Lock by mconners at Morguefile

When is Windows XP Malware?

There are times when I wonder why I continue to run Windows. This morning was one of those times. I’d left my machine on last night and this morning it was frozen, with one of those grey “Program has stopped responding” boxes warning me that SOMETHING had happened. When I restarted the PC, the computer booted up but when I arrived at the Windows XP Home Welcome splash screen, I was faced with a lot of blue and not much else. All account names had disappeared for this machine and the only options I had were to click on a Turn Off Computer link. Which promptly caused me to reboot.

That’s not entirely true but it’s close enough.  I actually had something else odd happen.  I was testing out Windows Steadystate, a desktop security application that would enable me to have my children use my PC without having to worry about them getting up to mischief (or having mischief played on them).  The Welcome screen actually initially showed me a “Your computer is being updated” message from Steadystate, which could not be bypassed.  But that’s neither here nor there, as all account information had disappeared.

In the old days, you could safe mode into Windows or get to a DOS prompt and have a bit of flexibility with finding a fix.  Not so with the new, sweeter smelling XP (and probably Vista).  Fortunately, I had access to the Internet from a second machine and was able to figure out how to bypass the problem.  Fix it?  Hahaha, get on with you.  But ever since my first library job supporting technology, I’ve found it better to get Windows working than trying to crack open the black box that is their kludgy operating system.  There’s really no telling what happened.

One of the first suggestions I saw was that “spyware” or “malware” had caused the problem.  I don’t think so.  Neither before nor after did I experience any problem.  I think this is just an operating system snafu.

Initial Problem

You start up your Windows XP Home computer and you arrive at a blue Welcome screen with no account names, no login boxes, nothing.  Not a sausage.  Other than that link in the bottom left corner to Turn Off Computer.

Initial Fix

How to get into your machine?  First, reboot the computer.  You may be able to [CTRL][ALT][DEL] to restart it.  Otherwise, just power off.  As it restarts, hit your [F8] key so that you can see the Windows startup menu.  The first choice is Safe Mode, then Safe Mode with Networking, etc., etc.  Select Safe Mode by arrowing up to it, hitting [ENTER] and wait until that blue Welcome screen appears.

Contrary to what some posts said, starting in safe mode WON’T necessarily fix the problem.  So if you see the same empty blue screen, don’t panic.  This is where some of the advice was helpful.

Double [CTRL][ALT][DEL]

You can bypass the Blue Screen of Welcome by hitting the [CTRL][ALT][DEL] combination twice.  You should see a login box suddenly pop up.  If you are like me, none of your original account names and password will work.  An account name that exists will generate a “This account has been locked” message.  An account name that does not exist (say, one you type in by mistake) will respond with the standard “System cannot log you in” message.

Type Administrator in as your username.  Leave the password space blank.  Hit OK.  If you have not changed this password since you installed Windows, you should see some action that takes you past the blue Welcome screen.  If you don’t, then nothing else I’m going to add below will be of much use.  Time to install Linux!

But I’m an Administrator

So when isn’t an administrator an administrator?  When he’s using Windows XP.  The next stage is to fix your user accounts so you can log in normally.  But wait!  What’s that you say?  When you click on the START button, then select Control Panel, and then select User Accounts, you get an error message that the “current user” can’t access the User Account panel?  That’s what happened to me.

Fortunately, another piece of ‘net advice helped me out.  Ignore the Control Panel.  Once you see a normal, Safe Mode desktop, click on the Start Button and select RUN.  Type:

control userpasswords2

which is actually Microsoft’s suggested way for logging on to your Windows XP box when you’ve forgotten a password.  Go figure.  In any event, once the user manager pops up, if your experience is like mine, all of your users have disappeared.  Create a brand new user and make them an administrator.

Restart your computer and let it start up normally.  You should now see the user you just created at the Welcome screen.  Login.

But What About My Settings?

This is where you say “poh-tay-toe” and I may say “poh-tah-toe” so if you can FIX the problem, I’d do so.  But I don’t know how to fix the problem (or even how this happened).  But if you follow the next steps, you should be able to recover your user profile (desktop wallpaper, icons, configuration files, my documents, etc.) by moving it.  Here’s how I did it:

  1. Click the START button and select the Control Panel.
  2. Select User Accounts.
  3. Create ANOTHER new account (call it whatever you want, give it a password) and give it Administrator rights.  We’ll call this new one Account 2.  We’ll call the account you are currently logged in as Account 1.
  4. Log off.
  5. Login as Account 2.
  6. Once you’ve seen a desktop with the generic Windows XP wallpaper, icons, etc., you have created a new profile for Account 2.
  7. Log off.
  8. Log back in as Account 1.
  9. Click the Start button and select the Control Panel.
  10. Select System.
  11. Select the Advanced tab.
  12. Click on the SETTINGS button under User Profiles.
  13. You should see a listing of your computer’s profiles.  Account 1 should be in the list.  Account 2 should be in the list.  You should also see your accounts that disappeared from the Welcome screen.
  14. Click on the OLD user profile you want to “recover”.
  15. Click on the COPY TO button.
  16. A small dialog box will pop up.  Click on the BROWSE button and browse to C:Documents and Settings.
  17. Click on the folder called Account 2 (whatever that account name is; the yellow folders inside C:Documents and Settings SHOULD be the same as the list of profiles in step 13).
  18. Click OK.
  19. You should return to the dialog box.  Click OK.  [A caveat:  I filled out the “Permitted to Use” part.  I don’t think you need it but I’m not going to try it again just to see; try it without and if that doesn’t work, try it with]
  20. Depending on how large the original profile is, your computer will sit there stupidly for awhile.  Let it do so.  Go and grab a cup of coffee.
  21. When it is finished, it will return to the list of profiles you originally saw in Step 13.  Click OK.  You should be back at the System Properties box.
  22. Click OK.
  23. Log off.
  24. Log back in as Account 2.  If all has gone well, your profile will take forever and a day to load but it will be the profile as you left it and now you can figure out whether you want to rename the account, change the password, etc.

Why don’t you just (a) access the old account or (b) create an account using the old name?  Because Windows doesn’t recognize the old account – it doesn’t appear in the user manager any longer.  But if you try to create a new account with a name of one of your former profiles, Windows will stop you and tell you the name is already in use.  Like you didn’t know that already.  But the bridge between KNOWING that the name is in use, and being able to USE the name, that’s a bridge I didn’t come across.

In any event, this probably won’t help you.  If you’re reading this, you probably are the friend of someone who has this problem.  Because, of course, they don’t know to hit the key combination twice and get all of this to happen and aren’t dorky enough to have 2 computers.  So read through this and hopefully it will make sense; and then really think twice about helping them fix the problem, or whether to suggest they look at Linux or even a Mac.

If you’re really stuck, you may just need to RESTORE your system, reinstall your Windows, or look for a recovery utility like INSERT.

I’m going to go get another coffee!!

    David Whelan

    I improve information access and lead information teams. My books on finding information and managing it and practicing law using cloud computing reflect my interest in information management, technology, law practice, and legal research. I've been a library director in Canada and the US, as well as directing the American Bar Association's Legal Technology Resource Center. I speak and write frequently on information, technology, law library, and law practice issues.