I'm very much a beginner to all this, and it's had to happen rather than me wanting to know stuff out of curiosity... Situation is this. We run a Win 2k machine at work, and the fool who used to run the system has vanished, letting us all down very badly, and he didn't tell us the administrator's password. I'm left to try and fix all he's done, but this is a complete pain. We need to get the data that he had stashed away under his user name (as administrator), so a format is out of the question.

Is there a way of doing it?

I've trawled so many sites, and this one looks like it has the best minds in it, and I would really like to enjoy some of my holiday with my family, as so far I've worked every day trying to figure this out.

We do have access as guests to the system, so we at least have access to some things, but it won't even let us create new templates on word.

Is there a way to prevent anyone from re-establishing themselves as the only administrator?

I'd appreciate advice from you guys, as you seem like a very good bunch who know where it's at.

Please help me!!!

I am going to do some more looking into this but i am sure you have been looking back to see if anyone replyed yet so that is why i am posting this now, so you would know someone is working on it...It seems to me though if you can log into the computer you can put something on there to sniff out the password that the person had set up.... Plus was this guy an admin? because whoever your current admin is should be able to get ahold of the password or he should know a way around this . or maybe this computer is not even networked and that would be why there is all the trouble because there is no logs...I will come up with something for you though..if its gonna help or not..time will soon tell

ok..i read your post again and i am assuming you are not on a network so logs are out of the question so here are my ideas

1. Take out the hard drive and install in a new box as a slave drive-->this should give you access to the data to either store on that computer or if you have a zip drive or something like that you can put it there.

2. This link goes to Access Data (password recovery) it says that it works for Win NT doesnt say for 2000 but may work...click HERE (http://www.accessdata.com)

of course now that i am looking for them i cant find any good free ones ... plus i am at work so i cant use my workstation to do a search for password sniffer or i will get busted and my dial up is crazy slow

Just do a search on google for password sniffer , password recovery maybe even hacking password... find a program and download....

I hope this helped

Hi. I can't thank you enough for helping me. We are a very small community organisation, and unfortunately, he was the only administrator. I'm now taking on that role (and learning a lot) but I'm very used to Win 98, and 2K is a new mystery for me to learn. The problem in our game is there are not many of us who are very knowledgeable about computers, there are only about 4 of us working on a day to day basis, one of whom is the guy who hasn't been seen or heard from for about a month now. It IS on a network, if that's any use, but I will try getting another computer with 2K on to install the drive as a slave.

Thankyou again.

try lc3 l0pht crack might be able to crack the admin password maybe im wron but give it a try.

Yohev,

You're in luck, dude'. Check this link out for a well written tutorial on cracking 2000 domain passwords. The solution is not as easy as on NT 4 but it is do-able, just takes time.

Good Luck

Cracking user passwords in Windows 2000 (http://63.88.172.96/Articles/Index.cfm?ArticleID=9186&SearchString=cracking%)

Yohev,

Sorry, I didn't think of this until now...

Is there anybody in your company that is a member of the administrator's group? If so, then that person should be able to access the ADUC on one of your domain controllers and then change the password for the administrator user.

Did your former administrator create a custom MMC (Microsoft Management Console) for the sole purpose of administrating users and passwords? That is a remote possiblity you should check.

I can't believe that guy left you hanging like that. That's just ignorant.

S>

Windows 2000 creates a "DUMP File" . Im pretty sure thats what its called. You can download a prog that examines the dump file and cracks the password for you. It takes like 10 hours but if you really need it it will be worth it. If anybody out there knows where to download these dump file programs post a reply.
Later

:) Well, the pace is hotting up thanks to you guys, you have been great so far. I thought I'd update you on what's happened since I last posted.
I'm using one of work's laptop computers, which has Win 2k on. We are mainly a laptop based project, as most of our work is done out in the community. Most of the computers are Win 2k, we have four laptops that are, and one tower which started this off.
Only one of the laptops has someone else with administrators rights on alongside the old administrator, and I can't get that yet, as they went away for the holidays.
I have used the laptop to try all the different tools on, and unfortunately none of them work, L0pht requires me to be a member of the administrators group, and until my other colleague returns from holiday this week, I can't check that one out.
If I was to put the hard drive from the tower into another as a slave, would I be able to see the old administrator's password? I kind of need to be able to find out what it is, so I can get the other laptops working. Also, if L0pht works on the other laptop (my colleagues) will it show me another administrator's password?
I can't thank you all enough for helping me on this!!

