| |
| |||||||
Netzwerk und Hardware: Altrechner mit Windows 10 / Linux oder neues GerätWindows 7 Hilfe zu Motherboards, CPUs, Lüfter, Raid-Controller, Digitalkameras, Treiber usw. Bitte alle relevanten Angaben zur Hardware machen. Welche Hardware habe ich? Themen zum Trojaner Entfernen oder Viren Beseitigung bitte in den Bereinigungsforen des Trojaner-Boards posten. |
 |
| |
31.03.2025, 18:22
| #1 | |
 |  Altrechner mit Windows 10 / Linux oder neues GerätZitat:
__________________ "Consider again that dot. That's here. That's home. That's us. On it everyone you love, everyone you know, everyone you ever heard of, every human being who ever was, lived out their lives."— Carl Sagan |
|
31.03.2025, 20:26
| #2 | |
| /// TB-Ausbilder   | Altrechner mit Windows 10 / Linux oder neues GerätZitat:
Aber es muss ja Malware sein... komme was wolle. |
|
01.04.2025, 12:59
| #3 |
 | Altrechner mit Windows 10 / Linux oder neues Gerät Die Tastatur geht im gestarteten Mint. Leider habe Ich keine andere Tastatur.
__________________Der Windows Rechner hatte beschädigte Windowsdateien nach der Reperatur hatte er diese Fernsteuerung immer noch drauf. |
|
01.04.2025, 13:02
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Altrechner mit Windows 10 / Linux oder neues GerätZitat:
Wenn du immer noch glaubst du hast ne magic malware und irgendwelche Hacker in deinem System dann hilft nur: dieses Altgerät (zu alt Windows 11) mit Linux neu installieren oder neuen Computer mit Windows 11 kaufen. Auch das wurde mindestens 3x erklärt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.04.2025, 15:26
| #5 |
| | Defenderlogs Ich habe eine externe Festplatte. Auf dieser speichere Ich Backups. Die Daten der Backups liesen sich nicht herstellen. Daraufhin startete Ich die Datenrettung. Es wurden massig Daten gefunden. Es wurde beim Speichern der Daten dann eine Schadsoftware nach der anderen gefunden und Ich habe mich entschlossen den Prozess abzubrechen. Die Daten die Ich wiederhergestellt hatte stammten keineswegs von mir. Es waren beispielsweise massenhaft unbekannte Bilder und Dll's in den Ordnern die Ich absolut nicht zuordnen konnte. Was kann Ich mit dieser externen kontaminierten Festplatte tun? Bestehende Daten und Datenstrukturen wurden verändert oder verschwanden gänzlich. Code:
ATTFilter Protokollname: Microsoft-Windows-Windows Defender/Operational
Quelle: Microsoft-Windows-Windows Defender
Datum: 30.03.2025 08:50:32
Ereignis-ID: 1116
Aufgabenkategorie:Keine
Ebene: Warnung
Schlüsselwörter:
Benutzer: SYSTEM
Computer: HP
Beschreibung:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: High
Category: Settings Modifier
Path: file:_D:\Backup\recup_dir.712\f655214816.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
User: HP\julia
Process Name: C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe
Security intelligence Version: AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0
Engine Version: AM: 1.1.25020.1007, NIS: 1.1.25020.1007
Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Windows Defender" Guid="{11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78}" />
<EventID>1116</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2025-03-30T06:50:32.0997679Z" />
<EventRecordID>11274</EventRecordID>
<Correlation />
<Execution ProcessID="3216" ThreadID="12960" />
<Channel>Microsoft-Windows-Windows Defender/Operational</Channel>
<Computer>HP</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Product Name">Microsoft Defender Antivirus</Data>
<Data Name="Product Version">4.18.25010.11</Data>
<Data Name="Detection ID">{A15838D3-4100-4CD0-B72E-060DFFB2AA9A}</Data>
<Data Name="Detection Time">2025-03-30T06:50:31.741Z</Data>
<Data Name="Unused">
</Data>
