Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: RDP won't work after virus

RDP won't work after virus 8 years 3 months ago #27219

  • cjsmith22
  • cjsmith22's Avatar
  • Offline
  • Frequent Member
  • Posts: 29
  • Karma: 0
i am unable to remote into a pc inside our lan at work after removing a nasty virus called buritos.exe (it shows up as a red cross in your system tray saying your pc is infected with spyware) . the machine in question runs xpsp2. I've disabled all antivirus programs, remote desktop is enabled, all relevent services are started, i can ping it, i can telnet to it on 3389, i can also remote to other machines from it, however, as soon as i try to remote to it, it instantly pops up with 'the client could not establish a connection.....'.
anyone any ideas?
The administrator has disabled public write access.

Re: RDP won't work after virus 8 years 3 months ago #27220

  • chitti
  • chitti's Avatar
  • Offline
  • Frequent Member
  • Posts: 25
  • Karma: 0
I did face the same kind of issue in my LAN (network), but then after upgrading that comp to SP3 It was fine. That was not the only changes that I made there were few more changes, Try patching SP3 and see how it goes !!!
The administrator has disabled public write access.

Re: RDP won't work after virus 8 years 3 months ago #27237

  • cjsmith22
  • cjsmith22's Avatar
  • Offline
  • Frequent Member
  • Posts: 29
  • Karma: 0
cheers chitti - tried sp3 and still no joy :( think I'm just gonna have to
reinstall xp.
The administrator has disabled public write access.

Re: RDP won't work after virus 8 years 3 months ago #27238

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
This problem has been bugging many lately. You probably tried this, but just in case, just before you give up, do the following in sequence:

1. Shut down your firewall, if any. (I know 3389 works but just to clear out doubts from other ports)
2. REMOVE all users from the allowed remote users. (from the remote tab)
3. DISABLE remote desktop. i.e Uncheck "allow users to connect remotely to this computer"
4. Restart the PC
5. Create a new administrator account. say "admin2". login and logoff with it to make sure the profile is created.
6. ENABLE remote desktop.
7. Add the new "admin2" user to the list of the allowed.

Now try it with admin2.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.

Re: RDP won't work after virus 8 years 2 months ago #27510

  • cjsmith22
  • cjsmith22's Avatar
  • Offline
  • Frequent Member
  • Posts: 29
  • Karma: 0
cheers solo, I followed your instructions and it worked! i also scanned the machine using nod32 and it seems to have gotten rid of all traces of that buritos.exe which seemed to be the original problem.

however,(i'm about to give up on it it's really annoying me now!), since installing nod32 it's started doing something which i've not seen before - if the machine is left idle for more than 5 minutes, it goes through a continuous cycle of blue screening (with a different blue screen error message each time) followed by windows rebooting followed by blue screen..etc, however, while its doing this continuous blue screen/reboot cycle, if i remote into it from a different machine i go straight to the desktop no problems! whats all that about?
The administrator has disabled public write access.

Re: RDP won't work after virus 8 years 2 months ago #27511

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
lol heheh, Thats troubled.

Blue screens usually happen because of hardware or driver problems (Which I doubt is your case here). Another reason for it could be corrupted hard disk structures or bad clusters. To fix this latter possibility, try this:

1. Right click on your hard disk (C:\) and click properties.
2. Click the [tools] tab. Then click [Check Now] button.
3. Check both [Automatically fix file system errors] and [Scan for and attempt recovery of bad sectors]. Then click [Start] button.
4. If you see a dialog box stating that the scan can not be done now. Click [Yes]. This will schedule the disk scan for the next start. Now, Restart your PC and the scan will begin automatically.

The disk scan can take 30 minutes or more depending on the amount of damage and disk size. I recommend you do this for all local hard drives you have (D:\ E:\....) if any.

For the AV. I haven't tried NOD32. But I don't think it's guilty in causing the blue screens.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.
Time to create page: 0.080 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup