I am looking for a way to log when USB devices are plugged in and unplugged from a Windows 7 machine. I would like it to function similarly to the USBLogView program made by NirSoft, however we are not allowed to use any third party software on this machine, only first party Microsoft. Basically, if it could log the name of the usb device and the time it was plugged/unplugged that would be perfect.
Edit: sorry batch is not a requisite, to be honest I'm not too familiar with scripting on windows, I'm much more familiar with bash scripting.
Take a look in this solution:
https://superuser.com/questions/1096887/where-can-i-find-logs-on-recent-usb-insertion-in-the-event-viewer (scottschlaefli answer)
Link found on the above answer:
https://learn.microsoft.com/en-us/windows-hardware/drivers/usbcon/how-to-capture-a-usb-event-trace
This way you'll get a extensive log of all USB devices, than later you can get this log with a software, ex: c# software with 'EventLogQuery' object to get informations and use it.
Related
Is it possible to work at Raspberry Pi Pico using Windows 10? My question specified is: do I have to install any Linux distro, for example Raspbian, to be able to work at it? Do I also need to use SD card to work with it?
Just want to receive feedback, cause I'm confused and also kinda new to embedded systems
I may share my experience so far, I'm not an expert and this list does not claim to be complete at all.
The pi pico can be programmed by using
Picomite Basic (found here: https://geoffg.net/picomite.html) which doesnt need anything installed on the PC except a terminal program (I am using Tera Term)
MicroPython (never used it myself, afaik Thonny - found here: https://thonny.org/ is the preferred IDE )
C/C++/ASM This is what I am using, the SDK is available for Windows, Linux and Raspbian (MacOS maybe too?), an excellent guide on how to install it and how to use it is found here: https://datasheets.raspberrypi.com/pico/getting-started-with-pico.pdf
Arduino The Pico can even be used as an arduino device too, a good point to start is here: https://github.com/earlephilhower/arduino-pico
Keep in mind, that the interpreted languages (basic and python) are easier to handle (no big SDK or framework need to be installed on the PC, copying code to the pico is a relative easy step) but at a cost of speed. If you need a lot of cpu power, compiled languages are by far the better choice
To answer your questions, yes, no, and no. You should be able to get going on Windows 10 with just the raspberry pi pico and a micro USB to USB cable.
I got started with mine this weekend - seeing the on-board LED blink finally made me so happy.
The official getting started guide pointed me at this script for getting started on Windows.
It set up docs, examples, visual studio code, and more for me. Between its README and chapter 9 of the getting started guide ("Building on MS Windows"), I was able to get my little light blinking :)
Good luck to you on your embedded journey!
As an alternative, an in addition to #Tommylee2k's helpful insights, you can develop and run Python software for a Pico with absolutely no software needing to be installed on a Windows PC.
At its most basic level, you press the BOOTSEL switch and insert the Pico's USB cable into your PC, and the few MB of space on the Pico appear in your Windows File Explorer as a USB disk drive.
You then write your microPython software using any text editor you prefer. All these general purpose modules are available. And all these Pico-specific modules are available.
You then copy (drag and drop) your Python script to the Pico disk drive and save it as main.py.
The Pico will then run that script on every subsequent power-up. Of course you can re-attach the Pico to your PC and edit the file at a later date.
That is adequate and simple enough. If you want a REPL and friendly editor and console logging and other developer-friendly features, you can install Thonny for free and code more effectively but it is not actually absolutely necessary. It's a bit like driving a car without ABS, without an automatic gearbox and without aircon - it can get you from A to B without problems but there are easier and more comfortable methods.
So I've been wanting to put a windows 10 ISO on my flash drive, but I have WinPe by strelec already on it. I don't know how I can a windows installer on top of it and I don't even know if that's even possible at all... Please send help I'm a newbie when it comes to software
Unfortunately no, it is not possible to have multiple bootable OSes if something is already present, (at least to the extent of my knowledge) but if you'd like to dualboot on a clean USB drive, (erase your existing one, even) there exist several tools that can do that, such as Easyboot, syslinux, or even grub4dos. Some other helpful resources can also be found at Reboot.pro. However, if you are currently running Windows, I recommend WinSetupFromUSB as an easy way to get a multiboot USB drive going.
