FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Virus in Computer





theem
Virus in Computer


can anybody here tellme about this virus !!!!
readme.eml

I don't have antivirus installed right now should i install it to remove this virus (i mean is it dangrous hahahah or what ? guide me please okhey) Arrow
ezekiel_rage
theem wrote:
Virus in Computer


can anybody here tellme about this virus !!!!
readme.eml

I don't have antivirus installed right now should i install it to remove this virus (i mean is it dangrous hahahah or what ? guide me please okhey) Arrow


Please Use Quote Tags When Copying And Pasting wrote:
yes, readme.eml is a mulitpart-MIME formatted file that used by the worm
in one of many propagation methods.

infected webpages have been appended with a bit of javascript that will
attempt to open a new browser window (offset by 6000 pixels vertically
and horizontally from the upper left corner of your screen, so that you
may not see this window) and load the file readme.eml into this new window.

this file takes advantage of a vulnerability in some unpatched versions
of IE that allow it to execute code embedded in these multipart-MIME
files. one part of this multipart message is a base64 encoded file
named readme.exe. so, readme.eml is a transport vessel for readme.exe.

if you are running a vulnerable version of IE, you may see a cmd (DOS
command) window pop up as the readme.exe file is executed. once this
occurs, that machine is infected. infected machines will begin trying
to propoagate the virus via file shares, web server infection (as
above), network scanning for vulnerable web servers (similar to Code Red
propagation), and by e-mail (similar to Melissa propagation).

if you are not running a vulnerable version of IE you may have been
prompted to open, run or save this eml file. the safest choice is to
'Cancel', choosing none of these, though saving may be safe, as long you
don't unencode the readme.exe portion and execute it.


What i suggest is that you install an antivirus to keep yourself protected.

A very good antivirus program is AVG free edition. it is very light on computer resources and offers very good protrection.

You may download it at http://free.grisoft.com


Hope this helps[/url]
yjwong
Human-bases antiviruses are still the best Very Happy You can use HijackThis to detect and remove malwares not detected by traditional signature-based/heuristics-based anti-virus softwares. You can download HijackThis here.

1. Extract the contents of the ZIP file into a folder (e.g. The Desktop)
2. Run HijackThis.exe.
3. Click "Do a System Scan and Save a Log File". This takes only a few seconds.
4. After the scan is completed, details of the scan results will be displayed. Notepad will also open with scan results.
5. Copy the contents in the Notepad window, then post it in quote tags in your next reply.

After we get the log, we can analyse it and determine the steps neccessary to remove the virus.
KHO
Hijack this often only detects SOME of the viruses that run at startup, often nothing more. If it is a program that runs at startup (often it is) then HijackThis MAY detect it, though often enough it wont.

Ontop of this a novice user may delete the wrong files, unless you are comfortable with doing it all by hand, and know the programs that should be in the list of startup options and everything then I dont recommend using this. But if you do opt for doing it by hand I would recommend that you start up in safe mode first, and do it manually via file managers and regedit.
Kelvin
if you don't want to install antivirus on your computer, then i suggest you run an online virus scan for viruses. YOu can try searching for online virus scan or try out pandasoft's online scanner.
KHO
Theres no reason NOT to install antivirus software though >_>. The online scanners often only tell you that you are infected (which if you run windows, have an internet connection and no antivirus you are) then tell you to buy their crap or offer only a half-hearted disinfection. AVG free is nice, I use the pro ver. personally. However, I would recommend that for personal use you go with BitDefender v10 (9 is also good). I use AVG Pro because it suits my network the best with its remote management.
internetjobs
use symantec corpotate edition, all big companies are using this symantec antivirus use server client edition...
TimmyS
Quote:

Use of quote tags is required when copying and pasting work NOT your own

NAME: Nimda
ALIAS: W32/Nimda.A@mm
ALIAS: W32/Nimda@mm, I-Worm.Nimda, Readme, Readme.exe
SIZE: 57344

INFORMATION ON NIMDA

This worm was found on September 18th, 2001. It quickly spread around the world.

Also see http://www.F-Secure.com/news/2001/news_2001091900.shtml

F-Secure Anti-Virus detects the worm with updates released on September 18th, 2001 19:20 EET. Disinfection was added in the updates from September 19th, 2001 17:12 EET.

http://www.europe.f-secure.com/download-purchase/updates.shtml

For removal instructions, see the bottom of the page.

GENERAL INFORMATION

Nimda is a complex virus with a mass mailing worm component which spreads itself in attachments named README.EXE. If affects Windows 95, Windows 98, Windows Me, Windows NT 4 and Windows 2000 users.

Nimda is the first worm to modify existing web sites to start offering infected files for download. Also it is the first worm to use normal end user machines to scan for vulnerable web sites. This technique enables Nimda to easily reach intranet web sites located behind firewalls - something worms such as Code Red couldn't directly do.

