WMI and WMIC example text for common queries

This is straight from the Microsoft Technet July 2005 CD set.  I’ve not seen it elsewhere, and since I’ve found it so useful, I’m going to repost it here.  WMIC is the command line interface to WMI.  Using the WMIC alias makes it easier to return computer information, all from a command line.

The following table contains example text of common queries using WMIC Aliases.  To run one of the queries, cut the entire contents of a cell in the Example Text column, paste at the WMIC command prompt, edit the variables as appropriate, and press the ENTER key.

Continue reading

Laptops and burns – the problem

60.3 Celsius, it was very hot. If you’ve been using laptops for a while, you might have heard about the dangers of laptops burning your thighs.  If you have, you’ve probably also heard about the Swedish guy who suffered burns to his penis.  When I reviewed my employers’ recent draft “computer use” policy, I noticed the laptop section was missing a section on laptop heat.

So I had a look at the available medical research.  And there isn’t much.  There is one 2004 study which found that skin burns will occur over a period of 8 hours at 42.5 Celsius (108.5 Fahrenheit).  There was the 2008 case of a 24 year old male suffering a 8×3 cm burn on his right thigh.  He had fallen asleep while watching a movie.  Six hours later, he woke up with a deep second degree burn.  And there is the case of the Swedish chap with the burnt penis.

I decided to run a test, to see what heat a laptop generates.  And I thought it would be interesting to look at the differences between the various Windows versions.

The test rig:
Dell E4200 Laptop, towel, PassMark BurnInTest software

Highest temperature seen: 60.3 Celsius / 140.54 Fahrenheit

Temperature under the towel
This was measure by placing the temperature sensor under the first layer of a towel.  The laptop was then run until it reached an operating temperature.

  Celsius Fahrenheit
DOS 37.9 100.2
Windows XP SP3 38.6 101.5
Windows Vista SP2 39.4 102.9
Windows 7 37 98.6

Fan exhaust port temperature
This was measured by placed the temparture sensor outside the fan exhaust port.

  Celsius Fahrenheit
Windows XP SP3 42.3 108.1
Windows Vista SP2 45.2 113.4
Windows 7 43.2 109.8


Differences in operating systems?
No as much as I thought.  I was expecting Vista and Windows 7 to be cooler than MS-DOS and Windows XP, as they have later technology (power/thermal management) built right in. 

About that 60.3 Celsius measurement you mentioned earlier?
I had the laptop resting on a blanket, which was resting my lap.  My lap felt warm, so I grabbed the thermometer.  60.3 Celsius! 

Further reading
2002: The Lancet – Lap burn due to laptop computer
2004: Journal of Burn Care & Rehabilitation – Temperature threshold for burn injury: an oximeter safety study.
2008: Journal of Burn Care and Research – Thigh Burn Associated With Laptop Computer Use

Driver Packages and Drivers- Shall We Disambiguate?

MSDN Logo This was originally a post by Bob Kjelgaard on his MSDN Blog Trouble Ahead- Trouble Behind.   I’m going to repost it here, as it looks like the original content has been removed.
This copy was captured by the Google Cache as it appeared on 31 Jan 2010 21:56:34 GMT.

So you want to know how to sign your driver, eh?  Let us step aside and improve our thinking for a moment, so we can be smarter about what we are asking for- because I don’t think it’s the driver you actually want to sign…

What is a Driver Package?

At a minimum. it is ALL of the files that should be present to make sure your device’s driver and all associated support software installs, begins working, and continues to work when it is plugged in:

  • The driver binaries, including any coinstallers, or other support binaries.
  • The INF file, which tells the OS how to install the “driver” and hook all those things together properly.

You may want more than that in the package- perhaps you have useful value-added utilities to install that you also want on the disk.  Microsoft recommended this in the WinHec 2008 presentation “Creating Deployable Driver Packages for Windows”  (non-Microsoft link)

How do I know what needs to be in the package?

Continue reading

Default security permissions on Windows Registry keys.

Registry keys with permissions

At work, I’m working on a registry key permission error.  Something which worked on Windows 2000, now doesn’t work on Windows XP.  It’s security related, hope to solve it today.

One of the questions I had was: “What are the default registry security permissions for Windows 2000 and Windows XP?”  Couldn’t find anything.

So I created my own, using the Microsoft Sysinternals AccessEnum tool.  The above graph just shows how much Microsoft has tighten registry security, from operating system to operating system.

You can find the attached spreadsheet summary here.

Bookmark and Share

How to extract device drivers from your PC.

Driver Magician Lite Use Driver Magician.

Why?  Well sometimes you’ll get a laptop from a manufacturer, and to remove all the crapware, you’ll want to reformat the laptop.