Yes It's possible just use ventoy and You can have multiple ISO's in the same usb, boot from USB and choose the want to boot, https: //www.ventoy.net/
I'm looking for a way to ensure that a USB device plugged into a Windows 7 machine will be mounted in a reliable, repeatable way.
I don't have that much Windows experience, but I wondered if there was a way to make the equivalent of a udev rule in Linux to match certain parameters to identify the device and then mount it on a specific COM port.
Any advice would be gratefully received.
Sarcastic answer:
I've looked for C:\Windows\etc\udev.d but there's no such directory
;)
Less sarcastic answer:
As far as I know, the only way to configure devices in windows is via the device management UI which can be started with mmc devmgmt.msc
This is obviously not even similar or even close to udev, there is no possibility to do this without the GUI.
Is there any way Not to detect USB from windows PC?
The USB device should not mount on windows PC ,It should be handled by my application..
Suggestions please...
As far as I know there is no way of stopping the mount on the windows PC, however, you could set it up to autorun so that when it is plugged it in attempts to launch your application. This answer has some information on how to do this: https://stackoverflow.com/a/255067
There is also the option to hide a drive in windows by removing is drive letter (http://www.howtogeek.com/97203/how-to-hide-a-drive-in-windows-so-that-no-one-will-know-its-there/) however, this is almost certainly going to stop your application from reading it too.
If this is for a specific security reason then perhaps you could look at encrypting the drive and allowing only the application to decrypt the data. Thus, whilst mounted in windows it will be of little use.
Sorry I couldn't be of much more help.
Microsoft provides a utility called devcon for free download.
It's a "Command Line Uility Alternative to Device Manager".
It can actually do many things that I won't get into here, but removing a plug & play device is a simple operation once you know the unique name of the device you want to manipulate.
Refer this to check how to work with it.
It sounds like you don't want your device to show up as a drive in My Computer. In that case, why are you using the Mass Storage Device class at all? You could make a custom, vendor-specific device and talk to it using control/interrupt/bulk transfers with WinUSB. You would need to change the Device's USB descriptors to indicate it is a vendor-specific device and not a mass-storage device.
From time to time, I need to dump USB traffic under Windows, mostly to support hardware under Linux, so my primary goal is to produce dump files for protocol analysis.
For USB traffic, it seems that SniffUsb is the clear winner... It works under Windows XP (but not later) and has a much nicer GUI than earlier versions. It produces huge dump files, but everything is there.
However, my device is in fact a USB serial device, so I turned to Portmon which can sniff serial port traffic without the USB overhead.
After five years waiting, now it's possible to sniff usb packets on windows
See http://desowin.org/usbpcap/tour.html for a quick tour. It works pretty well
Since people don't seem to realize it, Wireshark does monitor USB traffic and has a parser for it; but the catch is it only works under Linux. Wireshark on Windows will not do this.
It may be possible to plug the USB device you want to monitor, along with a Linux machine (with Wireshark running) and your Windows machine and just use the USB device under Windows.
Problem with the above? I don't know how the Linux machine or the Windows machine will detect each other.
Busdog, an open source project hosted on github, has worked well for me. It has a driver it installs to allow it to monitor USB communications. The config window allows you to reinstall or remove the device at any time.
You can select the USB device you want from an enumerated list. A nice feature is to have it automatically trace a new device that is plugged in:
Data communications to and from an SWR analyzer I was reverse engineering were captured flawlessly:
USBSnoop works too - and is free.
Or, you could buy a USB to Ethernet converter and use whatever network sniffer you prefer to see the data.
Personally, I'd use QEMU or KVM and instrument their USB passthrough code, and then use libusb to prototype the replacement driver in user space (this latter bit I've done before; writing USB device drivers in Python is fun!).
Microsoft Message Analyzer was able to capture USB traffic, with Device and Log File parser from MS: link
Update: as mentioned by #facetus, MS Message Analyzer has been retired on November 25 2019.