Solution to The Trust Relationship Between This Workstation and Primary Domain Failed

Happy Tech Tip Tuesday to you! In this week’s edition, I bring you a technical and ugly problem. When you try to log on to your computer, you receive the error message: “The Trust Relationship Between This Workstation and Primary Domain Failed.” Get your IT guy, because this one is going to require a little bit of tech savvy and a few passwords that not everybody in an organization is going to have. We won’t get in to the nitty gritty of why this happens, we’ll just get right down to how to fix it!

The first thing we need to when we get the error “The Trust Relationship Between This Workstation and Primary Domain Failed” is to get logged back in to the machine. Preferably with the domain administrator’s credentials. Typically, in a simple network setup, the user’s name is Administrator and it’s the password used to log on to the domain controller, or your primary server.

Don’t miss this step: What if that user still can’t get logged in? Simple! UNPLUG THE NETWORK CABLE from the computer. When it cannot detect a network connection, the computer will allow you to login with cached credentials, meaning it will accept the name and password that it remembers from the last time you logged on.

Once you’re logged on as Administrator, you need to place the computer in to a workgroup, then RE-Join it to the domain. Here’s the blow by blow:

  1. On the keyboard Hold down the Windows Key and Press the Pause Key
  2. (or RIGHT CLICK the “Computer” or “My Computer” in your Start Menu and click “Properties”).

  3. In Windows XP, click the Computer Name tab – in Windows Vista/7, click Advanced System Settings on the left, then click the Computer Name tab.
  4. Click the Change button
  5. At the BOTTOM of the Window, first NOTE WHAT IT SAYS IN THE DOMAIN FIELD. WRITE THIS DOWN.
  6. Select the WORKGROUP radio button & enter a name (example: call it WORKGROUP temporarily)
  7. Click OK. You MAY be prompted to restart the computer. Decline at this time.
  8. If necessary, plug your network cable back in at this time.
  9. Click the CHANGE button again.
  10. Click the Domain radio button and enter the information you wrote from step 4
  11. Click OK and restart the computer as asked.

Upon rebooting, you should be able to log back in to the computer as yourself! If you restarted during step 6, you will need to login using a username with Local Administrator Credentials. If you don’t know a password or username to use, you’ll have to reset them using a tool called NTPassword (looks fake, works great) (UPDATE: New Blog Post: how to use NTPassword), but I won’t get in to the specifics of that here. On some Windows XP machines, you may get lucky just trying the name Administrator with no password. Best of luck in the process, though. It generally isn’t too painful to get back online after “the trust relationship has been broken!”

My Computer is Infected – how do I remove viruses?

STOP RIGHT THERE!! Before you go any further, read this carefully. Since about 2008, there has a been an astronomical increase in the number of programs which look like antivirus programs (for example, Win 7 Internet Security 2012. Only when you click on them are you then infected. This article does have tips for removing those viruses, but I also include several pictures to increase awareness of these official-looking-but-entirely-bogus programs. If you know what to look for you, you may be able to safely back away without actually getting infected.

This article was originally written in March of 2009, updated in February 2010, and is now being updated and re-published a third time on February 26th, 2012.

2012 tips: my advice for you, this year, is this: DON’T CLICK ANYTHING. If you see a screen like the one above, don’t even try to close it. Immediately use the task bar at the bottom of the screen to switch back to anything you need and save it. Then, click the start menu, and SHUT DOWN THE COMPUTER. If you don’t click on the button to ‘stop the scan’ or ‘clean infected files’ or anything like that, you’ll be in good shape. At this point, it’s just an official looking popup window, but nothing’s actually been installed on your computer. But we’re going to play it safe.

