VIRY.CZ

Spusťte ještě jednou CF tímto skriptem:

Collect::
c:\windows\system32\drivers\utexnjq5.sys
c:\windows\system32\drivers\41098772.sys
c:\windows\system32\drivers\4109877.sys
c:\windows\system32\drivers\41098771.sys

Driver::
41098772
41098771
utexnjq5
4109877

Soubor jqs.exe je legitimní. JavaQuickStarter.

... omlouvam se, ale CF je ComboFix?
Pokud ne, odkud stahout CF?
Dekuji.
D.

dape píše:... omlouvam se, ale CF je ComboFix?
Pokud ne, odkud stahout CF?
Dekuji.
D.

Vždyť ho v PC máte. Jinak odkaz: http://download.bleepingcomputer.com/sUBs/ComboFix.exe .

dekuji,
tech 50 fazi jde celkem slusne rychle, ale ten log (jelikoz je to po restartu) trva necelou hodinu, asi.
Je to z duvodu zatizeni disk jinymi procesy, ktere potrebuji odstrait.
Spustim, kdyz tak mi, moc prosim, vecer neutecte ))

Večer zde po chvilkách budu.

Zde je log ComboFixu po aplikaci:

ComboFix 10-05-05.0A - David 09.05.2010 19:09:08.7.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1919.707 [GMT 2:00]
Spuštěný z: c:\documents and settings\David\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\David\Plocha\CFscript.txt
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

file zipped: c:\windows\system32\drivers\4109877.sys
file zipped: c:\windows\system32\drivers\41098771.sys
file zipped: c:\windows\system32\drivers\41098772.sys
file zipped: c:\windows\system32\drivers\utexnjq5.sys
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\4109877.sys
c:\windows\system32\drivers\41098771.sys
c:\windows\system32\drivers\41098772.sys
c:\windows\system32\drivers\utexnjq5.sys
c:\windows\TEMP\logishrd\LVPrcInj01.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_41098771
-------\Legacy_41098772
-------\Legacy_UTEXNJQ5
-------\Service_41098771
-------\Service_41098772
-------\Service_utexnjq5
-------\Legacy_setup_9.0.0.722_08.05.2010_21-25drv
-------\Service_setup_9.0.0.722_08.05.2010_21-25drv


((((((((((((((((((((((((( Soubory vytvořené od 2010-04-09 do 2010-05-09 )))))))))))))))))))))))))))))))
.

2010-05-07 03:13 . 2010-05-07 03:14 -------- d-----w- c:\program files\trend micro
2010-05-07 03:13 . 2010-05-07 03:14 -------- d-----w- C:\rsit
2010-04-09 19:05 . 2010-04-09 19:05 -------- d-----w- c:\program files\VideoLAN

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-09 17:57 . 2008-06-02 18:43 -------- d-----w- c:\program files\Symantec AntiVirus
2010-05-09 17:53 . 2010-05-09 17:53 114688 ----a-w- c:\windows\system32\chg.exe
2010-05-08 20:32 . 2008-04-28 19:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-05 19:14 . 2008-04-29 19:07 -------- d-----w- c:\program files\Opera
2010-04-27 20:33 . 2009-04-30 17:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-14 18:50 . 2004-08-18 12:00 83652 ----a-w- c:\windows\system32\perfc005.dat
2010-04-14 18:50 . 2004-08-18 12:00 440316 ----a-w- c:\windows\system32\perfh005.dat
2010-04-14 07:52 . 2008-04-29 19:32 -------- d-----w- c:\program files\Google
2010-04-09 18:54 . 2010-04-06 20:51 -------- d-----w- c:\program files\DVBPortal
2010-03-10 06:17 . 2004-08-18 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:18 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-08-18 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 22:14 . 2009-11-03 21:29 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-02-16 19:08 . 2004-08-18 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:08 . 2004-08-17 15:45 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 10:03 . 2010-03-05 11:58 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-12 04:35 . 2004-08-18 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-18 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-30 68856]
"ANT Agent"="c:\garmin\ANT Agent\ANT Agent.exe" [2010-02-03 11136360]
"Google Update"="c:\documents and settings\David\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-09-02 133104]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2009-12-21 818288]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"gStart"="c:\garmin\gStart.exe" [2008-08-13 1891416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2007-01-24 124928]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-01-02 40960]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 472776]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-02-26 177456]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2007-07-24 677144]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-11-08 1116920]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-09 282624]
"ScheduleSync.Siemens.SmartSync.5.2.exe"="c:\program files\Mobile Phone Manager\SmartSync\ScheduleSync.exe" [2004-08-27 45056]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-06-09 66680]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2004-10-06 161096]
"Norton Ghost 14.0"="c:\program files\Norton Ghost\Agent\VProTray.exe" [2008-05-07 2245984]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-04-30 834248]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\David\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
MotionBased Agent.lnk - c:\program files\MotionBased\Agent\MBAgent.exe [2006-12-30 909312]
setup_9.0.0.722_08.05.2010_21-25.lnk - c:\documents and settings\David\Plocha\Virus Removal Tool\setup_9.0.0.722_08.05.2010_21-25\startup.exe [2010-5-8 72208]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-6-30 66864]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2008-5-9 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2007-06-08 07:04 49152 ----a-r- c:\windows\system32\DeviceNP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-03-14 04:03 74752 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ SbHpNp scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\SMINST\\Scheduler.exe"=
"c:\\Program Files\\ICQ\\Icq.exe"=
"c:\\Program Files\\TightVNC\\vncviewer.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [29.4.2009 22:55 64288]
R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [14.8.2007 17:59 101167]
R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [9.10.2006 13:31 44720]
R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [14.6.2007 16:22 13184]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [24.7.2007 8:21 38816]
R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [14.8.2007 17:59 5840]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [18.8.2004 14:00 14336]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [18.8.2004 14:00 14336]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [6.9.2007 13:26 221184]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4.2.2010 17:52 1285864]
R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [18.8.2004 14:00 5120]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [29.4.2008 9:37 193840]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [24.7.2007 8:21 41216]
R3 SymSnapService;SymSnapService;c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [20.12.2007 17:13 1558000]
S2 DCamUSB20;USB 2.0 Capture;c:\windows\system32\drivers\CsMini20.sys [3.7.2008 20:49 46216]
S2 gupdate1c98714f1f63ef4;Google Update Service (gupdate1c98714f1f63ef4);c:\program files\Google\Update\GoogleUpdate.exe [5.2.2009 0:07 133104]
S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [29.4.2008 10:05 30008]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [8.6.2007 9:06 172131]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [29.6.2007 2:01 42512]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [6.10.2004 17:56 173392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 13:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-05-09 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 20:31]

