New
#1
Very Suspicious Activity....
Booted up my laptop, nothing suspicious to report, was going to upload a pic to a forum, when it was odd that it showed my system32 folder. I then noticed the folder I was looking for was moved to another folder..unless I may have did something that caused it to do that. That was the first thing I found odd though it may be completely unrelated.
Opened my task manager to see if there were any unusual programs running, for security purposes.
I stumbled upon a program I never heard of before: RICHVI~1.EXE
the root file was C:\PROGRA~1\CYBERL~1\SHARED~1\RICHVI~1.EXE
it was located in my system32 folder. I scanned it for malware and viruses, and it found nothing. I learned it was part of a program that I downloaded a few weeks ago for file conversions.
I restarted my laptop and now, that program cannot be found at all on my laptop as it was before. I didn't touch it. I did a google search and I saw posts about malware and viruses, so now I'm worried I have something on my computer...unless this was just a once in a lifetime bug since I don't notice the laptop going crazy
any ideas?
EDIT: security essentials just picked up and deleted TrojanDownloader:Java/OpenConnection.HZ. dunno how or where that got onto my laptop
root file is C:\Users\Matt\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7ca58504-58b54d52->bpac/Bombapack.class (I've read somewhere that clearing the Java Cache would help)
NOW I'm unsure if the two are related, and how I can rectify this.
Last edited by disasterpiece91; 08 Dec 2010 at 00:48.