RDP Not Working



I have an XP Pro pc sp3, recently infected, cleaned with combofix, along with
the help of several Sysinternals utilities.

McAfee & Symantec have both been unistalled. AVG Pro has been installed
without the firewall component. Windows firewall is turned off.

I'm able to get to the pc through Manage Computer and Regedit. Rebooted
several times using Shutdown –m \\pc-name -r.

Regisrty has been checked:

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server
AllowTSConnections - 1
DeleteTempDirsOnExit - 0
fAllowToGetHelp - 1
fDenyTSConnections - 0
fEnableSalem - 1
fInHelpMode - 0
FirstCountMsgQPeeksSleepBadApp - f
fWritableTSCCPermTab - 0
IdleWinStationPoolCount - 0
Modems With Bad DSR - MultiTech MultiModem MT2834
MultiTech MultiModem MT2834ZDX
MultiTech MT2834
MultiTech MT2834ZDX
MultiTech 2834
MultiTech 2834ZDX
MsgQBadAppSleepTimeInMillisec - 1
NthCountMsgQPeeksSleepBadApp - 5
PerSessionTempDir - 0
ProductVersion - 5.1
TSAdvertise - 0
TSAppCompat - 0
TSEnabled - 1
TSUserEnabled - 0

3389:TCP - 3389:TCP:*:Enabled:mad:xpsp2res.dll,-22009

3389:TCP - 3389:TCP:*:Enabled:mad:xpsp2res.dll,-22009

Telnet to 3389 fails

Tried nVidia registry hack, no help.

I have not been able to get to the physical pc to see if .Net 3 is installed.

RDP was working prior to and during the time the pc was infected. Current
AV scans on the pc and from a remote pc show no infections.

Anyone have any clues?




Sooner Al [MVP]

What is the exact error message you get when you try to connect?

Are you testing over a local LAN or the public internet? If its the latter
are you testing from a remote location? If its the former are you using the
static LAN IP of the PC you want to access/control with RDC?


Al Jarvi (MS-MVP Windows – Desktop User Experience)

This posting is provided "AS IS" with no warranties, and confers no
The MS-MVP Program - http://mvp.support.microsoft.com




I've tested both remotely and locally. I've tested from a vpn connection into
the LAN and I've tested from the Domain Controller to both the IP and the
Netbios name.

From the DC I get:
"The client could not connect to the remote computer.
Remote connections might not be enabled or the computer might be too busy to
accept new connections. It is also possible that network problems are
preventing your connection.
Pleasa try connecting again later. If the problem continues to occur,
contact your administrator."

From my laptop over a VPN:
"This computer can't connect to the remote computer.
Try connecting again. If the problem continues, contact the owner of the
remote computer or your network administrator."

I'll be on site tomorrow to get a physical look at the pc.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question