• 

A Peoples' Counsel presents: The "real" world of Law, Justice, and government

A Peoples' Counsel Website Effort to inform the People
link to http://peoplescounsel.orgfree.com/ <A layman's guide to the "real world" of Law, justice, and government.>

• DMCA agent and other designations, and Notices regarding Peoples' Counsel web site
• 
  

• NEWDiscussions concerning what the actual Law is and why. As seen from the Peoples' view verses statute, related court rulings, history, and legislation.
• 
  
  

NEW The Peoples' Law Discussion Forum requires registration due to AD abuse

• Peoples' Counsel Home Check here for latest materials
• 
  
• Contact Us m_brahier "at" hotmail dot com
• 
  
• Peoples' Counsel Blog
• 
  
• Site Map
• 
  
• General Public warning regarding Peoples' power
• 
  
• Reference Materials and new materials including "Windows" info
• 
  
• 5-03-CV-258R, the final federal case before judicial complaints and cases
• 
  
• 12-27-04 Peoples Response to southern Ohio USDC refusals & corruption
• 
  
• 01-05-05 DCUSA activities
• 
  
• 01-29-05 Response to refusal to file
• 
  
• Response to defendant Ovington 02-09-05 ORDERS
• 
  
• 04-27-05 defendant Rice ORDER Dismissing Demand for Grand Jury & Certification of Questions to The Supreme Court
• 
  
• Peoples' 05-26-05 Response to fraudulent Order
• 
  
• PDF of 6th Circuit attempt to assign request as Appeal
• 
  
• Response to 6th Circuit attempt to assign request as Appeal
• 
  
• 01-03-06 Response to 12-23-05 nunc pro tunc ORDER issued by USDC attempting correction of supposed error stalling Appeal
• 
  
• 01-04-06 6th Circuit Notice/Letter regarding pending Appeal dismissal after receiving the 01-03-06 submission
• 
  
• Local draft copies of Peoples' Notices via blogs 2006
• 
  
• Materials concerning liability /prosecution of government officials, judges, court employees, police, other
• 
  
• Expose` of Crimes Volume 1 11-09-99
• 
  
• Expose` Of Crimes Volume II 12-19-02
• 
  
• Expose` of Crimes Volume III 02-26-04
• 
  
• Expose` Of Crimes Volume IV
• 
  
• Expose` of Crimes Volume V 04-11-04
• 
  
• Expose` of Crimes Volume VI 04-23-04
• 
  
• Expose` of Crimes Volume VIII 02-25-04
• 
  
• 
  
• Kentucky Supreme Court Case 98-SC-916-AO The People vs COMMONWEALTH OF KENTUCKY
• 
  
• 1998 Kentucky attempt to prosecute for persistent offender with criminally obtained judgments
• 
  
• Ohio 1991 to present, courts, AGENCIES, and other
• 
  
• Senate Report 93-549 Termination of The National Emergency

Part 2 - Using SYSINTERNALS tools to diagnose problems and issues in Windows

SYSINTERNALS was acquired by Microsoft which has now cut the prior site and placed the materials on Technet at Windows SysInternals

Part 1 dealt with free tools which could diagnose issues after system start or before system shutdown in GUI mode.

Microsoft OS own ability to create a bootlog for diagnostics

A built-in diagnostic is to use the log ability of the OS. This can show the loading issues and failures if your looking for that type of information.

Indications might be a frozen load, excessively long load time, or errors upon GUI startup. This is your first line tool which you need little knowledge to use.

Windows 98, ME, and XP all can be configured to produce this log. NT servers do this as well.

What if the problem can not be diagnosed in this fashion?

What if the problems appear at startup or shutdown; or the system just "hangs" and the bootlog doesn't show you what you need to know; or you experience a crash?

What if the problems are on remote systems? [NT based]

What if it may be a Rootkit?

Diagnostics and monitoring

Windows NT and above have built-in monitoring programs which will NOT be addressed here. See the Microsoft Knowledge base for usage of those tools. However, if your attempting boot time diagnostics on Win9x use the option to create a boot log when you startup. Reviewing this log file may help with your diagnosis.

Here again, we find more free tools from Sysinternals to help with diagnostics.

SYSINTERNALS has created several nice tools that can be used for boot time / shutdown monitoring. Information and at boot time registry activity.

