Connect with us

Bad XP problem

Discussion in 'Electronic Repair' started by JURB6006, Aug 24, 2004.

  1. JURB6006

    JURB6006 Guest

    This has to do with a lost admin password in XP. The PC won't boot, it locks
    before even running GUI. There are alot of important files in a private folder,
    stuff the guy would pay money to recover. Without the admin PW we can't repair
    the OS with the XP CD, and we were the ones who put it in. It's possible that
    the SAM files are corrupt.

    I wasn't that confident that anything would work, but I've tried installing a
    fresh boot HD and loading it fresh with XP, cloning the drive and then letting
    XP install over itself, but loading from either it won't give me access to the
    protected files for the owner's account. We know the PW for that account, but
    the admin, when you go into safe mode, well I PW protected that as well. (few
    people know you can do that)

    I've read that the NTFS doesn't help either, and when I go to access that
    directory it gives a MB beep. Doesn't sound promising.

    Could I possible copy the SAM files to the clone, which boots ? Then I could
    maybe use the original login. Another possiblility would be a registry merge.
    Do you think any of this might work, or am I just fucked ?


    FYI, the PC is : P4 2600HT on an Asus MB with 512MB and 2 80GB Maxtors, a
    Plextor DVD burner and a region/authentication free DVDROM, authentic ATI
    Radeon 7500 (64MB) w/TV tuner and vid and SVID outputs. The Asus has onboard
    netcard and Ali sound. Once it's up and running I'm adding a Firewire card,
    which is one of the few things other than RAID which this MB lacks. Even so,
    there's about $1000 tied up in this box, about a year ago. It might be worth
    saving. :)

    Thanks in advance for any help.

    JURB
     
  2. Bob Urz

    Bob Urz Guest

    http://kennethhunt.com/archives/000640.html

    If that don't work, just google "XP password crack"

    Bob
     
  3. Eugen T

    Eugen T Guest

    Why don't you just stick this drive as a slave drive in another machine and
    then just copy the files that you want?
     
  4. If it's NTFS, and the files aren't readable by administrators, then there's
    no way he can re-create the account that owns them. Even if he creates an
    account with the same name on the same host, it won't have the same internal
    identifier.

    OTOH, the files probably *are* readable by administrators, so your advice is
    good advice. And administrators can take ownership of files in NTFS even if
    they don't own them, and then change permissions.

    But I'm fairly sure there are utilities for correcting a lost administrator
    password. Google for them.
     
  5. Jerry G.

    Jerry G. Guest

    There are some legitimate softwares that can allow you to reset any level of
    password in XP. The companies that supply these types of softwares will
    charge for their use. I have no idea about the quality of the shareware
    ones.

    Do a Google search for lost password for XP, or some other similar
    combinations of these types of searches.

    --

    Jerry G.
    ==========================


    This has to do with a lost admin password in XP. The PC won't boot, it locks
    before even running GUI. There are alot of important files in a private
    folder,
    stuff the guy would pay money to recover. Without the admin PW we can't
    repair
    the OS with the XP CD, and we were the ones who put it in. It's possible
    that
    the SAM files are corrupt.

    I wasn't that confident that anything would work, but I've tried installing
    a
    fresh boot HD and loading it fresh with XP, cloning the drive and then
    letting
    XP install over itself, but loading from either it won't give me access to
    the
    protected files for the owner's account. We know the PW for that account,
    but
    the admin, when you go into safe mode, well I PW protected that as well.
    (few
    people know you can do that)

    I've read that the NTFS doesn't help either, and when I go to access that
    directory it gives a MB beep. Doesn't sound promising.

    Could I possible copy the SAM files to the clone, which boots ? Then I could
    maybe use the original login. Another possiblility would be a registry
    merge.
    Do you think any of this might work, or am I just fucked ?


    FYI, the PC is : P4 2600HT on an Asus MB with 512MB and 2 80GB Maxtors, a
    Plextor DVD burner and a region/authentication free DVDROM, authentic ATI
    Radeon 7500 (64MB) w/TV tuner and vid and SVID outputs. The Asus has onboard
    netcard and Ali sound. Once it's up and running I'm adding a Firewire card,
    which is one of the few things other than RAID which this MB lacks. Even so,
    there's about $1000 tied up in this box, about a year ago. It might be worth
    saving. :)

    Thanks in advance for any help.

    JURB
     
  6. Sideshow Bob

    Sideshow Bob Guest

    You might try this:
    http://home.eunet.no/~pnordahl/ntpasswd/
     
  7. Hi!

    Unless I missed something in your post (which is quite possible) why don't
    you just set the drive as a slave and pop it into a working PC.

    You might have to forcibly redefine some disk and folder permissions if the
    files are in a "private" folder as you say. I don't think XP still has the
    ability to do this, but Windows NT and 2000 do. If you right click a folder,
    choose Properties and then choose the "Permissions" tab you can "force" your
    way into the files. I do believe you must be an administrator or a member of
    the administrators group.

    This may not be the best way, but I've had to do it before to back up drives
    where the contents were in danger because of viruses or other big problems.

    If and when you get the box up and running, it might pay to find a more
    competent OS of your choosing. Personally I use Windows 2000 Pro because
    there is just too much I don't care for in XP.

    William
     
  8. Hi!
    By default I don't think XP makes a user's files and folders readable by any
    member of the administrators group. Looking at the permissions settings of
    an XP volume on a Win 2K Pro machine seems to back this theory up. What
    shows up are long strings of letters and numbers that I believe are a user's
    SID. (Pardon me if that's incorrect terminology, but I think it is right...)

