Lost Admin Password (no Reformat)!!! Fix!!

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

A virus invaded my XP home network and changed my privelidges, then added a password protected administrator account. I was told I would need to reformat drive to get back access, and rid virus contamination. WRONG WRONG WRONG, all of these 'so called' experts can listen to ME now! My user account did not have admin rights, so I was unable to do much of any thing in the way of remedial action IE: no access to regedit, user properties, control userpasswords2, or restore, utilities. If I tried a message said...You do not have permissions, or misspelled command. Since I clicked a desktop icon, I knew I didnt misspell. So....if I RIGHT clicked the desktop icon, it had a 'run as" option, if I clik on that it opted: 'which user acct to run program?' if I selected my logon and unchecked the 'protect from unauth. activity" box I could run MOST desktop programs. Still no access to utilities that would help me though. After being told how impossible it was, and that I should debug , fdisk, and reformat volume, I rested a while (very beneficial for those who have been tearing out hair over 24 hours), I came to the soloution: I clicked Start, Programs, Accesories, System Tools, then I right clicked System Restore. Under the Shortcut tab, click Find Target. XP takes you to the folder the 'Restore' program icon is in, right click the rstrui.exe icon, the clik the 'run as' option then uncheck the 'protect my data.....' box. The utility should start. At this point you should restore to the farthest point back in time (preferably b-4 computers were invented!! <lol:>) then, let it complete the restore. If you have the "Luck of the Irish" as I did, it will accept the restore. After I did the restore my Start, Run, 'control userpasswords2' command functioned!! Needless to say at this point I was VERY EXCITED, and optimistic! I reset the admin pass to 'password' and restored my permissions to administrator in this utility. Next step was to reboot to safe mode, goto Start, Control Panel, User Accounts. Here I reset My logon to full permissions, removed the admins password(I can, because now I know it!) and all was well in Computerland. I rebooted to my normal logon, did a restore point save, go back to safe mode, verify all still copasetic, then in safe mode do a full check disk, and defrag. Now I am currently removing viruses (120 infected files, 118 removed), most of these files came from a password cracker download I got to gain access to a certain shareware program. You will NEVER get something for nothing, avoid these crackers!!! A few worms originated in signed java applets, IM files, and internet cookies, I will be more vigilant now.
 
scgrafx said:
A virus invaded my XP home network and changed my privelidges, then added
Click to expand...
a password protected administrator account. I was told I would need to
reformat drive to get back access, and rid virus contamination. WRONG WRONG
WRONG, all of these 'so called' experts can listen to ME now! My user
account did not have admin rights, so I was unable to do much of any thing
in the way of remedial action IE: no access to regedit, user properties,
control userpasswords2, or restore, utilities. If I tried a message
said...You do not have permissions, or misspelled command. Since I clicked a
desktop icon, I knew I didnt misspell. So....if I RIGHT clicked the desktop
icon, it had a 'run as" option, if I clik on that it opted: 'which user acct
to run program?' if I selected my logon and unchecked the 'protect from
unauth. activity" box I could run MOST desktop programs. Still no access to
utilities that would help me though. After being told how impossible it was,
and that I should debug , fdisk, and reformat volume, I rested a while (very
beneficial for those who have been tearing out hair over 24 hours), I came
to the soloution: I clicked Start, Programs, Accesories, System Tools, then
I right clicked System Restore. Under the Shortcut tab, click Find Target.
XP takes you to the folder the 'Restore' program icon is in, right click the
rstrui.exe icon, the clik the 'run as' option then uncheck the 'protect my
data.....' box. The utility should start. At this point you should restore
to the farthest point back in time (preferably b-4 computers were invented!!
<lol:>) then, let it complete the restore. If you have the "Luck of the
Irish" as I did, it will accept the restore. After I did the restore my
Start, Run, 'control userpasswords2' command functioned!! Needless to say at
this point I was VERY EXCITED, and optimistic! I reset the admin pass to
'password' and restored my permissions to administrator in this utility.
Next step was to reboot to safe mode, goto Start, Control Panel, User
Accounts. Here I reset My logon to full permissions, removed the admins
password(I can, because now I know it!) and all was well in Computerland. I
rebooted to my normal logon, did a restore point save, go back to safe mode,
verify all still copasetic, then in safe mode do a full check disk, and
defrag. Now I am currently removing viruses (120 infected files, 118
removed), most of these files came from a password cracker download I got to
gain access to a certain shareware program. You will NEVER get something for
nothing, avoid these crackers!!! A few worms originated in signed java
applets, IM files, and internet cookies, I will be more vigilant now.

==========================

You omitted a few of important points in your lengthy post:
- Read the countless posts in this NG that have "password" in
the subject line. Most of them would have fixed your machine
in no time at all.
- Install a good virus scanner.
- Keep the virus scanner up-to-date at all times.
- Treat your PC like your car. How many sets of keys do you
have for your car? Why more than one? How many admin
accounts do you have for your PC?
 
To begin with. Pegasus... I tried every post for a fix ,none worked, second, I had zero passwords set, and no admin accts. But if you goto safe mode, youll see the xp admin, it is not removable. I never put a password in. Also I have (had) current mcaffee, dumped it for norton. mac found 0 virus infected files, norton 120. You must be 1 of those 'experts' who, in the chat forum could only quip about how i should have sprung for xp pro. I feel lots of folks will solve their problem the same way i did. Thanks for input though.
 
