Nothing to do with media - just a lost win7 admin pw at DVinfo.net

Go Back   DV Info Net > And Now, For Something Completely Different... > The TOTEM Poll: Totally Off Topic, Everything Media

The TOTEM Poll: Totally Off Topic, Everything Media
Let's talk about anything media related.


Reply
 
Thread Tools Search this Thread
Old August 27th, 2011, 02:02 PM   #1
Major Player
 
Join Date: Nov 2001
Location: New York, NY
Posts: 355
Nothing to do with media - just a lost win7 admin pw

I'm posting this cry for help here since DV Info has been a trusted friend through the years. The post is long, but I hope clear. It has nothing to do with DV or media, except that because I've "lost" my Administrator status in Windows7, I can't even install Adobe CS5.5. Here we go:

Here is my nightmare.

The whole problem started when I found unknown user IDs on my home network. It was in trying to reconfigure the network when the “stuff” hit the fan. After fiddling for nearly a day I created a new admin profile. I don't recall giving it a password, but now I can't run most utilities, Firefox, or even do a system restore!

Let me take you on a visual tour of my headache.

Let’s say I try to run the utility 7Smoker.exe. Since it’s a utility that needs admin privileges, I get this message:
[ATT #1--> OZ66.JPG]
That “OZ66” is an account I created in an attempt to get my admin profile back, but I never gave it a password since I’m the only one using this system. Anything I enter, even leaving it blank, will yield the wrong ID or PW error ---and this happens even when running in safe mode.

Okay, let’s backup a little and go to the credentials manager, and here is what I get:


The “Generic Credential” at the bottom is a total mystery to me.

Let’s move to advanced security settings:

I don’t know who the “Authenticated Users” are, but I do see “Administrators”. It was on this screen that I originally found users with long alphanumeric names. I deleted them.

Finally we move to User Groups – a real doozey since I haven’t a clue who or why most of these “users” are here. I know I most have created them in the past, but why, when?

You can see one of those alphanumeric users at the top. Most of these “users” are a total mystery to me.

By the way, I did create a “password retrieval disk” when I created “OZ66”, and the file is where I placed it – in one of my external drives: userkey.psw and it’s 1.5KB. The problem is that I have no idea how it’s supposed to run. I’ve tried restoring, but no luck.

That is all I can supply you with at the moment. When I boot in safe mode the default user is “OZ Standard User”.

Please help!!!

P.S. Apologies for the size of the graphics. Next time I'll reduce them ahead of time.

Ozzie Alfonso
NYC
__________________
Ozzie Alfonso
www.ozziealfonso.com
Ozzie Alfonso is offline   Reply With Quote
Old August 31st, 2011, 06:37 AM   #2
Inner Circle
 
Join Date: Feb 2009
Location: Brisbane, Australia
Posts: 2,257
Re: Nothing to do with media - just a lost win7 admin pw

Given the unknown user IDs that you have found, it would be a fair assumption that your computer has been compromised. You could try fixing it yourself but would be up against people who have a greater knowledge than you do.

My advice:

1. Backup all your data to external drives.

2. Wipe the hard drive and re-install Windows and all service packs.

3. Re-install software and copy your data files back over. Only now do you finally connect the computer to the internet again.

4. Don't install 7Smoker.exe ever again. By the results of a Google search it looks like a dodgy app, and some sites regard it as malware. (Needless to say: don't install "free" smiley face toolbars or similar crapware.)

5. Neither should anyone reading this post ever use pirated software. If an evil hacker is clever enough to crack and defeat the licensing systems in modern software then they are also clever enough to insert their own payload in to the finished package. The end-user installing the illegal copy of the software wouldn't be savvy enough to even think that there could be a problem. Or that the software really doesn't come for "free" when all things are considered.

6. Properly document your usernames and passwords.

This will give you a good start in terms of recovery. Let's see how you go.

Andrew
Andrew Smith is offline   Reply With Quote
Old August 31st, 2011, 06:45 AM   #3
Inner Circle
 
Join Date: Feb 2009
Location: Brisbane, Australia
Posts: 2,257
Re: Nothing to do with media - just a lost win7 admin pw

Just did a bit more searching on Google and 7Smoker.exe is supposed to be an app that speeds up Windows. And people fall for it.

It may well be the mechanism by which the computer was compromised. In fact, out of anything it would be the one that I would be putting my money on as to how the computer got owned.

Andrew
Andrew Smith is offline   Reply With Quote
Old September 1st, 2011, 10:55 AM   #4
Inner Circle
 
Join Date: Feb 2007
Location: Apple Valley CA
Posts: 4,866
Re: Nothing to do with media - just a lost win7 admin pw

If you've got a virus/malware issue, you might consider pulling the drive, connecting it to another machine, run a couple good virus scanners on the drive while it's not the "system" drive, and seeing if they can clean the infections - one of the few ways I've found to clean some of the very nasty viruses that seem to be floating around, many under the guise of some software that's supposed to improve your machine, or protect it or whatever....

The newer viral infections seem to be really good at locking you out of your own system, so trying to eradicate the infection on a "live" system/drive is like putting out a burning building while standing on the roof... not likely to turn out well... and potentially hazardous.
Dave Blackhurst is offline   Reply With Quote
Old September 1st, 2011, 04:08 PM   #5
New Boot
 
Join Date: Jan 2008
Location: Northridge, CA
Posts: 21
Re: Nothing to do with media - just a lost win7 admin pw

Why not look into whether you can reset the admin p/w by using a jumper to short two pins on the motherboard?
Howard Harrelson is offline   Reply With Quote
Old September 1st, 2011, 04:23 PM   #6
Major Player
 
Join Date: May 2007
Location: Alpharetta, Georgia, USA
Posts: 758
Re: Nothing to do with media - just a lost win7 admin pw

Quote:
Originally Posted by Howard Harrelson View Post
Why not look into whether you can reset the admin p/w by using a jumper to short two pins on the motherboard?
What you are suggesting applies to the BIOS Admin & User passwords, not the OS passwords.
Bill Koehler is offline   Reply
Reply

DV Info Net refers all where-to-buy and where-to-rent questions exclusively to these trusted full line dealers and rental houses...

Professional Video
(800) 833-4801
Portland, OR

B&H Photo Video
(866) 521-7381
New York, NY

Z.G.C.
(973) 335-4460
Mountain Lakes, NJ

Abel Cine Tech
(888) 700-4416
N.Y. NY & L.A. CA

Precision Camera
(800) 677-1023
Austin, TX

DV Info Net also encourages you to support local businesses and buy from an authorized dealer in your neighborhood.
  You are here: DV Info Net > And Now, For Something Completely Different... > The TOTEM Poll: Totally Off Topic, Everything Media

Thread Tools Search this Thread
Search this Thread:

Advanced Search

 



Google
 

All times are GMT -6. The time now is 09:47 PM.


DV Info Net -- Real Names, Real People, Real Info!
1998-2017 The Digital Video Information Network