WinXP Info
Getmac
You may be familiar with the Getmac command, one of Windows XP's handy command line utilities. Getmac displays the physical or media access control (MAC) address assigned to a network interface adapter in a local or a remote computer. Knowing the MAC address can come in very handy in a number of troubleshooting operations.
If a system has more than one network interface adapter, the standard report generated by the Getmac command will list all MAC addresses, but it won't identify which MAC address is assigned to which network interface adapter.
However, the Getmac command comes with an often overlooked parameter. The /v parameter configures the command to provide detailed information in its report. This detailed information includes the actual names of the network interface adapters.
To make the report even easier to read, use the /fo LIST parameter, which specifies that the Getmac command format its report in a list format.
Here's an example:
Getmac /V /FO List
Hide drive letters in My Computer
Have you ever needed to hide a drive on a system? For example, suppose you manage a system shared by multiple users in a public area, and you keep diagnostic and management applications on a separate drive.
Wouldn't it be nice to be able to hide that drive from users to prevent any mischievous exploration? You can do so with a simple registry edit.
Follow these steps:
1. Launch the Registry Editor (Regedit.exe). 2. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\C'urrentVersion\Policies\Explorer. 3. Right-click the Servers key, and select New | DWORD value. 4. Name the value N'oDrives. 5. Press [Enter] twice to open the Edit DWORD Value dialog box. 6. Using the list below, type a number that corresponds to the drive you want to hide in the Value Data text box, and click OK. * A: 1 * B: 2 * C: 4 * D: 8 * E: 16 * F: 32 7. Close the Registry Editor.
You must restart the system or log out of Windows XP in order for the change to take effect.
To hide other drive letters that we didn't list, follow the pattern of doubling the number for each successive drive. For example, drive G: would have a value of 64.
To hide multiple drives, add the values together. For example, to hide drives A: and B:, use a value of 3. If you want to hide all drive letters, use a value of 67108864.
Note: Editing the registry is risky, so be sure you have a verified backup before making any changes.
Easily identify services running inside processes
Greg Shultz, TechRepublic
Most Windows XP admins start their troubleshooting process by launching Windows Task Manager and selecting the Processes tab in order to gather information about the programs and processes that are currently running on a system. While some of the running processes are easy to identify (especially if they directly represent an application), other processes can be puzzling to identify (especially if they represent services).
For instance, when you look at the list of processes displayed in the panel, you'll probably find multiple processes listed as Svchost.exe, which is a generic host process name for services that run from dynamic-link libraries (DLLs). In addition, you may find other similarly named processes that actually represent services.
You can easily identify the processes that are hosting services by utilizing Windows XP's TaskList command-line tool and the ModualName switch to create an easy to read report. Here's how:
1. Open a Command Prompt window. 2. Type the following command and press {{{[Enter]: tasklist /m > tasklist.rtf}}} 3. Launch your word processing program, load the tasklist.rtf document, and investigate the nicely formatted report.
Disabling Windows Messenger on a Windows XP machine
Greg Shultz, TechRepublic
If you're using MSN Messenger as your chat and videoconferencing tool, Windows Messenger may have been removed from the startup group.
However, you may have seen it pop up on occasion and had to struggle with closing it down. The reason that Windows Messenger makes these impromptu appearances is that Outlook, Outlook Express and even some Microsoft Web pages can still make it load automatically.
Fortunately, you can banish Windows Messenger from your desktop by making an alteration to the local group policy with the Group Policy Editor.
Here's how:
1. Access the Run dialog box by pressing [Windows]R. 1. In the Open text box type Gpedit.msc and click OK to launch the Group Policy Editor. 1. Go to Computer Configuration | Administrative Templates | Windows Components | Windows Messenger. 1. Double-click the Do Not Allow Windows Messenger To Be Run setting. 1. In the resulting dialog box, select the Enabled option, and click OK. 1. Close the Group Policy Editor.
Note: This tip applies only to Windows XP Professional.
Rename the Administrator account in Windows XP
Greg Shultz, TechRepublic
Make it twice as hard for a potential hacker to get into your system by renaming the Administrator account. Here's how to do so in Windows XP Home and Professional.
The Administrator account exists on all computers running Windows XP Professional and Home. This gives potential hackers half the information they need to access your computer -- all they have to do is guess your password.
You can make it more difficult for unauthorised persons to get into your system by renaming the Administrator account. Follow these steps for a Windows XP Professional machine:
1. Go to Control Panel and open Administrative Tools. Double-click the Local SecurityPolicy. 2. When the Local Security Settings snap-in appears, open the Local Policies\Security Options branch and double-click the Accounts: Rename Administrator Account policy. 3. When the Accounts: Rename Administrator Account Properties dialog box appears, type a new name in the text box and click OK.
Follow these steps to rename the Administrator account in Windows XP Home:
1. Press [Windows]R to access the Run dialog box. 2. In the Open text box, type Controluserpasswords2 and click OK to access the User Accounts dialog box. 3. Select the Administrator Account from the list and click the Properties button. 4. In the User Name text box, type a new name, and click OK.
Note: This tip applies to both Windows XP Home and Professional editions.
Launch System Restore from a command prompt
Greg Shultz, TechRepublic
It's not unusual to use System Restore to fix strange Windows XP system behaviour -- but depending on how damaged your system seems to be, you may need to call for more advanced measures.
If your Windows XP system begins acting strange, a typical fix is to use System Restore to remove any system changes made since the last time you created a Restore Point. However, what if the problem is so bad that you can't start Windows XP normally, or even start the system in Safe Mode?
The good news is you can run System Restore from a command prompt.
Here's how:
1. Restart your computer and press [F8] during the initial startup.
2. When you see the Windows Advanced Options Menu, select the Safe Mode with a Command Prompt option.
3. Select the Windows XP operating system.
4. Log on to your computer with an administrator account or with an account that has administrator credentials.
5. Type the following command at a command prompt:
C:\windows\system32\restore\rstrui.exe
When you see the System Restore window, the graphics may look odd, but you can still follow the onscreen instructions to restore your computer to an earlier state.
Note: This tip applies to both Windows XP Home and Windows XP Professional.