Virus in Computer
can anybody here tellme about this virus !!!!
readme.eml
I don't have antivirus installed right now should i install it to remove this virus (i mean is it dangrous hahahah or what ? guide me please okhey) 
| theem wrote: |
Virus in Computer
can anybody here tellme about this virus !!!!
readme.eml
I don't have antivirus installed right now should i install it to remove this virus (i mean is it dangrous hahahah or what ? guide me please okhey) |
| Please Use Quote Tags When Copying And Pasting wrote: |
yes, readme.eml is a mulitpart-MIME formatted file that used by the worm
in one of many propagation methods.
infected webpages have been appended with a bit of javascript that will
attempt to open a new browser window (offset by 6000 pixels vertically
and horizontally from the upper left corner of your screen, so that you
may not see this window) and load the file readme.eml into this new window.
this file takes advantage of a vulnerability in some unpatched versions
of IE that allow it to execute code embedded in these multipart-MIME
files. one part of this multipart message is a base64 encoded file
named readme.exe. so, readme.eml is a transport vessel for readme.exe.
if you are running a vulnerable version of IE, you may see a cmd (DOS
command) window pop up as the readme.exe file is executed. once this
occurs, that machine is infected. infected machines will begin trying
to propoagate the virus via file shares, web server infection (as
above), network scanning for vulnerable web servers (similar to Code Red
propagation), and by e-mail (similar to Melissa propagation).
if you are not running a vulnerable version of IE you may have been
prompted to open, run or save this eml file. the safest choice is to
'Cancel', choosing none of these, though saving may be safe, as long you
don't unencode the readme.exe portion and execute it. |
What i suggest is that you install an antivirus to keep yourself protected.
A very good antivirus program is AVG free edition. it is very light on computer resources and offers very good protrection.
You may download it at http://free.grisoft.com
Hope this helps[/url]Human-bases antiviruses are still the best 
You can use HijackThis to detect and remove malwares not detected by traditional signature-based/heuristics-based anti-virus softwares. You can download HijackThis here.
1. Extract the contents of the ZIP file into a folder (e.g. The Desktop)
2. Run HijackThis.exe.
3. Click "Do a System Scan and Save a Log File". This takes only a few seconds.
4. After the scan is completed, details of the scan results will be displayed. Notepad will also open with scan results.
5. Copy the contents in the Notepad window, then post it in quote tags in your next reply.
After we get the log, we can analyse it and determine the steps neccessary to remove the virus. Hijack this often only detects SOME of the viruses that run at startup, often nothing more. If it is a program that runs at startup (often it is) then HijackThis MAY detect it, though often enough it wont.
Ontop of this a novice user may delete the wrong files, unless you are comfortable with doing it all by hand, and know the programs that should be in the list of startup options and everything then I dont recommend using this. But if you do opt for doing it by hand I would recommend that you start up in safe mode first, and do it manually via file managers and regedit.
if you don't want to install antivirus on your computer, then i suggest you run an online virus scan for viruses. YOu can try searching for online virus scan or try out pandasoft's online scanner.
Theres no reason NOT to install antivirus software though >_>. The online scanners often only tell you that you are infected (which if you run windows, have an internet connection and no antivirus you are) then tell you to buy their crap or offer only a half-hearted disinfection. AVG free is nice, I use the pro ver. personally. However, I would recommend that for personal use you go with BitDefender v10 (9 is also good). I use AVG Pro because it suits my network the best with its remote management.
use symantec corpotate edition, all big companies are using this symantec antivirus use server client edition...
| Quote: |
Use of quote tags is required when copying and pasting work NOT your own
NAME: Nimda
ALIAS: W32/Nimda.A@mm
ALIAS: W32/Nimda@mm, I-Worm.Nimda, Readme, Readme.exe
SIZE: 57344
INFORMATION ON NIMDA
This worm was found on September 18th, 2001. It quickly spread around the world.
Also see http://www.F-Secure.com/news/2001/news_2001091900.shtml
F-Secure Anti-Virus detects the worm with updates released on September 18th, 2001 19:20 EET. Disinfection was added in the updates from September 19th, 2001 17:12 EET.
http://www.europe.f-secure.com/download-purchase/updates.shtml
For removal instructions, see the bottom of the page.
GENERAL INFORMATION
Nimda is a complex virus with a mass mailing worm component which spreads itself in attachments named README.EXE. If affects Windows 95, Windows 98, Windows Me, Windows NT 4 and Windows 2000 users.
Nimda is the first worm to modify existing web sites to start offering infected files for download. Also it is the first worm to use normal end user machines to scan for vulnerable web sites. This technique enables Nimda to easily reach intranet web sites located behind firewalls - something worms such as Code Red couldn't directly do.
