After Virus and Trojan clean up of the Registry, I get the error - unable to log you on because of an account restriction

Posted on 2008-11-11
Last Modified: 2012-08-14
I was working on a machine remotely and was having an issue with the Windows Update Service not allowing me to set it to Automatic.  The Windows Update service was disabled.  After some research, I found the resolution here at Experts-Exchange.  Message ID 21615856

With this resolution, I searched the registry for the trojan/virus entry that was hooked into the IE AddOns.  I deleted all refrences to the file name that was listed.  After successfully acomplishing this task, I rebooted the Machine.

The machine rebooted and when I got to windows, the system was prompting me for a password for the user account  No password was initially assigned.  I can not access the system now.

Question by:DJBrotherDon

    Expert Comment

    Seems obvious but did you try just clicking ok without a password?
    LVL 59

    Expert Comment

    Well, maybe a first step in solving this problem is resetting the unknown password.  This site allows you to download files needed to create a bootable floppy disk or CD-ROM which contains a program that can be used to reset passwords on a Windows NT-based OS (such as WinXP and Vista):
    Offline NT Password & Registry Editor

    It is a rather "geeky" tool; not a nice Windows graphical user interface.  You might want to check this page for a demonstration of its use, with screenshots provided in the article:
    Reset lost Windows passwords with Offline Registry Editor

    There is also a video about using this tool here:
    Video: Reset Windows passwords with the Offline NT Password and Registry Editor


    Author Comment

    I have tried to reset the password on this machine for the owner account and the Administrator Account, however, the issue still exists.  The passwords were origionally blank, and now I have set the password and the system will not accept the passwords that I have set using the Offlie Registry Editor.
    LVL 59

    Expert Comment

    Well this question on the FAQ page suggests that blanking the passwords is the best option:

    It seems to change the password, but NT won't agree.
    The NTFS code wasn't that great after all (probably didn't write things properly)
    My code wasn't that great after all. (it didn't change or changed in the wrong place. The V struct is still marked "here be dragons..")
    Try blanking the password instead (menu selection 1), this may straighten things out. In fact, reports indicate: BLANKING RECOMMENDED!
    If it still won't work, see the previous solution.
    Blanking will probably be the only option in newer releases.
    LVL 3

    Accepted Solution

    Try this, it worked for me.
    Download a CD image from,
    Extract the image and Burn the Image to a CD
    This Will make a bootable copy of the Off-line NT Password & Registry

    On the affected PC Boot from this new CD

    Note: Do not type the brackets [ ], only the data in the Brackets
    Note: All Keys and commands are Case Sensitive
    Note:****** It is very important to make sure your spelling is correct and
    the case is correct****

    After the boot is complete, Press [1] and then press [Enter] to select the
    Boot Partition
    Then Press [Enter] to accept the Default registry Directory]
    Then Type [system] and press Enter
    Then Type [9] to invoke the Registry Editor

    Type [ls] to list the available keys

    You should see one or all of the following

    1 Type [cd ControlSet00x] and Press [Enter] (Replace the x with the actual
    ControlSet number that you see)
    2 Type [cd Control] and Press [Enter]
    3 Type [cd Lsa] and Press [Enter]

    4 Type [nv 7 Authentication Packages] and press [Enter]
    5 Type [ed Authentication Packages] and press [Enter]
    6 Type [msv1_0] and press [Enter]
    7 Type [--q] (two dashes) and press [Enter]

    Type [hive 0] and Press Enter
    Repeat Steps 1 - 7 for each ControlSet00x value that exists.

    After your last change press [q] to Quit then Press [Enter].
    Then Press [q] again and press [Enter]
    Then Press [y] and press [Enter] to write the data back to the registry

    This will Write the data to the Registry.
    If you get an error that umount was not successful, then type the command
    [umount all] and press [Enter]

    When you are finished, you should be at a prompt with just a Number Sign


    Remove the CD and Press [CTRL+ALT+DEL] to Reboot the computer
    You should be able to log into the computer at this point.

    Author Closing Comment

    Thank you for your solution.  These steps worked perfectly to correct my issue.  The Keys shown were deleted during the registry clean, and this solution put the necessary keys back.  Thank You.

    Author Comment

    Thank you for your solution.  These steps worked perfectly to correct my issue.  The Keys shown were deleted during the registry clean, and this solution put the necessary keys back.  Thank You.

    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Join & Write a Comment

    It is only natural that we all want our PCs to be in good working order, improved system performance, so that is exactly how programs are advertised to entice. They say things like:            •      PC crashes? Get registry cleaner to repair it!    …
    There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now