How to read SAM Hive?

I was doing sum crazy thg on the test machine....

I copied SAM hive frm Systemvolumeinfo folder.... Can anyone tell me abt the tools to read SAM hive :

I copied and save the SAM hive on d desktop

LCP can read SAM files:

www.lcpsoft.com

although I'm not sure I get you right. The SAM file is usually put in "C:\WINDOWS\system32\config" folder. You found it in Sysvolumeinfo :!:

Yes Solo u r correct, SAM and other OS hives are located in system32\config folder. However, u can only copy OS hives through Recovery Console. Alternatively, what i did,

1. Create a restore point.
2. Open C:\System Volume Information\_restore{0145FC50-D40A-42A0-A56A-275EF2B2493B} folder and locate the latest restore folder starting with RP**.
3. In RP** folder, open snapshot folder. Where u can find all 5 OS hives restored.

You can find more info at
support.microsoft.com/kb/307545/

and solo for helping me..

Tk care...

Nice tip, puneetvig. You could also use a Live CD as well.

I tried LPC, it took 3 hrs. No result found....

1. Create a restore point.
2. Open C:\System Volume Information\_restore{0145FC50-D40A-42A0-A56A-275EF2B2493B} folder and locate the latest restore folder starting with RP**.
3. In RP** folder, open snapshot folder. Where u can find all 5 OS hives restored.

hmmm, clever idea, never thought of that.

Well, If LCP took 3 ours, (and it can take weeks). Thats good and means your login passwords are strong. try using a password with 5 or less characters.