Solved

windows 2003 server reboot results in grey screen

Posted on 2008-10-06
7
1,784 Views
Last Modified: 2013-11-22
A generic Trojan was detected on a windows 2003 server by both Panda Anti-virus and Kapersky. It is believed that Kapersky cleaned the virus, but after a reboot the server goes to grey screen without the ability to logon. Originally the server was not contactable, however a repair of the windows system files has meant that we can now ping the server and connect to existing shares. We can also manage the server via computer management from other server. However, we are unable to logon local or via remote desktop.
 What is the solution for this?
How to Logon Locally to the server?
Any information about this virus/trojan and how to prevent these things in future will be very helpful.

0
Comment
Question by:sudhirkrishnan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 14

Expert Comment

by:igor-1965
ID: 22651818
Have you tried to boo in to Safe Mode and run Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx) to check out the potential culprit?

What is an error message when you are trying to lgoin? If you able remotely manage the computer have you check out the services / user accounts on the server?
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22656073
At the grey screen:

CTRL+ALT+DEL (can you bring up task manager?)

If so, go to the FILE drop down menu>>Select RUN>>and type explorer.exe

Are you in the driver's seat now?

If so, post back and we can get you back and running. The above was just to get you logged on and in the driver's seat. Sounds like we still have a system to fix and/or clean.

John
0
 
LVL 3

Author Comment

by:sudhirkrishnan
ID: 22657681
FAO: igor-1965

Thanks for your advice regarding Autoruns, I have just downloaded this and will try your solution later today. I am just waiting to hear back from an external consultant, before I try any other solutions.

FAO: ChiefIT

Thanks for the information, but I have already tried your solution. Unfortunately the server does not respond to CTRL+ALT+DEL, the screen remains grey with a mouse pointer. If you try to remote desktop to the server, it makes a connection for a second you see the same grey screen and then the RDP session closes.

0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 14

Accepted Solution

by:
igor-1965 earned 500 total points
ID: 22658192
If you are able remotely connect to the server you might try PSLIST / PSKILL (http://technet.microsoft.com/en-us/sysinternals/bb545027.aspx) to check out / kill any suspicious process.
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22658293
Try logging on with safemode using VGA support. You might have a driver conflict.
0
 
LVL 3

Author Comment

by:sudhirkrishnan
ID: 22670233
Thanks for the help. we are waiting for a replacement equipment before we make any changes on the existing one. I will get back to you as soon as we try the stuff you have mentioned
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22766019
It's a shame:

I think I found your answer too late. Seems to be a known issue.

http://support.microsoft.com/kb/924995/en-us
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sudden performance loss on a Vista system. 14 156
Can’t delete a file 14 196
What is this Task? 4 147
Determine what users accessed a directory or file in that directory? 4 82
For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question