Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Virus Via Remote Desktop

Virus Via Remote Desktop 7 years 5 months ago #30533

  • defsoul
  • defsoul's Avatar
  • Offline
  • Frequent Member
  • Posts: 53
  • Karma: 0
Is it possible to get viruses via remote desktop,the two users below only logon via remote desktop. I'll scan and clean the virus but when i scan again after they logon i get the viruses again

C:\Documents and Settings\user1\Local Settings\Application Data\br5073on.exe is infected by Win32:Brontok-CE [Wrm], Deleted

C:\Documents and Settings\user2\Local Settings\Application Data\br3753on.exe is infected by Win32:Brontok-CE [Wrm], Deleted

C:\WINDOWS\system32\user2's Setting.scr is infected by Win32:Brontok-CE [Wrm], Deleted
The administrator has disabled public write access.

Re: Virus Via Remote Desktop 7 years 5 months ago #30542

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
Since they can't use a USB flash drive or a CD-ROM to bring in the virus, there are few possibilities left. Since the file is an executable and given the path above, I doubt it was downloaded via IE or firefox, unless the user intentionally meant to.

Another possible way to get infected is to open a viral email attachment (in outlook or any other email client or even a webmail). This is probably a more valid scenario.

By the way, I'm wondering why the automatic scanning feature of your anti virus did not catch it. If the feature was ON, the anti virus should have caught the virus the moment it's being created. I'd check to see if it's ON.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.
Time to create page: 0.073 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup