Basically i am on my old computer as my new one is being fixed and yesterday i did not have any anti virus software. So anyway i was doing my homework, and saved it to my memory stick, and as i have gathered from the internet this worm i have spread thorugh use of removable storage(didnt know i had it by this point) so i took my memory card to school, plugged it in an the antivirus installed there said i had a w32/RJump worm. So i took it to my i.t technicians at school and they cleared it off there...fine... so i came home and installed my antivirus, and it was saying w32/RJump worm has been blocked, you are secure....this does not seem the case! (i didnt plug my memory stick back into my home computer by the way)
I tried to click onto my C: drive thorough My Computer but it could not allow me to acccess it, it kept saying open with: and giving me a list of files, like when you click something and it doesnt know what program to open it with, the exact window. so i closed it and right clicked on the c: drive and there was ltos of characters over the 1st 2 lines such as ÖÖýÎ¢, things like that, i dont know if this is normal, but i was expecting to see open.... etc.....but i know the 'open with' bit isnt right.
I researched further into the case using the McAfee site....http://vil.nai.com/vil/content/v_139985.htm....and it said that the virus duplicated its self using a file name...ravmon.exe...so i right click my c:drive again and clicked search...and searched this name, two file names of this desription have come up in the C: drive in the locations C:\\WINDOWS\Prefetch. I think this has something to do with it.
(i am at the moment running that stinger tool they have suggested, but it is takig a while and i need to come off the computer so i cant tell you the results of that, i will try to tomorrow)
I am using an xp system, fujitsu siemens. And i would greatly aprpeciate your help. I hope this all makes sense
Edited by lizi, 27 September 2007 - 03:55 PM.