Neither AVG, SuperSpyWare nor Malwarebytes has detected any malware in my system. (I keep the definitions updated.)
However, thanks to Process Explorer from Sysinternals, I found four suspicious Event strings in the svchost.exe and WmiPrvS.exe.
The BaseNamedObjects is named "WBEM_ESS_OPEN_FOR_BUSINESS".
That sounds too jokey to be legit.
It also says "WINMGMT_PROVIDER_CANSHUTDOWN".
A Google search did not help clear up my confusion; if anything, it left me more confused if this is a worm, which I fear it is.
I checked my boyfriend's computer and he has the exact same files in his XP computer as in my Win 7 laptop.
So, I suspect we have a worm to deal with.
Is anyone familiar with this? How can I can confirm if this is true and remove it?