Solve : Help with dos commands, lost admin password?

1.	Solve : Help with dos commands, lost admin password?
Answer» I recently helped someone reset there lost admin PASSWORD on a local account Windows 10. I found this website and followed it successfully. http://www.pcworld.com/article/2988539/windows/if-you-forget-your-windows-admin-password-try-this.html. I don’t know if I’m in the right place to get answers for my questions but I would appreciate it if someone would take a look at this. To make this short I’ll cut to the meat of the issue. After booting from a usb and opening cmd the first command lines are X: Cd windows\system32 Ren utilman.exe utilhold.exe Copy cmd.exe utilman.exe Exit My first question is, why did we rename utilman.exe utilhold.exe? Second question is, if utilman.exe has a different name then why did we copy cmd.exe to the old file name utilman.exe? I would assume utilman.exe only exist with a different name, maybe that’s not so. This is the commands to put things back to normal. I haven’t applied this so I can’t say this works yet. X: Cd \windows\system32 Copy utihold.exe utilman.exe Exit OK here we go. I ran this command windows\system32 dir /p, and both files utilman.exe, and utilhold.exe do exist. So what did we do with the last copy command line? Did we copy the contents of utilhold.exe into utilman.exe, simultaneously deleting utihold.exe and the old contents of utilman.exe w/cmd.exe? I’m not very experienced with using Dos command lines so some of this is a little confusing. If someone could maybe spell this out to me it would be very much appreciated. Thanks Mike It is a trick. The program is used for another purpose in Windows. Quote Utilman.exe is a built in Windows application that is designed to allow the user to configure Accessibility options such as the Magnifier, High Contrast Theme, Narrator and On Screen Keyboard before they log onto the system. The link you gave is not the way MS recommends password recovery. The trick undermines the whole concept of having a password. Next time tell your people to use a code or name that is EASY to remember. Here is one: qwerty123 That is very easy to remember. And you will not have to resort to some kind of trick. For more info, just Google utilman.exe In Windows you can use accessibility options from the login screen and they use utilman.exe. By effectively having cmd.exe be utilman.exe you get a command prompt instead. It is undone by copying the renamed file back to utilman.exe.Two questions. 1. Geek-9pm What does MS recommend for password recovery? 2. BC_Programmer What I'm having trouble with is the mechanics of all the command lines. From what you are telling me the last command "copy utilhold.exe utilman.exe". Does that copy and rename the file back to utilman.exe? It looks to me like it just copy's utilhold to utilman but doesn't rename any thing. Mike Quote What I'm having trouble with is the mechanics of all the command lines. From what you are telling me the last command "copy utilhold.exe utilman.exe". Does that copy and rename the file back to utilman.exe? It looks to me like it just copy's utilhold to utilman but doesn't rename any thing. the commands are pretty much exactly as they appear. Code: [Select]X: Change current drive to drive X. Code: [Select]Cd windows\system32 change the current directory to \Windows\system32 on the current drive (X). Code: [Select]Ren utilman.exe utilhold.exe rename utilman.exe in the current directory to utilhold.exe. Code: [Select]Copy cmd.exe utilman.exe Make a copy of cmd.exe and call it utilman.exe And then undoing the action: Code: [Select]X:Change current drive to X. Code: [Select]Cd \windows\system32Change the current directory on the current drive to \Windows\System32. Code: [Select]Copy utihold.exe utilman.exe Copy the file utilhold.exe and call the copy utilman.exe.Your question was: "What does MS recommend for password recovery?" Microsoft does not have an explicit tool that will reset anybody's password anywhere at any time. Instead, Microsoft has built into the system a number of safeguards and utilities that should make it unnecessary for a person to reset the password using software alone. One of the tools is the ability of a Windows computer to have more than one user and each user to have his own password. Thus if you cannot login with one user password combination, you can use another. The second tool that is available is the use of hidden users. You have a hidden user with a name you would remember and a very easy or even nonexistent password. Hidden users are documented elsewhere. Third, a feature in Windows 10 is that the password can have an alias of a four DIGIT number. This allows a user to enter in to the system using a four digit number. However, this four digit number only works from the console and not from anywhere else. And the digits can be changed later and the password is the same. Another provision that Microsoft has made is service for a fee. If you have a very DIFFICULT problem, including password recovery, you can call into Microsoft and get telephone support for a fee. Yet another feature available is the use of the same password and user as for your Microsoft account. If you forget your password for some reason, you can go to another computer and access Microsoft and request that your password be reset. There are number of steps you take their to reset your password online. Once that is done, you can then go to the computer of the lost password and you should be able to sign in if there is an Internet connection. So there you have about 5 ways to recovery the password without using a hard core software hack. In short, there are a number of remedies that Microsoft has already provided without the need for an explicit piece of software that would just out right reset the password with minimal effort. Such a tool would only reduce the security of everybody else. As a reference, let me refer you to the issue that Apple had with the FBI. The FBI wanted Apple to find a way to easily break into an Apple iPhone that was in the position of a deceased terrorist. Apple refused on the GROUNDS that it would compromise the security of all the other Apple iPhone users in the whole world. From this, one could see that a company such as Microsoft, Apple or IBM or any of the big companies should never, ever publish a tool that would make it easy to change other people's passwords. And this is not just my idea. A large number of people have the same thought. You just cannot make it easy for people to crack passwords. Hopefully, this will clarify the position of myself and a number of others. Soapbox removed... Quote from: Geek-9pm on August 22, 2016, 12:10:22 PM without the need for an explicit piece of software that would just out right reset the password with minimal effort. Such a tool would only reduce the security of everybody else. There's a tool that can reset any password and all it needs is physical assess to the machine to boot up a CD or USB stick. I've had the need to help people with machines that with forgotten passwords and it's a simple matter to nuke the password and reboot the PC and you're in. I'd say what it is but I might get my wrists slapped. kinky, eh? Quote from: patio on August 22, 2016, 12:52:08 PM Soapbox removed... Bugger. I was looking forward to somebody else doing that for a change. Quote from: MIke50 on August 22, 2016, 10:37:57 AM What I'm having trouble with is the mechanics of all the command lines. From what you are telling me the last command "copy utilhold.exe utilman.exe". Does that copy and rename the file back to utilman.exe? It looks to me like it just copy's utilhold to utilman but doesn't rename any thing. That's not a clean bit of code because it leaves the utilhold.exe laying around. Either of these should be cleaner: Code: [Select]X: Cd \windows\system32 move utilhold.exe utilman.exe Code: [Select]X: Cd \windows\system32 Copy utilhold.exe utilman.exe del utilhold.exe rem ...the problem with using the del command is that if the line above was typo'd then the utilman.exe file could be gone. And this is more versatile code that handles any drive letter, rather than the first two lines of code in your examples. Code: [Select]pushd "%windir%\system32" Sorry for not getting back sooner. I have been very busy lately. Thanks for spelling that out for me. I was having a hard time getting my head into what that copy command was doing. Probably had some preconceived ideas because I use copy and past in the regular Windows UI. Thanks Again MikeThis has gone beyond Forum guidelines...Topic Closed.