<Data Name="Unused2">
</Data>
<Data Name="Threat ID">265744</Data>
<Data Name="Threat Name">Program:Win32/Wacapew.C!ml</Data>
<Data Name="Severity ID">4</Data>
<Data Name="Severity Name">High</Data>
<Data Name="Category ID">23</Data>
<Data Name="Category Name">Settings Modifier</Data>
<Data Name="FWLink">https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0</Data>
<Data Name="Status Code">1</Data>
<Data Name="Status Description">
</Data>
<Data Name="State">1</Data>
<Data Name="Source ID">3</Data>
<Data Name="Source Name">Real-Time Protection</Data>
<Data Name="Process Name">C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe</Data>
<Data Name="Detection User">HP\julia</Data>
<Data Name="Unused3">
</Data>
<Data Name="Path">file:_D:\Backup\recup_dir.712\f655214816.dll</Data>
<Data Name="Origin ID">1</Data>
<Data Name="Origin Name">Local machine</Data>
<Data Name="Execution ID">1</Data>
<Data Name="Execution Name">Suspended</Data>
<Data Name="Type ID">8</Data>
<Data Name="Type Name">FastPath</Data>
<Data Name="Pre Execution Status">0</Data>
<Data Name="Action ID">9</Data>
<Data Name="Action Name">Not Applicable</Data>
<Data Name="Unused4">
</Data>
<Data Name="Error Code">0x00000000</Data>
<Data Name="Error Description">Der Vorgang wurde erfolgreich beendet. </Data>
<Data Name="Unused5">
</Data>
<Data Name="Post Clean Status">0</Data>
<Data Name="Additional Actions ID">0</Data>
<Data Name="Additional Actions String">No additional actions required</Data>
<Data Name="Remediation User">
</Data>
<Data Name="Unused6">
</Data>
<Data Name="Security intelligence Version">AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0</Data>
<Data Name="Engine Version">AM: 1.1.25020.1007, NIS: 1.1.25020.1007</Data>
</EventData>
</Event>
Code:
ATTFilter Protokollname: Microsoft-Windows-Windows Defender/Operational
Quelle: Microsoft-Windows-Windows Defender
Datum: 30.03.2025 08:22:22
Ereignis-ID: 1116
Aufgabenkategorie:Keine
Ebene: Warnung
Schlüsselwörter:
Benutzer: SYSTEM
Computer: HP
Beschreibung:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_D:\Backup\recup_dir.620\f633840552.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
User: HP\julia
Process Name: C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe
Security intelligence Version: AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0
Engine Version: AM: 1.1.25020.1007, NIS: 1.1.25020.1007
Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Windows Defender" Guid="{11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78}" />
<EventID>1116</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2025-03-30T06:22:22.8417622Z" />
<EventRecordID>11174</EventRecordID>
<Correlation />
<Execution ProcessID="3216" ThreadID="19748" />
<Channel>Microsoft-Windows-Windows Defender/Operational</Channel>
<Computer>HP</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Product Name">Microsoft Defender Antivirus</Data>
<Data Name="Product Version">4.18.25010.11</Data>
<Data Name="Detection ID">{473A8344-0912-4218-AD7D-94EE45CBA930}</Data>
<Data Name="Detection Time">2025-03-30T06:22:22.325Z</Data>
<Data Name="Unused">
</Data>
<Data Name="Unused2">
</Data>
<Data Name="Threat ID">2147735505</Data>
<Data Name="Threat Name">Trojan:Win32/Wacatac.B!ml</Data>
<Data Name="Severity ID">5</Data>
<Data Name="Severity Name">Severe</Data>
<Data Name="Category ID">8</Data>
<Data Name="Category Name">Trojan</Data>
<Data Name="FWLink">https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0</Data>
<Data Name="Status Code">1</Data>
<Data Name="Status Description">
</Data>
<Data Name="State">1</Data>
<Data Name="Source ID">3</Data>
<Data Name="Source Name">Real-Time Protection</Data>
<Data Name="Process Name">C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe</Data>
