How to reset the Administrator password in Windows

Forgot your Administrator password? Or locked it out due to trying the wrong one too many times? This is the place for you.

I worked for a client recently that made a classic personnel mistake. After parting ways with a disgruntled employee they failed to change the Administrator password on their production server. This server is available publicly via remote desktop. As I was working on a issue for them one day I stopped being able to log in. It turns out their disgruntled employee had logged on and re-set their password, Oops!

If you find yourself in such a conundrum here is how I got them back into their machine. There is a great (free) app called PogoStick that you download as an ISO and burn to a CD, it’s available here: Just download it, burn it to a CD and then insert into the affected machine. Couple of notes here:
1) Be sure the machine your fixing is set up to boot from your CD rom first. This is done by going into your bios and finding the section related to boot devices. Every bios is different so that’s as specific of instructions as I can give.
2) Read through the screens. The app can do a number of things but many of them are experimental and some only work on certain versions of Windows. Play it safe and only reset the password to blank, setting it to a value didn’t work for me. Also be sure to unsuspend the id if it’s not already.
3) This one is important, and not so obvious in my opinion. After you’ve fixed the id you’re not done. You have to exit using the menu. It will eventually ask if you want to commit the changes to which you’ll answer (y)es.

That’s it. In case you’re not paying enough attention, you can now re-set the Administrator password from blank to some useful value in Windows itself. No need to use a command line app as I’ve heard some people have.

NOTE: If you need to reset an admin id on a domain controller that is an entirely different beast. The solution above works for local machine accounts only! If you want more info, or want to try to fix a account for a domain controller these look like useful websites. Caveat emptor though, it is possible to make the situation worse with some of these suggestions.
How to reset the Domain Admin Password under Windows 2003 Server
Unlocking Windows NT/2000/2003 Domain Controllers
Forgot your Windows password? No problems : Password resetting and recovering techniques


Excellent website – catacombae. Find Duplicate files on your computer, get your DiskUsage, etc

I just found an excellent website,, on it Eric posts a few different useful utilities and the code is open source. I have used three of his utilities and they work great, the three I’ve used are:

1) DiskUsageAnalyzer
I used to use FolderSize for this, unfortunately Microsoft made a change in Windows 7 that no longer allows extending explorer in a way that allows this add-on to work. /shake fist @ MS. This utility works quite well, it’s great if your disk is getting full and you don’t know where all the space is being used. IMO this is a utility that should be built into windows.

2) FindDuplicates
This is actually an idea I wanted to write for ages, managing all those family photos and backups is a pain (we tend to copy photos we want to get printed to a temp to print folder, and then promptly forget about them). Unfortunately this app shows errors as they occur meaning it stops processing on every error. You’d think this wouldn’t be a issue, but in practice there are lots of reasons for this process to fail on files (locked files, permissions). It would be great if it would just build a list of errors and continue processing instead of making me click ‘Ok’ over, and over, and over. Great app for the price though!

3) HFSExplorer
HFSExplorer is a great little utility for reading Mac based hard drives on a PC. Works great. Though I’m told that Windows 7 will read HFS disks so this utility seems to only be useful on pre Windows 7 machines.

Thanks for the great utilities Erik!

Why is svchost.exe consuming all my CPU / disk?

If you’ve ever opened your task manager to see what is running on your machine you’ve likely wondered why svchost is running, why it’s running more than once, and why some take much more CPU than others.

Well the quick answer to your question is svchost is really not the process being run. svchost is what windows uses to run what are known as “Windows Services”. To view the Windows Services that are installed on your computer go here:
Control Panel->Administrative Tools->Services

Every service listed in Windows Services will spawn a svchost process when it runs. So in order to know why a particular svchost process is eating your computer you’ll need to track down which Windows Service it is. Thankfully there is a command line tool that makes this pretty easy. In Task Manager take note of the Process Id (PID) of the svchost in question. Then run this from the command line:
tasklist /fi “pid eq XXX” /svc
Where XXX is equal to the PID you took note of from Task Manger.

If you remembered the /svc switch you will see all the services your process depends on. If you’re having issues with non responsiveness it’s these service(s) that need to be dealt with.

Better yet, if you have Windows Vista or newer, in Task Manager right click the process in question and select “Go to service(s)”. This will show you a list of all the services running under that instance of svchost.

This site has pretty good detail on this topic:

Happy process hunting!

How to ‘hack’ an excel spreadsheet

Something many people don’t seem to realize is once a person has physical access to a database the only thing seperating them from getting into it is a little knowledge.  This is why web apps are much more easily secured than downloadable apps could ever be.

Such is the situation with excel spreadsheets.  They use such laughably easy to break encryption that even the slowest computers can be into them in seconds.  If you’ve ever forgotten your password to an excel spreadsheet check out the macro posted on McGimpsey’s website.

Internet Explorer – is it really as insecure as people think?

Firstly, I have to say I don’t think IE is at all insecure.  That’s not because it’s never had a virus, but because browsers can’t have feelings.  Insecure just makes a good catchphrase I think, even though I used the word incorrectly.

I stumbled on this blog post today Internet Explorer 8 Still the Best at Staying Safe While Browsing the Web.  IE added a feature a while back that checks the website being requested (the URL / URI) against a known database before it loads that in the browser.  According to the website above that feature caused 560 million blocks last year or 3 million blocks a day, so it prevents people from getting a virus 3 million times a day.  That’s pretty impressive.

Now, that’s not exactly the cure I have to say.  Blocking websites that gives IE virus’ is not a patch to permanently prevent a virus.  The cure is to fix their code, however being realistic, the site blocking feature is just another layer of security.  You can’t catch all the bugs all the time and a feature like this adequately allows the IE team time to develop a fix and still prevent any given site from causing the entire internet turning into a botnet.

Kudos to you MS for providing such a feature, though do be sure to keep the patches coming.