windows 2003 server reboot results in grey screen

A generic Trojan was detected on a windows 2003 server by both Panda Anti-virus and Kapersky. It is believed that Kapersky cleaned the virus, but after a reboot the server goes to grey screen without the ability to logon. Originally the server was not contactable, however a repair of the windows system files has meant that we can now ping the server and connect to existing shares. We can also manage the server via computer management from other server. However, we are unable to logon local or via remote desktop.
 What is the solution for this?
How to Logon Locally to the server?
Any information about this virus/trojan and how to prevent these things in future will be very helpful.

LVL 3
sudhirkrishnanAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
igor-1965Connect With a Mentor Commented:
If you are able remotely connect to the server you might try PSLIST / PSKILL (http://technet.microsoft.com/en-us/sysinternals/bb545027.aspx) to check out / kill any suspicious process.
0
 
igor-1965Commented:
Have you tried to boo in to Safe Mode and run Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx) to check out the potential culprit?

What is an error message when you are trying to lgoin? If you able remotely manage the computer have you check out the services / user accounts on the server?
0
 
ChiefITCommented:
At the grey screen:

CTRL+ALT+DEL (can you bring up task manager?)

If so, go to the FILE drop down menu>>Select RUN>>and type explorer.exe

Are you in the driver's seat now?

If so, post back and we can get you back and running. The above was just to get you logged on and in the driver's seat. Sounds like we still have a system to fix and/or clean.

John
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
sudhirkrishnanAuthor Commented:
FAO: igor-1965

Thanks for your advice regarding Autoruns, I have just downloaded this and will try your solution later today. I am just waiting to hear back from an external consultant, before I try any other solutions.

FAO: ChiefIT

Thanks for the information, but I have already tried your solution. Unfortunately the server does not respond to CTRL+ALT+DEL, the screen remains grey with a mouse pointer. If you try to remote desktop to the server, it makes a connection for a second you see the same grey screen and then the RDP session closes.

0
 
ChiefITCommented:
Try logging on with safemode using VGA support. You might have a driver conflict.
0
 
sudhirkrishnanAuthor Commented:
Thanks for the help. we are waiting for a replacement equipment before we make any changes on the existing one. I will get back to you as soon as we try the stuff you have mentioned
0
 
ChiefITCommented:
It's a shame:

I think I found your answer too late. Seems to be a known issue.

http://support.microsoft.com/kb/924995/en-us
0
All Courses

From novice to tech pro — start learning today.