Solved

windows 2003 server reboot results in grey screen

Posted on 2008-10-06
7
1,780 Views
Last Modified: 2013-11-22
A generic Trojan was detected on a windows 2003 server by both Panda Anti-virus and Kapersky. It is believed that Kapersky cleaned the virus, but after a reboot the server goes to grey screen without the ability to logon. Originally the server was not contactable, however a repair of the windows system files has meant that we can now ping the server and connect to existing shares. We can also manage the server via computer management from other server. However, we are unable to logon local or via remote desktop.
 What is the solution for this?
How to Logon Locally to the server?
Any information about this virus/trojan and how to prevent these things in future will be very helpful.

0
Comment
Question by:sudhirkrishnan
  • 3
  • 2
  • 2
7 Comments
 
LVL 14

Expert Comment

by:igor-1965
ID: 22651818
Have you tried to boo in to Safe Mode and run Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx) to check out the potential culprit?

What is an error message when you are trying to lgoin? If you able remotely manage the computer have you check out the services / user accounts on the server?
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22656073
At the grey screen:

CTRL+ALT+DEL (can you bring up task manager?)

If so, go to the FILE drop down menu>>Select RUN>>and type explorer.exe

Are you in the driver's seat now?

If so, post back and we can get you back and running. The above was just to get you logged on and in the driver's seat. Sounds like we still have a system to fix and/or clean.

John
0
 
LVL 3

Author Comment

by:sudhirkrishnan
ID: 22657681
FAO: igor-1965

Thanks for your advice regarding Autoruns, I have just downloaded this and will try your solution later today. I am just waiting to hear back from an external consultant, before I try any other solutions.

FAO: ChiefIT

Thanks for the information, but I have already tried your solution. Unfortunately the server does not respond to CTRL+ALT+DEL, the screen remains grey with a mouse pointer. If you try to remote desktop to the server, it makes a connection for a second you see the same grey screen and then the RDP session closes.

0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 14

Accepted Solution

by:
igor-1965 earned 500 total points
ID: 22658192
If you are able remotely connect to the server you might try PSLIST / PSKILL (http://technet.microsoft.com/en-us/sysinternals/bb545027.aspx) to check out / kill any suspicious process.
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22658293
Try logging on with safemode using VGA support. You might have a driver conflict.
0
 
LVL 3

Author Comment

by:sudhirkrishnan
ID: 22670233
Thanks for the help. we are waiting for a replacement equipment before we make any changes on the existing one. I will get back to you as soon as we try the stuff you have mentioned
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22766019
It's a shame:

I think I found your answer too late. Seems to be a known issue.

http://support.microsoft.com/kb/924995/en-us
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

PREFACE The purpose of this guide is to provide information to successfully add specific IIS 7.0 role services for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technol…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
A short film showing how OnPage and Connectwise integration works.
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now