Hello, bit of an annoyance here. I've been battling this problem for a while now and searched everything I can think of to fix it. My hosts file has been hijacked. I usually help others with this sort of problem so my first thoughts were that it wasn't a big deal and I'd just fix it myself. Several weeks later I come to this forum because I can't even edit my hosts file in safe mode without getting access denied.
DDS log as per "Read Before Posting"
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26
Run by Roger at 21:47:45 on 2012-04-17
Microsoft Windows 7 Home Premium 6.1.7600.0.932.81.1033.18.2812.1656 [GMT -4:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
C:\Users\Roger\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Roger\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Palringo\palringo.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360110d505l0304z1l5t49j2x232
uInternet Settings,ProxyServer = http=127.0.0.1:50081
uInternet Settings,ProxyOverride = *.local;<local>
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {1FD79A59-37B1-459B-9097-09F9FAB8A523} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [JumiController]
uRun: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe -mini
uRun: [Akamai NetSession Interface] "C:\Users\Roger\AppData\Local\Akamai\netsession_win.exe"
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 0 (0x0)
mPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{194F9A23-5F53-4940-B86D-36EE0947E00B} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{194F9A23-5F53-4940-B86D-36EE0947E00B}\1553833535 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{194F9A23-5F53-4940-B86D-36EE0947E00B}\2456C6B696E6F574F575962756C6563737F5244473248353 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{194F9A23-5F53-4940-B86D-36EE0947E00B}\3747169737D6162747 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{194F9A23-5F53-4940-B86D-36EE0947E00B}\43F5F6C6D657E6B637 : DhcpNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {1FD79A59-37B1-459B-9097-09F9FAB8A523} - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe
mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Hosts: 108.163.215.51 www.google-analytics.com.
Hosts: 108.163.215.51 ad-emea.doubleclick.net.
Hosts: 108.163.215.51 www.statcounter.com.
Hosts: 67.215.245.19 www.google-analytics.com.
Hosts: 67.215.245.19 ad-emea.doubleclick.net.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\huk8dv93.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-11-5 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-14 652360]
R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-2-23 1181104]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-5 240160]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-31 135664]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-2-23 166528]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-31 135664]
S3 jumi;%Jumi%;C:\Windows\system32\DRIVERS\jumi.sys --> C:\Windows\system32\DRIVERS\jumi.sys [?]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]
S3 Neo_VPN;VPN Client Device Driver - VPN;C:\Windows\system32\DRIVERS\Neo_0001.sys --> C:\Windows\system32\DRIVERS\Neo_0001.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-2-23 1185704]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]
S4 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-7-21 1153368]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
S4 vpnclient;PacketiX VPN Client;C:\Program Files (x86)\PacketiX VPN Client English\vpnclient.exe [2008-5-15 2478080]
.
=============== Created Last 30 ================
.
2012-04-18 01:12:23 -------- d-----w- C:\Users\Roger\AppData\Local\{B0EE6845-A02F-45F7-AC29-4F3DBC675A2D}
2012-04-18 01:12:10 -------- d-----w- C:\Users\Roger\AppData\Local\{561545E0-96A6-4149-8336-3762246030AC}
2012-04-16 23:03:41 -------- d-----w- C:\Users\Roger\AppData\Local\{6206CA4F-68A7-454D-806E-CE2781284303}
2012-04-16 23:03:28 -------- d-----w- C:\Users\Roger\AppData\Local\{66716546-0958-455A-A91D-632F4C688AA2}
2012-04-15 22:39:18 -------- d-----w- C:\Users\Roger\AppData\Local\{98AEA568-EAA0-4AC7-A921-79D13BF32E13}
2012-04-15 22:39:05 -------- d-----w- C:\Users\Roger\AppData\Local\{91D62BEE-CCF5-4239-B3AC-0FED25DA986C}
2012-04-14 21:18:33 -------- d-----w- C:\Users\Roger\AppData\Local\{1ED158E6-BC20-4AD5-BFE3-595731E23755}
2012-04-12 16:16:52 -------- d-----w- C:\Users\Roger\AppData\Local\{060FFCE7-3401-4CF3-B2FA-F6D650FE58AD}
