TreeWalk DNS
...select an «Item number» to view a topic, «Title number» to return.
«Item 201» Differences Between Manual and Fast Repair in Windows
«Item 202» The NBTSTAT.EXE Command
«Item 203» Task Scheduler
«Item 204» The AT.EXE Command
«Item 205» Drivers.exe: List Loaded Drivers
«Item 206» FreeWare Utility «» IrfanView
«Item 207» Task Scheduler Error Message
«Item 208» Description of the Portqry.exe Command-Line Utility
«Item 209» Qfecheck.exe Verifies the Installation of Hotfixes
«Item 210» Pstat.exe: Process and Thread Status
«201» Differences Between Manual and Fast Repair in Windows
Windows 2000 includes two repair choices: Manual Repair or Fast Repair. To see these choices, boot from the Windows installation media, press R to repair, and then press R to use the Emergency Repair process. When you do this, you see the following options:
» Manual Repair: To choose from a list of repair options, press M.
» Fast Repair: To perform all repair options, press F.
The two repair choices cause the Repair process to perform different tasks.
Manual Repair
The Manual Repair option provides the following choices:
[X] Inspect startup environment
[X] Verify Windows system files
[X] Inspect Boot Sector
Continue <perform selected tasks>
Inspect Startup Environment
This option checks the ARC path in the Boot.ini file for a path to the Windows boot partition and %SystemRoot% folder. It does this by using the Setup.log file on the Emergency Repair Disk by reading the following values:
[Paths]
TargetDirectory = "\WINNT"
TargetDevice = "\Device\Harddisk1\Partition1"
SystemPartitionDirectory = "\"
SystemPartition = "\Device\Harddisk1\Partition1"
If the Boot.ini file is missing, a new one is created with a valid ARC path. If the Boot.ini file is present, the ARC path is checked and updated if needed.
Verify Windows System Files
This selection verifies that each file in the Windows system/boot partition is good and matches the files that were originally installed. This includes the Ntldr, Ntdetect.com, Arcsetup.exe, and Arcldr.exe files that are used for booting various computers. The optional Ntbootdd.sys file is never checked. Repair performs this check by using the Setup.log file to compare cyclical redundancy check (CRC) values for each file. If files are missing or corrupted, you are prompted to replace or skip the file. If you choose to replace the file, you need the Windows installation CD-ROM or an OEM driver disk that contains the correct file(s).
Inspect Boot Sector
This option repairs the active system partition boot sector and reinstalls the boot loader functionality. If the partition uses the FAT or FAT32 file system and contains a non-Windows boot sector, this repair option also creates a new Bootsect.dos file to be used to dual-boot MS-DOS, Microsoft Windows 95, or Microsoft Windows 98 if these operating systems were previously available to be booted. If you also select the Inspect Startup Environment option and a new Bootsect.dos file is created, Repair adds the following entry to the Boot.ini file:
C:\ = "Microsoft Windows"
Note that the Manual Repair option does not give you a choice to repair the Windows Registry files.
Fast Repair
The Fast Repair option performs all the repairs as the Manual Repair option, but you are not prompted for choices. Additionally the Fast Repair option tries to load each Windows Registry file (SAM, SECURITY, SYSTEM, and SOFTWARE). If a Registry file is damaged or cannot be loaded, Repair copies the missing or corrupted registry file from the SystemRoot\Repair folder to the SystemRoot\System32\Config folder.
Because the Fast Repair option can replace Registry files with those from the SystemRoot\Repair folder, it may revert parts of your operating system configuration back to the time when Windows was first installed. If this occurs, you need to restore your last "system state" backup or manually copy a more recent version of the registry files from the SystemRoot\Repair\Regback folder to the SystemRoot\System32\Config folder by using Recovery Console. The files that are located in the Regback folder are from the last time you created an Emergency Repair Disk and choose the option to also back up the registry files to the repair folder.
GENERAL INFORMATION
Both the Manual Repair and Fast Repair options start by performing a system/boot partition file system check. If file system problems are detected and corrected during this portion of the Repair process, you may need to restart your computer and start another Repair process before the actual repair operations take place.
Neither of the repair options replaces the SystemRoot\System32\Config.nt or Autoexec.nt files. Although these files are located on the Emergency Repair Disk, they are not checked or replaced during any Repair operations.
For additional information also see:
Item 56 Recovery Console Tips for System Admins
Item 198 Description of the Windows 2000 Recovery Console
Item 199 How to Install the Windows Recovery Console
Item 200 Description of the SET Command in Recovery Console
«202» The NBTSTAT.EXE Command
This diagnostic command displays protocol statistics and current TCP/IP connections using NBT (NetBIOS over TCP/IP). This command is available only if the TCP/IP protocol has been installed.
Syntax:
nbtstat [-a remotename] [-A IP address] [-c] [-n] [-R] [-r] [-S] [-s] [interval]
Parameters:
|
-a remotename |
Lists the remote computer's name table using its name. |
|
-A IP address |
Lists the remote computer's name table using its IP address. |
|
-c |
Lists the contents of the NetBIOS name cache giving the IP address of each name. |
|
-n |
Lists local NetBIOS names. Registered indicates that the name is registered by broadcast (Bnode) or WINS (other node types). |
|
-R |
Reloads the Lmhosts file after purging all names from the NetBIOS name cache. |
|
-r |
Lists name resolution statistics for Windows networking name resolution. On a Windows 2000 computer configured to use WINS, this option returns the number of names resolved and registered via broadcast or via WINS. |
|
-S |
Displays both client and server sessions, listing the remote computers by IP address only. |
|
-s |
Displays both client and server sessions. It attempts to convert the remote computer IP address to a name using the Hosts file. |
|
interval |
Redisplays selected statistics, pausing interval seconds between each display. Press CTRL+C to stop redisplaying statistics. If this parameter is omitted, nbtstat prints the current configuration information once. |
Notes:
The column headings generated by the nbtstat utility have the following meanings:
|
Input |
Number of bytes received. |
||||||||||||||||||||||||
|
Output |
Number of bytes sent. |
||||||||||||||||||||||||
|
In/Out |
Whether the connection is from the computer (outbound) or from another system to the local computer (inbound). |
||||||||||||||||||||||||
|
Life |
The remaining time that a name table cache entry will live before it is purged. |
||||||||||||||||||||||||
|
Local Name |
The local NetBIOS name associated with the connection. |
||||||||||||||||||||||||
|
Remote Host |
The name or IP address associated with the remote computer. |
||||||||||||||||||||||||
|
Type |
Refers to the type of name. A name can either be a unique name or a group name. |
||||||||||||||||||||||||
|
<03> |
Each NetBIOS name is 16 characters long. This last byte often has special significance since the same name may be present several times on a computer differing only in the last byte. This notation is simply the last byte converted to hexadecimal; for example, <20> is a space in ASCII text. |
||||||||||||||||||||||||
|
State |
The state of NetBIOS connections. The possible states are: »
|
«203» Task Scheduler
By using Task Scheduler, you can schedule any script, program, or document to run at a time that is most convenient for you. Task Scheduler starts each time you start Windows 2000 and runs in the background. Using the Scheduled Task wizard (available by clicking Scheduled Tasks in Control Panel, and then clicking Add Scheduled Tasks), you can:
» Schedule a task to run daily, weekly, monthly, or at certain times (such as system startup).
» Change the schedule for a task.
» Stop a scheduled task.
» Customize how a task runs at a scheduled time.
For information about using Scheduled Tasks, click the Help menu in Scheduled Tasks.
[ WARNING: In limited testing on my own computer (using Windows 2000 Pro SP2) I discovered that simply accessing Scheduled Tasks (as described above) caused the following to occur:
» The Task Scheduler Service was changed from Manual to Automatic,
» MSTask.exe was started, which in turn apparently has caused...
» Svchost.exe is now "Listening" on Port 135 TCP, and finally...
