4q.tmp    Process
Today, 25/02/2024 11:17:51    Rollback completed    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Rollback of application's actions: not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Rollback of application's actions    not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Adware    Medium    Exactly    hse_test_download_for_operatives_and_specialists.exe    hse_test_download_for_operatives_and_specialists.exe    c:\users\damia\downloads    Process
Today, 25/02/2024 11:17:51    Rollback completed    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Rollback of application's actions: not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Rollback of application's actions    not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Adware    Medium    Exactly    hse_test_download_for_operatives_and_specialists.tmp    hse_test_download_for_operatives_and_specialists.tmp    c:\users\damia\appdata\local\temp\is-8hd4e.tmp    Process
Today, 25/02/2024 11:17:51    Rollback completed    HSE_test_download_for_operatives_and_specialists.exe    HSE_test_download_for_operatives_and_specialists.exe    C:\Users\damia\Downloads    29236    NOCNAZMORA\damia    Initiator    Rollback of application's actions: not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Rollback of application's actions    not-a-virus:PDM:AdWare.Win32.Agent.lnk.9    Adware    Medium    Exactly    hse_test_download_for_operatives_and_specialists.exe    hse_test_download_for_operatives_and_specialists.exe    c:\users\damia\downloads    Process
15/02/2024 17:05:43    Task stopped        avp.exe    C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15        NT AUTHORITY\SYSTEM    System user
15/02/2024 17:06:19    Task started        avp.exe    C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15        NT AUTHORITY\SYSTEM    System user
15/02/2024 17:08:53    Task started        avp.exe    C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16        NOCNAZMORA\damia    Active user
15/02/2024 17:30:27    Task stopped        avp.exe    C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16        NT AUTHORITY\SYSTEM    System user
15/02/2024 17:30:57    Task started        avp.exe    C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16        NT AUTHORITY\SYSTEM    System user
19/02/2024 18:17:09    Task stopped        avp.exe    C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16        NT AUTHORITY\SYSTEM    System user
19/02/2024 18:17:43    Task started        avp.exe    C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16        NT AUTHORITY\SYSTEM    System user
20/02/2024 19:19:01    Task stopped        avp.exe    C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16        NOCNAZMORA\damia    Active user
20/02/2024 19:19:09    Task started        avp.exe    C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16        NOCNAZMORA\damia    Active user

Edited February 25 by Berny

Berny · February 25

@DamianK Welcome.

Please try this ?

1) Clear TMP files + reboot

2) Download / run AdwCleaner as ADMIN

3) Reboot > Run a Kaspersky scan

DamianK · February 25

Hi

Thanks,

allready works and after 10 minutes app still not deleted.
Many many thanks

Berny · February 25

@DamianK You are welcome

1 hour ago, DamianK said:

app still not deleted.

Can you please specify 🤔

application that can be used by intruders to damage your computer or personal data

Recommended Posts

DamianK

Link to comment

Share on other sites

Berny

Link to comment

Share on other sites

DamianK

Link to comment

Share on other sites

Berny

Link to comment

Share on other sites

Please sign in to comment

Similar Content

Forum

Products

Support

Personal Account