msoffice2014 is the password that unlocked my grandmothers computer. Truth be told, this is a temporary solution. Sure I can run Combofix, rogue killer, malwarebytes, and a plethora of other tools to make sure everything is fine; or better yet reformat. But in this rare instance, this PC isn't long for this world. She has a chromebook now, so I see no point in me spending hours of my time getting her back up in running if the PC is going to end in a dumpster soon. This means this computer is disconnected from the internet. Yep, only getting stuff off now, it's going to be dumpster fodder soon. But, what if I didn't have the password?
There are ways of getting into a computer IF you don't have the password, my personal favorite is by using the Hiren's BootCD. If you don't have a copy already, I highly suggest you get a copy, its free, you can burn a CD or DVD out of it, and it'll save you in many pinches.
To use this utility, make sure your computer boots to your CD, DVD, or Bluray drive. This can easily be obtained by pressing F12 as the computer is loading. You should see F12 in the upper right hand corner as soon as the manufacturer of your computers or motherboard logo pops up.
Once you choose disk drive, you'll get a screen similar to the one seen above. And if you notice, there is a tab that says "Offline NT/2000/XP/Vista/7 Password changer" use your arrow keys to move down to that and hit enter.
It'll ask you to confirm your partition, some people have multiple OS's installed, choose the one you're having password problems with. This process is going to DELETE the password, just a heads up.
After choosing your partition, it'll ask for registry info, just hit enter, odds are the default location is where it needs to go. In rare cases this is different, but if its one of those rare cases, I doubt you're looking at this blog to solve it.
Now choose default for the user and password you're trying to change.
You'll then have a menu that says "chntpw main interactive menu", hit 1 to load "edit user data and passwords" from that menu.
This will ask you who you want to change the data for, enter the username whose password you don't have and typing 1 will clear their password.
Type ! to exit the user edit tool, then q to leave the offline password changer, type y to confirm changes. Everything is complete, now reboot and remove the Hiren boot CD.
So as you can see, even if this guy didn't give me the password, I would've gained access regardless. I would've simply deleted the password and gained access. I just wasn't in front of the computer at the the computer at the time, and thought it was wiser to just troll a scammer until he gave in. Worse stuff has been done to this guy since the incident by others, including having his voice mail changed, having his mailbox filled, and every website with his phone number on it having their password with it. Be weary of scammers, I'll make a post strictly on phone scammers soon. Until then, be safe my goblins.
Blogger Comment
Facebook Comment