Pegasus gave you some good advice. But I wouldn't expect someone with a blank admin password to realize that

----- scgrafx wrote: ----

To begin with. Pegasus... I tried every post for a fix ,none worked, second, I had zero passwords set, and no admin accts. But if you goto safe mode, youll see the xp admin, it is not removable. I never put a password in. Also I have (had) current mcaffee, dumped it for norton. mac found 0 virus infected files, norton 120. You must be 1 of those 'experts' who, in the chat forum could only quip about how i should have sprung for xp pro. I feel lots of folks will solve their problem the same way i did. Thanks for input though.
 
scgrafx said:
To begin with. Pegasus... I tried every post for a fix ,none worked,
Click to expand...
second, I had zero passwords set, and no admin accts. But if you goto safe
mode, youll see the xp admin, it is not removable. I never put a password
in. Also I have (had) current mcaffee, dumped it for norton. mac found 0
virus infected files, norton 120. You must be 1 of those 'experts' who, in
the chat forum could only quip about how i should have sprung for xp pro. I
feel lots of folks will solve their problem the same way i did. Thanks for
input though.
===========================

Many posts quote this tool to resolve password problems:

http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html

It would have fixed your problem too. Other posts suggest
that you could rename the SAM file. This method never
fails.
 
I feel compelled to add my own two-cents here . . .

Newsgroups are a colaborative activity and provided as a community resource.
Microsoft has kindly hosted this forum and 'invited' those with knowledge
and expertise to 'help' you with problems and questions. I am not aware
that any of the MVPs volunteering their time and expertise are being 'paid'
to sit here and be rudely talked back to.

I do not personally know Pegasus, nor am I one of those 'experts'. But I do
enjoy helping out where I can . . . and I especially like learning from
others in this forum. I think you will find if you come here demanding
answers . . . you will probably get few replies. If you ask for help . . .
most of us will bend over backwards trying to help you. It is useless to
blame Microsoft and its' unofficial representatives for all your problems.
The user bears some responsibility to practice safe computing. For example .
.. . you bash McAfee and praise Norton, yet both are good AV products. You
ever stop to think that because of a missing firewall or a careless click in
an email or website that you may have introduced an exploit that took out
McAfee . . . and would have taken out Norton had it been installed?

We are here to help and learn ourselves, and offering possible solutions to
your problem is an iterative process . . . one you sidetrack when you refer
to someone as a 'so-called-expert'. My two-cents and flames will be
cheerfully ignored.

Rick

To begin with. Pegasus... I tried every post for a fix ,none worked,
second, I had zero passwords set, and no admin accts. But if you goto safe
mode, youll see the xp admin, it is not removable. I never put a password
in. Also I have (had) current mcaffee, dumped it for norton. mac found 0
virus infected files, norton 120. You must be 1 of those 'experts' who, in
the chat forum could only quip about how i should have sprung for xp pro.
I feel lots of folks will solve their problem the same way i did. Thanks
for input though.
Click to expand...
 
Thanks for your kind words. I bear the OP no grudge: I skipped
over the "those experts" part but I noted the "thanks for your
input" at the end. As you say: this is a forum, and I hope that
my small contribution helps the scores of other users who
may have a problem with their password.


Rick said:
I feel compelled to add my own two-cents here . . .

Newsgroups are a colaborative activity and provided as a community resource.
Microsoft has kindly hosted this forum and 'invited' those with knowledge
and expertise to 'help' you with problems and questions. I am not aware
that any of the MVPs volunteering their time and expertise are being 'paid'
to sit here and be rudely talked back to.

I do not personally know Pegasus, nor am I one of those 'experts'. But I do
enjoy helping out where I can . . . and I especially like learning from
others in this forum. I think you will find if you come here demanding
answers . . . you will probably get few replies. If you ask for help . . ..
most of us will bend over backwards trying to help you. It is useless to
blame Microsoft and its' unofficial representatives for all your problems.
The user bears some responsibility to practice safe computing. For example ..
. . you bash McAfee and praise Norton, yet both are good AV products. You
ever stop to think that because of a missing firewall or a careless click in
an email or website that you may have introduced an exploit that took out
McAfee . . . and would have taken out Norton had it been installed?

We are here to help and learn ourselves, and offering possible solutions to
your problem is an iterative process . . . one you sidetrack when you refer
to someone as a 'so-called-expert'. My two-cents and flames will be
cheerfully ignored.

Rick




--
inforsec (at) anthonians (dot) org
Please reply within Newsgroup so that we may all learn


----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption
Click to expand...
=---
 
Like I say . . . the tenor just struck me as rude and arrogant for a
resource that could 'dry' up just like that. I felt the need to say
something as one who does appreciate yours' and every other contributors'
efforts to make it a little easier. No one could possibly know it all. I
have learned more from these forums than any MCSE ExamCram study-guide or
textbook. My clients benefit from your knowledge and sometimes
unacknowledged efforts. My thanks and kudos.

Rick
 
I dont see any where in MY post, where I bashed anyone. My only point was for those who have gotten no useful help here, to have another option to try. As I wrote, I tried all fixes posted on this, and other boards, as well as MS Pay-Per-Call help, and Dell support techs. They all said to dump and reformat. For 15 gigs of data, I decided to try myself, and fixed it. I'm sorry if you guys were offended, but that was not the intention. Many of the persons in the forum were very helpful, it's just that none of their soloutions worked. And by the way, I demanded nothing, I waited patiently in the expert zone chat room 15 minutes for a turn to ask questions. All I hope is that 1 person who was not helped in any other way gets their problem resolved from my post. Then you folks who are patting each other on the back, can do it in someone elses posting. A heart-felt thank you goes out to all persons who took time to give me advice when I was needy
SC
 
you could have used a linux boot cd. as linux loads it will load the drivers for the hdd ( fat, fat32, ntfs, scsi...) and get you to a command prompt. the cd image i have has a cool cmd line util that will allow you to blank the paswword for any account in the local sam. then you reboot and logon as the admin with a blank password. done in under 5 minutes.
 
Back
Top