Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1792
  • Last Modified:

windows 2003 server reboot results in grey screen

A generic Trojan was detected on a windows 2003 server by both Panda Anti-virus and Kapersky. It is believed that Kapersky cleaned the virus, but after a reboot the server goes to grey screen without the ability to logon. Originally the server was not contactable, however a repair of the windows system files has meant that we can now ping the server and connect to existing shares. We can also manage the server via computer management from other server. However, we are unable to logon local or via remote desktop.
 What is the solution for this?
How to Logon Locally to the server?
Any information about this virus/trojan and how to prevent these things in future will be very helpful.

0
sudhirkrishnan
Asked:
sudhirkrishnan
  • 3
  • 2
  • 2
1 Solution
 
igor-1965Commented:
Have you tried to boo in to Safe Mode and run Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx) to check out the potential culprit?

What is an error message when you are trying to lgoin? If you able remotely manage the computer have you check out the services / user accounts on the server?
0
 
ChiefITCommented:
At the grey screen:

CTRL+ALT+DEL (can you bring up task manager?)

If so, go to the FILE drop down menu>>Select RUN>>and type explorer.exe

Are you in the driver's seat now?

If so, post back and we can get you back and running. The above was just to get you logged on and in the driver's seat. Sounds like we still have a system to fix and/or clean.

John
0
 
sudhirkrishnanAuthor Commented:
FAO: igor-1965

Thanks for your advice regarding Autoruns, I have just downloaded this and will try your solution later today. I am just waiting to hear back from an external consultant, before I try any other solutions.

FAO: ChiefIT

Thanks for the information, but I have already tried your solution. Unfortunately the server does not respond to CTRL+ALT+DEL, the screen remains grey with a mouse pointer. If you try to remote desktop to the server, it makes a connection for a second you see the same grey screen and then the RDP session closes.

0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
igor-1965Commented:
If you are able remotely connect to the server you might try PSLIST / PSKILL (http://technet.microsoft.com/en-us/sysinternals/bb545027.aspx) to check out / kill any suspicious process.
0
 
ChiefITCommented:
Try logging on with safemode using VGA support. You might have a driver conflict.
0
 
sudhirkrishnanAuthor Commented:
Thanks for the help. we are waiting for a replacement equipment before we make any changes on the existing one. I will get back to you as soon as we try the stuff you have mentioned
0
 
ChiefITCommented:
It's a shame:

I think I found your answer too late. Seems to be a known issue.

http://support.microsoft.com/kb/924995/en-us
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now