I’ve fixed a few broken Windows boxes in my time, some family & friends turn to me as last resort or first port of call. I’m no Computer Science engineer – I went to Art College! I do social media & Online Community Management for a living! I don’t have any Microsoft certification. I do like a challenge though & know enough to be dangerous Just wanted to get that disclosure out of the way first.

So an old colleague asked me to take a look at his teenage daughter’s laptop. Something about it not going online… I powered it on & saw two user accounts – ‘Guest’ & let’s call it ‘User’… I asked for ‘User’ password thinking it would be admin, tried to log in but got: “Windows could not connect to the System Event Notification Service” – so I had to log in as ‘Guest’. Turns out that ‘Guest’ had admin type account status!

Much more on that in a bit…

So I ran an elevated command prompt (start menu -> search for ‘cmd’ -> right click & run as Administrator) and entered “NETSH WINSOCK RESET CATALOG” – fortunately this worked (despite some error message I can’t recall) and on restart was able log in as ‘User’ (which turned out to be ‘standard’ account type). That took me 10 mins & the original issue was ‘fixed’. I also uninstalled McAfee as they also had Avast installed (two AV apps is not good!), I ran a full boot time scan & Avast picked up a few bits. I also installed MalwareBytes Anti-malware & ComboFix (be careful with that!). They all picked up a few bits too. So it’s clean now too.

Now – I started to wonder how the hell Guest ended up with the admin status, after I noticed that Guest wasn’t a true admin account, I figured that it’s not normal not desirable to have things set up like this. For what it’s worth I figured that at some point ‘User’ account stopped working for internet or something (possibly that Winsock problem I fixed), and so the young lady started to use the Guest account. Being a Guest account meant that she couldn’t access her old User documents.. so somehow managed to elevate Guest to admin status… or something…

It’s worth pointing out that I still run XP on my Windows machines – love Ubuntu. Hate Vista. I hear good things about Windows7 mind, I might go for that on my next upgrade. Anyway, I decided to fix it and spent some time on Google searching for other people who might have this issue, but nobody really had a solution.

Here’s the short version of what I did:

Symptoms

• Guest account has been made ‘administrator’ type account in Vista
• User account is ‘standard’ type account
• Guest account is restricted despite being administrator

Attempted fixes

• Can’t run true elevated command prompt – useful commands like ‘net user administrator /active:yes‘ result in “System error 5 has occurred. Access is denied.” even when attempting to run cmd.exe as administrator
• Can’t change account types, edit accounts etc get error “The specified account name is not valid, because account names cannot contain the following characters: /\[]“:’|<>+=,?* Please type a different name.” – running ‘netplwiz‘ didn’t work either
• Editing registry to enable ‘administrator’ didn’t work
• Trying to change group policies didn’t work
• Disabling UAC made no difference to all of the above
• Running safe mode makes no difference, switching to guest or user account makes no difference when trying all the above
• No Vista boot disc – only Dell OEM restore partition
• Recovery/repair mode doesn’t give full recovery options disc (like the Command Prompt) due to Dell’s OEM tinkering – only options are to fix boot problems or restore to factory state (total data loss)
• No hard-drive space to back-up data to – so extreme caution required
• Using Offline NT Password & Registry Editor I had on an old version of Ultimate Boot CD to reset password and unlock ‘administrator’ account unsuccessful (didn’t try elevating user account due to experimental nature of tool – see previous!) BUT blanking the password may have come in useful later – not sure if it had been set by owner in the past.

Solution – the one that worked for me

• Download ‘enableadmin‘ to your desktop (remember which account – I did it to Guest’s) more info about that here
• Make Vista repair/rescue disc by downloading this totally useful and legal torrent more info about that here including links for Vista 64 & Windows 7 flavours
• Burn the ISO to a CD using ImgBurn or similar ISO burning software
• Reboot & press F12 (or whatever it is on your system) to set boot order to boot from CD (may require you to go into the BIOS)
• Wait for that progress bar, enter language/region settings – click the install button – don’t panic about mentions of installing Vista!
• On the next screen, click on ‘command prompt’
• At dos prompt type: ‘C:’ then ‘cd users/Guest/Desktop’ and then ‘enableadmin’ (alternatively you could also probably run ‘net user administrator /active:yes’ at this stage – I’m sure that’s what the ‘enableadmin’ script does)
• You get a message telling you it worked!
• Reboot and log in as ‘Administrator’ – I created a new user account and set it to administrator type account just in case, but you can go ahead and change guest back to standard account and set a password for the administrator account

Go out and enjoy the sunshine!

Update 5/5/2011: Harry also looked into this after I posted a link to my post on a related post of his. He was also intrigued by this ‘Guest as Admin’ issue & came up with a couple of fixes that don’t require grabbing a repair disc… Cheers Harry!