need help removing malware

I have followed Read and Run Me First.

Under Add/Remove: removed Viewpoint, Weatherbug (free edition), GAIN, AlphaCleaner(?)

I've also used Virtumonde

I ran these under safe mode in administrative and another account:
CCleaner
Windows Malicious Software Removal Tool
Ad-Aware SE ( one MRU site deleted)
Spybot S&D ( showed Windows.ActiveDesktop removed)
Microsoft Defender
CWShredder
Kill2me
Avast virus cleaner
McAfee
Ewido
Trojan Scan
A-squared ( malicious object found: Cocuments and Settings\Administratior\cookies\administrator@tribalfusion[2].txt ...removed)

Bitdefender (found virus: wheaterbug.A - update failed. See attatched log)

The panda scan was unable to run in safe mode- it was run in normal boot mode with network connection.
Panda scan (it keeps finding tribalfusion, alfacleaner even after all the scans. Also unable to delete virus:Bck/Ced.A(?)

My computer uses Authentium for firewall,spyware and antivirus. It states that I have Tribalfusion and AlfaCleaner. It is only able to delete Tribalfusion. In regard to AlfaCleaner it states: error deleting registry key hkey_local_machine\system\currentcontrolset\enum\root\legacy_alfacleaner

I used to have SpySweeper (trial version which has expired. I deleted it), also I had Norton/Symantec trial version which came with the computer bundle -it expired so I deleted it)

Please take a look at the Hijackthis log.

What do I need to do next?

Thank you for your help!

 

follow up report

I went back to windows explorer and searched for Webroot (SpySweeper). I found two files and selected all files and deleted it. I couldn't find it in the Add/Remove section under the control panel. Would that clear the partial uninstall that was done?

Under Windows Explorer, I searched and emptied quarantine folders for Authentium and MS Antispyware.

I also uninstalled MS Windows Defender under spyware and reinstalled it in the default folder.

After all that, I followed the instructions that was given and posted a new HJT log.

After I followed the instructions and rebooted, my computer started quickly. It used to go blank for a few seconds right after the initial windows screen came on and restart again.

Also, in the thread- Understanding, Cleaning and Preventing Spyware , one of the suggestions were to install Spyware Blaster. Would that be something that I should install?

Thank you for your help.

 

follow up report

Thanks for the reply to the previous memo.

I wanted to make sure that I had done all the steps correctly, so I did another full Read and Run Me First scans again.

CCleaner
Microsoft Windows Malicious Software Removal Tool
Spybot Search & Destroy
Microsoft Defender
CWShredder
Kill2Me
Avast Virus cleaner
Ewido ( free version)
McAfee Avert Stinger
Bitdefender ( virus detected- C:\Program Files\Sysfiles\WxBug.exe update failed) see attached log

Panda( spyware detected- see attatched log)

In regard to the Ewido, it is the free version. Should I still uninstall one of the programs ( Ewido or MS Defender)?

SpySweeper (trial version) was uninstalled using the Add/Remove tab.

Also, I did use the quarantine view tab under Authentium to delete its file and in addition to double checking it under Windows Explorer search. I wasn't sure which one I needed to do, so I emptied the folder items in both programs.

The bitdefender and panda scans both report that I still have malware on the computer.

What do I do now?

Thanks for all your help!

 

Sorry! in the previous note, I somehow couldn't get the attachments loaded.

I uninstalled the free version of Ewido and uninstalled the AIM as well.

I repeated all the previous instruction that were provided.
Empty Authentium and MS Antispyware Quarantine folders.
Did the notepad, ran HijackThis -clicking fix only on

06-HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
06-HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

Booted in safe mode and used Windows Explorer to try to delet the listed files. But none were found in administrative and another user account.

Then went to Prefetch and deleted all files that were present.

Ran ccleaner and checked on reset web settings instructions.
I ran a Panda scan and a HJT scan as well.

Why does Panda still list alfacleaner? Is it something to be concerned about?

When should I do disable System Restore, reboot and re-enable system restore?

Thank you for your continued help.

 

computer is running slow again

I noticed that the computer was running slow again. After the Windows XP screen comes on, the monitor flickers and turns off for a few seconds before restarting with the startup. Trying to go online seems to be taking a long time as well.

The kids had installed AOL-AIM Triton. The previous older AIM version was uninstalled. The current problem seems to have started immediately after that.

I also installed Spyware Blaster. Enabled all the features. I noticed that on the IE browser page it listed 12 items.

1) "my home web page"
2) http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
3) http://search.msn.com/spbasic.htm
4) c:\WINDOWS\system32\blank.htm
5) http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
6) http://www.msn.com
7) http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
8) http://home.microsoft.com/search/lobby/search.asp
9) http://microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
10) http://microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
11) c:\WINDOWS\system32\blank.htm
12) http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

I noticed the " c:\WINDOWS\system32\blank.htm". I thought it might be the "about:blank" and looked up the "About:Blank and HSA Hijackers-generic Solutions" site. I am completely confused and could not identify anything from my Hijack this log. I don't know if the Spyware Blaster IE browser list is important. Please advise.

Viewpoint Media Player was uninstalled using Add/Remove
I re-scanned my computer using the read me instructions
Asquared found and removed the following: trace.Registry.DLSearchBar
HKEY_CLASSES_ROOT\catalyst.httpclientctrl.1
HKEY_CLASSES_ROOT\clsid\{edd6ba26-9ebb-11d2-b89c-00104b30757b}
HKEY_CLASSES_ROOT\clsid\{edd6ba27-9ebb-11d2-b89c-00104b30757b}
HKEY_CLASSES_ROOT\interface\{edd6ba24-9ebb-11d2-b89c-00104b307...
HKEY_CLASSES_ROOT\interface\{edd6ba25-9ebb-11d2-b89c-00104b307...
HKEY_CLASSES_ROOT\typelib\{eddba23-9ebb-11d2-b89c-00104b30757...
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\sh

I've attatched the bitdefender, panda and Hijackthis files.
After the original cleaning of malware, the flickering and restarting of the computer had gone away! Now it's back and logging online is slow as well.
I need some help!