Not sure what infection I still have

You don't really that much in the way of malware. First let's remove a bad service.

• Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.
• On the page that opens, scroll down to MSIEUpdater_1
• then right click the entry, select Properties and press Stop Service.
• When it shows that it is stopped, next please set the Start-up Type to 'Disabled'.
• Click OK until you get back to Windows.

• Next, run HJT, but instead of scanning, click on the None of the above, just start the program button at the bottom of the choices.
• At the lower right, click on the Config button
• Then click the Misc tools button
• Select Delete an NT Service
• Copy/pasteMicrosoft IE Updater_1 into the box that opens, and press OK
• If you receive any error messages just ignore them and continue.
• Now exit HJT and reboot when it tells you it needs to.

Now uninstall the CounterSpy trial since we are finished with it. Then delete the below folders which may be left behind:
C:\Documents and Settings\Owner.Laptop\Application Data\Sunbelt Software
C:\Documents and Settings\All Users\Application Data\Sunbelt Software
C:\Program Files\Sunbelt Software


Uninstall the below old versions of software:
Java(TM) SE Runtime Environment 6 Update 1

Make sure you reboot after uninstalling the above!

After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

Are you still having problems? If you still have problems with PC Cillin, you should consider uninstalling it, rebooting and then reinstalling it.

 

Did you do what I suggested at the end of my last message?

This could all be related to issues with PC Cillin.

No it is not normal if you are not opening a browser and are not doing any automatic updating.

Attach a new HJT log and also run the below and attach the requested log:

Running GMER to detect rootkits

 

Just uninstall Trend Micro PC-cillin Internet Security 2006
Then reboot and if you do not have the disks for the above install the below as replacements.

• AVG Free Edition
• Comodo Personal Firewall
• Comodo BOClean Anti-Malware

Also install the below for some additional protection that will not waste any system resources:

SpyWare Blaster Install it, click Download Latest Protection Updates, Check for Updates, and then Enable All Protection, then exit. SpywareBlaster is not a malware scanner or removal tool and uses no system resources except a little disk space. It does a great job of preventing malware from being installed in the first place! It blocks the popular spyware ActiveX controls, and also prevents the installation of any of them from malicious websites.


After doing the above, are you experiencing any other problems?

 

I would guess this is because it is in System Restore and my final instructions should take care of that.

If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix, you can delete the ComboFix.exe file, C:\ComboFix folder, C:\QooBox folder, C:\WINDOWS\nircmd.exe, and the C:\combofix.txt log that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used SmitFraudFix, you can delete all files and folders related to it now including the c:\rapport.txt log.
5. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
6. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
7. If we had you run Avenger, you can delete all files related to Avenger now.
8. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
9. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
10. If you are running Windows XP or Windows ME, do the below:
    • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
    • Then reboot and Enable System Restore to create a new clean Restore Point.
11. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

You're welcome! I'll be here.