<Data Name="Detection User">HP\julia</Data>
<Data Name="Unused3">
</Data>
<Data Name="Path">file:_D:\Backup\recup_dir.620\f633840552.dll</Data>
<Data Name="Origin ID">1</Data>
<Data Name="Origin Name">Local machine</Data>
<Data Name="Execution ID">1</Data>
<Data Name="Execution Name">Suspended</Data>
<Data Name="Type ID">8</Data>
<Data Name="Type Name">FastPath</Data>
<Data Name="Pre Execution Status">0</Data>
<Data Name="Action ID">9</Data>
<Data Name="Action Name">Not Applicable</Data>
<Data Name="Unused4">
</Data>
<Data Name="Error Code">0x00000000</Data>
<Data Name="Error Description">Der Vorgang wurde erfolgreich beendet. </Data>
<Data Name="Unused5">
</Data>
<Data Name="Post Clean Status">0</Data>
<Data Name="Additional Actions ID">0</Data>
<Data Name="Additional Actions String">No additional actions required</Data>
<Data Name="Remediation User">
</Data>
<Data Name="Unused6">
</Data>
<Data Name="Security intelligence Version">AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0</Data>
<Data Name="Engine Version">AM: 1.1.25020.1007, NIS: 1.1.25020.1007</Data>
</EventData>
</Event>
Code:
ATTFilter Protokollname: Microsoft-Windows-Windows Defender/Operational
Quelle: Microsoft-Windows-Windows Defender
Datum: 30.03.2025 07:02:02
Ereignis-ID: 1116
Aufgabenkategorie:Keine
Ebene: Warnung
Schlüsselwörter:
Benutzer: SYSTEM
Computer: HP
Beschreibung:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: file:_D:\Backup\recup_dir.514\f503175584.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
User: HP\julia
Process Name: C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe
Security intelligence Version: AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0
Engine Version: AM: 1.1.25020.1007, NIS: 1.1.25020.1007
Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Windows Defender" Guid="{11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78}" />
<EventID>1116</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2025-03-30T05:02:02.5790961Z" />
<EventRecordID>11064</EventRecordID>
<Correlation />
<Execution ProcessID="3216" ThreadID="10196" />
<Channel>Microsoft-Windows-Windows Defender/Operational</Channel>
<Computer>HP</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Product Name">Microsoft Defender Antivirus</Data>
<Data Name="Product Version">4.18.25010.11</Data>
<Data Name="Detection ID">{8272F3F2-CA37-4086-AEB0-9A6849F2F406}</Data>
<Data Name="Detection Time">2025-03-30T05:02:02.443Z</Data>
<Data Name="Unused">
</Data>
<Data Name="Unused2">
</Data>
<Data Name="Threat ID">2147723625</Data>
<Data Name="Threat Name">Trojan:Win32/Tiggre!rfn</Data>
<Data Name="Severity ID">5</Data>
<Data Name="Severity Name">Severe</Data>
<Data Name="Category ID">8</Data>
<Data Name="Category Name">Trojan</Data>
<Data Name="FWLink">https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0</Data>
<Data Name="Status Code">1</Data>
<Data Name="Status Description">
</Data>
<Data Name="State">1</Data>
<Data Name="Source ID">3</Data>
<Data Name="Source Name">Real-Time Protection</Data>
<Data Name="Process Name">C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe</Data>
<Data Name="Detection User">HP\julia</Data>
<Data Name="Unused3">
</Data>
<Data Name="Path">file:_D:\Backup\recup_dir.514\f503175584.dll</Data>
<Data Name="Origin ID">1</Data>
<Data Name="Origin Name">Local machine</Data>
<Data Name="Execution ID">1</Data>
<Data Name="Execution Name">Suspended</Data>
<Data Name="Type ID">0</Data>
<Data Name="Type Name">Concrete</Data>
<Data Name="Pre Execution Status">0</Data>
<Data Name="Action ID">9</Data>
<Data Name="Action Name">Not Applicable</Data>
<Data Name="Unused4">
</Data>
<Data Name="Error Code">0x00000000</Data>
