Solved

Administrator disabled Windows XP Pro with Windows STEADY STATE

Posted on 2009-07-07
10
890 Views
Last Modified: 2013-12-04
I run a network for a small charity, peer to peer networking and internet access via a firewalled router. I recently decided to bin AVG free and trial Outpost Network Security from Agnitum. This allowed me to remotely install antimalware from my network console.
One of the workstations which is used for public access has Windows Steady state installed.
Stupidly I forgot about steady state and remotely installed using an administrator equivelant.

The install failed and when I accessed the workstation on site the administrator account I had used locked me out with the message "Your account has been disabled.Please see your system administrator"

I did not install the original operating system and none of the passwords I believed to be valid will give me access to Administrator, even a null password. At this time no access to the machine is possible as all accounts administrator or limited are locked out.

The machine is a Dell and I have all of the original discs but no recovery disk.

HELP please!

I am not formally trained but have considerable experience of managing networks so can cope with technical issues reasonably easily.

0
Comment
Question by:ArobinB
10 Comments
 
LVL 1

Accepted Solution

by:
spider_com earned 250 total points
ID: 24793465
what you want.........................remove the administrator password or any installation

If you need to remove the administrator password so you use hirenc CD
0
 

Author Comment

by:ArobinB
ID: 24793820
Hi Spider com,

I am not sure what you mean by hirenc CD.

What I need is to access any administrator account so I can unlock and reverse the installation.

Booting into safe mode does not work and I cannot boot into a command prompt it just returns to windows logon.

R
0
 
LVL 3

Expert Comment

by:Goldsim
ID: 24793969
Unfortunatley the machine I am using will not allow me access to this website. I believe this is what he means.

www.hiren.info/pages/bootcd

If it does what I think it does, then it should be a bootable disk that resets your local administrator password for your machine so that you can access it.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 24794753
I used this program when i had this issue on an old desktop that was being replaced, and nobody knew the pwd.

http://home.eunet.no/pnordahl/ntpasswd/

worked fine for me, just be warned that it may render any pwd saved or encrypted files by the old admin password unusable, but it does let you into the account.
0
 

Author Comment

by:ArobinB
ID: 24795230
Thanks Guys,

I am waiting for a response from Hiren, I will get back to you to let you know how I get on. It may be a few days as I am offline for most of tomorrow.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:ArobinB
ID: 24822184
Thanks to Spider_com and goldsim for the Hiren solution. That allowed me to regain access to administrator and thus to use a known restore point. There is one remaining issue after which I will most definitely award points.

Having returned to a known state all my accounts are in place but have no password. I have looked through the microsoft services in local policy security settings but cannot see a setting which may have turned off the passwords. I used windows gate 1.1.

I have not yet applied passwords to those accounts, as I want to check with you guys first.

Look forward to hearing from you.
0
 
LVL 20

Assisted Solution

by:Iain MacMillan
Iain MacMillan earned 250 total points
ID: 24822333
i think the software will have nulled all the entries in the local SAM database as a means of giving you access, normally this is not an issue, as on a company system on a domain, the only local account is the local admin, which is 99% of the time the account you need access to.  In your case, all your accounts are local as its just a workgroup network, in which all the passwords have been nulled (by the sounds of it).

All i can suggest is you login as each account, and get the users in question to change their password via CTRL-ALT-DEL, or you can use the Computer Management applet under Admin Tools, and under Local Users and Groups, you can right click and Set Password, which will give you a warning about the effect of doing this (encrypted file loss etc).

Either way this should update the SAM database with the updated credentials.
0
 

Author Comment

by:ArobinB
ID: 24824525
I have achieved that by working back through wingate and have passworded access. However I have been unable to change the Administrators password. Is there anyway of doing this?
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 24837801
we seem to be going in circles here, how did you gain Admin access then??  The Hiren CD or the program i posted will nullify the local SAM (security access module) database entry for Admin, thus requiring that you do not need to know the pwd, its just erased/blanked, and you can set a new one.
0
 

Author Closing Comment

by:ArobinB
ID: 31600552
This has been a revelation to me as how insecure Windows passwords and admin account are.  Thanks but AAAHHH!!!!!
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
As a long-time IT Professional, the most important skill I have developed and consider to be my most valuable tool is Effective Troubleshooting. Step through my problem-solving procedure in this 10-step guide adapted from The Universal Troubleshooti…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now