Task Manager

How to use Sticky Keys to change/unlock a forgotten password

Dave Farquhar Windows , , , ,

This isn’t a particularly new trick, nor did I invent it. But it’s a good trick for breaking into a Windows system when you don’t have a lot of tools at your disposal, and have legitimate reason to do so–like a lost or forgotten local administrator password. I’ve talked about some of those reasons before. I’d also add someone locking themselves out of their own computer to the list. It happens, just like people locking themselves out of their cars, or their houses.

Not every writeup I’ve seen of this trick goes into what I would call sufficient detail. So I’ll take a shot at it.

Read more

Identifying what processes are talking on your Windows box

Dave Farquhar Windows , , , , , , ,

If you’re curious whether a particular piece of software might be spyware, or you have some other reason to believe your computer might have been compromised and might be talking to something it shouldn’t be, there’s a quick and easy way to find out besides using the standard netstat -an command.

Windows XP and 2003 (and, presumably, Vista) have the netstat -o command, which tells you what IP addresses your computer is talking to and on what ports, plus it adds the process IDs that have those ports open. There’s a hotfix to add that functionality to Windows 2000, but it appears you have to demonstrate a need for it in order for Microsoft to provide it.

Regardless, I like the Sysinternals tool TCPview better. The most important thing it does is give you the names of the application, instead of the process ID, using each port. That saves you from having to run task manager and figure it out yourself. It puts everything in a GUI window, making it a little bit easier to scroll around, and it also tries to resolve the IP addresses, which can be nice. So if all you have open is a web browser pointing at Google and you see processes talking to web addresses you’ve never heard of, you have reason to be suspicious.

The next time someone complains to me that a computer is running slow, once I think I’ve cleaned off the spyware I think I’ll run this utility just to see if there might be anything left.

What to do when you can’t upgrade WinZIP because wkqkpick.exe is in use

Dave Farquhar Windows ,

So you’ve got WinZIP installed and have to upgrade it for security reasons. Like a good compliance-minded sysadmin, you run the patch, and the installation fails. You get the error message that wkqkpick.exe is in use.

Since you’re smarter than the computer, you fire up Task Manager to go show wkqkpick.exe who’s boss, only the operating system tells you Access Denied. Now what?

Read more

R.I.P.: One W2K box

Dave Farquhar Windows ,

My video editing box bit the dust earlier this week. I loaded a rather large image into Photoshop LE, and it hung. I killed Photoshop LE, and all appeared to be well. Then the desktop and Start menu went away. A few seconds later, they reappeared. They went away again, then reappeared. The cycle continued like a beating drum.
So I did what you should always do when a Windows box starts acting goofy: Reboot. And? After logging in, the problem reappeared.

So I scanned for viruses. The system was clean. I found that if I killed explorer.exe, everything else ran fine. So I could run programs from Task Manager, bring up a command line (just run cmd.exe) or bring up the old Program Manager (remember that from the worse-than-awful Windows 3.1?) and run programs that way. It’s a safe and easy way to save memory, but I really don’t care to subject myself to it on a regular basis. Explorer isn’t perfect, but Program Manager might be the worst shell I’ve ever seen. And I fear that if Explorer is constantly crashing, there’s probably something else wrong with the installation.

I tried doing a recovery install. No go. The installation media couldn’t find a Windows installation on the disk. Figures.

I don’t know if I have a Ghost image of this machine, which is a major pain. W2K got along just fine with all the hardware in the machine, but when I added the Pinnacle DV500, it took me a really long time to get it working right.

So I’m not sure what I’m going to do.

Troubleshooting intermittent PC problems

Dave Farquhar Troubleshooting , , , , ,

How to troubleshoot an intermittent PC problem. We’ve got an aging P2-233 at work that likes to bluescreen a lot under NT4–usually once every day or two. No one who looked at it was able to track it down. The first thing I noticed was that it still had the factory installation of NT, from about three years ago. Factory installations are bad news. The first thing you should do with any PC is install a fresh copy of Windows. If all you have are CAB files and no CD, don’t format the drive–just boot to DOS, go into that directory, run Setup, and install to a new directory other than C:Windows. With NT, it’s also possible to install from DOS though the syntax escapes me momentarily.

The first thing I suggested was to run RAM Stress Test, from www.ultra-x.com , over the course of a weekend to eliminate the possibility of bad memory. I followed that by formatting the drive FAT and running SpinRite. After six hours, SpinRite gave the disk a completely clean bill of health.

Knowing the memory and disk were good, I built up the system, installing NT, then installing SP5 128-bit, then installing IE 5.01SP1, then installing Diskeeper Lite, then installing Office 97 and Outlook 98 and WRQ Reflection, then running Windows Update to get all the critical updates and SP6a. I ran Diskeeper after each installation to keep the drive in pristine condition–I find I get better results that way than by installing everything and then running Diskeeper.

