WinXP password created by malware and cannot logon

By xxdragonrlxx ·

I was helping a friend of mine to repair their laptop. After running AdAware, Symantec AntiVirus, and SpyBot Search and Destroy I thought that I had completely removed all spyware. When I restarted from safemode back into normal windows I was prompted with a login screen when there was no password previously set. I went back into safe mode to try and access the Administrator account and there was a password set there as well.

I then tried ERD Commander and user locksmith to set a password for both the Administrator account as well as my friend's account (admin account) and started back into safemode. When I entered in the new passwords I was not able to get in to either accounts.

I then tried to google for another way to reset the passwords and came across NTPASSWD and tried to unlock the accounts and reset the passwords. Still nothing.

I then did the stupid thing and took out the HD from my friend's laptop and connected it to mine via external enclosure. I booted into safe mode and tried to run all my spyware/virus removal stuff and it found a few more. After putting the drive back into the laptop to start again in safemode, I was still prompted with the login. Determined to find a solution I turned my box back on to google some more and was faced with an account that did not accept my password.

I am at a total loss as to what to do now since my computer now has whatever my friend's laptop has on it. I would prefer not to have to reinstall windows on either machine. Any suggestions?


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Sounds like the infection

by Jacky Howe In reply to WinXP password created by ...

has taken over. If ERD Commander didn't work I would be doing a full reinstall on both PC's. It sounds like you have the Sanke.exe.vbs Virus or something similar that will interfere with passwords.

Collapse -

Just a note..

by NormH3 In reply to WinXP password created by ...

Probably doesn't matter in this situation, but if I am not mistaken, you can only change one password via ERD per boot. In other words, the last password you changed would be the only one affected. Probably a moot point here.

Related Discussions

Related Forums