2012-04-11 23:40:02 -------- d-----w- C:\Users\Roger\AppData\Local\{D6A9E2E1-9E6E-4F6C-B128-9C0F22274E55}
2012-04-11 01:26:13 -------- d-----w- C:\Users\Roger\AppData\Local\{401989FE-1CB8-480C-804C-BE6E7FAA6ABF}
2012-04-10 00:18:38 -------- d-----w- C:\Users\Roger\AppData\Local\{9AE3D228-D649-492C-B96C-7D41FF4FD467}
2012-04-08 17:50:54 -------- d-----w- C:\Users\Roger\AppData\Local\{FD975B7C-7E4F-4243-8EF3-CA453DA1870A}
2012-04-07 21:51:04 -------- d-----w- C:\Users\Roger\AppData\Local\{F22C861F-B887-4CB5-97FB-56A6A76C3F9A}
2012-04-07 09:50:39 -------- d-----w- C:\Users\Roger\AppData\Local\{C80C3F3C-1E2A-40DF-90F0-1AA2B156FCE8}
2012-04-06 21:50:27 -------- d-----w- C:\Users\Roger\AppData\Local\{688202CF-623B-4812-92BE-7A79F84F6D6B}
2012-04-06 21:41:12 -------- d-----w- C:\Program Files (x86)\Palringo
2012-04-05 19:18:54 -------- d-----w- C:\Users\Roger\AppData\Local\{707319B0-56AC-40EB-8F1A-F3E960F5634F}
2012-04-05 00:32:30 -------- d-----w- C:\Users\Roger\AppData\Local\{32D772A4-ECC1-4C9C-B565-B09644245595}
2012-04-04 01:07:29 -------- d-----w- C:\Users\Roger\AppData\Local\{A43E1B90-9F55-4D5B-B1E2-8EA3B1C95790}
2012-04-03 10:55:48 -------- d-----w- C:\Users\Roger\AppData\Local\{D9FED71C-2DEA-44F2-92B1-E8869AF193B3}
2012-04-02 22:55:22 -------- d-----w- C:\Users\Roger\AppData\Local\{1B913A82-19D1-40CB-9274-5EF3E03D9C3B}
2012-04-02 01:22:46 -------- d-----w- C:\Users\Roger\AppData\Local\{53A4CD5A-93B3-4091-A8A8-041423BD8322}
2012-03-29 01:22:53 -------- d-----w- C:\Users\Roger\AppData\Local\{AFAB569C-D0D0-4894-B989-F75AAF24CD27}
2012-03-26 01:05:45 -------- d-----w- C:\Users\Roger\AppData\Local\{C5DA689F-D492-452C-89CB-8614EE8CE5ED}
2012-03-26 01:05:30 -------- d-----w- C:\Users\Roger\AppData\Local\{810E81B0-E923-4B4A-AB4F-5DE980B97855}
2012-03-25 02:18:41 -------- d-----w- C:\Users\Roger\AppData\Local\{147A021E-77E2-4406-B2B2-B4A45EEB3F36}
2012-03-23 15:31:07 -------- d-----w- C:\Users\Roger\AppData\Local\{ECCBA241-E68D-4073-892D-F67E42398734}
2012-03-23 15:30:53 -------- d-----w- C:\Users\Roger\AppData\Local\{3E247D0A-61A4-4315-820A-43A4CFA46EE4}
2012-03-23 15:00:48 -------- d-----w- C:\Program Files (x86)\Koei
2012-03-23 02:23:34 -------- d-----w- C:\Users\Roger\AppData\Local\{7E0C8815-7687-4325-85C3-C62014A0349C}
2012-03-23 02:23:19 -------- d-----w- C:\Users\Roger\AppData\Local\{555C8E2A-63D6-4DA0-8907-5852E54922B1}
2012-03-22 14:22:33 -------- d-----w- C:\Users\Roger\AppData\Local\{C5771DA1-1B6B-49F6-B544-D70D58DDC86D}
2012-03-22 14:22:17 -------- d-----w- C:\Users\Roger\AppData\Local\{68265630-3595-4073-9456-EC937973D534}
2012-03-22 02:21:43 -------- d-----w- C:\Users\Roger\AppData\Local\{B802B1D6-9F0C-4793-B26F-BE46BC136038}
2012-03-22 02:21:30 -------- d-----w- C:\Users\Roger\AppData\Local\{BA031877-209E-4B1C-A5A3-29EDD05AEAF6}
2012-03-21 14:20:49 -------- d-----w- C:\Users\Roger\AppData\Local\{9FF791C7-ABCF-45B5-8F2C-E2FAE8B6CA28}
2012-03-21 14:20:28 -------- d-----w- C:\Users\Roger\AppData\Local\{402FC02C-4C5F-4A1D-BAE5-B9D5DFED244F}
2012-03-21 02:20:06 -------- d-----w- C:\Users\Roger\AppData\Local\{140F1AE6-2D97-40A1-80F1-E81733902444}
2012-03-21 02:19:52 -------- d-----w- C:\Users\Roger\AppData\Local\{3D7D0E03-CB89-41D6-BA48-2006E13CFD81}
2012-03-20 14:16:42 -------- d-----w- C:\Users\Roger\AppData\Local\{05034373-57FC-4897-98B4-424B529171BA}
2012-03-20 14:15:14 -------- d-----w- C:\Users\Roger\AppData\Local\{C4DF83B3-9B2D-4E6A-9C19-B5EF3866FCEF}
2012-03-20 02:13:52 -------- d-----w- C:\Users\Roger\AppData\Local\{55D903E0-F451-4309-9767-F796A79A2798}
2012-03-20 02:13:40 -------- d-----w- C:\Users\Roger\AppData\Local\{E748DF1F-E14F-4278-B143-304189019574}
2012-03-19 14:10:16 -------- d-----w- C:\Users\Roger\AppData\Local\{78E58416-61DD-44C2-B942-BF710146DF42}
2012-03-19 14:09:10 -------- d-----w- C:\Users\Roger\AppData\Local\{57B0A42C-9117-4E45-B95D-8C8531132823}
2012-03-19 02:08:46 -------- d-----w- C:\Users\Roger\AppData\Local\{1B944DEB-8B85-432D-BC5D-EA47D03D2314}
2012-03-19 02:08:16 -------- d-----w- C:\Users\Roger\AppData\Local\{CEB3455F-5025-4A59-BEEE-EA16255C7E98}
.
==================== Find3M ====================
.
2012-02-29 05:51:21 1293089208 ----a-w- C:\Users\Roger\SilkroadOnline_SROROfficial_v1_014.exe
2012-02-19 13:48:27 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 21:49:35.44 ===============
Here's hoping that you post back soon.
Some extra, possibly needed, information.
I have run S&D multiple times, SUPERantispyware, Malwarebytes, and Hijack This.