high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Characteristics |
|
| Included in our products from | November 2006 (4.11) |
| Protection available since | 8 September 2006 04:00:43 (GMT) |
| Detected by | All Sophos products |
Action
- Summary
- Action
- More Information
Please follow the instructions for removing worms.
More Information
W32/RJump-B is a worm for the Windows platform.
W32/RJump-B may attempt to copy itself to usb disk devices and create an "autorun.inf" file which will attempt to load the worm automatically when the infected drive is accessed.
W32/RJump-B also creates a backdoor on a random port between 12000 and 19000, enabling a remote user control over the infected computer. W32/RJump-B is a worm for the Windows platform.
W32/RJump-B may attempt to copy itself to usb disk devices and create an "autorun.inf" file which will attempt to load the worm automatically when the infected drive is accessed.
W32/RJump-B also creates a backdoor on a random port between 12000 and 19000, enabling a remote user control over the infected computer.
W32/RJump-B may copy itself to the following filename:
<Windows>\RavMonE.exe
When installed, W32/RJump-B may create the following registry entry, enabling it to run automatically on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RavAV
<Windows>\RavMonE.exe
W32/RJump-B may also attempt to modify the Windows Firewall permissions to allow traffic to the backdoor.
|