The system seemed pretty stable through all that. Then I went to configure networking and got a bluescreen. Cute. I rebooted and all was well and remained well for an hour or two.

How to see if the bluescreen was a fluke?

I devised the following batch file:

:loop
dir /w /s c:
goto loop

Who says command lines are useless and archaic? Definitely not me! I saved the file as stress.bat and ran 10 instances of it. Then I hit Ctrl-Alt-Del to bring up Task Manager. CPU usage was at 100%. Good.

The system bluescreened after a couple of hours.

How to track down the problem? Well, I knew the CD-ROM drive was bad. Can a bad CD-ROM cause massive system crashes? I’ve never heard of that, but I won’t write off anything. So I disconnected the CD-ROM drive. I’d already removed all unnecessary software from the equation, and I hadn’t installed any extraneous peripherals either. So with the CD-ROM drive eliminated, I ran 10 instances of the batch file again.

The system didn’t make it through the night.

OK. Memory’s good. Hard drive’s good. Bad CD-ROM drive out of equation. Fresh installation of OS with nothing extra. What next?

I called my boss. I figured maybe he’d have an idea, and if not, he and I would contact Micron to see what they had to suggest–three-year warranties and a helpful technical support staff from a manufacturer who understands the needs of a business client are most definitely a good thing.

My boss caught the obvious possibility I missed: heat.

All the fans worked fine, and the CPU had a big heatsink put on at the factory that isn’t going anywhere. Hopefully there was thermal compound in there, but if there wasn’t, I wouldn’t be getting in there to put any in, nor would I be replacing the heatsink with a heatsink/fan combo. So I pulled the P2-333 out of the PC I use–it was the only 66 MHz-bus P2 I had–and put it in the system. I’d forgotten those old P2s weren’t multiplier-locked, so the 333 ended up running at 233. That’s fine. I’ve never had overheating problems with that chip at its rated speed, so at 100 MHz less, I almost certainly wouldn’t run into problems.

With that CPU, the system happily ran 10 instances of my batch file for 30 hours straight without a hiccup. So I had my culprit: That P2-233 was overheating.

Now, ideally a stress test would tax more system memory than this one did and would force some floating-point operations as well. Prime95 is ideal.

If you have time and parts available, you can troubleshoot a recalcitrant PC by running such a real-world stress test, then replacing possible suspect parts (CPU, memory, hard drive, motherboard) one at a time until you isolate the problem.

01/04/2001

Dave Farquhar General , ,

Mailbag:
Book question; Linux; Hard drive
Optwin update. I spoke with Glenn Gilmore, a marketing director at O’Reilly, today, and he assured me there are plenty of copies of Optimizing Windows available. He suggested there must be a glitch in Amazon’s database, which he said happens fairly often. Since O’Reilly and Amazon do a lot of business, he’s probably in a position to say that.
So, to reiterate, the book is available, and there are enough copies in Tennessee to last quite a long time. If it’s not available at Amazon, please check Fatbrain or Barnes & Noble or another online reseller.
I crashed my machine and lost my post for today. Good thing that doesn’t happen often. I launched Word in order to start writing up a book proposal (don’t get too excited yet–just because I write a proposal doesn’t mean I do anything with it, and even if I do something with it, it doesn’t mean anyone else will like it) and Word never came up. Winamp fell silent. Mouse movements became as erratic as George Brett’s throwing arm in the 1970s. The mouse cursor changed to a vertical bar and never changed back. The caps-lock light didn’t light when I hit the caps lock key. Ctrl-Alt-Del brought up the task manager but wouldn’t let me do anything else. Yup. We’re hung. I waited five minutes to be sure. Nothing. It never came out of its coma. I hit Ctrl-Atl-Del a couple of times and rebooted.

Like I said, this doesn’t happen often. After I rebooted, I found out there are new critical updates for my computer. I wonder if that had something to do with my crash…? Significantly, Windows Update promptly crashed, but this time it didn’t take the system down. I’ve really gotta learn to just say no…

(And if it seems like I’m being overly dramatic, remember, this doesn’t happen to me often.)

So, what’d I lose? I’m trying to remember.

The rest of the story on memory. Visit www.pcguide.com/art/sdram.htm for the little tidbits I didn’t tell you last week. I didn’t leave out so much.

Optimizing Windows. It looks like it may be out of print. Amazon is now saying it is. I need to contact O’Reilly to find out for certain. They could do another printing, but the question is, are they willing? With O’Reilly mostly pulling out of the Windows market, I don’t know. My editor said this past fall that this title was safe–for now. But it’s not Fall 2000 anymore, so anything’s possible.

In the meantime, just because Amazon doesn’t have it doesn’t mean it’s unavailable. Check www.bestbookbuys.com/cgi-bin/bbb.cgi?ISBN=1565926773 to see who’s got it in stock and at the best price. Borders and Barnes & Noble, of course, are reputable. So are Fatbrain and Buy.com, all of whom were offering it when I checked.

Back to that proposal. So is finding out my book’s probably out of print related in any way to me writing a book proposal? Maybe. But just as significant, I got a newsletter from my alma mater yesterday, and an old archrival was very obviously showing off in the Class Notes. And the wording, and the details that were included, along with the details that were excluded suggests that the audience was intended to be limited. Maybe just to me.

That archrival needs to be put back in that archrival’s proper place (a legend in my archrival’s own mind), so I’m motivated. I’ll even use NaturallySpeaking to get this project out if I have to. Time to write a book that gets both critical acclaim and sales.

Speaking of publications… The February 2001 issue of Computer Shopper UK should be out now. This issue features the second installment of my “Optimise Your PC” series, this one with a focus on DOS compatibility.

Mailbag:
Book question; Linux; Hard drive

Changing CPU priorities in Windows 95/98/Me

Dave Farquhar Windows , , ,

Take charge of your CPU usage under Win9x. I talked about CPU Controller from BinaryWork in Optimizing Windows, which allows you to set a task’s priority (a la WinNT’s Task Manager). There’s a freeware app at http://www.blehq.org/pv2k.htm that has most of its functionality. Haven’t tested it yet, but I definitely will.
———-

From: “Chuck Buker”

Subject: Dual Duron/Athlon

I love my dual celeron Abit BP-6 machine, but I have been salivating over the prospect of a dual Duron machine for some time now. And with 700 mhz Durons selling below $90, I can hardly stand the wait.

Do you have any idea if or when someone is going to come out with a dual Scoket A (Duron or Athlon) motherboard and whether the Duron’s or Athlon’s support SMP?

———-

According to everything I’ve read, both the Athlon and Duron are SMP-capable. The forthcoming AMD-760 chipset has SMP support (the AMD-750 and VIA KT133 don’t). I don’t remember where I saw this anymore, but I seem to remember reading recently that AMD expects to release that chipset near the end of the year. If I had to guess, I’d say early part of next year you’ll start seeing dual socket A boards.

The big thing standing in the way right now is the lack of an SMP-capable chipset.

A lean, mean word processor for Windows

Dave Farquhar Windows

Tired of document bloat? I gave AbiWord another look because I thought it might be useful for a quick side project a friend of mine suggested (it requires quick-and-dirty creation of PDFs, I know how to make PDFs out of XML documents, and AbiWord is XML-based). It’s still not quite ready for my everyday use (I can create documents that crash it on reload), but I expect it to get there pretty quickly. One feature that impressed me is the ability to save its documents in GZIP-compressed form. While BZ2 is more effective, for text documents the size AbiWord will be creating, the difference is probably negligible, and GZIP is more widespread anyway. I created a document containing a couple of fairly long paragraphs and a lot of formatting and saved it. Then I saved it in compressed form. It was about 33% the size of the original. Nice. It opened flawlessly.
I’m also impressed with its CPU usage. I got the Win32 version, brought up Task Manager and watched AbiWord’s CPU usage as I typed. Even with spell checking on the fly turned on, CPU usage stayed below 2 percent. This is a dual Celeron-366 system, so on slower systems it’ll probably be higher, but just for comparison, I tried the same test with NoteTab. It typically ran between 2 and 5 percent. So, we’re talking a real word processor for the price of a text editor. Nice.

What to do when defrag won’t finish

Dave Farquhar Windows ,

Optimizing a DX4/75. Talk about bottom fishing! But I do what I have to. This DX4/75 was driving me batty because it was taking a minute and a half to boot, and 30 seconds to load Word. Hard to believe this was once considered acceptable, even good, performance for Win95. But I couldn’t do much about it because with 16 MB RAM, Defrag kept getting interrupted. I fixed that. I opened win.ini, found the line that read shell=Explorer.exe, changed it to read shell=defrag.exe, rebooted, then defragged. Defrag was able to run without interruption, and significantly faster since it wasn’t competing for limited CPU cycles and physical memory.
When it finishes, the quickest way to get regular old Windows back is to hit Ctrl-Esc to bring up Task Manager, hit File–>New Task, type Explorer.exe, then edit win.ini and change the default shell back to Explorer.

But if you gotta get a system defragged absolutely as fast as possible, try the shell replacement trick. I’ve never seen this documented anywhere, and to tell you the truth, I thought of it in a moment of desperation. But it worked.