» A key has been added to the Registry:
HKEY=HKEY_LOCAL_MACHINE
PATH=Software\Microsoft\Windows\CurrentVersion\Run
NAME=SchedulingAgent
DATA=mstinit.exe /firstlogon
You may, or may not, find this significant. ]
«204» The AT.EXE Command
The at command lists scheduled commands or schedules commands and programs to run on a computer at a specified time and date. The Schedule service must be running to use the at command.
Syntax:
at [\\computername] [[id] [/delete] | /delete [/yes]]
at [\\computername] time [/interactive] [/every:date[,...] | /next:date[,...]] command
Parameters:
|
none |
Used without parameters, at lists scheduled commands. |
|
\\computername |
Specifies a remote computer. If this parameter is omitted, the commands are scheduled on the local computer. |
|
id |
Specifie the identification number assigned to a scheduled command. |
|
/delete |
Cancels a scheduled command. If id is omitted, all the scheduled commands on the computer are canceled. |
|
/yes |
Forces a yes answer to all queries from the system when deleting scheduled events. |
|
time |
Specifies the time when the command is to run. Time is expressed as hours:minutes in 24-hour notation (00:00 [midnight] through 23:59). |
|
/interactive |
Allows the job to interact with the desktop of the user who is logged on at the time the job runs. |
|
/every:date[,...] |
Runs the command on every specified day or days of the week or month (for example, every Thursday, or the third day of every month). Specify date as one or more days of the week (M,T,W,Th,F,S,Su) or one or more days of the month (using numbers 1 through 31). Separate multiple date entries with commas. If date is omitted, the current day of the month is assumed. |
|
/next:date[,...] |
Runs the specified command on the next occurrence of the day (for example, next Thursday). Specify date as one or more days of the week (M,T,W,Th,F,S,Su) or one or more days of the month (using numbers 1 through 31). Separate multiple date entries with commas. If date is omitted, the current day of the month is assumed. |
|
command |
Specifies the Windows 2000 command, program (.exe or .com file), or batch program (.bat or .cmd file) to be run. When the command requires a path as an argument, use the absolute path, that is, the entire path beginning with the drive letter. If the command is on a remote computer, specify UNC notation for the server and share name, rather than a remote drive letter. If the command is not an executable (.exe) file, you must precede the command with cmd /c; for example: cmd /c dir > c:\test.out |
Notes:
The at command requires that you be a member of the local Administrators group. Also, the at command does not automatically load cmd, the Command interpreter, before running commands. Unless you are running an executable (.exe) file, you must explicitly load Cmd.exe at the beginning of the command, for example:
cmd /c dir > c:\test.out.
Viewing Scheduled Commands
The at command has two forms of output. When you use at without options, you see a display similar to the following:
|
Status |
ID |
Day |
Time |
Command Line |
|
0 |
Each |
F |
04:30PM |
net send group leads status due |
|
2 |
Each |
M |
12:00AM |
chkstor > check.fil |
|
3 |
Each |
F |
11:59PM |
backup2.bat |
When you include the identification number for the command, the display provides information for a single entry and is similar to the following:
Task ID: 0
Status: OK
Schedule: Each F
Time of Day: 04:30PM
Command: net send group leads status due
After you schedule a command with at (especially a command that has option variables), check that the command is entered properly by typing at without options. If the information in the Command Line column isn't correct, delete the command and retype it. If it still isn't correct, retype the command with fewer option variables.
Viewing Results
Commands scheduled with the at command run as background processes, so no output is displayed on the computer's screen. To redirect output to a file, use the redirection symbol (>). If you redirect output to a file, you need to use the Escape symbol (^) before the redirection symbol. You must use the Escape symbol whether you are using at at the command line or in a batch file, as shown in the following example:
at 14:45 c:\test.bat ^>c:\output.txt.
The current directory for the executing command is the %systemroot% directory.
Changing System Time
If you change the system time at a computer after scheduling a command to run with at, synchronize the at scheduler with the revised time by typing at without options.
Storing Commands
Because scheduled commands are stored in the Registry, scheduled tasks are not lost if you have to restart the Schedule Service.
