anyone knows how to remove Win32:Trojano-3160 [Trj] ?

my os is win xp and after my nortorn oem expired, i used AVAST 4.6 as recommended by my frens and they detect a virus in CFTMON i think…but now i keep getting avast telling my my cpu is infected with Win32:Trojano-3160 [Trj] i move it to chest but it keeps coming back. the changes i notice, is that sometimes my homepage would change from yahoo to another chinese webpage. and sometimes, the loading of yahoo webpage takes a long time. does not know if theres any link between these incidents.

below is the files in my chest…

12/2/2005 11:37:19 PM Neo 1896 Sign of “Win32:Trojano-1780 [Trj]” has been found in “c:\windows\ctfmon.exe[UPX]” file.
12/2/2005 11:56:36 PM Neo 132 Sign of “Win32:Trojano-1780 [Trj]” has been found in “C:\WINDOWS\ctfmon.exe[UPX]” file.
12/2/2005 11:57:43 PM Neo 3852 Sign of “Win32:Trojano-1780 [Trj]” has been found in “c:\windows\ctfmon.exe[UPX]” file.
12/3/2005 12:00:45 AM Neo 132 Sign of “Win32:Trojano-1780 [Trj]” has been found in “C:\Documents and Settings\Neo\Local Settings\Temp_avast4_\unp19765251” file.
12/3/2005 12:34:40 AM Neo 132 Sign of “Win32:Trojano-1780 [Trj]” has been found in “C:\System Volume Information_restore{D1EC2141-07DD-473E-A03D-B4BBF6F07F79}\RP79\A0017673.exe[UPX]” file.
12/5/2005 1:11:28 AM SYSTEM 2012 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
12/5/2005 1:11:29 AM SYSTEM 2012 An error has occured while attempting to update. Please check the logs.
12/29/2005 6:28:22 PM SYSTEM 1784 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\Program Files\Common Files\UPDATE\Update.exe” file.
12/29/2005 6:29:59 PM SYSTEM 1784 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\program files\common files\update\update.exe” file.
12/29/2005 6:31:00 PM Neo 2420 Sign of “Win32:Trojano-3160 [Trj]” has been found in “c:\program files\common files\update\update.exe” file.
12/29/2005 6:34:05 PM SYSTEM 1784 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\Program Files\Common Files\UPDATE\trzC0.tmp” file.
12/29/2005 6:37:21 PM SYSTEM 1784 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\System Volume Information_restore{D1EC2141-07DD-473E-A03D-B4BBF6F07F79}\RP94\A0049149.exe” file.
1/5/2006 7:11:47 PM Neo 1524 Sign of “Win32:Trojano-3160 [Trj]” has been found in “c:\windows\system32\update.exe” file.
1/5/2006 8:17:14 PM SYSTEM 2016 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\System Volume Information_restore{D1EC2141-07DD-473E-A03D-B4BBF6F07F79}\RP97\A0053277.exe” file.
1/7/2006 9:57:03 PM SYSTEM 2016 Function setifaceUpdatePackages() has failed. Return code is 0x2000001D, dwRes is 2000001D.
1/7/2006 9:57:04 PM SYSTEM 2016 An error has occured while attempting to update. Please check the logs.
1/11/2006 5:41:15 PM Neo 2504 Sign of “Win32:Trojano-3160 [Trj]” has been found in “c:\windows\system32\update.exe” file.
1/11/2006 5:46:11 PM SYSTEM 1792 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\windows\system32\trzF9.tmp” file.
1/11/2006 7:25:49 PM Neo 3280 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz111.tmp” file.
1/11/2006 7:36:46 PM Neo 1568 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz28E.tmp” file.
1/11/2006 7:37:07 PM Neo 3388 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz2C0.tmp” file.
1/11/2006 7:38:21 PM Neo 3084 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz2C1.tmp” file.
1/11/2006 7:53:08 PM Neo 972 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz2E1.tmp” file.
1/11/2006 7:53:34 PM Neo 468 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz369.tmp” file.
1/11/2006 7:54:02 PM Neo 3172 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz36A.tmp” file.
1/11/2006 7:54:14 PM Neo 3500 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz36C.tmp” file.
1/11/2006 7:56:04 PM Neo 3104 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz36D.tmp” file.
1/11/2006 7:56:14 PM Neo 156 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz36F.tmp” file.
1/11/2006 7:56:43 PM Neo 2968 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz370.tmp” file.
1/11/2006 8:32:13 PM Neo 3112 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz371.tmp” file.
1/11/2006 8:41:02 PM Neo 3280 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz39C.tmp” file.
1/11/2006 8:48:12 PM Neo 4044 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz3A0.tmp” file.
1/11/2006 8:56:30 PM Neo 4040 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz3A5.tmp” file.
1/11/2006 9:14:07 PM Neo 3104 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz3A6.tmp” file.
1/11/2006 9:14:18 PM Neo 2908 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz3A7.tmp” file.
1/11/2006 9:14:24 PM Neo 3140 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz3A8.tmp” file.
1/15/2006 7:23:30 AM Neo 3080 Sign of “Win32:Trojano-3160 [Trj]” has been found in “c:\windows\system32\update.exe” file.
1/15/2006 7:27:28 AM Neo 2888 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\system32\trzF6.tmp” file.
1/15/2006 7:32:59 AM SYSTEM 1976 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\system32\trzF7.tmp” file.
1/15/2006 7:34:41 AM Neo 3364 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trzF8.tmp” file.
1/15/2006 7:35:23 AM Neo 2456 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trzF9.tmp” file.
1/15/2006 7:35:41 AM Neo 3488 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trzF9.tmp” file.
1/15/2006 7:36:06 AM Neo 2804 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trzF09.tmp” file.
1/15/2006 7:36:16 AM Neo 2620 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trzF09.tmp” file.
1/15/2006 7:38:04 AM Neo 3152 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trzFoA.tmp” file.
1/15/2006 7:39:17 AM Neo 1024 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz100.tmp” file.
1/15/2006 7:39:45 AM Neo 2800 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz100.tmp” file.
1/15/2006 7:39:55 AM Neo 3028 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz101.tmp” file.
1/15/2006 7:40:01 AM Neo 1532 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz102.tmp” file.
1/15/2006 7:42:44 AM Neo 2240 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz103.tmp” file.
1/15/2006 7:43:59 AM SYSTEM 1976 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\Program Files\Alwil Software\Avast4\DATA\moved\trz103.tmp.vir” file.
1/15/2006 7:44:35 AM Neo 2616 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz104.tmp” file.
1/15/2006 7:45:00 AM SYSTEM 1976 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\Program Files\Alwil Software\Avast4\DATA\moved\trz104.tmp.vir” file.
1/15/2006 7:45:06 AM SYSTEM 1976 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\Program Files\Alwil Software\Avast4\DATA\moved\trz104.tmp.vir” file.
1/15/2006 7:45:21 AM SYSTEM 1976 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\Program Files\Alwil Software\Avast4\DATA\moved\trz104.tmp.vir” file.
1/15/2006 7:45:34 AM Neo 3720 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz105.tmp” file.
1/15/2006 7:45:54 AM SYSTEM 1976 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\Program Files\Alwil Software\Avast4\DATA\moved\trz105.tmp.vir” file.
1/15/2006 7:46:10 AM Neo 3664 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz106.tmp” file.
1/15/2006 7:46:16 AM Neo 2732 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz107.tmp” file.
1/15/2006 7:46:22 AM Neo 3624 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz108.tmp” file.
1/15/2006 7:49:56 AM Neo 2480 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz109.tmp” file.
1/15/2006 7:50:15 AM Neo 2480 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz11D.tmp” file.
1/15/2006 7:58:56 AM Neo 1580 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz11E.tmp” file.
1/15/2006 7:59:07 AM Neo 1632 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz141.tmp” file.
1/15/2006 7:59:20 AM Neo 3816 Sign of “Win32:Trojano-3160 [Trj]” has been found in “C:\WINDOWS\Temp\trz145.tmp” file.

