rpclogo
 
HOME  |  ABOUT US  |  CONTACT US  | ( 209 )642-4483

 

Code Red is a computer worm, and Code Red II is its rewritten version. This worm looks for a host for spreading itself. After infecting a host, it creates a backdoor for a remote unauthorized user so that he can access the infected system and take control over the victim’s PC.

Code Red is a worm, and Code Red II is its modified version. This worm searches for any vulnerability in the additional programs of Microsoft IIS Web server, so that it can spread itself.
It then uses the same IIS hole in order to gain access to a web server to continue looking for other vulnerable systems.
Virus Code Red makes use of a weakness called buffer overflow, in which it utilizes the repeated character ‘N’ to overflow a buffer. It executes any random code to infect the system.

Features of Virus Code Red and Code Red II

The most important feature of Code Red, of course, is its ability to install a backdoor into systems and then start infecting them.

In another instance, Virus Code Red tries to connect to a TCP port 80 from any arbitrary selected host. When it connects to port 80, it sends a HTTP Get request command to the victim, so that it can perform a buffer overflow. After that, it sends the same HTTP Get request command to other arbitrarily selected hosts.

In this way, IIS 4.0 and 5.0 servers, which are installed with Indexing service gets affected by Code Red.

Those systems, which have a HTTP server listing port 80, may accept the HTTP Get request command and respond with a “HTTP 400 Bad Request” message, and save this request in an access log.

The Code Red virus starts executing itself once it enters a computer system. A user can easily recognize its activities on a system if the following string is present in a Web server log file:

/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3% u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531 b%u53ff%u0078%u0000%u00=a

This string indicates that the Code Red worm made an attempt to infect the machine. When this happens, even the web pages on the victim’s system are affected and they will show the following message:

HELLO! Welcome to http://www.worm.com! Hacked By Chinese!

Virus Code Red degrades the performance of an infected system. Virus Code Red II also makes use of the same buffer overflow technique. After infecting any host, it also starts searching for other hosts.

Contact RPC and protect your computer from Virus Code Red and Code Red II.
  HOW DOES THIS WORK ?
call1 Call our agents at 209-642-4483 and log your issues to us
age Our agent gets connected to your system remotely
che Sit back and relax or watch out our service
kno Once the issues are solved, the agent feeds you the knowledge transfer and disconnects from your computer
comm You can send your feedback / comments / expereince to support@remotepccure.org

 

 

SERVICES FROM RPC

Virus Removal

Virus Fix|Virus Scan| Virus Clean| Trojan Virus Removal |

Malware Virus | How to Remove Virus | Windows XP Virus Removal|Online Virus Removal|

Microsoft Help

Microsoft Office 2010|Microsoft Office Support| Microsoft Operating System Support| Windows 98 support | Windows XP Support| Windows Vista Support | Windows Repair | Windows 7 migration Support |

Virus Threats

Code Red and Code Red II Virus|Nimda Virus| MyDoom Virus| Antivirus 2007 | Antivirus 2009| Wscript.KakWorm Threats | ILOVEYOU Virus | Trojan | PC Virus |

HP Compaq Support

Compaq 1200|Compaq Computer Support| Compaq E500| Compaq Laptop Support| Computer Notebook Support| Compaq Presario Support | Compaq Sound| Computer Technical Support| HP Compaq Support|HP Driver Support| HP Laserjet| HP Notebook| HP Officejet| HP Online| HP Support| HP Troubleshooting|

Antivirus Software

Antivirus 2007|Antivirus 2009| Antivirus Update| Antivirus Firewall | Antivirus Removal| Install Antivirus | Uninstall Antivirus | Anti Spyware Virus | Internet Antivirus |

Computer Troubleshooting

Computer Problems|Computer Support| Computer Data Backup| Error Codes | PC Dead| Computer Virus Removal | Windows Repair | Memory issues | Defragging | Registry Problems |

Dell Computer Support

Dell 600m Drivers|Dell CDROM Drivers| Dell Chat Support| Dell Computer Servers | Dell Computer Support| Dell Computer Support Center | Dell Computer Support Laptop Monitor | Dell D600 Audio Drivers | Dell Device Drivers | Dell Dimension 5150 Drivers | Dell DVD Drivers|Dell E190S Drivers| Dell Inspiron| Dell Inspiron 1000 Laptop Drivers | Dell Inspiron 9400 Drivers| Dell Inspiron Sata Drivers| Dell Inspiron Support | Dell Keyboard Drivers| Dell Laptop Computer| Dell Laptop Touchpad| Dell Laptops|Dell Latitude| Dell Mini 9| Dell Online Support| Dell Phone Support| Dell Poweredge 2600 Drivers| Dell Printer Drivers| Dell Support | Dell Support Call|Dell Support Center| Dell Support Drivers| Dell Tech Support | Dell Wireless Drivers| Dell XPS |

Toshiba Computer Support

Toshiba Computer Support|Toshiba Notebook| Toshiba Support|

Other Articles

Basic Computer Troubleshooting|PC Sound Troubleshooting| Computer Monitor Troubleshooting| Computer Mouse Troubleshooting | Printer Troubleshooting| Modem Troubleshooting | How to troubleshoot Computer Memory or RAM | Tips for Computer problem troubleshooting | Troubleshooting Computer Error Messages | 10 Reasons Why Computer Crash| How to Create a Restore Point|Backup Data Properly| How to Troubleshoot the Hard Drive| Computer Help | Backup Your Data| How to build a Computer| Upgarding your Operating System | PC Maintenance Tips| Slow Computer Troubleshooting| ActiveX Control Problem| Internet Connection Problems|Email Problem| Windows Registry Error| Sypware Threat| How to remove Paladin Antivirus| Basic Computer Security| How to remove/Uninstall Advanced Virus Remover|

© 1999 - 2009 RPC. All Rights Reserved.

The information on this website is protected by copyright. Users of this website are not authorized to redistribute, reproduce, republish, modify, or make commercial use of the information without the written authorization of RPC. We are committed to the prevention of copyright infringement.