The old sethc trick

If the drive is not encrypted, you can try the “sethc.exe” trick:

  1. Mount the drive RW and rename the file C:\Windows\System32\sethc.exe to sethc.exe.bak (or something)
  2. Rename C:\Windows\System32\cmd.exe to sethc.exe

sethc.exe is the exe for sticky keys.  When you boot up and atthe login page, press SHIFT five times fast.  Instead of getting the stucky keys prompt, you should get an elevated command prompt.  You can then reset the users password with

net user username newpassword

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.