Problem solve Get help with specific problems with your technologies, process and projects.

Code Red -- a persistent worm

Our system has all the patches installed for Code Red. In the c:winntsystem32logfilesw3svc1 I still see a lot of GET default.ida, XXX and NNN. Microsoft could not guarantee me that the system was completely safe. What could be the problem?

For information on the Code Red virus

Fear factor: Malicious code and why the worst is yet to come

Code Red fizzles; but what about the next time? 

New Code Red variant packs little punch

Bad traffic is here to stay

The problem is that Code Red will continue to try to infect your system, even if it cannot. The Code Red worm is programmed to try to infiltrate as many systems as possible. Once your systems are patched, it cannot do anything more than bang away at them.

There is a new patch out from Microsoft that you may want to look into -- look for the latest Cumulative Patch for IIS.


This was last published in August 2001

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.