Nimda uses the Unicode exploit to infect IIS web servers. This hole can be closed with a Microsoft patch, downloadable from: http://www.microsoft.com/technet/security/bulletin/ms00-078.asp
The MIME exploit used by the worm can be fixed with this patch: http://www.microsoft.com/technet/security/bulletin/MS01-020.asp
Running ccleaner, spybot s&d & Counterspy in that order whilst PC in safe moide should remove most of you malware. if prob persists then run hijack this and post log |
Use NOD32 Antivius from ESET. Fast scanning, light resources, advances heuristic scanning (for detect unknown viruses), daily update, etc.
I have been using this AV for 3 years and I'm very satisfied with this product.
With Award for AV and high ratio for detect viruses. This product is the best tool for defending for virus/mallware/etc.
Of course, combine with Firewall is better.
Thanks a lot.
I can not find a good antivirus software too.I think you and me all need it.
get sandboxie and won't have any viruses. What stays in the box, deletes with the box. doesn't go on your drive.
| yjwong wrote: |
Human-bases antiviruses are still the best You can use HijackThis to detect and remove malwares not detected by traditional signature-based/heuristics-based anti-virus softwares. You can download HijackThis here.
|
No offence, but I've lost my trust for HijackThis when AVG found a trojan attached to a copy that I got from my brother. 
Be careful when installing such anti-virus programs.
/EDIT: It was McAfee that found it, not AVG.
Last edited by darvit on Sun Mar 18, 2007 10:44 pm; edited 1 time in totalI reccomend you have someone with decent experience take a quick glance over your HJT logs. This should point out any glaring issues. Also, download and run Avast! antivirus, AVG antivirus, Zone Alarm Firewall, Tennebril Antispyware, Ad-Aware and Spybot search and destroy. These programs are all totally free, and running weekly scans with the anti malware stuff will keep your computer as close to clean as it's going to get with free software. I also suggest running realtime protection on Zone Alarm (of course..) Avast and Tennebril. If this awesome array of virus busting power doesn't turn anything up, you have a lot of work on your hands.
As a quick side note, Tennebril Antispyware will interfere with Punk Buster on any online games you play that use it.
You can use google to search the infomation of this virus.
Try AVG Antivirus! I use it and it really works well! Of course F-Secure the Finnish Antivirus program is really superb but it costs some money! 
| Quote: |
| No offence, but I've lost my trust for HijackThis when AVG found a trojan attached to a copy that I got from my brother. Sad |
That's probably a fake HijackThis virus. You know, some viruses replace .exe files (like the Fujacks variant/Brontok), and that might be the problem. I would not recommend getting HijackThis from someone else, rather I would encourage users to download HijackThis from the main site.
| Quote: |
| Ontop of this a novice user may delete the wrong files, unless you are comfortable with doing it all by hand, and know the programs that should be in the list of startup options and everything then I dont recommend using this. But if you do opt for doing it by hand I would recommend that you start up in safe mode first, and do it manually via file managers and regedit. |
Heh, a novice user might accidentally delete the wrong registry key through regedit, or delete the wrong file through the file manager too. So I mentioned that he (topic originator) should post his HijackThis log for all of us to analyze, and let probably one of the more experienced users to help remove the virus. | theem wrote: |
Virus in Computer
can anybody here tellme about this virus !!!!
readme.eml
I don't have antivirus installed right now should i install it to remove this virus (i mean is it dangrous hahahah or what ? guide me please okhey) |
You should follow these steps:
1. Get some external storage (external harddrive, usb, ipod, web server, etc.).
2. Copy all your important files to your external storage.
3. Install lot's anti-virus software (Atleast 5).
4. Update the virus definitions for your anti-virus software
5. Learn how to use the anti-virus softare
6. Do a virus scan of your whole computer (All of your anti-virus).
The virus should now be gone. If you can't be bothered installing 5 anti-virus software, 1 will do.i have windows xp professional and i formatted my hdd as 4 logical drive.. it i try to open this it will ask for open with..
when i right click the drive it is showing autoplay.. i thing some viruses affected my system. and i searched for autofun.ini and it is present and copy.exe and host.exe.. if i deleted these three files it is automatically created with in seconds..
At this time, the best antivirus solutions are AVK, Trustport, KAV, eScan and AVIRA. Go with them and get rid of youre virus and malware. use ESET Nod32, it is a fast with low resource antivirus and it is very efficient, easy to use, easy to scan, easy to update.
The best antivirus is Nod32. If you want a free one try a-vast also good.
After an online udate of the virus definitions you will scan full you system and clean evrything.
