asked on RDP clients cannot connect to Windows 2000 server (remote administration mode). Caused by (a now cured) virus infection.
Hi there,
The problem is that since my Windows 2000 Advanced Server (SP4) had a virus infection, which is now cured. Now however my RDP clients can't connect to it. The very first connection (from ANY client) always returns "A network error has occurred" error, and any subsequent connections yield the "server could not be contacted" error. The server is a basic domain controller/file server setup with Terminal Services in remote administration mode. My clients generally connect via a VPN, I've tested it on the local network and clients get the same error. The viruses have now been cleaned, the infection was mostly limited to the system32 folder, targeting .exe files and .dll files.
The clients are a mix of XP and 2000 workstations. The server firewall is always disabled for testing purposes.
I can telnet the server on port 3389 from my client PCs, and when doing so an empty session does appear in the terminal services manager. As far as I can see the RDP listener is working, but I'm not 100% sure. Is there any definitive test to say whether or not the rdp-tcp listener is working?
I've run "sfc /scannow", and that repaired the damaged windows files. I've also reinstalled terminal services to no avail. Is it worth changing the port that terminal services uses or is this a waste of time? Any help or ideas would be greatly appreciated, I don't really want to reinstall the OS.
Many Thanks
D99
The problem is that since my Windows 2000 Advanced Server (SP4) had a virus infection, which is now cured. Now however my RDP clients can't connect to it. The very first connection (from ANY client) always returns "A network error has occurred" error, and any subsequent connections yield the "server could not be contacted" error. The server is a basic domain controller/file server setup with Terminal Services in remote administration mode. My clients generally connect via a VPN, I've tested it on the local network and clients get the same error. The viruses have now been cleaned, the infection was mostly limited to the system32 folder, targeting .exe files and .dll files.
The clients are a mix of XP and 2000 workstations. The server firewall is always disabled for testing purposes.
I can telnet the server on port 3389 from my client PCs, and when doing so an empty session does appear in the terminal services manager. As far as I can see the RDP listener is working, but I'm not 100% sure. Is there any definitive test to say whether or not the rdp-tcp listener is working?
I've run "sfc /scannow", and that repaired the damaged windows files. I've also reinstalled terminal services to no avail. Is it worth changing the port that terminal services uses or is this a waste of time? Any help or ideas would be greatly appreciated, I don't really want to reinstall the OS.
Many Thanks
D99
Microsoft Server OS
Last Comment
DATA99
ASKER
I have reinstalled the RDP-tcp listener. Now I only get the "The Client could not establish a connect to the remote computer" error. I forgot to mention that when I connect a can see the session flash up for a moment in Terminal Tervices Manager, then disappear. I'm now getting a "The RDP protocol component "DATA ENCRYPTION" detected an error in the protocol stream and has disconnected the client." error in the eventviewer which I wasn't getting before (Source: TermDD, ID: 50).
I'm going to try reinstalling the TCP/IP protocol next.
I'm going to try reinstalling the TCP/IP protocol next.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
1. Launch TSCC.MSC and delete the RDP-tcp listener.
2. Reboot.
3. Go back to TSCC.MSC and create a new listener.
4. Reboot.
Make sure you do this LOCALLY at the console. :-)
Cláudio Rodrigues
Microsoft MVP
Windows Server - Terminal Services