The RavMonE virus, also known as W32/Rjump, is a virus that opens a back door on a computer running , Windows creates a copy of itself in the Windows system directory and creates a log file containing the port number on which its back door component listens. When a computer becomes infected, the virus allows hackers to gain access to its files and programs.
Virus can spread on the Internet through e-mail attachments. It can also be transmitted through portable devices such as flash memory, external storage media, and multimedia players.
If these things are happening to your computer:
Disables task manager , Registry Editor and Command prompt .
Right click menu shows some chinese scripts
Computer shutdown automatically and slogs a lot.
Folder Options disappear
Show hidden files and folders Option won't work.(hidden files will not be showing)
The reason is that it has got infected by a virus named " RAVMON " .
RavMonE.exe
Ravmon virus - USB
Viruses can easily spread through USB or Pen Drives.Whenever I plug in a USB, I get unwanted error message and I cannot open my USB.These Viruses are hard to delete even for the Best anti virus applications. So only option is to remove Virus from USB drives Manually , Here is the procedure you have to follow..
Open the Command Prompt by typing ‘cmd‘ in the run box.
Go to command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files.
File Deletion
You can just delete the files using the command del filename. example del Ravmon.exe.
Delete all the files that are suspicious.
The second step is deleting files with 7-ZIP . Install 7-ZIP
Start Menu–> 7-ZIP–> 7-ZIP File Manager which will show you all hidden files and go through the root path of every drive
Delete autorun.inf like ravmon.exe, etc.