Now i remember where i saw the programs for the dump file. It was in a book called Hacking exposed. Now there are two editions of that book im not sure which one its in. Just go to ur library and check both editions of the book out and u'll have the password cracked in no time
Later,

I believe you already need to be the administrator for pwdump to work; however a privelage escalation tool like PipeUpAdmin ( http://www.dogmile.com/files/#PipeUp )might help. I think this was patched with SP2, so if you have an earlier installation than that I think it'll work. It basically adds the current user to the administrators group which will then allow you to make whatever changes you need to make; or at the very least will get pwdump working. Hope this helps.

is this on a NTFS partition, or is it FAT?

also, is Active Directory being used, or is this just a standalone server?


I'll try to help however I can.



El Diablo

Use a program Like brutus or webcracker to bruteforce the account. If you need these, email me at sandsword2@excite.com and I will send them to you. Since you are the companys top dog, you of course wont get in trouble for useing these programs. You should start them up and leave your computer running all night. By morning it should probably be cracked. I have other programs that might work so give me and email and I'll see what I can do. By the way, what is the servers address? I might be able to crack it for you, or at least be able to help you better.

Hello everyone

I've tried that Pipeup software, but it keeps teling me there is a system error 5 occurring, so it won't work.
I think the file system is FAT, but that is an assumption as I can't actually access the details, and it's really starting to annoy me now!!
The main computer is not on the internet, so it doesn't have an address, and anyway, I get the feeling that it is server in name only, because the guy who set it up (the disappearing legend) wasn't as smart as he thought he was, and I think the only reason he set himself up as administrator was because he could, and that he would be begged to return to sort everything out.

Now you guys know what I'm up against, the guy is a selfish egocentrical prat who goes missing for what can be months on end. He leaves something like this behind him, so he gets begged to return and sort it, and when he does, it is some time before anyone realises that he conned his way back to work. This time, everyone, including our boss, is backing me to sort it before he returns, so it won't happen again.

I can run any software I like on the system, there are no laws governing it, basically, as I said we are an incredibly small project, and everyone wants me to do anything I can to fix it, and they're letting me just get on with it. Everyone trusts me anyway.

I feel so guilty that nothing has worked so far, but you guys have been the God send I was praying for, at least you have given me hope that I can fix it!!

People don't just "disappear".
:cool:

If its online and you can run programs on it then a brute force is probably an extra good bet. If the information on it is not too important, then you could low level format the thing and start over. You might try checking the registry for some helpful info.

Have you tried this?
In Win2K you can also do a "Run As" after you've logged on to your laptop? Since you're saying he's not as astute as he'd like to think i'm quite sure he may have left that avenue open.

Another option may be to contact the other administrator get his password and access the files you need to and then change his password to secure your system (after you've added yourself to the admin group of course!)

However as mentioned earlier your best bet sounds like cracking the password to his account. If your disk is formatted in NTFS it'll take some time and tenacity but can be done. Do this, go into Windows Explorer and right click on your hard drive and select properties. It will tell you how your hard drive is formatted. Also, what office program are you using? Office 2K? Do you have all service packs updated?

The best of luck to you and please by all means once you're successful let us know. I may run in to that same problem down the road!

right, i remember reading something about the office series about, let me see if i remember this right cause i dont have it installed anymore, but you open up access goto the help, about. then theres like a button in there that is something like information about your computer. this opens up another program and in that theres a run button. i think that this was a way to get trogans running and not get noticed by virus scanners, and its probably fixed by now. but i think that method works in a way that it wont check your privelages so if you can acces the control panel and change admins password you should be all good. also if this guy actualy loged in using Administrator as "his" account he was a moron and didnt really know why its hidden (well in XP pro, i havent actualy used 2000)
good luck from me to, if i think of anything else ill post it

Originally posted by Yohev

The main computer is not on the internet, so it doesn't have an address, and anyway, I get the feeling that it is server in name only, because the guy who set it up (the disappearing legend) wasn't as smart as he thought he was, and I think the only reason he set himself up as administrator was because he could, and that he would be begged to return to sort everything out.


If your computer is on the network then it will have an IP address. It might not have an internet IP but it will have a local. If you now the scope of address run a port scan on the range of IP's and see which one it is.Originally posted by @lm!ghty
[B]Have you tried this?
In Win2K you can also do a "Run As" after you've logged on to your laptop? Since you're saying he's not as astute as he'd like to think i'm quite sure he may have left that avenue open. [B]

When you execute "Run As" where do you do that from? Don't you need admin pass to do that?