    In any event, it is easy to "forcibly" change permissions on files in
    Windows 2000 and possibly even NT. I don't know that this functionality
    exists in XP, and if it does they have moved it.

    If you change the file or folder permissions so that "whatever" user level
    can read them, the change will be in effect when the XP system is restored
    to functionality.
    Yep.

    William
     
  9. If the hdd is put in another working xp/2k system, as others have suggested,
    the files should be accessible <except> if encryption has been applied to
    them.

    In that case, the password for the administrator must be reset, there a
    number of linux boot disks that will do this ( assuming syskey is not
    enabled in the registry), when the administrator password is reset ( I
    usually reset to blank ).

    Then log in as the administrator, right click on the folder with encrypted
    files, slect the advanced button and clear the tick box "encrypt contents to
    secure data". After the administrator account has been hacked, reinstalling
    XP is then in order. The forgoing assumes that a user other than
    administrator has encrypted the files and that computer has been a member of
    a workgroup.

    HTH

    Baloo
     
  10. JURB6006

    JURB6006 Guest

    Thanks all;

    I have couple more options and some reading to do.

    The next time I build a custom high end PC for someone I will be charging quite
    a bit more, live and learn.

    As someone said, I might be able to take "possesion" when in safe mode, if so,
    problem solved.

    My next question is, would doing this on a clone cause NTFS put a stop to it ?
    This machine is NTFS, the guy said make it secure, now I'm having trouble
    getting his stuff ! Problem is he let the kids use it.

    I'll read those links, try a few more things and get back to you. Thanks again.

    JURB
     
  11. Let me suggest a completely different approach.

    NTBACKUP can read any file regardless of its ownership and permissions.

    NTBACKUP can then restore the files wherever you want, and whether to
    restore the original ownership and permissions is optional.

    Further, ROBOCOPY (a Resource Kit utility, free) has an option (maybe /B)
    that gives it the same super-powers as NTBACKUP, when run by an
    administrator.
     
  12. Guest

    I just had a similar problem. I was able to use the
    "GetBackData4NTFS" program. It took quite a while to read the disk (a
    120 gig drive).
     
  13. Art

    Art Guest

    Very interesting scenario and resolve, hopefully it works when the second
    edition updates are finally installed!! Been BETA testing it for a while
    and like some of the embellishments but can still make it crash!! More fun
    with these infernal machines!!
    Also had a sys that I had totally configured for a customer, at their
    request installed both admin and user passwords as well as my personalized
    bios password.
    They called back about a week later telling me that the son had gotten into
    the unit and messed it up again. Asking who gave him the information the
    customer told me that they had given him the admin password by mistake.
    My respond was to ask them if the still had the emergency boot disk that I
    gave them. response was yes, then I asked them to boot the system with that
    disk and wait until the A> came up.
    At which time walked them thru the FDISK functions and the FORMAT
    functions. When the unit rebooted they said," but now all we get is the C>
    on the screen".
    My response was to go buy what operating system they wanted to install, the
    application programmes, and have at installing it. That since the system
    recognized the C drive that it was functional. End of story!!~
     
  14. [Custom-configured Windows computer...]
    Right... the owner has to take *some* responsibility...

    The worst are machines that have been messed up by a "friend" or family
    member who is into online pornography. I've cleaned one or two such
    machines up. Porn sites are apparently *full* of spyware and malware. Or
    maybe the person who is into porn is also into clicking everything no matter
    what it says!
     
  15. Art

    Art Guest

    Totally Agree!! Seen some that appropriate scanning and blocking software
    has been installed only to find out the user does not apply them on a
    regular basis. One customer brought his unit over and said that in slowly
    just stopped working. Ran a couple different anti_virus programmes on it
    only to find out there were in excess of 40 nasties he had in downloaded in
    a 6 month period. Then ran the spy checking programmes, that already were
    installed, to find over 600 references to those nice little tidbits. Ran
    these diagnostic and repair programmes over a two week period to finally
    clean all the gook of the thing. Made an appointment with him for a two hour
    tutorial on how to protect his system from these things with the tools he
    had already purchased. Really makes one wonder if computers should be
    universally accessible to all??
     
  16. Chaos Master

    Chaos Master Guest

    Michael A. Covington dumped core:
    I end up placing entries on my HOSTS file, to block some porn sites.

    Like this:

    127.0.0.1 www.crappysite.com
    127.0.0.1 <the site I want to block>

    and I use some extensions in Mozilla to block banners from porn sites.

    []s
     
  17. Good technique, but I'm not sure of the human aspect. Is this to help
    yourself resist temptation, or to keep your customers from getting tangled
    up in those sites, or what?
     
  18. Ms_Squiggles

    Ms_Squiggles Guest

    Why not just get hold of a Knoppix disk, boot from that and copy the files
    off the HDD to either CD, another HDD, or another computer if you have
    a NIC in the one with the scrambled O/S

    Pip
     
  19. JURB6006

    JURB6006 Guest

    Thanks, but I've already recovered the files by installing XP over the top of
    it self and taking possesion of them in safe mode as admin. The only reason to
    save the old OS now is drivers because the guy lost his disks.

    Note the whole operation was done on a clone, the original drive is still in
    the same condition.

    JURB
     
  20. Also, would Knoppix have been able to break Windows' security? As I
    understood it, these were files with owners and limited permissions.
     
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Electronics Point Logo
Continue to site
Quote of the day

-