Summary

This virus was found in the end of 1993 in France, and later that year it was in the wild in Denmark. During 1994 reports of this virus has been received from almost all countries in Europe.

Removal

Automatic action

Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.

More scanning & removal options

More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

Jumper infects diskette boot sectors and hard disk MBRs in the usual manner. It infects hard disks only if the user tries to boot from an infected diskette. If the hard disk is infected the virus infects diskettes that are used in the computer. Not all diskettes will be infected, though.

Unlike most other boot sector viruses, Jumper doesn't hook the disk interrupt (INT 13h) at all; instead, it hooks INT 21h and INT 1Ch. Due this, Jumper is able to spread also under OS/2 or Windows 95, unlike most other boot viruses.

The virus will sometimes hang the machine when it's booted from a hard drive and will display graphical characters on the screen.

There exists also a slightly modified B variant. The virus has several alias names.

Description Details: Mikko Hypponen, F-Secure