|15 Oct 2012||#1|
| || |
WBEM_ESS_OPEN_FOR_BUSINESS? A worm?
Neither AVG, SuperSpyWare nor Malwarebytes has detected any malware in my system. (I keep the definitions updated.)
However, thanks to Process Explorer from Sysinternals, I found four suspicious Event strings in the svchost.exe and WmiPrvS.exe.
The BaseNamedObjects is named "WBEM_ESS_OPEN_FOR_BUSINESS".
That sounds too jokey to be legit.
It also says "WINMGMT_PROVIDER_CANSHUTDOWN".
A Google search did not help clear up my confusion; if anything, it left me more confused if this is a worm, which I fear it is.
I checked my boyfriend's computer and he has the exact same files in his XP computer as in my Win 7 laptop.
So, I suspect we have a worm to deal with.
Is anyone familiar with this? How can I can confirm if this is true and remove it?
|My System Specs|
|Similar help and support threads for2: WBEM_ESS_OPEN_FOR_BUSINESS? A worm?|
|W32 Blaster Worm||System Security|
|blaster.worm help||System Security|
|More RDP Worm Variants?||System Security|
|worm blaster||System Security|
|Hotmail worm?||System Security|
|I Think I May Have A Worm or Virus||System Security|
|Worm vb-740||System Security|