When you get the laptop log the laptop as admin and run LC3 from there to the server.

"When you execute "Run As" where do you do that from? Don't you need admin pass to do that?"

-- you can do "Run As" from a normal user account after you've logged in and once you're into windows explorer just right click the file/folder you want and select run as.

-- true, you do need the admin password but if there's someone else from the admin group then they could use theirs. I believe they stated that earlier.

Hey there.

Only one computer has someone else with administrative rights, and I've just checked with her and she's confirmed that the main administrator is also logged on as a user on that computer, with undoubtedly in my mind the same password as the main computer, and the other Win 2K laptops.
As far as the chase is concerned, we are meeting on Monday, to try and get his password using her privileges as an administrator, and using different ideas suggested here.
Which ideas are the best to try? I'm gonna use the version of L0pht that I've downloaded, as I assume it will show me all the passwords of all the users on the computer, but what about this PWDump thing? Can anyone give a brief tutorial on it, and if there are any further suggestions as to how I can access his password in a situation where we have administrators rights, I'd greatly appreciate it.

I don't just want to access programmes, I want to remove his password from the computers, so we can go back to our happy care-free existence!!

Thanks very much guys, your help is much appreciated, and my colleagues are pleased that you are helping me out too!

hi i don't know if it helps but i once used a program called cain password recovery i have no idea where u can find it but if u install it you can see every encrypted password in the program it's no bruteforce or something if u find it mail me: darkadon@hotmail.com there is a win9x version and a win2k/nt version u know that u need the last one it can be found on the official website i can't remember the adress cain-abel password recovery or something i searched it for you but could'nt find it it's out there i'm 100%sure if u findit you'r problems are solved sorry can't help u more

greets

darkadon

right. ive used the win9x version before but never seen the 2k. http://hackersclub.com/km/frontpage/meaninglesswebpage.html its in files area-hacking. its the win9x version but it might have a link to the main site.

i'm 100%sure that there is one sorry that i havent more info:(

How bout this since your having so much trouble. open up the computer take out the hard drive. THen load it as a slave drive on another computer. Copy all the files you need and then format the drive. Put it on the old computer and load win 2000 up again

Good point, XPaCiScOoL. Backing up and formatting looks like the best option to me. That way you'd have more control over how things are set up and the jerk who got you into this mess won't have any privileges worth speaking of on the machine. So there won't be a way for him to trip you up again.
Anyway, let us know ok?

im Sorry to say this, If he only left you all with user abilities to read and write then you are not going to be able to put any kind of software on the system to recover the passwords. If some one has power user abiliy then you will be able to use L0pht crack that is if you know how to use it. See windows 2000 is unlike the older OS ie: 95 and 98, 2000 has a one way encription meaning passwords go in like this 12345 and come out looking like this ***** So if you did get the password hashes out of the system to be decoded with a cracker it could take forever and best hope he didnt have a hard password like this A1*2cG-512d*

Maybe your best hope is if he didnt activate the password Lock out you could use a password guesser to do the job. other than that sorry to hear that maybe you guys need to rethink about haveing more than one Admin.

look for a tutorial called SAM ATTACK...

it will teach u to get login names and passwords for local users... hopefully the administrator is thesame...

Well, I've known of the "taking the hard drive out option" since before joining the forum, but whilst it sorts out the problem with that one computer, it doesn't sort out the four laptops that also have his administrator password on.
If you've read my above postings, then you will know that we do have access to the administrators group on one of these laptops, so it's not like we only have user access across the board.
I've known this guy really well, enough to know that his password will be an easy-ish one (however, I've tried all his family names from his mother to ex-girlfriends etc) and that it will be the same on all the computers.
I'm going to try L0pht on the laptop that my other colleague has and also try Cain (amazingly good piece of software by the way, I've tried it on my 98 computer) on one of the two 98 laptops we have.

Peace, love and understanding to you all....

ok ive never really worked with win2k but i know in XPpro admins can disable other admins passwords with only a click... mabee once you get this other laptop with an admin user on it you can just delete the password. might not work though, its worth a try though.

