I may have been hit with one of those remote spy programs in an email

Yes it is possible. It is less likely if your system is properly protected.

While doing a System Restore to the day be for could remove symptoms of an infection (yet to be determined that you even have one), it does not necessarily remove all traces or files of the infection from your PC. It could make the infection dormant, but it could still be there.

You should consider running the below to see if anything is found on your PC.

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, renaming, running, and posting HijackThis logs as attachments.

• Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
• Make sure you check version numbers and get all updates.
• Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

• After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis​

Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.​

• When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
  • CounterSpy - only for Windows XP, 2K, & NT users
  • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
  • Bitdefender - from step 6
  • Panda Scan - from step 6
  • runkeys.txt - the log from GetRunKey.bat
  • newfiles.txt - the log from ShowNew.bat
  • HijackThis

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!

 

Ah Vista is an issue since it is so different. You should have told us in your first message that you have Vista. I tend to doubt that you picked up an infection if you have Vista's UAC enable and have other protection software in place.

You must temporarily disable UAC to run GetRunKey and ShowNew. Re-enable UAC after running.

Normal! It was just hidden before like many, many other files and folders.


You HJT is clean but HJT logs are really not an adequate representation of a PC's malware status. However as stated above, I tend to doubt you picked up anything.

 

See this: http://technet2.microsoft.com/WindowsVista/en/library/0d75f774-8514-4c9e-ac08-4c21f5c6c2d91033.mspx?mfr=true

Or this may be more straight forward for what you need to do:

http://www.petri.co.il/disable_uac_in_windows_vista.htm


However note that I really doubt I will see anything in the GetRunKey and ShowNew logs. They are not truly malware scanners. They just dump a variety of registry keys and files and folders lists into logs for us to manually read. However, be my guest and run them. We will look at the logs.

 

Yes but just to be on the safe side, do the below:

• first uninstall CounterSpy
• then run the below procedure and attach the log
  • SUPERAntiSpyware - running & getting a log

 

Well that's good and it just agrees with what I was saying. You are not infected!