Answer»

I recently helped someone reset there lost admin PASSWORD on a local account Windows 10. I found this website and followed it successfully.
http://www.pcworld.com/article/2988539/windows/if-you-forget-your-windows-admin-password-try-this.html.
I don’t know if I’m in the right place to get answers for my questions but I would appreciate it if someone would take a look at this. To make this short I’ll cut to the meat of the issue. After booting from a usb and opening cmd the first command lines are
X:
Cd windows\system32
Ren utilman.exe utilhold.exe
Copy cmd.exe utilman.exe
Exit
My first question is, why did we rename utilman.exe utilhold.exe? Second question is, if utilman.exe has a different name then why did we copy cmd.exe to the old file name utilman.exe? I would assume utilman.exe only exist with a different name, maybe that’s not so.
This is the commands to put things back to normal. I haven’t applied this so I can’t say this works yet.
X:
Cd \windows\system32
Copy utihold.exe utilman.exe
Exit
OK here we go. I ran this command windows\system32 dir /p, and both files utilman.exe, and utilhold.exe do exist. So what did we do with the last copy command line? Did we copy the contents of utilhold.exe into utilman.exe, simultaneously deleting utihold.exe and the old contents of utilman.exe w/cmd.exe? I’m not very experienced with using Dos command lines so some of this is a little confusing. If someone could maybe spell this out to me it would be very much appreciated.
Thanks
Mike
It is a trick. The program is used for another purpose in Windows.
Quote

Utilman.exe is a built in Windows application that is designed to allow the user to configure Accessibility options such as the Magnifier, High Contrast Theme, Narrator and On Screen Keyboard before they log onto the system.

The link you gave is not the way MS recommends password recovery. The trick undermines the whole concept of having a password.
Next time tell your people to use a code or name that is EASY to remember.
Here is one:
qwerty123
That is very easy to remember. And you will not have to resort to some kind of trick.

For more info, just Google utilman.exe
In Windows you can use accessibility options from the login screen and they use utilman.exe. By effectively having cmd.exe be utilman.exe you get a command prompt instead.

It is undone by copying the renamed file back to utilman.exe.Two questions.
1. Geek-9pm
What does MS recommend for password recovery?
2. BC_Programmer
What I'm having trouble with is the mechanics of all the command lines. From what you are telling me the last command "copy utilhold.exe utilman.exe". Does that copy and rename the file back to utilman.exe? It looks to me like it just copy's utilhold to utilman but doesn't rename any thing.
Mike Quote

What I'm having trouble with is the mechanics of all the command lines. From what you are telling me the last command "copy utilhold.exe utilman.exe". Does that copy and rename the file back to utilman.exe? It looks to me like it just copy's utilhold to utilman but doesn't rename any thing.

the commands are pretty much exactly as they appear.

