Please help identifying an removing found malware

Welcome to Major Geeks!

You logs do not really show any malware issues (other than WeatherBug minor adware that CounterSpy removed). What malware problems are you having?

Is the below something you installed and recognize?
O4 - HKLM\..\Run: [TradingRooms] C:\Program Files\Trading Rooms Technologies, Inc\TradingRooms\Avx\TradingRooms.exe


Uninstall the Sunbelt CounterSpy trial since we are finished with it now! Then delete the below two folders which may be left behind by the uninstall:
C:\Documents and Settings\All Users\Application Data\Sunbelt Software
C:\Program Files\Sunbelt Software

If you don't use People PC anymore ( I see Optonline so I would expect they are your ISP now) then delete the below folder:
C:\Program Files\Online Services\PeoplePC

 

That's fine if you trust the site, but why does it need to run at startup and always run. Things like this should only be run when you need them.

If you uninstalled CounterSpy, that will help speed things up a little since installing it would impact PC performance just like all active protection tools do. You can use HijackThis to fix the below few lines too if desired. They are not malware but you really don't need them to load. It is a minor tweak for performance.

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

Other than that, the only thing that may be contributing to a slow PC is the security suite you have running from Trend Micro. Internet Security Suites are notorious resource hogs and using separate tools (we have very good free tools) for an antivirus, antispyware, and firewall are often much better and less resource intensive on your PC.

Was your first HJT log from safe boot mode? It looks like it since none of your Trend Micro processes seemed to be running in the process list but all the services showed. Or are you filtering items from your HJT log. Attach a new HJT log and make sure it is from Normal Boot mode and than you are not filtering items and also make sure you are not using MSconfig to control any startups (see step 0 of the READ ME).

 

Okay this log shows that your first log was from safe boot mode as I suspected.

All the tools we recommend, will be listed in a link given in my final steps given below. There are a load of free tools and a few pay tools are mentioned if you decide to go that way. What I would say is that if you are basically happy with TrendMicro, keep it at least until your subscription period expires. Then if you don't want to renew, you could then switch to the free tools in the link I give.

In reality there are no programs that do such a thing. No one can really know for certain what programs and features of programs each person really uses and needs. What you need and I need and what someone else need will be different. However that being said, you don't have a lot running. Besides TrendMicro, you only have the below which I assume you use:

O4 - HKLM\..\Run: [TradingRooms] C:\Program Files\Trading Rooms Technologies, Inc\TradingRooms\Avx\TradingRooms.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe


If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix you can delete the ComboFix.exe file and associated C:\combofix.txt log that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
5. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
6. If we had you run Avenger, you can delete all files related to Avenger now.
7. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
8. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
9. If you are running Windows XP or Windows ME, do the below:
   • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

As I stated in message # 8, you are clean and you need to complete all the steps I gave you in message # 8. That includes toggle system restore.

Your mouse problem is more than likely not related to malware. You should try another mouse as a quick test (power down before changing the mouse). Also see if the problem occurs in safe mode.

 

You're welcome. Surf safely!