|
Ungewollte backuprestore-Funktion nach Einsatz von Bereinigungsprogrammen Guten Tag bin noch neu hier - hoffe für Alle verständlich zu sein. Hatte neulich eine lästige Werbe-Menueleiste eingefangen. Die konnte ich durch die Installation (und auch wieder Deinstallation) verschiedenere Spy-Produkte beheben. u.a. jv16 powertools , escan, adaware, spybot. Eins dieser schönen Produkte hat aber wohl dafür gesorgt, dass mein kleiner alter PC sicherungsmäßig etwa wie ein 2003server funktioniert. Ich habe ja die Partitionen als NTFS formatiert. Und normalerweise liegt ja nicht viel im Unterordner „System Volume Information“. Für die Serverfunktion bietet ja Microsoft die VSS-Funktion zum automatischen BackupRestore von System und Anwenderdateien an, wobei die Sicherung in dem genannten Unterordner erfolgen soll. Zur Administration stehen aber bei dieser System-Version verschiedene Instrumente zur Verfügung, die in der Home-Edition natürlich fehlen Das geschieht aber jetzt bei mir beim Start mit Kopien der Registry und anschließend etwa mit allen gelöschten Dateien. Wird im Verlauf etwas viel. Auch wenn ich das z.T. manuell löschen kann, ist das lästig. Dürfte auch die Performance mindern. Habe schon alle entsprechenden Systemdienste für Schattenkopien deaktiviert, hilft aber eher nicht. Gesteuert wird das wohl über Einträge in der Register-DB mit den Unterkeys zu backuprestore. Bisher aber neu für mich in einer Home-Edition. Die Übersicht der aktiven Prozesse gibt für mich auch nicht viel her, wobei Einer durchaus dafür relevant sein muss, da ich eine spezielle Datei „change.log“ unter System Volume Information\restore….\RPxx\ nicht löschen/ändern kann wegen Verweis auf ein aktives Programm. Vermute mal, dass ein normaler Microsoft-Prozess – gestartet mit bestimmten Parametern für die fragliche Funktion genutzt wird. Im übrigen läuft wohl beim Systemstart so Einiges gesteuert über die Registry ab. Wer kann mir dabei helfen, diese schöne "Funktion" wieder zurückzusetzen? Danke im voraus aus Ddorf |
hallo, erstelle doch mal ein HJT logfile nach anleitung in meiner signatur.. |
Guten Tag und noch einen schönen Sonntag vielen Dank für die erste Anregung. Habe also wie vorgeschlagen verfahren. Selber löschen traue ich mich aktuell noch nicht. Wie erkennbar habe ich installiert und damit z.T. resident: ANTIVIR, SPYBOT, AOL, NETGEAR WLAN Karte und im I-Explorer die GOOGLE-Suchleiste. Habe also unten die Log-Datei reinkopiert. Zusätzlich habe ich - durch eine nStrich getrennt - wesentliche Auszüge aus backuprestore der registry reinkopiert (überraschend darin active directory restore...) Vielleicht kann mir jemand bei meinem Problem helfen. Danke im voraus jetzt erst mal das - anonymisierte - log ________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 12:43:18, on 08.01.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLACSD.EXE C:\Programme\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\Explorer.EXE C:\Programme\AVPersonal\AVGNT.EXE C:\WINDOWS\system32\ctfmon.exe D:\Programme\Spybot - Search & Destroy\TeaTimer.exe D:\Programme\NETGEAR\wlancfg5.exe D:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Programme\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.oberkassel.