Results 1 to 6 of 6
  1. #1
    Master of Design AlexBet's Avatar
    Join Date
    January 18th, 2005
    Location
    Toronto, Canada
    Posts
    1,364
    Have you people noticed the consequences of the Code Red worm?

    Every day when I read my log files, I have at least about 50 hits to a script file called "default.ida" (which I don't have). This is a script file that if it exists and the worm finds it, it can break in to the system. It is strange how so long after it hit, people have not gotten rid of it yet.

    Anyone with similar experiences?

  2. #2
    ABW Founder Haiko de Poel, Jr.'s Avatar
    Join Date
    January 18th, 2005
    Location
    New York
    Posts
    21,609
    Alex,

    Your one of our best MS ppl ....

    I have had what seems like a worm on my personal notebook ... nowhere else on network :mad: Can the code red go into only my notebook and eat up all my C:/ space whilst leaving all the other drives free (on my notebook) from the worm?

    Haiko
    PS never opened the file and have Norton AV

  3. #3
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    758
    Explain this one if you will. Somehow today, in my advanced internet options the check box for 'display pictures' became unchecked. Spooky! I wonder how that could have happened.

    Any ideas?

  4. #4
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    Code Red and Code Red II spread rapidly - any unpatched IIS server (including Windows 2000 professional if IIS is installed) *will* become infected. Anti-Virus software probably won't help, because it isn't file based (almost all virus scanners only look at files) and lives exclusively in memory.

    The good news is a reboot will clear it. The bad news is that it won't take long to get reinfected.

    Check out Microso ft's page on Code Red

    Dammit I can't get the URL to work.. basically, go to www.microsoft.com and type "code red" into the search box [img]/infopop/emoticons/icon_smile.gif[/img]

    [ 09-11-2001: Message edited by: Dynamoo ]

  5. #5
    Master of Design AlexBet's Avatar
    Join Date
    January 18th, 2005
    Location
    Toronto, Canada
    Posts
    1,364
    I would agree with Dynamoo about the Code Red worm. It only attacks MS servers with IIS installed and it only attacks the web server and screws up the web sites. Then if not noticed, it tries to find and attacks other MS-IIS servers.

    @ Haiko
    The thing that you are talking about might as well be a worm but not Code Red. Probably a different one. I've heard of this, but I can't remember the name. The thing is that it doesn't eat up the space, but Win reports the space on the disk wrong and it seems as if you don't have space on the disk when you actually DO have. In reference to the thing that only C:\ has it, it probably didn't have access to the other drives and that is why it didn't spread. Also some of them don't spread over the network and ONLY spread locally. I suggest you get a good anti-virus program and take care of it. If you ask me, I would do a complete reinstall(format disks also), cause I don't like leftovers and partially repaired things. But then again, this might be a pain in the butt for many people.

    I do a complete reinstall of Win every 3-4 months, and you can not beleive how much this speeds the performance of Win. Windows works in strange ways, and that is why you have to clean it up from time to time. But if you do it, DO NOT format disks EVERY TIME as they will stop working after a few formats. What I do is, boot into MS-DOS, delete everything, and then install everything that I want ( DO NOT FORGET TO BACK UP YOUR FILES FIRST). At the end after you have installed everything, I suggest you run "SFC" (system file check) and repair all system files that have been damaged, replaced with older ones, or deleted. To do that, in Win2000 you go to MS-DOS Prompt and type "sfc /scannow" and it will do it automatically. In Win98 you go to START/RUN you type "sfc" in the run box, then follow instructions.

    Well, that was your lesson for today. [img]/infopop/emoticons/icon_wink.gif[/img]

  6. #6
    Master of Design AlexBet's Avatar
    Join Date
    January 18th, 2005
    Location
    Toronto, Canada
    Posts
    1,364
    @ Breeze
    Forgot to answer your question.
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Somehow today, in my advanced internet options the check box for 'display pictures' became unchecked. Spooky! I wonder how that could have happened.<HR></BLOCKQUOTE>
    There is nothing spooky to that. You have either reinstalled Internet Explorer, or updated it, or someone has been touching your computer. With the reinstallation/update of IE, all settings should remain the same, but as I said earlier, Win works in strange ways sometimes.
    Another thing is that you might have used some performance boosting software, and it changed it for you. If this is the case, I would suggest that you be really careful with that kind of software. If you don't know what you are doing, you can mess things up.

  7. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Red, Red Wine...
    By Susan in forum Virtual Family and Off-Topic
    Replies: 18
    Last Post: March 1st, 2007, 05:47 PM
  2. How to Do an HTML Redirect Without Bad Consequences
    By Cheesehead in forum Search Engine Optimization
    Replies: 4
    Last Post: November 21st, 2004, 11:59 PM
  3. Out of the red
    By yintercept in forum Commission Junction - CJ
    Replies: 0
    Last Post: February 13th, 2003, 01:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •