- Posts: 29
- Thank you received: 0
RDP won't work after virus
16 years 3 months ago #27219
by cjsmith22
RDP won't work after virus was created by cjsmith22
i am unable to remote into a pc inside our lan at work after removing a nasty virus called buritos.exe (it shows up as a red cross in your system tray saying your pc is infected with spyware) . the machine in question runs xpsp2. I've disabled all antivirus programs, remote desktop is enabled, all relevent services are started, i can ping it, i can telnet to it on 3389, i can also remote to other machines from it, however, as soon as i try to remote to it, it instantly pops up with 'the client could not establish a connection.....'.
anyone any ideas?
anyone any ideas?
16 years 3 months ago #27220
by chitti
Replied by chitti on topic Re: RDP won't work after virus
I did face the same kind of issue in my LAN (network), but then after upgrading that comp to SP3 It was fine. That was not the only changes that I made there were few more changes, Try patching SP3 and see how it goes !!!
16 years 3 months ago #27237
by cjsmith22
Replied by cjsmith22 on topic Re: RDP won't work after virus
cheers chitti - tried sp3 and still no joy think I'm just gonna have to
reinstall xp.
reinstall xp.
16 years 3 months ago #27238
by S0lo
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: RDP won't work after virus
This problem has been bugging many lately. You probably tried this, but just in case, just before you give up, do the following in sequence:
1. Shut down your firewall, if any. (I know 3389 works but just to clear out doubts from other ports)
2. REMOVE all users from the allowed remote users. (from the remote tab)
3. DISABLE remote desktop. i.e Uncheck "allow users to connect remotely to this computer"
4. Restart the PC
5. Create a new administrator account. say "admin2". login and logoff with it to make sure the profile is created.
6. ENABLE remote desktop.
7. Add the new "admin2" user to the list of the allowed.
Now try it with admin2.
1. Shut down your firewall, if any. (I know 3389 works but just to clear out doubts from other ports)
2. REMOVE all users from the allowed remote users. (from the remote tab)
3. DISABLE remote desktop. i.e Uncheck "allow users to connect remotely to this computer"
4. Restart the PC
5. Create a new administrator account. say "admin2". login and logoff with it to make sure the profile is created.
6. ENABLE remote desktop.
7. Add the new "admin2" user to the list of the allowed.
Now try it with admin2.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
16 years 2 months ago #27510
by cjsmith22
Replied by cjsmith22 on topic Re: RDP won't work after virus
cheers solo, I followed your instructions and it worked! i also scanned the machine using nod32 and it seems to have gotten rid of all traces of that buritos.exe which seemed to be the original problem.
however,(i'm about to give up on it it's really annoying me now!), since installing nod32 it's started doing something which i've not seen before - if the machine is left idle for more than 5 minutes, it goes through a continuous cycle of blue screening (with a different blue screen error message each time) followed by windows rebooting followed by blue screen..etc, however, while its doing this continuous blue screen/reboot cycle, if i remote into it from a different machine i go straight to the desktop no problems! whats all that about?
however,(i'm about to give up on it it's really annoying me now!), since installing nod32 it's started doing something which i've not seen before - if the machine is left idle for more than 5 minutes, it goes through a continuous cycle of blue screening (with a different blue screen error message each time) followed by windows rebooting followed by blue screen..etc, however, while its doing this continuous blue screen/reboot cycle, if i remote into it from a different machine i go straight to the desktop no problems! whats all that about?
16 years 2 months ago #27511
by S0lo
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: RDP won't work after virus
lol heheh, Thats troubled.
Blue screens usually happen because of hardware or driver problems (Which I doubt is your case here). Another reason for it could be corrupted hard disk structures or bad clusters. To fix this latter possibility, try this:
1. Right click on your hard disk (C:\) and click properties.
2. Click the [tools] tab. Then click [Check Now] button.
3. Check both [Automatically fix file system errors] and [Scan for and attempt recovery of bad sectors]. Then click [Start] button.
4. If you see a dialog box stating that the scan can not be done now. Click [Yes]. This will schedule the disk scan for the next start. Now, Restart your PC and the scan will begin automatically.
The disk scan can take 30 minutes or more depending on the amount of damage and disk size. I recommend you do this for all local hard drives you have (\ E:\....) if any.
For the AV. I haven't tried NOD32. But I don't think it's guilty in causing the blue screens.
Blue screens usually happen because of hardware or driver problems (Which I doubt is your case here). Another reason for it could be corrupted hard disk structures or bad clusters. To fix this latter possibility, try this:
1. Right click on your hard disk (C:\) and click properties.
2. Click the [tools] tab. Then click [Check Now] button.
3. Check both [Automatically fix file system errors] and [Scan for and attempt recovery of bad sectors]. Then click [Start] button.
4. If you see a dialog box stating that the scan can not be done now. Click [Yes]. This will schedule the disk scan for the next start. Now, Restart your PC and the scan will begin automatically.
The disk scan can take 30 minutes or more depending on the amount of damage and disk size. I recommend you do this for all local hard drives you have (\ E:\....) if any.
For the AV. I haven't tried NOD32. But I don't think it's guilty in causing the blue screens.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Time to create page: 0.143 seconds