Nimda uses the Unicode exploit to infect IIS web servers. This hole can be closed with a Microsoft patch, downloadable from: http://www.microsoft.com/technet/security/bulletin/ms00-078.asp

The MIME exploit used by the worm can be fixed with this patch: http://www.microsoft.com/technet/security/bulletin/MS01-020.asp

Running ccleaner, spybot s&d & Counterspy in that order whilst PC in safe moide should remove most of you malware. if prob persists then run hijack this and post log
heridlia
Use NOD32 Antivius from ESET. Fast scanning, light resources, advances heuristic scanning (for detect unknown viruses), daily update, etc.

I have been using this AV for 3 years and I'm very satisfied with this product.

With Award for AV and high ratio for detect viruses. This product is the best tool for defending for virus/mallware/etc.

Of course, combine with Firewall is better.

Thanks a lot.
mjohnson
I can not find a good antivirus software too.I think you and me all need it.
rheanna
get sandboxie and won't have any viruses. What stays in the box, deletes with the box. doesn't go on your drive.
darvit
yjwong wrote:
Human-bases antiviruses are still the best Very Happy You can use HijackThis to detect and remove malwares not detected by traditional signature-based/heuristics-based anti-virus softwares. You can download HijackThis here.


No offence, but I've lost my trust for HijackThis when AVG found a trojan attached to a copy that I got from my brother. Sad

Be careful when installing such anti-virus programs.

/EDIT: It was McAfee that found it, not AVG.
JJGY
I reccomend you have someone with decent experience take a quick glance over your HJT logs. This should point out any glaring issues. Also, download and run Avast! antivirus, AVG antivirus, Zone Alarm Firewall, Tennebril Antispyware, Ad-Aware and Spybot search and destroy. These programs are all totally free, and running weekly scans with the anti malware stuff will keep your computer as close to clean as it's going to get with free software. I also suggest running realtime protection on Zone Alarm (of course..) Avast and Tennebril. If this awesome array of virus busting power doesn't turn anything up, you have a lot of work on your hands.

As a quick side note, Tennebril Antispyware will interfere with Punk Buster on any online games you play that use it.
mjohnson
You can use google to search the infomation of this virus.
Whong
Try AVG Antivirus! I use it and it really works well! Of course F-Secure the Finnish Antivirus program is really superb but it costs some money! Rolling Eyes
yjwong
Quote:
No offence, but I've lost my trust for HijackThis when AVG found a trojan attached to a copy that I got from my brother. Sad


That's probably a fake HijackThis virus. You know, some viruses replace .exe files (like the Fujacks variant/Brontok), and that might be the problem. I would not recommend getting HijackThis from someone else, rather I would encourage users to download HijackThis from the main site.

Quote:
Ontop of this a novice user may delete the wrong files, unless you are comfortable with doing it all by hand, and know the programs that should be in the list of startup options and everything then I dont recommend using this. But if you do opt for doing it by hand I would recommend that you start up in safe mode first, and do it manually via file managers and regedit.


Heh, a novice user might accidentally delete the wrong registry key through regedit, or delete the wrong file through the file manager too. So I mentioned that he (topic originator) should post his HijackThis log for all of us to analyze, and let probably one of the more experienced users to help remove the virus.
pyapplico
theem wrote:
Virus in Computer


can anybody here tellme about this virus !!!!
readme.eml

I don't have antivirus installed right now should i install it to remove this virus (i mean is it dangrous hahahah or what ? guide me please okhey) Arrow

You should follow these steps:
1. Get some external storage (external harddrive, usb, ipod, web server, etc.).
2. Copy all your important files to your external storage.
3. Install lot's anti-virus software (Atleast 5).
4. Update the virus definitions for your anti-virus software
5. Learn how to use the anti-virus softare
6. Do a virus scan of your whole computer (All of your anti-virus).

The virus should now be gone. If you can't be bothered installing 5 anti-virus software, 1 will do.
internetjobs
i have windows xp professional and i formatted my hdd as 4 logical drive.. it i try to open this it will ask for open with..

when i right click the drive it is showing autoplay.. i thing some viruses affected my system. and i searched for autofun.ini and it is present and copy.exe and host.exe.. if i deleted these three files it is automatically created with in seconds..
Q5U8
At this time, the best antivirus solutions are AVK, Trustport, KAV, eScan and AVIRA. Go with them and get rid of youre virus and malware. Very Happy
cvkien
use ESET Nod32, it is a fast with low resource antivirus and it is very efficient, easy to use, easy to scan, easy to update.
icedrakon
The best antivirus is Nod32. If you want a free one try a-vast also good.
After an online udate of the virus definitions you will scan full you system and clean evrything.
Related topics
Virus says - Pay me or else ....
Michael Jackson 'Suicide' virus spreads
HOW TO ENSURE THAT VIRUS DOES NOT SPREAD THRU YOUR ADDRESSBk
Computer Virus Types
HELP!!!! My computer keeps rebooting over and over again.
porn virus
Win XP
My computer restarts?
Explorer using 99% CPU time
VIRUS??? XP gets hunged? OMG...
How to Run a Full Computer Backup or Virus Scan Efficiently
A Computer Virus on Linux (informed discussions only please)
Computer not booting - and virus problem.
Your earliest experience of having a computer virus
Reply to topic    Frihost Forum Index -> Computers -> Computer Problems and Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.