If I was to delete that password as admin, would I be able to see it first? That is the tricky bit. I really need to see what the password is so I can remove it from the other computers

Check out this website at http://www.student.math.uwaterloo.ca/~asklotz/winpwl.html. It has a program that looks like it will do your job for you. I tried it and it told me my internet password and usersname instantly! Another sure fire way is to beg your stupid dissapperring clown to come back after you have installed and invisible keylogger. When he enters the password you will know what it is! Then after trying it and making sure it works have your boss fire him. There are many good keyloggers out there for free. Check webattack.com for a good supply of them. I also have a few I could give you.

I can't get onto that site. I wish I could get the idiot to turn up for work, but the ideal situation is for him to turn up and find I've changed his passwords. Now that would be good....

Come clean.
Are you sure you're not trying to hack
someone else's machine?
You've been told six different
effective ways to solve the
problem as presented.
If you are authorized to access this machine,
quit refusing to try the solutions you've
been offered.
My guess is that the reason you won't
take the hard drive out is because you
would get caught doing something that
drastic. You are obsessed with getting
that password because that is the only
way you can access the machine without
anyone knowing that you've done it.
If you really have authority to fix the problem,
then take the bull by the horns and fix it
and stop trying to sneak into the system
without leaving fingerprints.
:cool:

You can think what you like rc, just cause that's what you'd do, doesn't mean the rest of us are like that.

By the way people, I've found Cain v2.0
It's the newest version I've found so far.

http://groups.yahoo.com/group/451HackandPhreak/files/

http://www.oxid.it/

ok, the above is the homepage for Cain. This looks pretty good, versions 1.6 + deal with NT and 2K, and there is a beta version of 2.5 out which will list users, groups etc on these platforms. I think this is going to be my best option, and good luck to all of you. I'll let you all know if I manage to get our office working again. Thanks to you all...

Peace, love and understanding...

Here is the program I was telling you about, but gave you the wrong site. It is the attached file. Good going on tell rc!

nothing is working. The closest I came was with L0pht, but it could not do a brute force as it wasn't registered, and we can't afford a full version. I'm stuck. We did have a network, but it has gone missing, and the suspicion is with the disappearing legend who still has keys to our building. I think we are getting close to bringing the police in, as it has now been over a month since anyone heard from him.
The annoying thing is I can use his internet dial up, and his password is there in asterisks on the screen, but none of my asterisk revealers work on 2K.
I'm starting to lose faith.

I'm sorry for suggesting this, but if you came that close with L0pht maybe you should try looking for a crack for it. try it on
http://astalavista.box.sk

Hi everyone,

I just wanted to do a final report.

None of the software worked, the closest was Lopht 3, and because I didn't have it registered it wouldn't Brute. But, I think that's a sensible option, should anyone else have the stress I've been under.
I know it's $249 dollars, but there are various things available on crack sites, should you need a cheap option.

Unfortunately, my story does not have a fairytale ending. He phoned me today, and told me the password, but also he'd been broken into and had a laptop belonging to us stolen, that had vital files on. He's an alcoholic (I hadn't told you the reason he goes missing) and the break in has caused him to have a breakdown. He's lost his job, but I didn't have the heart to tell him yet.

Thank you to everyone who's given advice and support, without it I would never have got through the last month sane...

Peace, love, and understanding to you all...xxx

Heather.

I have just read this article from www.techrepublic.com on the subject. Because I don't have any windows 2000 server to try it myself. Can you or someone try it and let me know if it works. It's worth being a member of techrepublic you can learn lot.

WHAT TO DO IF YOU FORGET YOUR ADMIN PASSWORD, PART 1

First, if you have Windows 2000 installed on a FAT or FAT32 partition, you can use a DOS or Windows 9x boot disk to boot the computer and then delete the SAM file in the \windows\system32\config folder. (This file stores all users and their passwords defined on the local computer; if you delete it, you'll delete all local users with it.) After you restart the machine, you'll be able to use Administrator username with a blank password. NOTE: Remember that you'll lose all user accounts defined on this machine.

If Windows 2000 is installed on an NTFS partition, you have two options--both of which require a bit of work. One option is to use a utility that allows you to read/write on an NTFS partition, such as NTFSDOS from Winternals. You can then use a DOS or Windows 9x bootable floppy to boot the computer and delete the SAM file.

Or you can delete the SAM file from another instance of Windows 2000 if you don't want to fool with old bootable floppies. This requires you to install a temporary instance of Windows 2000 on the same computer and delete the file from there. After you log on to your original installation, you can remove the temporary one.