With the computer shut all the way down, boot in to “safe mode with networking.” To do this, locate the “F8” key on the top of your keyboard. See it? Hit the power button to turn on your computer and immediately start tapping F8, at least once a second. It should bring you to Windows Advanced Startup Options. There you can use the arrows on the keyboard to select Safe Mode with Networking. Then log in to Windows the way you normally would – safe mode will look a little different, but work with it, you should be safer in here. If the viruses pop up immediately, when in Safe Mode, you’re going to need more help than we can provide in this blog. If you’re in safe mode, keep reading.

From here, we’re going to use two tools, both free. Open your web browser and go to SuperAntiSpyware.com and click on the link for Super Anti-Spyware Portable Version. Run a full system scan using that tool and remove anything it finds. Then, for best results, I would also advise downloading, installing, and running the free version of Malware Bytes Anti-Malware. Use the “download now” link on the website to obtain their free edition.

Both prorams are somewhat complex but also self explanatory. Don’t let them overwhelm you. With Super Anti-Spyware you simply choose your languge, then click the “Scan Your Computer” button. Once both scans have completed (depending on the age of your computer, size of your drive, and number of files, the process can take nearly an hour per scan), and you have removed the reportedly infected files (both programs make it very simple to clean the files they have found to be malicious), reboot your computer. It will boot normally back in to Windows, and hopefully your issues are resolved.

Good luck.

Below are the original two revisions of this article and some additional screenshots.

This is a rewrite of a bulletin I put out in March of 2009. I still find this to be a common issue which I feel needs addressing.

Recently, a slew of my friends, family, co-workers, and just people on the street, have come to me with the same question: “I think I have a ton of viruses, how do I fix it?” The simple fact is: you probably don’t have a ton of viruses!

Antivirus 2009/2010 (looks like Windows Security Center) and Antivirus 360 (looks like Ad-Aware) are new POP UP PROGRAMS, usually contracted while surfing the internet – even on legitimate websites. This anti-virus lookalike program will pop up with the sole purpose of making you panic, telling you that you need to click to fix the problem NOW. If you then click the “REMOVE ALL THREATS” or “FIX THIS NOW.” If you’re lucky, at this point, it will ask you to BUY their “special” virus and “mal-ware” removal program.

If you’re unlucky, it will actually start to install a virus on your computer. It LOOKS like it is there to help, warning you have several viruses, but when you click on the banner to “fix this problem” you are actually installing the very bad payload, which is, itself, a virus. The virus then disables your ACTUAL anti-virus program (if you have one); it blocks the ability for your antivirus program to retrieve updates capable of fixing this problem. All in all puts you in a very deep hole of problems.

What you need to know: If you did not tell the computer to do a virus scan, and suddenly it pops up and says you have dozens or even hundreds of viruses, it is one of these FAKE pop ups! No doubt in my mind. Most Virus Scanners can find one or two viruses when they’re running their automatic scans in the background. If you did not start a manual Full System Scan, your computer will never tell you that you have 300+ viruses – it can’t find that many without doing a manual scan. So if something ranomly tells you that you’re sunk, don’t panic, take a deep breath and laugh it off: you already know their tricks!

If one of these pops up on your computer: your safest practice is to immediately save anything you are working on, and restart your computer. Do not try to close the window that is alerting you of all of the viruses; shutting down the computer will close the pop up. If it does happen to be a legitimate problem or something is actually installed on your computer, and it will pop back up next time you turn on the computer. If it does not come up after a restart – it was likely nothing more than one of these fake pop ups, and nothing has been installed on your computer!

I personally dealt with one of these pop ups, recently, where even when you clicked the “X” in the top right, to close the program, it refused to exit. It would say “are you sure you want to close” then as soon as you clicked “YES” – another window popped up with the same “virus alert!” It is trying to trick you in to clicking the wrong thing, thus installing the “payload” which could do anything from causing the computer to go slow by infecting other computers, to stealing files off of the computer, to even crashing the whole thing, requiring a complete rebuild. That is why I recommend immediately shutting down and/or restarting the computer.

