Jump to content

sUBs

Trusted Malware Techs
  • Content Count

    54
  • Joined

  • Last visited

About sUBs

  • Rank
    Developer

Previous Fields

  • Teams:
    Nothing Selected
  1. Don't worry about System Restore points just yet. Check it again tomorrow. Theres should be one created by then. If not so, please let me know *HeHe ... I can always lend you one of mine.
  2. Use the machine for the next few hours. Throw in a couple of reboots in between. Then come back & tell us how the machine is coping
  3. 334 sounds like a good figure. Please reboot & see if that makes any difference.
  4. LOL ...I only wanted to find out if E:\I386 exist. Open NOTEPAD.exe and copy/paste the text in the quotebox below into it: @echo off pushd E:\I386\ For /f "tokens=*" %%g in (' vfind -tf *.tt_ *.fo_ ') do @expand -r "%%g" %windir%\fonts\ popd dir /a/b "%windir%\fonts\" > Fonts_log.txt Start Notepad Fonts_log.txt Save this as font.bat Choose to "Save type as - All Files" It should look like this: Double click on font.bat & allow it to run Post back to tell me what it says. If all goes well, you should now have a few hundred fonts files in your \Windows\Fonts folder
  5. I counted the number of fonts you have. 49 is a bit sparse. On a freshly installed machine, the number is at least 200 (gets more as we install lingual programs). I'm going to try to repopulate your fonts cache by extracting them from the Windows CD. Please insert your CD into the CDROM. Then tell me the drive letter of your CDROM Also verify if this folder's location is correct. - < driver letter of your CDROM>\I386
  6. Hmm .. it's not going smoothly. I need to look at the files that you currently have in the C;\Windows\Fonts folder. Please go to Start > Run - copy/paste the following command & click OK cmd /c dir /a/b %windir%\fonts >Log.txt&&Log.txt&&del Log.txt It shall produce a log for you to post back here Question - Do you have access to another Windows XP SP2 machine?
  7. Here, use this guide > http://www.datarecovery.com.sg/data_recove...tem_restore.htm
  8. Seeing that we're at loss as to how to restore that function, we might as well try Windows System Restore. Take note that performing a System Restore will revert the machine back to an earlier time. This may fix the keyboard but most of the malware will be restored. We shall need to address them again.
  9. The folder C:\Windows\System is not your fonts cache. Try looking in C:\Windows\Fonts. For Windows XP to display Korean glyphs, you should need to have Gulim.ttc in there. The guide I earlier linked you to, should have sorted it out for you. Please do it again. Here's a similar guide but it's specific for Korean fonts. http://www.declan-software.com/korean_ime/...n_ime.htm#xpuse Try doing this ... * Uninstall it first. Untick "Install files for East Asian Language". Click OK & reboot * After rebooting, Re-tick "Install files for East Asian Language". Click OK &
  10. Sorry to interrupt. Which folder did you look at?
  11. Please use this guide > http://newton.uor.edu/Departments&Prog...llation_XP.html
  12. TeaTimer is an excellent tool for the prevention of spyware but it can sometimes prevent HijackThis from fixing certain things. Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean. Open Spybot Search & Destroy. In the Mode menu click "Advanced mode" if not already selected. Choose Yes at the Warning prompt. Expand the Tools menu. Click Resident. Uncheck the Resident "TeaTimer" (Protection of overall system settings) active. box. In the File menu click Exit to exit Spybot Search & Destroy. Download http://www.techsupportfo
  13. What about "Spytech Software" ?
  14. 2007-11-04 21:01 <DIR> d-------- C:\Incomplete 2007-11-02 17:20 <DIR> d-------- C:\Program Files\Incomplete 2007-10-25 18:46 <DIR> d-------- C:\Downloads 2007-10-25 22:23 <DIR> d-------- C:\Documents and Settings\USER\Incomplete Are these folders created by you? Take a quick peek in them & tell me what's within C:\Program Files\Spytech Software Is this a program you installed? What is it for?
  15. That's good. Please run ComboFix now by double-clicking it. I shall need to review the log that it produces.
×
×
  • Create New...