Can you schedule a boot-time scanning?
Start avast! > Right click the skin > Schedule a boot-time scanning
Select for scanning archives.
Boot.

Other option is scanning in SafeMode (repeatedly press F8 while booting): http://support.microsoft.com/default.aspx?scid=kb;en-us;315222

Other good thing is disable System Restore, boot, enable it again. If you find a virus keeps coming back after you delete it, it’s most probably infected the System Restore folder, the best way to solve this is to disable System Restore, reboot your machine and then enable it again. After all, run a full avast! scanning. Enable/Disable System restore on Windows XP: http://support.microsoft.com/default.aspx?scid=kb;[LN];310405

thanks for your advice, i will try what you have suggested. but my pc knowledge is limited i guess i have to wait till my fren is free then. attach below is a log of HJT:

Logfile of HijackThis v1.99.1
Scan saved at 8:57:14 AM, on 1/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\SAND\client.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\res.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\WLAN\802.11b+g USB WLAN\ZDWlan.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
D:\software\BitComet\BitComet.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sg.yahoo.com/
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM..\Run: [IMJPMIG8.1] “C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE” /Spoil /RemAdvDef /Migration32
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..\Run: [Launch Ai Booster] “C:\Program Files\ASUS\Ai Booster\OverClk.exe”
O4 - HKLM..\Run: [ATIPTA] “C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe”
O4 - HKLM..\Run: [ATICCC] “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM..\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM..\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM..\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM..\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM..\Run: [res] C:\WINDOWS\system32\res.exe
O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU..\Run: [MsnMsgr] “C:\Program Files\MSN Messenger\MsnMsgr.Exe” /background
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: 802.11b+g USB Wireless LAN Utility.lnk = C:\Program Files\WLAN\802.11b+g USB WLAN\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://.lead.com.sg
O15 - Trusted Zone: http://
.moreatonce.com
O15 - Trusted Zone: http://schdnavdo.schooldna.com
O15 - Trusted Zone: http://schdnaweb.schooldna.com
O15 - Trusted Zone: http://schdnaweb1.schooldna.com
O15 - Trusted Zone: http://schdnaweb2.schooldna.com
O15 - Trusted Zone: http://www.schooldna.com
O15 - Trusted Zone: http://*.schooldna.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - “C:\PROGRA~1\MSNMES~1\msgrapp.dll” (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Universal Disk Manager - Unknown owner - C:\Program Files\Common Files\SAND\client.exe

:slight_smile: Xaintarus :

  You have some spyware on your machine & your HJT log
  indicates you have Spybot on your computer !? If true,
  I would encourage you to have their Experts help you on
  their forums at : http://forums.spybot.info
  
  Would be a good idea to install the good & FREE "Ewido"
  which "specializes" in detecting & removing trojans,
  worms, dialers, etc ; go to www.ewido.net/en .

  And lastly, your HJT log indicates you do NOT have the
  lastly version of Sun Java; many antiSPYWARE forums
  encourage the removal of ALL out-of-date versions,
  then go to : www.java.com and get their latest
 ( "Update 6 " ).