Perhaps its worth stating that it says the Process (for like all the trojans) was in the Lavasoft Ad-Aware location under Program Files
If it was in the quarantine file then it was removed all ready and not a threat. If it was in the program itself then it was either a false positive OR the program possibly was not downloaded from the Lavasoft web site itself.

Note where many of these items were found:
C:\Program Files\LimeWire\
P2P file sharing is just a wonderful way to pass this stuff around.

Another one of them...VERY dangerous...PWS-Banker.dll
This PWS-Banker.dll trojan will install itself as a BHO (Browser Helper Object).
It will monitor access to internet banking websites and try to get information regarding username and passwords. If you have done online banking, purchasing with credit card, etc., I would certainly be keeping an eye on your accounts, change your passwords, etc.

Now this probably came onto the system as the result of another one of these trojans being on the system all ready.


Where are you located? I am asking because of some listings in your HJT log, first these:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nzherald.co.nz/
O14 - IERESET.INF: START_PAGE_URL=http://www.xtra.co.nz both of which are located in New Zealand and then these listings in Hosts:
O1 - Hosts: 216.93.248.82 www.sleepywood.net
O1 - Hosts: 216.93.248.82 sleepywood.net which is supposedly in the US.

Now there is still infection showing in your HJT log so I would like you to do the following:

Download ComboFix
Click on the Save button and then when it asks you where to save it, make sure you save it directly to your Windows Desktop.
Once the download is complete you will see the Combofix on the desktop.

  • Close all open Windows including this one.
  • Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix.
    Doubleclick the combofix icon on the desktop to run the program.




Windows will issue a prompt asking whether you wish to run the program, click Run
You will then see a Disclaimer screen asking you to agree to the disclaimer. Press the number 1 key to accept the disclaimer.

Now just sit back and allow the program to run

Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.

When all is complete then please post back here with that log.