Hello and welcome to TSF.
Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
Please save this page to Notepad in order to assist you when carrying out the following instructions.
Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.
------------------------------------------------------
Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.
Please stay with me until given the 'all clear' even if symptoms seemingly abate.
Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.
------------------------------------------------------
Please explain why this computer has no running or installed antivirus program.
Please enable your Windows Firewall via the Security Center in your Control Panel.
------------------------------------------------------
If your system seems sluggish, it could be due to low RAM:
Please visit Crucial where you can either input your model number or download a small application that will tell you exactly the type of RAM you need.
------------------------------------------------------
Uninstall the following via Start > (or My Computer) > Control Panel > Add or Remove Programs:
CursorCafe Installer<<Please read this and this
Performance Center<<This program was likely installed onto your computer along with the program SpywareStriker(made by the same company) and is left behind when SpywareStriker is uninstalled. Please read this and this
Viewpoint Manager
Viewpoint Media Player
Viewpoint Toolbar
The above are considered foistware instead of malware since they are installed without users approval, but don't spy or do anything "bad". Please read here and here
------------------------------------------------------
I see you have P2P software ( Limewire ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.
Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
References for the risk of these programs are here, here, and here.
I would strongly recommend that you uninstall it, however that choice is up to you. If you choose to remove this program, you can do so via Control Panel >> Add or Remove Programs.
If you decide to uninstall Limewire, also delete these Folders if they still exist:
C:\Documents and Settings\Yerby\Application Data\LimeWire
C:\Program Files\LimeWire
------------------------------------------------------
Please visit this webpage for instructions on downloading and running ComboFix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Please ensure you read this guide carefully and install the Recovery Console first.
The Windows Recovery Console will allow you to boot up into a special recovery(repair) mode, if needed. This allows us to help you in the case that your computer has a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
As part of installing the Recovery Console, ComboFix will begin to run. Follow the prompts to install the Recovery Console. Your desktop may disappear. This is normal. It will return.
Once the Recovery Console is installed, this blue window will appear:
Please continue as follows:
Please post that log, ComboFix.txt along with a new HijackThis log so we may continue cleansing the system.
------------------------------------------------------
Please download HijackThis and Save it to your Desktop.
Alternate link
This program will help us determine if there are any spyware/malware on your computer. Double-click on the file you just downloaded.
Click on the "Unzip" button to install. It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis
Upon install, HijackThis should open for you.
Should it not open, navigate to C:\Program Files\Trend Micro\HijackThis and double-click on HijackThis.exe
1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Please post the HijackThis log in your next reply. Do not fix anything in HijackThis since they may be harmless.
------------------------------------------------------
Please post the following in your next reply:
C:\ComboFix.txt
new HijackThis log
If you have any questions along the way...STOP and ask them before proceeding.
Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
Please save this page to Notepad in order to assist you when carrying out the following instructions.
Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.
------------------------------------------------------
Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.
Please stay with me until given the 'all clear' even if symptoms seemingly abate.
Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.
------------------------------------------------------
Please explain why this computer has no running or installed antivirus program.
Please enable your Windows Firewall via the Security Center in your Control Panel.
------------------------------------------------------
If your system seems sluggish, it could be due to low RAM:
Please read the following article: http://www.techsupportforum.com/security-center/hijackthis-log-help/247567-your-pc-running-slow.html
Please visit Crucial where you can either input your model number or download a small application that will tell you exactly the type of RAM you need.
------------------------------------------------------
Uninstall the following via Start > (or My Computer) > Control Panel > Add or Remove Programs:
CursorCafe Installer<<Please read this and this
Performance Center<<This program was likely installed onto your computer along with the program SpywareStriker(made by the same company) and is left behind when SpywareStriker is uninstalled. Please read this and this
Viewpoint Manager
Viewpoint Media Player
Viewpoint Toolbar
The above are considered foistware instead of malware since they are installed without users approval, but don't spy or do anything "bad". Please read here and here
------------------------------------------------------
I see you have P2P software ( Limewire ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.
Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
References for the risk of these programs are here, here, and here.
I would strongly recommend that you uninstall it, however that choice is up to you. If you choose to remove this program, you can do so via Control Panel >> Add or Remove Programs.
If you decide to uninstall Limewire, also delete these Folders if they still exist:
C:\Documents and Settings\Yerby\Application Data\LimeWire
C:\Program Files\LimeWire
------------------------------------------------------
Please visit this webpage for instructions on downloading and running ComboFix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Please ensure you read this guide carefully and install the Recovery Console first.
The Windows Recovery Console will allow you to boot up into a special recovery(repair) mode, if needed. This allows us to help you in the case that your computer has a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
As part of installing the Recovery Console, ComboFix will begin to run. Follow the prompts to install the Recovery Console. Your desktop may disappear. This is normal. It will return.
Once the Recovery Console is installed, this blue window will appear:

Please continue as follows:
- Close/disable all antivirus and antispyware programs so they do not interfere with the running of ComboFix. Get help here
- Please click Yes to continue scanning for malware.
Please post that log, ComboFix.txt along with a new HijackThis log so we may continue cleansing the system.
------------------------------------------------------
Please download HijackThis and Save it to your Desktop.
Alternate link
This program will help us determine if there are any spyware/malware on your computer. Double-click on the file you just downloaded.
Click on the "Unzip" button to install. It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis
Upon install, HijackThis should open for you.
Should it not open, navigate to C:\Program Files\Trend Micro\HijackThis and double-click on HijackThis.exe
1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Please post the HijackThis log in your next reply. Do not fix anything in HijackThis since they may be harmless.
------------------------------------------------------
Please post the following in your next reply:
C:\ComboFix.txt
new HijackThis log
If you have any questions along the way...STOP and ask them before proceeding.