There's a slightly different method you can try if you don't want to lose all your existing user accounts. By default, Windows 2000 starts a special screen saver (located in Logon.scr) when no one logs on for a certain period of time. If you rename Cmd.exe to Logon.scr, the system will open the command prompt under the system account instead of the screen saver.

Once you get the command prompt, type net user administrator mynewpassword, where mynewpassword is the password you want to assign to the administrator account. You won't have problems copying Cmd.exe to Logon.scr if you have FAT/FAT32, but with NTFS, you'll have to come up with something else (e.g., a new parallel installation of Windows 2000).

Hi, I just want to ask you is there any reason why LC3 will not crack the WIN 2K passwords. Even though we are using the entire list of characters it will still not crack them??

Originally posted by EvIl eLf
try lc3 l0pht crack might be able to crack the admin password maybe im wron but give it a try.

Here try this>
If you can log in as an account and it is FAT, drop to DOS start -> run -> cmd, at the C: prompt type the following (assuming default install locations)

C:\> cd \winnt\system32
C:\winnt\system32> copy logon.scr logon.scr.old
C:\winnt\system32> del logon.scr
C:\winnt\system32> copy cmd.exe logon.scr

Now log off the machine, logon.scr is the screen saver that will kick in after 15 minutes of not touching the keyboard/mouse at the logon screen. Wait 15-20 minutes and a DOS prompt with FULL SYSTEM rights will pop up, then just to
C:\> net user administrator <newpassword>
and then log in with the new account.

Try this, might work, as long as he didn't change default permissions on C:\winnt and C:\winnt\system32 you should be golden.
Let me know if this works.
Heavy_Deisel

MORE ON SUBJECT FROM www.techrepublic.com

WHAT TO DO IF YOU FORGET YOUR ADMIN PASSWORD, PART 2

In part one, the last solution we suggest if you forget your admin password is to manually type different passwords. An even more efficient method is to use various password-cracking utilities. These utilities will actually do the same thing you do when you try different passwords--just at a faster rate. There are a number of good online resources where you can find such utilities, including @Stake Research Labs. http://www.atstake.com/research/redirect.html

Are you wondering why you should use a password-cracking utility? You might be thinking that you should just write a tool that would directly change the password in the SAM file. This is exactly what several utilities do. You just run them and specify the account for which you want to reset the password. (Of course, you won't be asked for the old password.)

One of the utilities that includes this functionality is ERD Commander 2000, allowing you to boot the computer from a set to floppies and then manage your computer in an environment similar to Windows 2000's own Recovery Console. ERD Commander 2000 includes the password command, which allows you to reset the password of any user account (including administrators). You can find the ERD Commander 2000, another utility called the Locksmith (which you can use to reset passwords), and more on the Winternals Software Web site. NOTE: Both of these utilities cost a fee. http://www.winternals.com/

----------------------------------------

hey guys. its my first post but i did have some trouble like this before. Bruteforcing doesn't always work on w2k. Some cause an account to become disabled if the max no. of wrong entries is set.

when our old admin left he didn't leave the admin password so we were left hanging. Since no one was an admin groupie we checked all the power users. Apparently even pu's can change admin passwords. :D

There are many available tools which will recover a *local* admin password on winNT4/Win2k

The one we use here is

http://home.eunet.no/~pnordahl/ntpasswd/index.html

The "Offline NT password and registry editor"

This works on win2k, however it will not change domain passwords - LOCAL USERS ONLY.

With this you can change the admin password and recover access to the system without having to reinstall - we have found it to be most useful.

Regards
Mark

Sometimes having a local admin pwd is all you need. Weak servers allow local admins to edit Active Dir. Does W2K put the local admin group in the active dir admin group?

Yes, people do sometimes "just disappear".
It's a passive-aggressive way of saying, "f^q this!"

I've worked at places where an operator will go home mid-day "feeling bad" and then never show up again - despite numerous phone calls. Their roommate will say they left town, or had a family emergency or they will have gotten jailed for something. It happens.

That's why it's a bad thing to have only one person with "the keys to the house" or to not make people rotate responsiblities.

OK, I know the person put there last post about this... but I have a question...

Now in this situation there was an account with administrative priveleges right? Well couldn't she just logon to the server with this account, then take ownership of all files that the admin had? Now she has access to all the files that were owned by admin.

Also since she has an account with admin priveleges couldn't she also just change the password for administrator?

So now she has all files, that administrator had, and has a working login for the actual admin user.

Does any of that make sense? Or where did I go wrong? Just wondering if in this situation that would work, or why it wouldn't.

