One of our servers running Server 2019 was recently infected with malware. I removed the malware using malwarebytes but since then have not been able to connect to the server using RDP. It connects to the server and then gives me the message "Access is Denied".
I ran DISM and sfc to check system files. DISM repaired the store but sfc said nothing was wrong. The system was up to date on updates but I reran the 2021-11 cumulative update to be sure. I can log into the server locally with Administrator and my own account which is also an administrator. Terminal services are running but query session shows "no sessions exist for *".
This server is a domain controller so everything is through AD. Both accounts are members of the administrator group. I checked the group policies for this server against another working server and they were the same.
A side note, when I checked that remote desktop being enabled, I noticed that clicking the link from Settings gave me an error that "c:\windows\system32\systempropertiesremote.exe" cannot be accessed and that I may not have permission. This was on the Administrator account. I went to system32 and double clicked the file and it came right up so it is there and I have permission to access it. Something really got screwed up with permissions but I am at a loss as what to check next.
