Advanced Windows Examination
NT Services
Available on only WinNT,Win 2000 and Win XP platforms.
All available services are listed. The upper portion of the window shows:
Service Name
Service Description
When you click on a service name, the lower portion of the window is populated with detailed service information from the Service Manager.
General Tab
Login Tab
Dependancies Tab
You can modify which services are listed by selected the "List Criteria" tab on the lower portion of the window.
Click on the "Refresh" button to refresh the list of services.
Click on the "Stop Service" button to stop or start the selected service.
NT/2000/XP Performance Data
This tool displays the performance data unique to Windows NT/2000/XP.
The initial performance tree displays the standard performance topics. Click on the "+" next to each subject to expand into performance categories and counters.
NT/2k/XP Disk Sector Viewer
This tools allows you to view disk sectors for any local disk drive under Windows NT, 2000 or XP. This option does not work for 95/98 or ME.
From the drop-down list box select the local drive you want to scan. Sector 0 will immediately be displayed.
Use the spin control to either scan up or down the disk sectors or type a specific sector into the edit box.
The sector display shows the Hex and Actual sector values for all bytes within the selected sector.
NT/2000/XP ROM/BIOS Dump
This function displays the contents of the SMBIOS structure from memory into a hex data viewer panel.
Under Windows NT/2000/XP the contents of ROM/BIOS are availabe differently that win9x versions. Using the viewer you can scan addresses $F000 to $FFFF for data.
Windows Drivers
This function lists all drivers loaded within the Windows core. When invoked, the following data will be displayed:
- Driver Name: Full path and file name of the driver file
- Address: The Windows address where the driver is loaded
- Version: The driver file's version information (if available)
- Company: The name of the Company that authored the driver (if available)
WMI Explorer
This function lists the Namespaces and Classes from the WMI local interface. Within each class all values and data are extracted and listed.
Upon entry the 'root\cimv2' namespace is defaulted showing the Win32_process class values. This will list all process and all WMI process data.
Namespaces: From the dropdown listbox select the namespace to explore.
Classes: From the dropdown listbox select the class to explore.
Once a class is selected, all data values are listed in the lower section of the form. Many classes will have no data values depending on the system configuration.
Scheduled Tasks
Windows NT, 2000 and XP provide a task scheduling service that automates the execution of programs within the Windows environment.
This PC Surgeon function provides a list of all scheduled tasks from within the Scheduler engine and then allows examination and modification of the specific schedule parameters.
When invoked, the following data will be displayed:
- Task Name: The task key from within the scheduler engine
- Application: The full path to the scheduled application
- Schedule: A string representing the user defined schedule
- Optional parameters
Double click on a selected task or click on the "Edit Task" button to invoke the task detail viewer/editor. |