Connecting to Network Drives
Scheduled jobs that access the network should not use redirected drives made by the user. The Schedule Service might not be able to access these drives, or they might not be present if a different user is logged on at the time the scheduled job runs. Instead, scheduled jobs should use UNC (Universal Naming Convention) paths, as shown in the following example:
at 1:00pm my_backup \\server\share
The following example, where x: is a connection made by the user, should not be used:
at 1:00pm my_backup x:
If you schedule an at command that uses a drive letter to connect to a shared directory, you should include an at command to disconnect the drive when you are finished using it. If the drive is not disconnected, the drive letter assigned will not be available or seen at the Command prompt.
«205» Drivers.exe: List Loaded Drivers
The List Loaded Drivers command displays character-based information about the installed device drivers. There are no command-line arguments.
List Loaded Drivers Syntax:
drivers|more
Format of List Loaded Drivers Data:
|
Column Name |
Explanation |
|
ModuleName |
The driver's file name. |
|
Code |
The executable code in the image. |
|
Data |
The non-.bss data in the image. |
|
Bss |
The .bss section from the image. This is data that is initialized to 0. |
|
Paged |
The size of the data that is paged. |
|
Init |
The size of the file on disk. |
|
LinkDate |
The date that the driver was linked. |
This tool is included in the Windows 2000 Resource Kit. It is also available as a free 939 KB Download File from Microsoft.
«206» FreeWare Utility «» IrfanView
IrfanView is a very fast FREEWARE (for non-commercial use) 32-Bit graphic viewer for Windoze 9x, Windoze ME, Windows NT and Windows 2000.
"The first graphic viewer WORLDWIDE with Multiple (animated) GIF support. One of the first graphic viewers WORLDWIDE with Multipage TIFF support. The first graphic viewer WORLDWIDE with Multiple ICO support.
Supported File Formats:
|
Extension |
Format name |
|
AIF |
Sound file, Audio Interchange Format |
|
ANI |
Animated Cursor format for Microsoft Windows |
|
AU, SND |
Encoded Audio format used by Sun and NeXT machines |
|
AVI |
Audio Video Interleaved: Video format for Windows |
|
BMP, DIB |
Windows or OS/2 Bitmap |
|
CAM |
Casio digital camera file |
|
CLP |
Windows clipboard format |
|
CPT |
CorelDraw Photopaint image |
|
CUR |
Cursor Resource file format for Microsoft Windows |
|
DAT |
Video CD format |
|
DCM, ACR |
Dicom/ACR file format for medical images |
|
DCX |
Multipage PCX files format |
|
DJVU |
AT&T DjVu format |
|
EMF |
Enhanced Metafile Format |
|
EPS |
Encapsulated PostScript |
|
FLI, FLC |
Autodesk animation format |
|
FPX |
FlashPix format |
|
G3 |
Group 3 Facsimile Apparatus format |
|
GIF |
Graphics Interchange Format |
|
ICL, EXE, DLL |
Icon Library formats |
|
ICO |
Windows Icon |
|
IFF, LBM |
Interchange File Format |
|
IMG |
GEM Raster image |
|
JPG, JPEG |
Joint Photographic Experts Group |
|
KDC |
Kodak digital camera format |
|
LDF |
LuraDocument format |
|
LWF |
LuraWave format |
|
Mac PICT |
Macintosh PICT format |
|
MED |
MED/OctaMED sound file format |
|
MID, RMI |
Musical Instrument Digital Interface (MIDI) |
|
MOV |
QuickTime Movie format |
|
MP3 |
MPEG audio layer 3 format |
|
MPG, MPEG |
Moving Pictures Experts Group format |
|
NLM, NOL, NGG, GSM |
Nokia/LogoManager formats |
|
PBM |
Portable Bitmap File format |
|
PCX |
PC Paintbrush format from ZSoft Corporation |
|
PCD |
Kodak Photo CD |
|
PGM |
Portable Greymap File format |
|
PNG |
Portable Network Graphics |
|
PPM |
Portable Pixelmap format |
|
PSD |
Adobe Photoshop format |
|
PSP |
Paint Shop Pro file format |
|
QTIF |
QuickTime image format |
|
RAS, SUN |
Sun Raster format |
|
RA |
Real Audio sound format |
|
RLE |
Utah RLE format |
|
SFF |
Structured FAX file |
|
SFW |
Seattle Film Works format |
|
SGI, RGB |
Silicon Graphics format |
|
SWF |
Macromedia's Flash/Shockwave format |
|
TGA |
Truevision Advanced Raster Graphics Adapter (TARGA) |
|
TIF, TIFF |
Tagged Image File Format |
|
WAV |
Windows audio file |
|
WBMP |
WAP Bitmap format |
|
WMF |
Windows Metafile format |
|
XBM |
X11 Bitmap |
|
XPM |
X11 Pixmap |
Features:
Thumbnails, Preview, Drag & Drop Support, fast Directory View (fast moving through directory), Print Support, Scan (TWAIN) Support, Slideshow, Batch conversion, change the color depth, audio CD player, Capturing, Cut/Crop, Effects (Blur, Sharpen etc.) and many many more ...
