Windows XP logon problem
Posted: Sun Nov 22, 2009 7:59 pm
I am a district computer specialist in a rural area. The clerk PC in a branch 50 miles away will not allow us to log into Windows XP as CLERK, which has been their standard username since I installed the PC about 4 years ago. As far as I can tell, nobody has attempted to change the password for the CLERK user.
I visited the site today, as I was unable to diagnose the problem via e-mails with the branch clerk.
I have searched this site for information related to this problem and could find none.
There is a spooky (or should I say "phishy") aspect to our problem. If I purposely put in a known bad password, I get the expected WinXP error message about making sure the CapsLock is off. However, if I enter the formerly good password, I get the following message in an info box entitled "Logon Message":
I have not seen this particular error message before. And yes, it indeed doesn't have anything after the word "system", no noun, no punctuation, etc. This sets off my "Danger, Will Robinson" alarm. Could we have gotten a malware infection of some kind? The people who use the PC say they haven't connected to anything but the MLS send/receive changes facility. However, I suppose it's possible that somebody might have infected the PC with a USB stick, but I thought Symantec Anti-virus was supposed to keep that from happening.
I tried booting a Linux live CD, mounting sda1 (the Windows C: drive), and looking at the boot directory, but didn't find anything obvious there. Unfortunately, the Linux distribution I happened to have with me didn't have an anti-virus scanner or rootkit detector on it, so I wasn't able to check for them (I thought it did. Oh, well, time to put a different CD in my church bag...).
Is this error message legitimate, and if so, is there some other way of logging into Windows XP?
If not, should I just take the Desktop 5.5 CD-ROM up there, do a reinstall, update MLS to v.3.0.2, update SAV, and update data from their most recent backup? (I wouldn't want to update to v.3.1 in that process, as they weren't running it when the system became unusable; we can do that update later.)
Thankx in advance for any useful suggestions or info.
I visited the site today, as I was unable to diagnose the problem via e-mails with the branch clerk.
I have searched this site for information related to this problem and could find none.
There is a spooky (or should I say "phishy") aspect to our problem. If I purposely put in a known bad password, I get the expected WinXP error message about making sure the CapsLock is off. However, if I enter the formerly good password, I get the following message in an info box entitled "Logon Message":
Code: Select all
[yellow !-triangle symbol]
Your account has been disabled. Please see your system
[OK button]
I tried booting a Linux live CD, mounting sda1 (the Windows C: drive), and looking at the boot directory, but didn't find anything obvious there. Unfortunately, the Linux distribution I happened to have with me didn't have an anti-virus scanner or rootkit detector on it, so I wasn't able to check for them (I thought it did. Oh, well, time to put a different CD in my church bag...).
Is this error message legitimate, and if so, is there some other way of logging into Windows XP?
If not, should I just take the Desktop 5.5 CD-ROM up there, do a reinstall, update MLS to v.3.0.2, update SAV, and update data from their most recent backup? (I wouldn't want to update to v.3.1 in that process, as they weren't running it when the system became unusable; we can do that update later.)
Thankx in advance for any useful suggestions or info.