Link to home
Create AccountLog in
Avatar of DATA99
DATA99Flag for Afghanistan

asked on

RDP clients cannot connect to Windows 2000 server (remote administration mode). Caused by (a now cured) virus infection.

Hi there,

The problem is that since my Windows 2000 Advanced Server (SP4) had a virus infection, which is now cured. Now however my RDP clients can't connect to it. The very first connection (from ANY client) always returns "A network error has occurred" error, and any subsequent connections yield the "server could not be contacted" error. The server is a basic domain controller/file server setup with Terminal Services in remote administration mode. My clients generally connect via a VPN, I've tested it on the local network and clients get the same error. The viruses have now been cleaned, the infection was mostly limited to the system32 folder, targeting .exe files and .dll files.

The clients are a mix of XP and 2000 workstations. The server firewall is always disabled for testing purposes.

I can telnet the server on port 3389 from my client PCs, and when doing so an empty session does appear in the terminal services manager. As far as I can see the RDP listener is working, but I'm not 100% sure. Is there any definitive test to say whether or not the rdp-tcp listener is working?

I've run "sfc /scannow", and that repaired the damaged windows files. I've also reinstalled terminal services to no avail. Is it worth changing the port that terminal services uses or is this a waste of time? Any help or ideas would be greatly appreciated, I don't really want to reinstall the OS.

Many Thanks

D99
Avatar of Cláudio Rodrigues
Cláudio Rodrigues
Flag of Canada image

You can try a couple things:
1. Launch TSCC.MSC and delete the RDP-tcp listener.
2. Reboot.
3. Go back to TSCC.MSC and create a new listener.
4. Reboot.

Make sure you do this LOCALLY at the console. :-)

Cláudio Rodrigues

Microsoft MVP
Windows Server - Terminal Services
Avatar of DATA99

ASKER

I have reinstalled the RDP-tcp listener. Now I only get the "The Client could not establish a connect to the remote computer" error. I forgot to mention that when I connect a can see the session flash up for a moment in Terminal Tervices Manager, then disappear. I'm now getting a "The RDP protocol component "DATA ENCRYPTION" detected an error in the protocol stream and has disconnected the client." error in the eventviewer which I wasn't getting before (Source: TermDD, ID: 50).

I'm going to try reinstalling the TCP/IP protocol next.
ASKER CERTIFIED SOLUTION
Avatar of DATA99
DATA99
Flag of Afghanistan image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer