Very similar issue to RobertM16 regarding the symptoms and the results when trying to restore backups.
I have a three-week old backup of the VM in question. So I dropped that in, but unfortunately the same issues occurred. My next fall back was to go to a much old VM. That VM also asked for the PW reset, but it worked and I have been able to workaround the immediate need.
I proceeded with the Option 2 method of recovery. The first time I tried it however, only one virtual disk mounted, which it called C, but which appeared to be a boot manager partition but not the main drive. I was floundering around a bit and tried the mounting procedure a second time, and this time it came up with C and D, where C was as before and D was the desired virtual volume. After that, I was able to complete the procedure and regain use of the VM.
By the way, a very handy little trick to replace Utilman.exe with cmd.exe, or in fact anything else that you might like to have available without being logged in.
The odd thing about this procedure: the issue with the "possible attempt to compromise security" just goes away without specifically being dealt with. I am wondering if it will resurface the next time a password reset occurs. I am not really inclined to try to test this, because of the way the VM is set up. However, for now I am leaving the cmd.exe masquerading as utilman.exe in place, just in case.
Last edited: Sep 26, 2016
