As the title gives away, I'm very paranoid about pretty much anything I see in Windows, mostly regarding processes. Even though I'm fairly sure I'm clean and haven't had attacks or any malware, I can't help myself but run scans a lot, and keep an almost obscene close eye on the task manager.
I use Norton Antivirus (Paid subscription), Malwarebytes Premium and often run a scan on demand with SpyBot Search & Destroy.
Excluding the fact that I'm paranoid and anxious about a lot of things not computer related, I think my virus paranoia comes from a worm I had a couple of months ago. (Not sure how long, but it's probably been like 4 months by now). I managed to find out that the worm was dubbed "vbs.Dunihi.##." (## is where the type and version of the worm could vary.) The worm used wscript.exe to run silently and did its dark magic once a flash drive would've been connected. It would wipe all the files on it and replace them with malicious .lnk files. Which apparently are shortcuts. I eventually found out once it clearly did this on one of my dad's flash drives, and right after it did, Norton would immediately remove the malicious files and notify me.
Now, all this has been solved. I've wiped all my drives, reinstalled Windows and put my old Data backup in place of the wiped data. It's also worth mentioning that I completely wiped all the flash drives twice.
I'm pretty sure that this is what's making me so wary about everything nowadays. Knowing that a filthy worm operated silently without my knowing for at least two weeks(?).
All that aside, my paranoia has recently spiked heavily and for the last few days I've done nothing but dig through processes, tighten up my firewall and almost literally pressing my nose down onto task manager.
Something that caught my eye today is that I have quite a lot of vbc.exe executables scattered throughout my C drive. They all seem to be located in the AMD64, winsxs and the .NET framework folders.
See for yourselves:
I've noticed that many of the .exe files originate from folders of different versions from .NET, which would make sense, seeing how often it's updated. I've never seen it run in task manager, but still am paranoid. The same goes for a lot of other processes.
So is my paranoia justified, or am I just being silly? Thanks for any help or confirmation in advance.
(My apologies about the wall of text as well)
Edited by Foldingchair, 19 May 2015 - 09:33 AM.