FastStartup causing issues with NTPasswd (Windows 8 / 10)

Guests and Members can post here, but only members can edit their posts. Debate Windows 10 here. For it, against it, you know the arguments. Hint: the more you reason out your posts, the more you pay attention to grammar and syntax and spelling, the more your thoughts will get heard. If you need help with problems, go instead to bleepingcomputer.com . They are really great folk.
Forum rules
Guests and members can post here. Only members can EDIT their posts.

Extra Smileys: http://forums.mydigitallife.info/misc.p ... _Editor_QR

Not moderated, so you are on your own. Spambots, stalkers and anti-semites will be banned without notice. Else, POLICE YOURSELF.
User avatar
hupostasis
Posts: 383
Joined: 14 Sep 2015, 13:11

FastStartup causing issues with NTPasswd (Windows 8 / 10)

Post: #1017 hupostasis
09 Nov 2015, 17:53

If you're like me and you had to use NTPasswd to reset a password on Windows 10, there's a few things to be aware of.

Microsoft in their infinite wisdom has introduced "FastStartup", which essentially means the system always goes into a sort of hibernation. So when you "shut down" your computer, it's not actually shutting down, but creates a hibernation state file so when it starts back up, it resumes part of that hibernation.

The problem with this is that NTPasswd cannot work correctly when the system creates the hiberfil.sys:
AskUbuntu wrote:When you turn off Windows by hibernating it, you are essentially pausing the system and saving all of that information (into a big file called hiberfil.sys) This way when you resume from hibernation all of your applications and files will be exactly how you left them. It also sets a flag in hiberfil.sys to let other Operating Systems know that Windows is hibernated.

Making changes to your Windows (ntfs) partition while it is hibernated could be dangerous--it could cause Windows to not resume from hibernation or to crash after resuming. Because of this, the tool (ntfs-3g) that mounts (opens) the partition will not mount it in read-write mode if it sees a hibernation flag. As such, Nautilus, the default file browser, will not be able to automatically open this partition--hence the error message that you see--because it is trying to open it in read-write mode.

Source: http://askubuntu.com/questions/145902/u ... ibernation

Therefore NTPasswd in most circumstances will fail to force write changes to the SAM database due to FastStartup hibernating the system EVEN THOUGH you're telling it to "shut down". What you have to do is then boot into your Windows 10 computer, tell it to "restart" and then crash it during the restart process by holding your power button immediately after. If you try to crash it at the log on screen it'll just go into sleep.
Under normal circumstances we could disable "FastStartup" by editing the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power, Going to: HiberbootEnabled DWORD, and setting it to value 0. But since we CAN'T LOG INTO the computer in the first place, the restart & crash workaround is necessary.


***I work in I.T., so sometimes it's necessary when a client forgets a password or needs access to something to remove or reset passwords in Windows, has nothing to do with illegal practices but common sense and an aspect of my job***


User avatar
hupostasis
Posts: 383
Joined: 14 Sep 2015, 13:11

Re: FastStartup causing issues with NTPasswd (Windows 8 / 10)

Post: #1024 hupostasis
10 Nov 2015, 15:10

brainout wrote:Related thread: viewtopic.php?f=7&t=15


It's entirely wrong for Microsoft to be using the hibernation file as a workaround to make their operating system faster; just so they can squeeze an extra dime and say "hey, look at our operating system running on our surface books, it's *so fast* -- clearly you don't want to buy an Apple product".

User avatar
brainout
Site Admin
Posts: 1831
Joined: 10 Aug 2015, 16:03

Re: FastStartup causing issues with NTPasswd (Windows 8 / 10)

Post: #1025 brainout
11 Nov 2015, 06:08

Couldn't agree more. Problem is, your average joe doesn't know that this DEFAULT is just a recipe for disaster.

User avatar
hupostasis
Posts: 383
Joined: 14 Sep 2015, 13:11

Re: FastStartup causing issues with NTPasswd (Windows 8 / 10)

Post: #1035 hupostasis
12 Nov 2015, 02:39

brainout wrote:Couldn't agree more. Problem is, your average joe doesn't know that this DEFAULT is just a recipe for disaster.


*I* didn't even know that they just implemented this out of the blue (they don't even provide an option to turn it off in the new setup options). Of course I know now since I had the unfortunate experience of running into an issue directly caused by it. Wasted a good hour of troubleshooting.

User avatar
brainout
Site Admin
Posts: 1831
Joined: 10 Aug 2015, 16:03

Win10 onslaught on Win7/8.1 alleging FastStartup

Post: #1056 brainout
12 Nov 2015, 14:30

Yeah, well they're fibbing again, and new massive Windows 10 push in Win7 and 8 begins today, click here for the fibs and details.

hupostasis wrote:
brainout wrote:Couldn't agree more. Problem is, your average joe doesn't know that this DEFAULT is just a recipe for disaster.


*I* didn't even know that they just implemented this out of the blue (they don't even provide an option to turn it off in the new setup options). Of course I know now since I had the unfortunate experience of running into an issue directly caused by it. Wasted a good hour of troubleshooting.

User avatar
nintendo1889
Posts: 3
Joined: 29 Dec 2015, 20:43

Re: FastStartup causing issues with NTPasswd (Windows 8 / 10)

Post: #1750 nintendo1889
29 Dec 2015, 20:58

hupostasis wrote:
brainout wrote:Related thread: viewtopic.php?f=7&t=15


It's entirely wrong for Microsoft to be using the hibernation file as a workaround to make their operating system faster; just so they can squeeze an extra dime and say "hey, look at our operating system running on our surface books, it's *so fast* -- clearly you don't want to buy an Apple product".


I work in computers too, and I would always defrag a customers pc after cleaning the malware, if time allowed. They'd always like how much faster it is!