We all know Norton can’t protect you , but also Norton is sometimes a pain in the ass to uninstall , sometimes it has files you cant remove etc. But even before you get to that point you’re prompted for an uninstall passowrd? wtf? sometimes you were the person who installed it sometimes you’re not either way you don’t know the password. Here’s a simple way to bypass that problem.
The default password that should work for most of the Symantec uninstallation is “symantec“. Duh.
If the default password doesn’t work do this:
1) Go to Start -> Run and type regedit
2) Navigate to:
3) Double click on the value name “UseVPUninstallPassword” and change the value from 1 to 0
4) Close the registry and retry the uninstall.
There are several ways to obtain password hashes, depending on their location and existing access. Password hashes can be obtained from SAM file or its backup, directly from local or remote computer registry, from registry or Active Directory on local or remote computer by means of DLL injection, from a network sniffer. The SAM file located in the %SystemRoot%\system32\config directory or %SystemRoot%\repair directory. It is also possible to recover the password itself from memory.
Here’s a few free tools to help you recover lost/unknown Windows passwords, most come with the source code included.
LCP 5.04 – user account passwords auditing and recovery in Windows NT/2000/XP/2003. Can get local or remote hashes and recovers by using
* dictionary attack;
* hybrid of dictionary and brute force attacks;
* brute force attack;
PWDump7 – A newer Windows password hash dumper using rootkit technology to inject and dump Windows password hashes. The resulting hashes can be then be cracked by a program such as John the Ripper(free),or SamInside(not free) or using Rainbow Tables
CachedPasswordDumper v1.3 – This program dumps the password to the screen from the account that is logged in at that time. Currently only Windows XP (up to SP1) and Windows 2003 Server (SP0) are supported. For WinNT/2K use Password Reminder
Alternatively you can boot from a Floppy or CD and use Offline NT Password & Registry Editor which allows you to reset your password to a blank password
CacheDump – The default behavior of Microsoft Windows domain members is to cache the last 10 different login credentials in the registry. Using a tool called CacheDump written by Arnaud Pilon you can dump the cached credentials to a file and this can be cracked with a plugin for john the ripper
PwDumpX 1.4 – is a tool that combines PWDump, Cachedump, and LSADump all in one tool. It allows a user with administrative privileges to
retrieve the domain password cache, password hashes and LSA secrets
from a Windows system