<Data Name="Error Description">Der Vorgang wurde erfolgreich beendet. </Data>
<Data Name="Unused5">
</Data>
<Data Name="Post Clean Status">0</Data>
<Data Name="Additional Actions ID">0</Data>
<Data Name="Additional Actions String">No additional actions required</Data>
<Data Name="Remediation User">
</Data>
<Data Name="Unused6">
</Data>
<Data Name="Security intelligence Version">AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0</Data>
<Data Name="Engine Version">AM: 1.1.25020.1007, NIS: 1.1.25020.1007</Data>
</EventData>
</Event>
Code:
ATTFilter Protokollname: Microsoft-Windows-Windows Defender/Operational
Quelle: Microsoft-Windows-Windows Defender
Datum: 30.03.2025 06:31:08
Ereignis-ID: 1116
Aufgabenkategorie:Keine
Ebene: Warnung
Schlüsselwörter:
Benutzer: SYSTEM
Computer: HP
Beschreibung:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: file:_D:\Backup\recup_dir.510\f448978944.dll; file:_D:\Backup\recup_dir.510\f448990752.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
User: HP\julia
Process Name: C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe
Security intelligence Version: AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0
Engine Version: AM: 1.1.25020.1007, NIS: 1.1.25020.1007
Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Windows Defender" Guid="{11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78}" />
<EventID>1116</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2025-03-30T04:31:08.8859056Z" />
<EventRecordID>11043</EventRecordID>
<Correlation />
<Execution ProcessID="3216" ThreadID="20672" />
<Channel>Microsoft-Windows-Windows Defender/Operational</Channel>
<Computer>HP</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Product Name">Microsoft Defender Antivirus</Data>
<Data Name="Product Version">4.18.25010.11</Data>
<Data Name="Detection ID">{BBAD9AAA-8550-4BD2-86A2-AB4272353CFA}</Data>
<Data Name="Detection Time">2025-03-30T04:31:04.322Z</Data>
<Data Name="Unused">
</Data>
<Data Name="Unused2">
</Data>
<Data Name="Threat ID">2147723625</Data>
<Data Name="Threat Name">Trojan:Win32/Tiggre!rfn</Data>
<Data Name="Severity ID">5</Data>
<Data Name="Severity Name">Severe</Data>
<Data Name="Category ID">8</Data>
<Data Name="Category Name">Trojan</Data>
<Data Name="FWLink">https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0</Data>
<Data Name="Status Code">1</Data>
<Data Name="Status Description">
</Data>
<Data Name="State">1</Data>
<Data Name="Source ID">3</Data>
<Data Name="Source Name">Real-Time Protection</Data>
<Data Name="Process Name">C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe</Data>
<Data Name="Detection User">HP\julia</Data>
<Data Name="Unused3">
</Data>
<Data Name="Path">file:_D:\Backup\recup_dir.510\f448978944.dll; file:_D:\Backup\recup_dir.510\f448990752.dll</Data>
<Data Name="Origin ID">1</Data>
<Data Name="Origin Name">Local machine</Data>
<Data Name="Execution ID">1</Data>
<Data Name="Execution Name">Suspended</Data>
<Data Name="Type ID">0</Data>
<Data Name="Type Name">Concrete</Data>
<Data Name="Pre Execution Status">0</Data>
<Data Name="Action ID">9</Data>
<Data Name="Action Name">Not Applicable</Data>
<Data Name="Unused4">
</Data>
<Data Name="Error Code">0x00000000</Data>
<Data Name="Error Description">Der Vorgang wurde erfolgreich beendet. </Data>
<Data Name="Unused5">
</Data>
<Data Name="Post Clean Status">0</Data>
<Data Name="Additional Actions ID">0</Data>
<Data Name="Additional Actions String">No additional actions required</Data>
<Data Name="Remediation User">
</Data>
<Data Name="Unused6">
</Data>
<Data Name="Security intelligence Version">AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0</Data>
<Data Name="Engine Version">AM: 1.1.25020.1007, NIS: 1.1.25020.1007</Data>
