W32/RJump-G

Category: Viruses and Spyware Protection available since:07 Nov 2006 00:00:00 (GMT)
Type: Win32 worm Last Updated:07 Nov 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/RJump-G is a worm for the Windows platform.

W32/RJump-G may attempt to copy itself to usb disk devices and create an "autorun.inf" file which will attempt to load the worm automatically when the infected drive is accessed. W32/RJump-G is a worm for the Windows platform.

W32/RJump-G may attempt to copy itself to usb disk devices and create an "autorun.inf" file which will attempt to load the worm automatically when the infected drive is accessed.

W32/RJump-G also creates a backdoor on a random port between 12000 and 19000, enabling a remote user control over the infected computer.

W32/RJump-G may copy itself to the following filename:

<Windows>\ravmone.exe

When installed, W32/RJump-G may create the following registry entry, enabling it to run automatically on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RavAV
<Windows>\ravmone.exe

W32/RJump-G may also attempt to modify the Windows Firewall permissions to allow traffic to the backdoor.

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy