After Virus and Trojan clean up of the Registry, I get the error - unable to log you on because of an account restriction

I was working on a machine remotely and was having an issue with the Windows Update Service not allowing me to set it to Automatic.  The Windows Update service was disabled.  After some research, I found the resolution here at Experts-Exchange.  Message ID 21615856

With this resolution, I searched the registry for the trojan/virus entry that was hooked into the IE AddOns.  I deleted all refrences to the file name that was listed.  After successfully acomplishing this task, I rebooted the Machine.

The machine rebooted and when I got to windows, the system was prompting me for a password for the user account  No password was initially assigned.  I can not access the system now.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Seems obvious but did you try just clicking ok without a password?
Well, maybe a first step in solving this problem is resetting the unknown password.  This site allows you to download files needed to create a bootable floppy disk or CD-ROM which contains a program that can be used to reset passwords on a Windows NT-based OS (such as WinXP and Vista):
Offline NT Password & Registry Editor

It is a rather "geeky" tool; not a nice Windows graphical user interface.  You might want to check this page for a demonstration of its use, with screenshots provided in the article:
Reset lost Windows passwords with Offline Registry Editor

There is also a video about using this tool here:
Video: Reset Windows passwords with the Offline NT Password and Registry Editor

DJBrotherDonAuthor Commented:
I have tried to reset the password on this machine for the owner account and the Administrator Account, however, the issue still exists.  The passwords were origionally blank, and now I have set the password and the system will not accept the passwords that I have set using the Offlie Registry Editor.
MSSPs - Are you paying too much?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

Well this question on the FAQ page suggests that blanking the passwords is the best option:

It seems to change the password, but NT won't agree.
The NTFS code wasn't that great after all (probably didn't write things properly)
My code wasn't that great after all. (it didn't change or changed in the wrong place. The V struct is still marked "here be dragons..")
Try blanking the password instead (menu selection 1), this may straighten things out. In fact, reports indicate: BLANKING RECOMMENDED!
If it still won't work, see the previous solution.
Blanking will probably be the only option in newer releases.
Try this, it worked for me.
Download a CD image from,
Extract the image and Burn the Image to a CD
This Will make a bootable copy of the Off-line NT Password & Registry

On the affected PC Boot from this new CD

Note: Do not type the brackets [ ], only the data in the Brackets
Note: All Keys and commands are Case Sensitive
Note:****** It is very important to make sure your spelling is correct and
the case is correct****

After the boot is complete, Press [1] and then press [Enter] to select the
Boot Partition
Then Press [Enter] to accept the Default registry Directory]
Then Type [system] and press Enter
Then Type [9] to invoke the Registry Editor

Type [ls] to list the available keys

You should see one or all of the following

1 Type [cd ControlSet00x] and Press [Enter] (Replace the x with the actual
ControlSet number that you see)
2 Type [cd Control] and Press [Enter]
3 Type [cd Lsa] and Press [Enter]

4 Type [nv 7 Authentication Packages] and press [Enter]
5 Type [ed Authentication Packages] and press [Enter]
6 Type [msv1_0] and press [Enter]
7 Type [--q] (two dashes) and press [Enter]

Type [hive 0] and Press Enter
Repeat Steps 1 - 7 for each ControlSet00x value that exists.

After your last change press [q] to Quit then Press [Enter].
Then Press [q] again and press [Enter]
Then Press [y] and press [Enter] to write the data back to the registry

This will Write the data to the Registry.
If you get an error that umount was not successful, then type the command
[umount all] and press [Enter]

When you are finished, you should be at a prompt with just a Number Sign


Remove the CD and Press [CTRL+ALT+DEL] to Reboot the computer
You should be able to log into the computer at this point.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DJBrotherDonAuthor Commented:
Thank you for your solution.  These steps worked perfectly to correct my issue.  The Keys shown were deleted during the registry clean, and this solution put the necessary keys back.  Thank You.
DJBrotherDonAuthor Commented:
Thank you for your solution.  These steps worked perfectly to correct my issue.  The Keys shown were deleted during the registry clean, and this solution put the necessary keys back.  Thank You.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows XP

From novice to tech pro — start learning today.