Code: [Select]X:
Change current drive to drive X.
Code: [Select]Cd windows\system32
change the current directory to \Windows\system32 on the current drive (X).
Code: [Select]Ren utilman.exe utilhold.exe
rename utilman.exe in the current directory to utilhold.exe.
Code: [Select]Copy cmd.exe utilman.exe
Make a copy of cmd.exe and call it utilman.exe

And then undoing the action:

Code: [Select]X:Change current drive to X.
Code: [Select]Cd \windows\system32Change the current directory on the current drive to \Windows\System32.
Code: [Select]Copy utihold.exe utilman.exe
Copy the file utilhold.exe and call the copy utilman.exe.Your question was:
"What does MS recommend for password recovery?"
Microsoft does not have an explicit tool that will reset anybody's password anywhere at any time. Instead, Microsoft has built into the system a number of safeguards and utilities that should make it unnecessary for a person to reset the password using software alone.

One of the tools is the ability of a Windows computer to have more than one user and each user to have his own password. Thus if you cannot login with one user password combination, you can use another.

The second tool that is available is the use of hidden users. You have a hidden user with a name you would remember and a very easy or even nonexistent password. Hidden users are documented elsewhere.

Third, a feature in Windows 10 is that the password can have an alias of a four DIGIT number. This allows a user to enter in to the system using a four digit number. However, this four digit number only works from the console and not from anywhere else. And the digits can be changed later and the password is the same.

Another provision that Microsoft has made is service for a fee. If you have a very DIFFICULT problem, including password recovery, you can call into Microsoft and get telephone support for a fee.

Yet another feature available is the use of the same password and user as for your Microsoft account. If you forget your password for some reason, you can go to another computer and access Microsoft and request that your password be reset. There are number of steps you take their to reset your password online. Once that is done, you can then go to the computer of the lost password and you should be able to sign in if there is an Internet connection.

So there you have about 5 ways to recovery the password without using a hard core software hack.

In short, there are a number of remedies that Microsoft has already provided without the need for an explicit piece of software that would just out right reset the password with minimal effort. Such a tool would only reduce the security of everybody else.

As a reference, let me refer you to the issue that Apple had with the FBI. The FBI wanted Apple to find a way to easily break into an Apple iPhone that was in the position of a deceased terrorist. Apple refused on the GROUNDS that it would compromise the security of all the other Apple iPhone users in the whole world.

From this, one could see that a company such as Microsoft, Apple or IBM or any of the big companies should never, ever publish a tool that would make it easy to change other people's passwords.

And this is not just my idea. A large number of people have the same thought. You just cannot make it easy for people to crack passwords.

Hopefully, this will clarify the position of myself and a number of others. Soapbox removed... Quote from: Geek-9pm on August 22, 2016, 12:10:22 PM

without the need for an explicit piece of software that would just out right reset the password with minimal effort. Such a tool would only reduce the security of everybody else.

There's a tool that can reset any password and all it needs is physical assess to the machine to boot up a CD or USB stick.

I've had the need to help people with machines that with forgotten passwords and it's a simple matter to nuke the password and reboot the PC and you're in. I'd say what it is but I might get my wrists slapped. kinky, eh?

Quote from: patio on August 22, 2016, 12:52:08 PM

Soapbox removed...

Bugger. I was looking forward to somebody else doing that for a change. Quote from: MIke50 on August 22, 2016, 10:37:57 AM

What I'm having trouble with is the mechanics of all the command lines. From what you are telling me the last command "copy utilhold.exe utilman.exe". Does that copy and rename the file back to utilman.exe? It looks to me like it just copy's utilhold to utilman but doesn't rename any thing.

That's not a clean bit of code because it leaves the utilhold.exe laying around. Either of these should be cleaner:
Code: [Select]X:
Cd \windows\system32
move utilhold.exe utilman.exe Code: [Select]X:
Cd \windows\system32
Copy utilhold.exe utilman.exe
del utilhold.exe
rem ...the problem with using the del command is that if the line above was typo'd then the utilman.exe file could be gone.

And this is more versatile code that handles any drive letter, rather than the first two lines of code in your examples.
Code: [Select]pushd "%windir%\system32"
Sorry for not getting back sooner. I have been very busy lately. Thanks for spelling that out for me. I was having a hard time getting my head into what that copy command was doing. Probably had some preconceived ideas because I use copy and past in the regular Windows UI.
Thanks Again
MikeThis has gone beyond Forum guidelines...Topic Closed.

Solve : Help with dos commands, lost admin password?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment