Avast WEBforum

Other => Viruses and worms => Topic started by: 24ayar on March 11, 2007, 03:32:24 PM

Title: bittorrent.exe (Win32:Rjump)
Post by: 24ayar on March 11, 2007, 03:32:24 PM

Avast Not Detect RealTime This File... but detect when i scaned.. sorry my bad english.

Title: Re: bittorrent.exe (Win32:Rjump)
Post by: Lisandro on March 11, 2007, 03:40:42 PM

Which is your Standard Shield sensitivity?
If files open/created/modified are not scanned, the on-access won't detect it unless you (or the virus itself) try to execute it. The on-demand scanner will caught the file of course.

Title: Re: bittorrent.exe (Win32:Rjump)
Post by: 24ayar on March 11, 2007, 04:50:56 PM

i execute bittorrent.exe but avast standart shield not detect virus.

Title: Re: bittorrent.exe (Win32:Rjump)
Post by: DavidR on March 11, 2007, 05:54:23 PM

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner (http://www.virustotal.com/xhtml/index_en.html) I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 29 different scanners.
Or Jotti - Multi engine on-line virus scanner (http://virusscan.jotti.org/) if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can't do this with the file in the chest, you will need to move it out.

Title: Re: bittorrent.exe (Win32:Rjump)
Post by: mauserme on March 11, 2007, 06:54:19 PM

I believe the legitimate bittorrent.exe associated with the P2P application should be

C:\Program Files\BitTorrent\bittorrent.exe

If yours is elsewhere, particularly

C:\Windows\bittorrent.exe

you should be suspicious of it.

Title: Re: bittorrent.exe (Win32:Rjump)
Post by: polonus on March 20, 2007, 08:13:17 AM

Hi 24ayar,

This Wiun32:Rjump has been known since 2006, and worked itself into the wikipedia, because this Windows virus was shipped through infected ipods, read the story here:
http://en.wikipedia.org/wiki/RavMonE.exe
Removal instructions and tool can be downloaded from here:
http://www.lanset.com/portal/site.php?siteurl=http%3A%2F%2Fus.mcafee.com%2FvirusInfo%2Fdefault.asp%3Fid%3Ddescription%26amp%3Bvirus_k%3D139985


polonus

Title: Re: bittorrent.exe (Win32:Rjump)
Post by: DavidR on March 20, 2007, 02:33:44 PM

I wonder if 24ayar is monitoring this topic, it is almost 9 days since his last response.

Title: Re: bittorrent.exe (Win32:Rjump)
Post by: Lisandro on March 20, 2007, 05:10:58 PM

Quote from: DavidR on March 20, 2007, 02:33:44 PM

I wonder if 24ayar is monitoring this topic, it is almost 9 days since his last response.

Man, I really do not like this... people ask questions, help... then never come back...

Title: Re: bittorrent.exe (Win32:Rjump)
Post by: polonus on March 20, 2007, 07:15:54 PM

Hi Tech,

Maybe you don't like this, me neither, but let us  finish these threads, because it may help someone who searches here on the forum with a likewise or similar problem, and we can also profit it from it because we learn by it all the way, at least that is my experience,

polonus