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.lycos.de/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt für *** R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.isis.de:8080 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: MA521 Configuration Utility.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Google-Suche - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Ins Deutsche übersetzen - res://c:\programme\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - D:\Programme\IrfanView\Ebay\Ebay.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file) O14 - IERESET.INF: START_PAGE_URL=h**p://www.lycos.de/ O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - h**p://aolcc.aol.de/computercheckup/qdiagcc.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119802116236 O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - h**p://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{4506E621-3AEF-41D8-B7A5-2C205BA96FAD}: NameServer = 85.255.115.36,85.255.112.135 O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLACSD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE ----------------------------------------- und hier der registry Auszug: ----------------------------------------- Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\AsrKeysNotToRestore] "Plug & Play"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,00,43,00,6f,00,6e,\ 00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,43,00,6f,00,6e,00,74,00,\ 72,00,6f,00,6c,00,5c,00,43,00,72,00,69,00,74,00,69,00,63,00,61,00,6c,00,44,\ 00,65,00,76,00,69,00,63,00,65,00,44,00,61,00,74,00,61,00,62,00,61,00,73,00,\ 65,00,5c,00,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\FilesNotToBackup] "ASR Log File"=hex(7):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,72,00,65,00,70,00,61,00,69,00,72,00,5c,00,61,00,73,00,\ 72,00,2e,00,6c,00,6f,00,67,00,00,00,00,00 "ASR Error File"=hex(7):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,\ 6f,00,74,00,25,00,5c,00,72,00,65,00,70,00,61,00,69,00,72,00,5c,00,61,00,73,\ 00,72,00,2e,00,65,00,72,00,72,00,00,00,00,00 "Client Side Cache"=hex(7):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,\ 00,6f,00,74,00,25,00,5c,00,63,00,73,00,63,00,5c,00,2a,00,20,00,2f,00,73,00,\ 00,00,00,00 "Internet Explorer"=hex(7):25,00,55,00,73,00,65,00,72,00,50,00,72,00,6f,00,66,\ 00,69,00,6c,00,65,00,25,00,5c,00,69,00,6e,00,64,00,65,00,78,00,2e,00,64,00,\ 61,00,74,00,20,00,2f,00,73,00,00,00,00,00 "Memory Page File"=hex(7):5c,00,50,00,61,00,67,00,65,00,66,00,69,00,6c,00,65,\ 00,2e,00,73,00,79,00,73,00,00,00,00,00 "Microsoft Writer (Bootable State)"=hex(7):25,00,53,00,79,00,73,00,74,00,65,00,\ 6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,52,00,65,00,67,00,69,00,73,00,74,\ 00,72,00,61,00,74,00,69,00,6f,00,6e,00,5c,00,2a,00,2e,00,63,00,6c,00,62,00,\ 00,00,5c,00,2a,00,2e,00,63,00,72,00,6d,00,6c,00,6f,00,67,00,20,00,2f,00,73,\ 00,00,00,00,00 "Netlogon"=hex(7):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,6e,00,65,00,74,00,6c,00,6f,00,67,00,6f,00,6e,00,2e,00,63,\ 00,68,00,67,00,00,00,00,00 "Power Management"=hex(7):5c,00,68,00,69,00,62,00,65,00,72,00,66,00,69,00,6c,\ 00,2e,00,73,00,79,00,73,00,00,00,00,00 "VSS Default Provider"=hex(7):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,20,00,\ 56,00,6f,00,6c,00,75,00,6d,00,65,00,20,00,49,00,6e,00,66,00,6f,00,72,00,6d,\ 00,61,00,74,00,69,00,6f,00,6e,00,5c,00,2a,00,7b,00,33,00,38,00,30,00,38,00,\ 38,00,37,00,36,00,42,00,2d,00,43,00,31,00,37,00,36,00,2d,00,34,00,65,00,34,\ 00,38,00,2d,00,42,00,37,00,41,00,45,00,2d,00,30,00,34,00,30,00,34,00,36,00,\ 45,00,36,00,43,00,43,00,37,00,35,00,32,00,7d,00,20,00,2f,00,73,00,00,00,00,\ 00 "Task Scheduler"=hex(7):25,00,53,00,59,00,53,00,54,00,45,00,4d,00,52,00,4f,00,\ 4f,00,54,00,25,00,5c,00,73,00,63,00,68,00,65,00,64,00,6c,00,67,00,75,00,2e,\ 00,74,00,78,00,74,00,00,00,00,00 "Temporary Files"=hex(7):25,00,54,00,45,00,4d,00,50,00,25,00,5c,00,2a,00,20,00,\ 2f,00,73,00,00,00,00,00 "Winlogon debug"=hex(7):25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,\ 64,00,65,00,62,00,75,00,67,00,5c,00,2a,00,00,00,00,00 "Catalog Database"=hex(7):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,\ 00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\ 5c,00,43,00,61,00,74,00,52,00,6f,00,6f,00,74,00,32,00,5c,00,2a,00,20,00,2f,\ 00,73,00,00,00,00,00 "MS Distributed Transaction Coordinator"=hex(7):43,00,3a,00,5c,00,57,00,49,00,\ 4e,00,44,00,4f,00,57,00,53,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,\ 00,32,00,5c,00,4d,00,53,00,44,00,74,00,63,00,5c,00,4d,00,53,00,44,00,54,00,\ 43,00,2e,00,4c,00,4f,00,47,00,00,00,43,00,3a,00,5c,00,57,00,49,00,4e,00,44,\ 00,4f,00,57,00,53,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\ 5c,00,4d,00,53,00,44,00,74,00,63,00,5c,00,74,00,72,00,61,00,63,00,65,00,5c,\ 00,64,00,74,00,63,00,74,00,72,00,61,00,63,00,65,00,2e,00,6c,00,6f,00,67,00,\ 00,00,00,00 "DRM"=hex(7):43,00,3a,00,5c,00,44,00,6f,00,6b,00,75,00,6d,00,65,00,6e,00,74,00,\ 65,00,20,00,75,00,6e,00,64,00,20,00,45,00,69,00,6e,00,73,00,74,00,65,00,6c,\ 00,6c,00,75,00,6e,00,67,00,65,00,6e,00,5c,00,41,00,6c,00,6c,00,20,00,55,00,\ 73,00,65,00,72,00,73,00,5c,00,44,00,52,00,4d,00,5c,00,2a,00,20,00,2f,00,73,\ 00,00,00 "System Restore"=hex(7):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,20,00,56,00,\ 6f,00,6c,00,75,00,6d,00,65,00,20,00,49,00,6e,00,66,00,6f,00,72,00,6d,00,61,\ 00,74,00,69,00,6f,00,6e,00,5c,00,5f,00,72,00,65,00,73,00,74,00,6f,00,72,00,\ 65,00,7b,00,42,00,44,00,33,00,39,00,30,00,31,00,45,00,38,00,2d,00,41,00,38,\ 00,31,00,33,00,2d,00,34,00,32,00,30,00,30,00,2d,00,39,00,35,00,34,00,31,00,\ 2d,00,30,00,33,00,39,00,42,00,33,00,45,00,39,00,46,00,31,00,34,00,43,00,38,\ 00,7d,00,5c,00,2a,00,20,00,2f,00,73,00,00,00,00,00 "BITS_metadata"=hex(7):43,00,3a,00,5c,00,44,00,6f,00,6b,00,75,00,6d,00,65,00,\ 6e,00,74,00,65,00,20,00,75,00,6e,00,64,00,20,00,45,00,69,00,6e,00,73,00,74,\ 00,65,00,6c,00,6c,00,75,00,6e,00,67,00,65,00,6e,00,5c,00,41,00,6c,00,6c,00,\ 20,00,55,00,73,00,65,00,72,00,73,00,5c,00,41,00,6e,00,77,00,65,00,6e,00,64,\ 00,75,00,6e,00,67,00,73,00,64,00,61,00,74,00,65,00,6e,00,5c,00,4d,00,69,00,\ 63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,4e,00,65,00,74,00,77,00,6f,\ 00,72,00,6b,00,5c,00,44,00,6f,00,77,00,6e,00,6c,00,6f,00,61,00,64,00,65,00,\ 72,00,5c,00,2a,00,00,00,00,00 "Registry Writer"=hex(7):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,\ 6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,\ 00,4e,00,74,00,6d,00,73,00,44,00,61,00,74,00,61,00,5c,00,2a,00,00,00,00,00 "VSS Service DB"=hex(7):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,20,00,56,00,\ 6f,00,6c,00,75,00,6d,00,65,00,20,00,49,00,6e,00,66,00,6f,00,72,00,6d,00,61,\ 00,74,00,69,00,6f,00,6e,00,5c,00,2a,00,2e,00,7b,00,37,00,63,00,63,00,34,00,\ 36,00,37,00,65,00,66,00,2d,00,36,00,38,00,36,00,35,00,2d,00,34,00,38,00,33,\ 00,31,00,2d,00,38,00,35,00,33,00,66,00,2d,00,32,00,61,00,34,00,38,00,31,00,\ 37,00,66,00,64,00,31,00,62,00,63,00,61,00,7d,00,44,00,42,00,00,00,00,00 "VSS Service Alternate DB"=hex(7):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,20,\ 00,56,00,6f,00,6c,00,75,00,6d,00,65,00,20,00,49,00,6e,00,66,00,6f,00,72,00,\ 6d,00,61,00,74,00,69,00,6f,00,6e,00,5c,00,2a,00,2e,00,7b,00,37,00,63,00,63,\ 00,34,00,36,00,37,00,65,00,66,00,2d,00,36,00,38,00,36,00,35,00,2d,00,34,00,\ 38,00,33,00,31,00,2d,00,38,00,35,00,33,00,66,00,2d,00,32,00,61,00,34,00,38,\ 00,31,00,37,00,66,00,64,00,31,00,62,00,63,00,61,00,7d,00,41,00,4c,00,54,00,\ 00,00,00,00 "SUS Client"=hex(7):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,6f,00,66,00,74,00,77,00,61,00,72,00,65,00,44,00,\ 69,00,73,00,74,00,72,00,69,00,62,00,75,00,74,00,69,00,6f,00,6e,00,5c,00,2a,\ 00,20,00,2f,00,73,00,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\KeysNotToRestore] "Plug & Play"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,00,43,00,6f,00,6e,\ 00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,43,00,6f,00,6e,00,74,00,\ 72,00,6f,00,6c,00,5c,00,43,00,72,00,69,00,74,00,69,00,63,00,61,00,6c,00,44,\ 00,65,00,76,00,69,00,63,00,65,00,44,00,61,00,74,00,61,00,62,00,61,00,73,00,\ 65,00,5c,00,00,00,00,00 "Mount Manager"=hex(7):4d,00,6f,00,75,00,6e,00,74,00,65,00,64,00,44,00,65,00,\ 76,00,69,00,63,00,65,00,73,00,5c,00,00,00,00,00 "Fault Tolerance"=hex(7):44,00,69,00,73,00,6b,00,5c,00,00,00,00,00 "Installed Services"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,00,43,00,6f,\ 00,6e,00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,53,00,65,00,72,00,\ 76,00,69,00,63,00,65,00,73,00,5c,00,2a,00,00,00,00,00 "Active Directory Restore"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,00,43,\ 00,6f,00,6e,00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,53,00,65,00,\ 72,00,76,00,69,00,63,00,65,00,73,00,5c,00,4e,00,54,00,44,00,53,00,5c,00,52,\ 00,65,00,73,00,74,00,6f,00,72,00,65,00,20,00,49,00,6e,00,20,00,50,00,72,00,\ 6f,00,67,00,72,00,65,00,73,00,73,00,5c,00,00,00,43,00,75,00,72,00,72,00,65,\ 00,6e,00,74,00,43,00,6f,00,6e,00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,\ 5c,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,73,00,5c,00,4e,00,54,00,44,\ 00,53,00,5c,00,50,00,61,00,72,00,61,00,6d,00,65,00,74,00,65,00,72,00,73,00,\ 5c,00,4e,00,65,00,77,00,20,00,44,00,61,00,74,00,61,00,62,00,61,00,73,00,65,\ 00,20,00,47,00,55,00,49,00,44,00,00,00,00,00 "Pending Rename Operations"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,00,\ 43,00,6f,00,6e,00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,43,00,6f,\ 00,6e,00,74,00,72,00,6f,00,6c,00,5c,00,53,00,65,00,73,00,73,00,69,00,6f,00,\ 6e,00,20,00,4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,5c,00,50,00,65,00,6e,\ 00,64,00,69,00,6e,00,67,00,46,00,69,00,6c,00,65,00,52,00,65,00,6e,00,61,00,\ 6d,00,65,00,4f,00,70,00,65,00,72,00,61,00,74,00,69,00,6f,00,6e,00,73,00,00,\ 00,00,00 "LDM Boot Information"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,00,43,00,\ 6f,00,6e,00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,53,00,65,00,72,\ 00,76,00,69,00,63,00,65,00,73,00,5c,00,64,00,6d,00,69,00,6f,00,5c,00,62,00,\ 6f,00,6f,00,74,00,20,00,69,00,6e,00,66,00,6f,00,5c,00,00,00,00,00 "Windows Setup"=hex(7):53,00,65,00,74,00,75,00,70,00,5c,00,53,00,79,00,73,00,\ 74,00,65,00,6d,00,50,00,61,00,72,00,74,00,69,00,74,00,69,00,6f,00,6e,00,00,\ 00,00,00 "Session Manager"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,00,43,00,6f,00,\ 6e,00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,43,00,6f,00,6e,00,74,\ 00,72,00,6f,00,6c,00,5c,00,53,00,65,00,73,00,73,00,69,00,6f,00,6e,00,20,00,\ 4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,5c,00,41,00,6c,00,6c,00,6f,00,77,\ 00,50,00,72,00,6f,00,74,00,65,00,63,00,74,00,65,00,64,00,52,00,65,00,6e,00,\ 61,00,6d,00,65,00,73,00,00,00,00,00 "ASR Information"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,00,43,00,6f,00,\ 6e,00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,43,00,6f,00,6e,00,74,\ 00,72,00,6f,00,6c,00,5c,00,41,00,53,00,52,00,5c,00,00,00,00,00 "Removable Storage Manager"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,00,\ 43,00,6f,00,6e,00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,43,00,6f,\ 00,6e,00,74,00,72,00,6f,00,6c,00,5c,00,4e,00,54,00,4d,00,53,00,5c,00,49,00,\ 6d,00,70,00,6f,00,72,00,74,00,44,00,61,00,74,00,61,00,62,00,61,00,73,00,65,\ 00,00,00,00,00 "LDM Boot Information (dmboot)"=hex(7):43,00,75,00,72,00,72,00,65,00,6e,00,74,\ 00,43,00,6f,00,6e,00,74,00,72,00,6f,00,6c,00,53,00,65,00,74,00,5c,00,53,00,\ 65,00,72,00,76,00,69,00,63,00,65,00,73,00,5c,00,64,00,6d,00,62,00,6f,00,6f,\ 00,74,00,5c,00,00,00,00,00 |
Hi community. Bin gerade nochmals meine Systemeinstellungen durchgegangen. Habe dabei festgestellt, dass eine der Bereinigungsprodukte wohl meine Systemwiederherstellung wieder aktiviert hat, die ich wegen Platzproblemen vor einiger Zeit abgestellt hatte. Habe das erneut deaktiviert, scheint jetzt nichts mehr unter System Volume Information abelegt zu werden. Die Registryeintgräge unter backuprestore sind allerdings noch mehr oder weniger erhalten - das ist bei einem anderen Standardsystem mehr oder weniger leer. Gruß Bretterbring |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 16:34 Uhr. |
Copyright ©2000-2025, Trojaner-Board