Solved

Caller connected to Win XP computer and modified it so password is changed, makint it unbootable

Posted on 2013-12-03
8
184 Views
Last Modified: 2013-12-24
A caller connected to the Compaq Presario over the internet.  While talking with the owner on the telephone, the owner was told she had to pay $179 to extend the OS license for 2 years.
The owner refused to pay.  The caller said she would have to reboot the machine to disconnect him.  When she rebooted, the machine password would no longer work.

I used a password reset program in Spotmau suite.  It said the password for all users had been set to "blank."  When I tried to reboot, I got a dialogue box asking for the password.  I tabbed to the "ok" button and clicked in.  The blank password did not work.   I tried another password reset program from Hiren's CD.  It reported success at making the administrator password "blank."   The result was the same.  Each time I reboot, the machine asks for a password and I have none other than the "blank".  

My question is who knows how to correct the problem.  And, also who knows if the problem can be solved by using the Compaq on board "PC Recovery" programs to Reinstall the Windows XP.  It is XP Sp2.  I loaded Sp3, but found out the the AMD Sempron CPU chip cannot run XP Sp3.  Had to do a PC Recovery, load the sp2 back, and all the software.  Would like to avoid that much difficulty if something less taxing will work.


\
0
Comment
Question by:JLBlake
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
8 Comments
 
LVL 14

Expert Comment

by:dmwynne
ID: 39694321
I have always used NT offline password recovery:

http://pogostick.net/~pnh/ntpasswd/

Not sure if this is the one you used from Hiren's cd.  If so, did you choose the option to unlock and clear the built-in administrator account?  I'm assuming you are logging into a local account, the local administrator and it says (This Computer) at the login screen.
0
 

Author Comment

by:JLBlake
ID: 39694475
I was careful to choose default options in the password reset.  I am somewhat of the opinion that the password was changed and in fact its location was also changed so that traditional reset programs  do their work in one place and the modified password is located somewhere else.  I feel sure that the two different applications I used to reset the password did in fact carry out their intended functions, however the intended function did not correct the need expressed by a small dialogue box asking for the password input.
0
 
LVL 6

Expert Comment

by:donnk
ID: 39694782
change the password, then safe mode right away. The machine will have a RAT most likely calling home to the scammer, disconnect it from the internet and scan with malwarebytes, avast, trendmicro etc
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:JLBlake
ID: 39699255
Maybe I have not made the problem clear enough.  Safe or regular mode is not available because the machine request entry of the password before you get to any operational situation so that any application can be run.  Malwarebytes, Spybot, and others are unavailable because whatever was done to the machine, requires the successful entry of a password before the system displays anything on the start desktop.  In safe and regular mode, the stopping point is before one gets to any options that relate to normal operations options.
0
 
LVL 14

Expert Comment

by:dmwynne
ID: 39699293
Is this a BIOS password then?  The prompt for password comes up before you see the regular windows login.  If that seems to be the case you can open the machine up and take out the CMOS battery and wait 5 minutes and that should clear the password.

Search "BIOS password reset your computer model" on google for more info on the specific procedure for that computer.
0
 

Author Comment

by:JLBlake
ID: 39706673
It is not a bios password issue.  The request for a password comes up after the first appearance of the Windows logo that shows during the early boot period.  It is almost as if it runs half the boot process for Windows after which it stops to ask for a password.  Despite the blanking of the password in the windows accounts, it still stops before getting to any login point at which it may ask for a password.

I am near the point running the pc recovery product that is loaded on the small partition on the disk that has the boot partition.   I am hopeful that the pc recovery will work, even though it means
0
 

Accepted Solution

by:
JLBlake earned 0 total points
ID: 39723043
I was able to correct the problem by running the built-in pc restore.  It took a long time, meaning I had to reload all the software which had been written over  by the reloading of the os.  Reloading the os, wiped out the demand for a password or sign in.
0
 

Author Closing Comment

by:JLBlake
ID: 39737666
Nothing else reported to me seemed to offer a serious attempt to solve the problem.  I finished to reset and the machine is working well.  I do not want a bunch of emails from EE saying I have ignored the question.
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many times while working on a computer regardless of any Operating System, lag and crashes seem to creep in, hindering your working speed. Sometimes, it can also cause your work to be lost unexpectedly and as a result, you are unable to meet your de…
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question