System utilities
Contents
Overview
System utilities is a set of tools that provide info about your system, processes and
services that are running on your system, opened windows, an registry editor and other.
Some of those features are strictly related with steganography module (especially Event
log, registry editor and ADS scanner).
Top
Task Manager or processes viewer
Task Manager or processes viewer provides information about programs and processes
running on your computer. It also displays the most commonly used performance measures for
processes. You can see the status of the programs that are running and end programs. The
left -top list display al the processes running on your computer. When you select a
process from this list the top-right list displays more info about this process. The list
bellow process-list display info about threads and the next list display the modules list
associated with selected process. By selecting any module, the list from bottom-right
corner display info about selected module. Right click on a process for more options like
end process, refresh list or to start a new process. By definition a process represent the
virtual address space and the control information necessary for the execution of a
program. Process identifier (PID) is a numerical identifier that uniquely distinguishes a
process while it runs.
Top
Services viewer
Service is an application type that runs in the background and is similar to an
applications. Service applications typically provide features such as client/server
applications, Web servers, database servers, and other server-based applications to users,
both locally and across the network. You can use Services viewer to: View services that
are running on your system. Start, stop, pause, resume, or disable a service on your
computers. You must have the appropriate permissions to start, stop, pause, restart, and
disable services. View the status and description of each service. The first list display
information about the services that are running on your system and the second list display
information about dependent services of the selected services.
Top
Environment viewer
Environment viewer display 5 category of information about your system: System
properties with info like computer name, user, domain etc. Special folders addresses
Logical drives Environment variables System information Environment variables are strings
that contain information such as drive, path, or file name. They control the behavior of
various programs. For example, the TEMP environment variable specifies the location in
which programs place temporary files. Any user can add, modify, or remove a user
environment variable. However, only an administrator can add, modify, or remove a system
environment variable.
Top
Registry viewer
Registry Viewer is an advanced tool for viewing and changing settings in your system
registry, which contains information about how your computer runs. Windows stores its
configuration information in a database (the registry) that is organized in a tree format.
Although Registry Editor enables you to inspect and modify the registry, normally you do
not need to do so, and making incorrect changes can break your system. An advanced user
who is prepared to both edit and restore the registry can safely use Registry viewer for
such tasks as eliminating duplicate entries or deleting entries for programs that have
been uninstalled or deleted or for adding new keys/sub-keys on registry entries. Warning:
incorrectly editing the registry may severely damage your system. If you are not an
advanced users you should use tools and programs that provide safer methods for editing
the registry. Folders represent keys in the registry and are shown in the navigation area
on the left side of the Registry Editor window. In the list on the right, the entries in a
key are displayed. HKEY_CURRENT_USER Contains the root of the configuration information
for the user who is currently logged on. The user's folders, screen colors, and Control
Panel settings are stored here. This information is referred to as a user's profile.
HKEY_USERS Contains the root of all user profiles on the computer. HKEY_CURRENT_USER is a
sub-key of HKEY_USERS. HKEY_LOCAL_MACHINE Contains configuration information particular to
the computer (for any user). HKEY_CLASSES_ROOT Is a sub-key of
HKEY_LOCAL_MACHINE\Software. The information stored here ensures that the correct program
opens when you open a file by using Windows Explorer. HKEY_CURRENT_CONFIG Contains
information about the hardware profile used by the local computer at system startup.
Top
Event log Viewer
A computer running any version of Windows XP records events in three kinds of logs: The
application log contains events logged by applications or programs. For example, a
database program might record a file error in the application log. Program developers
decide which events to monitor. The security log records events such as valid and invalid
logon attempts, as well as events related to resource use such as creating, opening, or
deleting files or other objects. An administrator can specify what events are recorded in
the security log. For example, if you have enabled logon auditing, attempts to log on to
the system are recorded in the security log. The system log contains events logged by
Windows XP system components. For example, the failure of a driver or other system
component to load during startup is recorded in the system log. The event types logged by
system components are predetermined by Windows XP. Using the event logs in Event Viewer,
you can gather information about hardware, software, and system problems. You can also
monitor Windows XP security events. Other possible logs" Directory service log File
Replication service log DNS Server log Event Viewer displays these types of events: Error
Warning Information Success Audit Failure Audit The Event Log service starts automatically
when you start Windows. All users can view application and system logs. Only
administrators can gain access to security logs. By default, security logging is turned
off. You can use Group Policy to enable security logging. The administrator can also set
auditing policies in the registry that cause the system to halt when the security log is
full.
Top
ADS scanner
ADS Scanner allows you to scan your computer for hidden ADS attached only to files from
your system. A relatively unknown compatibility feature of NTFS, ADS is the ability to
fork file data into existing files without affecting their functionality, size, or display
to traditional file browsing utilities like dir or Windows Explorer. (NTFS is the
abbreviation of New Technology File System - Windows NT's preferred file system). In NTFS,
a file consists of different data streams. One stream holds the security information
(access rights and such things), another one holds the "real data" you expect to
be in a file. There may be another stream with link information instead of the real data
stream, if the file actually is a link. And there may be alternate data streams, holding
data the same way the standard data stream does. Found in all version of NTFS, ADS
capabilities where originally conceived to allow for compatibility with the Macintosh
Hierarchical File System, HFS; where file information is sometimes forked into separate
resources. Alternate Data Streams have come to be used legitimately by a variety of
programs, including native Windows operating system to store file information such as
attributes and temporary storage. Files with an ADS attached are almost impossible to
detect using native file browsing techniques like command line or windows explorer.
Top
Windows viewer
Windows viewer allow you to see all the windows opened from your system regardless
window is hidden, disabled, minimised or haven't any caption. A window is a portion of the
screen where programs and processes can be run. Windows can be closed, resized, moved,
minimized to a button on the taskbar, or maximized to take up the whole screen. You could
change the caption of any window. Right click on window list and select from pop-up menu.
Also this module offers a view of several performance counters. Select the category and
some performance counters will be displayed. Select any counter and you will see also a
description of this counter (where info are available).
Top
Search for files and folders
Provides you an easy and quick way search for files and folders on your computer. When
you use it, you can specify several search criteria. For example, you can search for files
and folders by name, address, type and date. You can find a file based on when you last
worked on it or search for files named with a specific text. If you get too many results,
try using additional search criteria to make your search more specific.
Top
2_thumb.jpg)
