Solved

windows 2003 server reboot results in grey screen

Posted on 2008-10-06
7
1,785 Views
Last Modified: 2013-11-22
A generic Trojan was detected on a windows 2003 server by both Panda Anti-virus and Kapersky. It is believed that Kapersky cleaned the virus, but after a reboot the server goes to grey screen without the ability to logon. Originally the server was not contactable, however a repair of the windows system files has meant that we can now ping the server and connect to existing shares. We can also manage the server via computer management from other server. However, we are unable to logon local or via remote desktop.
 What is the solution for this?
How to Logon Locally to the server?
Any information about this virus/trojan and how to prevent these things in future will be very helpful.

0
Comment
Question by:sudhirkrishnan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 14

Expert Comment

by:igor-1965
ID: 22651818
Have you tried to boo in to Safe Mode and run Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx) to check out the potential culprit?

What is an error message when you are trying to lgoin? If you able remotely manage the computer have you check out the services / user accounts on the server?
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22656073
At the grey screen:

CTRL+ALT+DEL (can you bring up task manager?)

If so, go to the FILE drop down menu>>Select RUN>>and type explorer.exe

Are you in the driver's seat now?

If so, post back and we can get you back and running. The above was just to get you logged on and in the driver's seat. Sounds like we still have a system to fix and/or clean.

John
0
 
LVL 3

Author Comment

by:sudhirkrishnan
ID: 22657681
FAO: igor-1965

Thanks for your advice regarding Autoruns, I have just downloaded this and will try your solution later today. I am just waiting to hear back from an external consultant, before I try any other solutions.

FAO: ChiefIT

Thanks for the information, but I have already tried your solution. Unfortunately the server does not respond to CTRL+ALT+DEL, the screen remains grey with a mouse pointer. If you try to remote desktop to the server, it makes a connection for a second you see the same grey screen and then the RDP session closes.

0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 
LVL 14

Accepted Solution

by:
igor-1965 earned 500 total points
ID: 22658192
If you are able remotely connect to the server you might try PSLIST / PSKILL (http://technet.microsoft.com/en-us/sysinternals/bb545027.aspx) to check out / kill any suspicious process.
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22658293
Try logging on with safemode using VGA support. You might have a driver conflict.
0
 
LVL 3

Author Comment

by:sudhirkrishnan
ID: 22670233
Thanks for the help. we are waiting for a replacement equipment before we make any changes on the existing one. I will get back to you as soon as we try the stuff you have mentioned
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22766019
It's a shame:

I think I found your answer too late. Seems to be a known issue.

http://support.microsoft.com/kb/924995/en-us
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question