Reformatting is normally the best option.  Quickest way to get rid of the crapware I know.
Or, if you work in a Corporate IT shop, you are probably going to want to install your own customised Windows operating system install.*

BUT.  Sometimes manufacturers don’t place their laptop drivers on their website, which makes it hard to install your own copy of Windows successfully.  What with not being able to find all those required device drivers.

Driver Magician will backup all those device drivers for you.  And if you’re not a skinflint who uses the Driver Magician Lite version, it’ll even restore them for you.  From the screenshot, you can see I’m a skinflint…

And the driver backup went very well.

On a test Dell e4200 series laptop, I backed up the Intel Ethernet and Wireless Network drivers.  It backed all the required DLLs/INFs/CAB files it needed to.  Then I reformatted the laptop, and installed Windows XP.  Loaded the backed up drivers, and they worked perfectly.

I’m very happy.

Why the Dell e4200?

A standard Windows XP build does not have the required (e4200) Intel Network drivers included.  Meaning you have to install them yourself.  So it made a good test machine.

Thanks to…

Terry McDonald (School Network Manager).  This is where I first saw mention of Driver Magician.

* if you are a large enough Corporate IT shop, you’ll get into discussions with laptop hardware vendors like:

Wisefaq, your customised image fails to load at our laptop manufacturing plant.  It’s your device driver choice.  We use different drivers in our laptop Windows install, and they work …

Driver Magician will allow me to extract those very same drivers, and use them in my customised Windows build.

Bookmark and Share

“Beware of Integrated eSATA ports”

I don’t like quoting whole slabs of another blogs posts, but this is worth spreading to a wider audience:

… If you only use a single drive attached to an eSATA port, you can quit reading, but if you are like me and want the best performance possible, you have probably invested in a 2.5” or 3.5” external portable cabinet that can take two or more drives.

These cabinets from makers like StarTech and AMS, have built in hardware RAID functionality that allow you to configure the dual drives in a RAID configuration without requiring a RAID card in your machine. Typically RAID 1 (mirroring) and RAID 0 (striping) are the two most common approaches in a dual drive case.

BUT, these external cases rely on a technology called Port Multiplication to see all the drives. You can go read the detailed description at your favorite web site, but basically port multiplication allows you to have multiple drives accessible through a single eSATA port. The catch is that the eSATA interface must support Port Multiplication.

This is where the issue is with integrated eSATA ports in laptops and desktop motherboards.  They do not all support port multiplication…actually very few do. …

Robert Larson on Beware of Integrated eSATA ports

Bookmark and Share

APIs new to Windows 7, and other Microsoft operating systems

The list of APIs new to Windows 7, and all the other (previously released) API functions can be found right here:

Functions by Release (MSDN Library)

The PowerSetRequest / PowerRequestAwayModeRequired mode looks particularly interesting.  It seems to be a new power saving mode:

The system enters away mode instead of sleep in response to explicit action by the user. In away mode, the system continues to run but turns off audio and video to give the appearance of sleep.

Bookmark and Share

A sample Remote Desktop Control product policy.

Had a customer IT Security Team, let’s call them FREDNET, ask me for some advice on graphical desktop sharing and control system.
Think VNC, Dameware, PC Anywhere.

Here is what I wrote up for them:

The Remote Desktop Control product (RDCP) must adhere to the following policies:

  • RDCP must not be able to connect to a PC which is not logged on.
  • RDCP can only connect when the end user of the PC positively authorises the connection.
  • End user is able to terminate the RDCP session.
  • End user has the ability to “see” what the RDCP session is doing.
  • RDCP connections must use logging for auditibility.
  • The RDCP must be able to coexist with the <support organisation> Desktop Management  Toolset.
  • Session data traffic between the RDCP server & client is encrypted.

The Desktop Support Team has not evaluated the following Remote Desktop Control products, but do provide the following comments on these products:


  • VNC traffic is not encrypted.
  • Is able to connect without end user providing authorisation.

Therefore not suitable for use in the FREDNET network


  • Is able to connect without end user providing authorisation.

Therefore not suitable for use in the FREDNET network.

Microsoft Remote Desktop with WIndows 2000/XP

  • Can connect to a PC if the client is not logged on
  • Does not prompt the client to allow connection, it just remotely connects and locks the client workstation while the remote desktop session is active.
  • Therefore clients are unable to “see” what the Remote Desktop session is doing.

Therefore not suitable for use in the FREDNET network.

Bookmark and Share

MS06-049 for Windows 2000 SP4 causes data lost.

From Slashbot:
“It looks like there is a problem with the recently released MS06-049 / KB920958 patch. If you have compression activated on any folder, then the compressed data is at risk from corruption. New files that are close to a multiple of 4K in size will have their last 4,000 bytes or so overwritten with 0xDF. Although this problem has been reported to Microsoft, as yet there appears to have been no official announcement. ”

It’s true, Microsoft have told me the same thing.

Bookmark and Share