Version 4.6 of Debugview supports ALL Windows versions from 95 to Vista to various extents, and is sophisticated enough to use the available OS options. This tool can produce it's own logs, and can review builtin debug logs {such as crash logs}.

Debugview creates "debugging" style information.

Regmon works on Windows NT/2000/XP/2003, Windows 95/98/Me and Windows 64-bit for x64 [Vista soon].

These tools will also be of use:
Regmon was linked within Part 1, and has the ability to create and/or dump information on processes and calls within the hives/registry.
Handle is a command line version of Process Explorer previously used in Part 1.

With these three tools, you can, on NT based platforms and to a limited extent Win9X, perform in-depth monitoring necessary to diagnose those elusive problems which appear during those times when normal monitoring is difficult. These can be configured to create output at boot. See the HELP of these programs and SYSINTERNALS web site for usage.

For other issues in NT, SYSINTERNALS has created:
WinObj is a 32-bit Windows NT viewing program that uses the native Windows NT API (provided by NTDLL.DLL) to access and display information on the NT Object Manager's name space.
TDIMon - a TCP/IP monitor;
Portmon - a serial and parallel port monitor;
Process Monitor - a process and thread monitor (NT/Win2K);
Diskmon - a hard disk monitor (NT/Win2K)
which are also useful for diagnostics of real or potential problems with other aspects within the OS.

ROOTKITS

Rootkits are one of the more dangerous aspects of the NT and above operating systems.

With the inadvertent installation of these "kits", one can lose any control over your system, and become essentially a "zombie" system for others to use as they will.

SYSINTERNALS provides a tool for these as well, called RootkitRevealer.

Quoting from its prior site:

Introduction
RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don't attempt to hide their files or registry keys).

Another ROOTKIT program [non-sysinternals] is called Hook Explorer by David Zimmer [INFO], which will require the VB6 runtimes and the Microsoft Common Controls OCX (mscomctl.ocx). This is a small application designed to scan a process looking for IAT or detours style hooks.

IDefense has News, Bulletins, and software available for Internet security issues.

REMOTE ISSUES

SYSINTERNALS also has a pack of tools called PSTOOLS for NT systems, which can be used to REMOTELY monitor and control systems, in addition to performing functions locally.

Requirements

Some of the tools require that the default admin$ share be available and/or that the Remote Registry service be active.

WHEN ALL ELSE FAILS

For NT based systems, SYSINTERNALS has created two programs to access "dead" systems.

Neither is free, though demo/trial limited versions were available.

The first is NTRecover, which uses a null modem serial connection and a boot floppy for the dead system. With it you can access the file system (locally on virtual disk), run virus programs, disk programs, edit files, and other activities.

The second is Remote Recover, which functions over the networking hardware, in a like fashion. Both may be useful in "recovering" those dead systems which other tools may be unable to do.

The problem is, that since Microsoft acquired SYSINTERNALS, these tools are not listed on the TechNet site. [Try the sysinternals/Winternals site.]

RECOMMENDED DOWNLOAD - SYSINTERNALS SUITE [7.39 megs] which contains the programs referenced in part 1 and 2, and numerous others.

relevence: diagnosing Windows problems; using sysinternal tools to diagnose Windows problems; sysinternal tools for diagnostics.

potential uses: spyware diagnostics; monitoring programs; shutdown issues; program errors; startup diagnostics; general Windows knowledge; other.

Other Parts of Layered Security necessary for Internet usage.
SEE: FIREWALLS - WHY YOU NEED ONE AND WHAT TO DO
SEE: Anti-spyware programs as part of Layered Security
ANTI-VIRUS Programs as part of your Layered Security
SEE: GENERAL WINDOWS NETWORKING DIAGNOSTICS AND SETUP
Diagnosing Windows problems - Part 1
INSTALLATION OF SIGNING AND TRUST CERTIFICATES

After support end information for 98
SEE: END OF SUPPORT FOR WINDOWS 98 AND MILLENNIUM. WHAT DO I DO?
SEE: Manually updating a new installation of Windows 98SE

© 2005, 2006, A Peoples' Counsel presents: Effort at information - Contact Maurice m_brahier "at" hotmail dot com

Advertising and SEARCH

	Web peoplescounsel.orgfree.com

Search The Web This Site for Get a Free Search Engine for Your Web Site