dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
110
share rss forum feed

Ritz8

join:2001-10-31
Young America, MN

What the heck is this???? Notice from Rogers?!

Read this..I dont really know what there saying..

Please be advised that over the past month we have received complaints from
other customers or Internet users about unauthorized access attempts
originating from the IP address(My IP); which may have been assigned
to your computer during this time (This is the unique identifier for your
computer on the Internet).

This is likely occurring without your knowledge and is typically associated
with computers that are infected with the 'Code Red' or 'Nimda' viruses.
Your computer may have become infected by either of these viruses in a
number of ways (such as opening an email attachment or downloading a program
from the Internet without virus scanning it first). Once a computer becomes
infected with these viruses, it continues to spread itself by exploiting
other computers running web services.

Usually, these two viruses only affect computers that are running as servers
(which you could have installed as part of your operating system without
realizing it). Please note that running servers on the Rogers Internet
network is strictly prohibited as outlined in the End User Agreement
www.rogershelp.com/help/content/···/EUA.PDF). Running a
server on the Rogers Internet Network (with or without your knowledge) could
result in your account being disconnected. Please ensure no servers are
operating on the Rogers network from your connection immediately to avoid an
interruption in service. You can remove a server by following the specific
instructions within your Operating System documentation and/or help files.

PREVENTING AND REMOVING VIRUSES.

VIRUS PREVENTION:
· You should get an up-to-date Anti-Virus program (such as Norton Anti-Virus
or McAfee) to scan your system for these and any other viruses.
· Do not open any Email attachments or downloaded files without first
scanning them with your up-to-date virus scanner.

HOW TO REMOVE THE CODE RED VIRUS:
Visit the Microsoft website at the address below and scroll down to the
"Patch availability" section. Click to download the patch and follow the
on-screen steps.
»www.microsoft.com/technet/treevi···ecurity/
bulletin/MS01-044.asp

HOW TO REMOVE THE NIMDA VIRUS:
Visit the Microsoft website at the address below and scroll down to the
"Patch availability" section. Click to download the patch and follow the
on-screen steps.
»www.microsoft.com/technet/treevi···ecurity/
bulletin/MS01-044.asp

Alternatively, you can download all critical updates your computer needs in
one step by running Windows Update. Simply click Start and Windows Update.
Microsoft's update page will load, click on PRODUCT UPDATES. Your computer
will be scanned and any required updates will be listed and available for
download. Follow the on-screen steps and your computer will take care of
the rest.

If the above situation does not apply to you or you have already corrected
the problem, please disregard this email.

Sincerely,
Rogers
EUA Management Team
»rogers.home.com/help/content/dow···olicies/

-----------------------------------------------------------------------
CODE RED AND NIMDA VIRUS TECHNICAL EXPLANATION
-----------------------------------------------------------------------
Systems Affected:

Users running Microsoft Windows Operating Systems with IIS (Internet
Information Server 4.0 or IIS 5.0) installed. Some Windows OS's like Windows
2000, Windows XP, or Windows NT may install these services automatically
without your knowledge and may be running in the background. As servers are
not permitted on the Rogers network, these should be removed. For
information on how to remove this, please contact Microsoft.

For further information regarding the "Code Red Virus" please follow the
link below. »www.cert.org/advisories/CA-2001-19.html

For further information regarding the "Nimda Virus" please follow the link
below. »www.cert.org/advisories/CA-2001-26.html

----------------------------------------------------------

First of all im not scanning anything and im not running a server..Are they accusing me of something, and giving me a warning, or are they saying that i have a virus.. ????


skillton

join:2000-09-14
Scarborough, ON

The're saying u have a infected web server that u dont know about and it is trying to connect to other ppl's pc's


Ritz8

join:2001-10-31
Young America, MN
reply to Ritz8

this sucks..I must get arid of it then...Thanks


Ritz8

join:2001-10-31
Young America, MN
reply to Ritz8

BTW,

It says im running an IIS web server? How?

Is this just a virus?



travisc

join:2001-11-09
Uxbridge, ON
reply to Ritz8

Are you running Windows 2000? A lot of people have IIS active and don't know it.


Ritz8

join:2001-10-31
Young America, MN
reply to Ritz8

Well XP...



corster
Premium
join:2002-02-23
Gatineau, QC
reply to Ritz8

XP home or XP pro?


Ritz8

join:2001-10-31
Young America, MN
reply to Ritz8

XP Pro



travisc

join:2001-11-09
Uxbridge, ON
reply to Ritz8

Odds are you've got IIS active then, and it could very well be doing something you don't want it to be doing.



72245156
TSWB.org
Premium,ExMod 2000-04
join:2000-07-11
Winnipeg, MB
reply to Ritz8

The important thing for you to do right now is to clean your system. Head over to our security forum for some help in that regard.
--
Join Team Starfire SETI@Home. Put your unused clock cycles to work!



Exit
Premium,ExMod 2002
join:2001-04-10
Canada
reply to Ritz8

Quick check

Close all programs that access the internet then go to command prompt and type this

netstat

It should tell you any open ports and connections you have at that time.

Steve
--
18.98Ghz of Cancer killing power commin at yah.