2010-05-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-29 15:33]

2010-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 22:06]

2010-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 22:06]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\David\Data aplikací\Mozilla\Firefox\Profiles\zna00hb1.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=WCL&o=14209&locale=en_US&q=
FF - prefs.js: network.proxy.type - 2
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-09 19:56
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe??????????????@? ???HR????????@???????@

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(624)
c:\windows\system32\Ati2evxx.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
c:\windows\system32\DeviceNP.dll

- - - - - - - > 'lsass.exe'(684)
c:\windows\SbHpNp.dll

- - - - - - - > 'explorer.exe'(6516)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\program files\WinSCP3\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Hewlett-Packard\IAM\bin\asghost.exe
c:\windows\system32\agrsmsvc.exe
c:\windows\system32\bmwebcfg.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\windows\system32\IFXTCS.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Norton Ghost\Agent\VProSvc.exe
c:\windows\system32\IfxPsdSv.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
c:\progra~1\HEWLET~1\Shared\HPQTOA~1.EXE
.
**************************************************************************
.
Celkový čas: 2010-05-09 20:31:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-09 18:30
ComboFix2.txt 2010-05-09 11:21
ComboFix3.txt 2010-05-06 22:03
ComboFix4.txt 2010-05-06 15:44
ComboFix5.txt 2010-05-09 17:05

Před spuštěním: Volných bajtů: 54 015 082 496
Po spuštění: Volných bajtů: 54 087 356 416

- - End Of File - - 49DAFA78950C5CDFD99DF94BC11165CD

Log již vypadá čistý.

Dekuji, to jsem rad, ale stale jede HDD-sviti LED a prace jje hodne pomala.
Prosim, co s tim?

Dekuji.
David.

Zkuste obnovu systému k datu, kdy korektně fungoval.

Korektne fungoval pred cca 2-4 týdny. Nevím, jak udelatg obnovu systemu k tomuto datu, jestli mi muzete poradit.
Dekuji,

... ted nic PC nema delat, presto HDD stale jede na plno. Zrejme bezi nejaky proces, nebo sluzba, ktery bud nema jet a nebo je nejakym "virem" nebo necim modifikovana a jede porad dokola a nebo se spusti, ukonci, spusti, ... nevim. Proste sice log je cisty, ale PC se chova stale stejne, t.j. po zapnuti PC stale jede nekolikk hodin bez prestavky HDD.
Uvadite, ze JQS je legalni sluzba, ale je normalni, ze tak casto jede? Pripada mi to nenormalni. Stejne tak jako i u jinych programu/procesu/sluzeb.

Dekuji za pomoc.
D.

Obnova systému: Start>všechny programy>příslušenství>systémové nástroje>obnovení systému. Proces jqs.exe na zkoušku vypněte a uvidíte.

... a to mam obnovit co? K uvedenym datum jsou instalovany update napr. Opery, ..., atd. Co mam tedy zvolit? Nemam v systemu zamerne vytvoren bod obnoveni (nic jsem nedelal, nevedel jsem o tomto).
Mam jit zpet bod po bodu a ke kazdemu tucnemu dni obnovovat zpetne a zkouset, zda uz je system OK?
jiny postup?
Nejsem tak zbehly, prosim, poradte. Dekuji.
David.

...napr. 15.3.2010 mam tam uvedeno :"Kontrolni bod systemu". Mam zvolit toto?

Zvolíte bod obnovy (den, kdy podle vás bylo vše v pořádku), kliknete na něj a systém se obnoví k danému datu. Pokud ale máte obnovu vypnutou, nejsou žádné zálohy vytvořeny a systém nelze obnovit. samozřejmě budete muset reinstalovat vš, co jste instaloval od daného data do současnosti.