If you have accidentally “installed” one of these “antivirus” programs, in an attempt to solve the problem it created, you might not be entirely out of luck, as the website MalwareBytes.org has an anti-malware “removal tool.” At this time, it is the only recommended removal software I have come accross, earning recognition from several “tech” websites as the best possible solution to those who may have clicked on a fake anti-virus banner, next to wiping the computer clean and rebuilding it.

Above, I have included a few “screen shots” of what these fake antivirus programs might look like, these are only a few variants, there are literally dozens popping up (no pun intended) right now.

Thanks for reading, I hope it was more “edu-taining” than jargon heavy gibberish!

If you’re really interested in the technology part, check the ISC’s article.

Set Office 365 Passwords to Never Expire

In BPOS, users would at least get a warning when they logged in. In Office 365, we’re seeing passwords expire and nobody knows why their Outlook or Lync suddenly stopped working. You can always have someone go to Portal.Microsoftonline.com and reset their password – it’s rather simple. But even less of a headache? Make it so that their passwords don’t expire. Follow the step by step below:

Download & install the cmdlet programs (you may
already have these and be using them).

  • Microsoft Online Services Sign-In Assistant (IDCRL7) (32 or
    64-bit).
  • Microsoft Online Services Module for Windows PowerShell (32 or 64-bit).

Now launch the Microsoft Online Services Module for Windows PowerShell
from your desktop or start menu and enter each of the following commands one at a time (each bullet
point is one command NOTE that some commands may span more than one line due to web formatting – look for the actual BULLET POINTS to show you the beginning of each new command and copy it entirely).

  • $LiveCred = Get-Credential
  • $Session = New-PSSession -ConfigurationName Microsoft.Exchange
    -ConnectionUri https://ps.outlook.com/powershell/ -Credential
    $LiveCred -Authentication Basic -AllowRedirection
    • ENTER YOUR ADMIN USER CREDENTIALS (admin@xyz.microsoftonline.com &
      a password).
  • Import-PSSession $Session
  • Connect-MSOLService
    • ENTER YOUR ADMIN CREDENTIALS AGAIN
  • Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true

And now you’re all set! Passwords won’t expire any more and passwords which have expired already will begin working again within minutes.

Re-Register all of the DLLs on your computer

If you’ve recently had a virus or other random problems with your computer, such as the Blue Screen of Death, Windows Update not working, or Internet Explorer crashing, someone may have have advised that you use the System File Checker, or they may have told you to re-register all of the DLL’s on a computer. What the heck are they talking about?

What they want you to do is to go through your computer with a fine-toothed comb and find any system files that may have been corrupted. That sounds like it could take hours and be extremely difficult, lucky for you: it isn’t!

  1. Open a command prompt (for most of you, you can simply click the Start Menu, then go to All Programs, Accessories, then click Command Prompt).
  2. Type the following, and press enter:
    sfc /scannow
  3. You can also use the switch (the part after the slash) “scanonce” to scan the computer when you reboot, or “scanboot” to ALWAYS check the computer on bootup, but I adise sticking with either scannow or scanboot.

That doesn’t actually re-register all of the DLL files, however it does compare all of the major system files to what they should be based on a cached version or version from the base Windows install, and repair them if corrupted. To re-register DLLs takes a little longer, but it can solve a lot of problems when applications report that a file can’t be found or is missing. Open another command prompt and enter each command below one at a time, being sure to press enter after each one.

In the example below, I point to System32. If you’re using a 64-bit computer, change directory to syswow64.

cd
cd windows
cd system32
for %1 in (*dll) do regsvr32 %1 /s
for %1 in (*ocx) do regsvr32 %1 /s

Now reboot your computer. This doesn’t check the files themselves, but it re-registers them in the system, so if, for example, two programs shared the same file, and you uninstalled one of the programs, it may have left the file behind but broken ‘links’ (so to speak) to the file, thereby breaking the second program. So, I encourage you to run this as a quick way to try and fix some problems you may be having with program crashes, Windows Blue Screens, RUNDLL errors, etc…