Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


15 Oct 2012   #1

Win 7 64

Neither AVG, SuperSpyWare nor Malwarebytes has detected any malware in my system. (I keep the definitions updated.)

However, thanks to Process Explorer from Sysinternals, I found four suspicious Event strings in the svchost.exe and WmiPrvS.exe.

The BaseNamedObjects is named "WBEM_ESS_OPEN_FOR_BUSINESS".

That sounds too jokey to be legit.


A Google search did not help clear up my confusion; if anything, it left me more confused if this is a worm, which I fear it is.

I checked my boyfriend's computer and he has the exact same files in his XP computer as in my Win 7 laptop.

So, I suspect we have a worm to deal with.

Is anyone familiar with this? How can I can confirm if this is true and remove it?

Please help.

My System SpecsSystem Spec
15 Oct 2012   #2
Layback Bear

Windows 7 Pro. 64/SP-1

I found this. It might help you understand things better.
wmiprvse.exe - What is wmiprvse.exe?
My System SpecsSystem Spec
15 Oct 2012   #3

Win 7 64

Thanks, I found that too and it does not shed any light on the jokey phrase in question.

Many times malware poses as real processes and remains hidden and undetected that way.
My System SpecsSystem Spec
15 Oct 2012   #4

Windows 8.1 Pro (x64)

There is no issue here. This is a real event and not malware.
My advice, don't jump to conclusions when looking at things you do not understand.
Not everything is malware. Nor should you look for it when all your scans show nil.
My System SpecsSystem Spec
16 Oct 2012   #5

Win 7 64

Thank you. I guess I am being paranoid.

I just wanted confirmation that the service/event is legit and not malware.
My System SpecsSystem Spec
16 Oct 2012   #6
Layback Bear

Windows 7 Pro. 64/SP-1

Paranoid is another layer of security.
Happy computing.
My System SpecsSystem Spec
06 Dec 2012   #7

Win 7 64

Since I have had my computer hacked, I would be stupid not to be somewhat paranoid and question things more than I did in the past.

So, yes, it's another layer of protection and better to be paranoid than trusting and naive.
My System SpecsSystem Spec


Thread Tools

Similar help and support threads for2: WBEM_ESS_OPEN_FOR_BUSINESS? A worm?
Thread Forum
Solved W32 Blaster Worm System Security
blaster.worm help System Security
More RDP Worm Variants? System Security
worm blaster System Security
Hotmail worm? System Security
I Think I May Have A Worm or Virus System Security
Worm vb-740 System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:23.
Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App