Jared

Originally posted by slarty
There are many available tools which will recover a *local* admin password on winNT4/Win2k

The one we use here is

http://home.eunet.no/~pnordahl/ntpasswd/index.html

The "Offline NT password and registry editor"

This works on win2k, however it will not change domain passwords - LOCAL USERS ONLY.

With this you can change the admin password and recover access to the system without having to reinstall - we have found it to be most useful.

Regards
Mark

SLARTY, you are right. After numerous problems with server farm at my work (sys admin left, bogus accounts, multiple domains, you name it), with absolutely NO clues about passwords, I was able to bring all my servers up.

Situation was: 4 NT domains, 1 that I knew admin password for, 9 servers (4 PDCs, 3 BDCs), and I could access only my domain with 1 PDC and 1 BDC. Horrible. Guy left, and didn't leave ANYTHING to start from.

So, i turned to http://home.eunet.no/~pnordahl/ntpasswd/index.html and it worked like a charm.

Now, for win2k, I only used it on Pro version (laptop), and it ALSO worked, so my guess is: make 2 floppies, and enjoy!

Oh, if it's Win2k AS, I think you can't have pwd just blank, so make sure you CHANGE it to something that has at least 6 chars. In my case, I learned it hard way - my NT 4 Ent. Srvr. - I had to have pwd of at least 6 chars or it would report bad pwd. heh...

Good luck.

A.

anyone know where yohaeve went?

there are a couple of ways of gaining administrator access to this machine..... one if any one else has an admin account on this machine you can go into the user and group management mmc and rename his account and the reset the password or just do the latter. number two you can slave the hard drive rename the sam and recreate a new sam with nothing in the file and move the original renamed sam too another folder and place the new blank sam into the folder where the original sam was(WARNING ADVERSE AFFECTS CAN HAPPEN PLEASE MAKE SURE TO BACK UP STUFF). and three is a long shot but it works for NT there is a a linux loader disk out there that you can create and add another prgram into the boot disk and it will let you reset the admin password i am not sure were to get that boot disk but a search on google will reveal it (eventually) i dont have all the answers those are things that have worked for me in the past i hope they help you if not good luck and happy computing :)

If this is resolved or if I'm repeating, sorry.

There is a linux boot disk available that apon booting will access WinNT admin password and allow you to either change it or just copy it to a file for running a cracker against. I believe the author is from sweeden. I've not tried this on a 2K system yet.

Another option is to remove the drive and mount it as a slave under a *nix system and access the passwords that way.

Either way, I highly recommend backing the drive up (while a slave) to preserve any data lost due to an "oops". Use your favorite tool or dd.

I'll search for the WinNT linux boot disk name and site. I have a copy at home, but am away for another week and am sure you cann't wait that long.

Well, I can't find the boot disk I wanted to. But here are a couple others...

look in:
http://home.eunet.no/~pnordahl/ntpasswd/
http://www.password-crackers.com/crack2.html

i recommend u get advanced security nt explorer it works for win 2000 and xp althought i can't remember the site

I think the starter of this post quite comming, so I don't know if there is any reason to continue. But it is nice to see suggestions, and people can still look here and get info. Does any one have a good .pwl decryptor? So you can take a .pwl file and it will tell you what is in it.

If all you are trying to do is reset the administrator password on a box that you have physical access to, try out Petter Nordahl's Offline NT Password & Registry editor. Works on NT, Win2k, even with syskey enabled!

Petter makes it available as a boot floopy, but I've created a bootable cd iso image from it as well.

Offline NT Password & Registry Editor (boot floppies)
http://home.eunet.no/~pnordahl/ntpasswd/

My bootable cdrom iso image for the above is at:
http://www.dmzs.com/ftproot/security/password/NTRecovery-DMZS.iso

I'd guess this should help.

Change

REALLY easy fix. . .and I'm a relative newcomer to crakcing passwds

http://home.eunet.no/~pnordahl/ntpasswd/
download the boot disk there, and boot the machine with it. follow the rather easy instructions, and you can simply CHANGE the adminitrator password. I use it all the time when kids hack the machines i work on at school (I don't secure that completely on purpose). . .it is a great utility.

wow, i missed that there were alternate pages to this thread. .sorry for being redundant. . .I should read more closely (or not read and play vidz at the same time)

You guys don't understand, my problem. I will try to explain. On win 98 I copyed some .pwl files now I want to decrypt them to see what they say. What program will do that.