|15 Oct 2012||#1|
WBEM_ESS_OPEN_FOR_BUSINESS? A worm?
Neither AVG, SuperSpyWare nor Malwarebytes has detected any malware in my system. (I keep the definitions updated.)
However, thanks to Process Explorer from Sysinternals, I found four suspicious Event strings in the svchost.exe and WmiPrvS.exe.
The BaseNamedObjects is named "WBEM_ESS_OPEN_FOR_BUSINESS".
That sounds too jokey to be legit.
It also says "WINMGMT_PROVIDER_CANSHUTDOWN".
A Google search did not help clear up my confusion; if anything, it left me more confused if this is a worm, which I fear it is.
I checked my boyfriend's computer and he has the exact same files in his XP computer as in my Win 7 laptop.
So, I suspect we have a worm to deal with.
Is anyone familiar with this? How can I can confirm if this is true and remove it?
|My System Specs|
|Similar help and support threads for2: WBEM_ESS_OPEN_FOR_BUSINESS? A worm?|
|W32 Blaster Worm||System Security|
|blaster.worm help||System Security|
|More RDP Worm Variants?||System Security|
|worm blaster||System Security|
|Hotmail worm?||System Security|
|I Think I May Have A Worm or Virus||System Security|
|Worm vb-740||System Security|
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 03:56 PM.