You could run HijackThis and post the log so we can see if there really is one or not installed From the description of the image, it's possible he's just kidding you