NOOB question regarding NTLM Hashes
#1
I am working with an NTLM hash that was extracted using Quarks PW dump from a domain controller. This is a case where someone locked the keys in the car and now we need to get in. By using a combination of the registry keys and the AD database, I was able to extract the hashes and put them in a text format. I was hoping to use hashcat to crack them, but I keep getting a line exception error when running against the hash.

Below is an example of the command running:
oclHashcat-plus64.exe --hash-type 1000 --attack-mode 3 user:0000:#D##########D####D#DD#D####DDD##:##D##D#DDD###D##D#D###D##D#DD##D:

I am using the hashcat gui for simplicity on a Windows system.

When running the program I am getting a line length exception on every line, when attempting to pull from the text file that was created.

Assistance would be appreciated.
#2
pwdump format is not supported, you need to specify just the nthash
#3
Quote:user:0000:#D##########D####D#DD#D####DDD##:##D##D#DDD###D##D#D###D##D#DD##D:
This is the only part that you need:
user:0000:#D##########D####D#DD#D####DDD##:##D##D#DDD###D##D#D###D##D#DD##D: