Ok here is a problem that I have encountered in the past, a user or a computer somehow gets compromised by
a malicious program or trojan and somehow the passwords have been changed so neither the admin or the user
can log in. Since nobody can login, there is no way to run HJT, now do you tell the user that they have to re-install their OS because helping them would be a violation of the security rule, or if you did decide to help them, how do you know if they indeed have a problem or if they are someone up to no good.???

In my case, I normally require 234 picture ID's, a copy of a at least 5 utility bills with all matching addresses, a list of their last 10 firstborn children, their last 5 pay stubs, and 75 references before I'd even consider it. (Ok, I'm kidding, sort of. ).

Fortunately, for me, most of these were on-site.

Jeff

Due to the fact that we just never know, we err on the side of caution and explain that we can not help them retrieve or change administrator passwords.