Congrats! You are now clean! That last log indicates that ComboFix has managed to delete those files, along with a few others.
I think that system is still infected. The next HJT log that was posted doesn't show it because HJT is pretty limited, but if you look at the Combofix log it indicates:
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\
{1EC04D97-5F10-DD1B-0306-020403060503}]
C:\WINDOWS\system32\SecSystem.exe
This is a common load point for trojans. That particular entry is related to a member of Win32.Poison, a family of backdoor trojans. See:
http://www.threatexpert.com/report.aspx?uid=1fbb1810-63d1-40f1-82da-c4b065bace0f for details. You can also grab a copy of secsystem.exe and upload it to VirusTotal for a scan.
NNEagle, in addition to Win32.Poison, there's indication of a possible autorun worm impacting the system:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\
{93b6f101-cc8c-11dc-acfc-aa8fad93d89f}]
\Shell\AutoRun\command - setup.exe
I don't recognized that CLSID; it may or may not be legit. Definitely worth checking into since autorun is frequently abused by malware distributors (and autorun worms frequently come hand in hand with backdoors). There are really only two good ways of disabling autorun: either via TweakUI or via a registry hack that sends calls to autorun.inf into never-never-land:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"
For details on the challenges of disabling autorun (and why only the above 2 methods will work), see:
http://nick.brown.free.fr/blog/2007/10/memory-stick-wormsIn any event, if the system was infected by a backdoor, trying to remove the malware is fruitless. You should consider the system completely compromised and do a wipe and reload. Make sure you change all your passwords afterward since those were likely compromised during the infection.