</EventData>
</Event>
Code:
ATTFilter Protokollname: Microsoft-Windows-Windows Defender/Operational
Quelle: Microsoft-Windows-Windows Defender
Datum: 30.03.2025 06:31:04
Ereignis-ID: 1116
Aufgabenkategorie:Keine
Ebene: Warnung
Schlüsselwörter:
Benutzer: SYSTEM
Computer: HP
Beschreibung:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: file:_D:\Backup\recup_dir.510\f448978944.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
User: HP\julia
Process Name: C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe
Security intelligence Version: AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0
Engine Version: AM: 1.1.25020.1007, NIS: 1.1.25020.1007
Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Windows Defender" Guid="{11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78}" />
<EventID>1116</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2025-03-30T04:31:04.4661716Z" />
<EventRecordID>11037</EventRecordID>
<Correlation />
<Execution ProcessID="3216" ThreadID="22268" />
<Channel>Microsoft-Windows-Windows Defender/Operational</Channel>
<Computer>HP</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Product Name">Microsoft Defender Antivirus</Data>
<Data Name="Product Version">4.18.25010.11</Data>
<Data Name="Detection ID">{BBAD9AAA-8550-4BD2-86A2-AB4272353CFA}</Data>
<Data Name="Detection Time">2025-03-30T04:31:04.322Z</Data>
<Data Name="Unused">
</Data>
<Data Name="Unused2">
</Data>
<Data Name="Threat ID">2147723625</Data>
<Data Name="Threat Name">Trojan:Win32/Tiggre!rfn</Data>
<Data Name="Severity ID">5</Data>
<Data Name="Severity Name">Severe</Data>
<Data Name="Category ID">8</Data>
<Data Name="Category Name">Trojan</Data>
<Data Name="FWLink">https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0</Data>
<Data Name="Status Code">1</Data>
<Data Name="Status Description">
</Data>
<Data Name="State">1</Data>
<Data Name="Source ID">3</Data>
<Data Name="Source Name">Real-Time Protection</Data>
<Data Name="Process Name">C:\Users\julia\Downloads\testdisk-7.2-wip.win64\testdisk-7.2-WIP\photorec_win.exe</Data>
<Data Name="Detection User">HP\julia</Data>
<Data Name="Unused3">
</Data>
<Data Name="Path">file:_D:\Backup\recup_dir.510\f448978944.dll</Data>
<Data Name="Origin ID">1</Data>
<Data Name="Origin Name">Local machine</Data>
<Data Name="Execution ID">1</Data>
<Data Name="Execution Name">Suspended</Data>
<Data Name="Type ID">0</Data>
<Data Name="Type Name">Concrete</Data>
<Data Name="Pre Execution Status">0</Data>
<Data Name="Action ID">9</Data>
<Data Name="Action Name">Not Applicable</Data>
<Data Name="Unused4">
</Data>
<Data Name="Error Code">0x00000000</Data>
<Data Name="Error Description">Der Vorgang wurde erfolgreich beendet. </Data>
<Data Name="Unused5">
</Data>
<Data Name="Post Clean Status">0</Data>
<Data Name="Additional Actions ID">0</Data>
<Data Name="Additional Actions String">No additional actions required</Data>
<Data Name="Remediation User">
</Data>
<Data Name="Unused6">
</Data>
<Data Name="Security intelligence Version">AV: 1.425.326.0, AS: 1.425.326.0, NIS: 1.425.326.0</Data>
<Data Name="Engine Version">AM: 1.1.25020.1007, NIS: 1.1.25020.1007</Data>
</EventData>
</Event>
Geändert von shiva999 (01.04.2025 um 16:24 Uhr) Grund: Eigntlich hatte Ich gefragt wo Ich die Logs vom Defender finde, aber der Text ist verschwunden |
|
01.04.2025, 16:36
| #6 | |
   | Altrechner mit Windows 10 / Linux oder neues GerätZitat:
|
|
| Themen zu Altrechner mit Windows 10 / Linux oder neues Gerät |
| daten, defender, definitiv, eingestuft, entdeck, entdeckt, fernsteuerung, gelöscht, löschung, manipulation von daten, markierung, troja, trojan, trojaner, versuch, versucht, win |
Hybrid-Darstellung