Only one EXE-File, no DLLs, no Shareware Messages like "I Agree" ...
[ Go to the Home Page and/or download it. ]
«207» Task Scheduler Error Message
When you attempt to start the Task Scheduler Service, you could receive this error message:
The Service is not responding to the Control Function
More Help is Available by Typing NET HELPMSG 2186.
To resolve this issue, remove any Read-Only attribute from %SystemRoot%\Schedlog.txt.
«208» Description of the Portqry.exe Command-Line Utility
Portqry.exe is a command-line utility that you can use to help troubleshoot TCP/IP connectivity issues. Portqry.exe runs on Windows 2000-based and Windows XP-based computers. The utility reports the port status of TCP and UDP ports on a computer you choose.
Portqry.exe reports the status of a TCP/IP port in one of the following three ways:
Listening
A process is listening on the port on the computer you choose. Portqry.exe received a response from the port.
Not Listening
No process is listening on the port on the computer you choose. Portqry.exe received an ICMP "Destination Unreachable - Port Unreachable" message back from the port.
Filtered
The port on the computer you chose is being filtered. Portqry.exe did not receive a response from the port. A process may or may not be listening on the port. By default, TCP ports are queried three times and UDP ports are queried once before a report indicates that the port is filtered.
Portqry.exe can query a single port, an ordered list of ports, or a sequential range of ports.
Examples:
portqry -n reskit.com -p tcp -e 25
The preceding command attempts to resolve "reskit.com" to an IP address and query TCP port 25 on the corresponding host.
portqry -n 169.254.0.11 -p tcp -o 143,110,25 -l portqry.log
The preceding command attempts to resolve "169.254.0.11" to a host name and then query TCP ports 143,110, and 25 (in that order) on the host you chose. This command also creates a log file (Portqry.log) that contains a log of the command you ran and its output.
portqry -n myserver -p udp -r 135:139 -l myserver.txt
The preceding command attempts to resolve "myserver" to an IP address and query the specified range of UDP ports (135-139) in sequential order on the corresponding host. This command also creates a log file (Myserver.txt) that contains a log of the command you ran and its output.
[ Article ID: Q310099 ]
Additional information and uses of the Portqry utility can be found in these Knowledge Base articles:
Q310456 - How to Use Portqry to Troubleshoot Active Directory Connectivity Issues
Q310513 - How to Make Portqry.exe Only Report Listening Ports
«209» Qfecheck.exe Verifies the Installation of Windows 2000 Hotfixes
Microsoft has released a command-line tool named Qfecheck.exe that gives Administrators increased ability to track and verify installed Windows 2000 hotfixes. This tool provides the following benefits:
» This tool helps those who thought they had properly installed an update, but had not, and are now experiencing a problem. Previously, it was somewhat difficult to identify which fixes were installed on a computer. This simple tool easily enumerates all of the installed fixes by Microsoft Knowledge Base article number. You can then confirm that they have installed the appropriate set of fixes before using a valuable support incident and potentially
experiencing unplanned down time.
» Many companies identify a common set of fixes that are required for all servers in a given data center. To help ensure that Windows 2000 hotfixes are applied in a consistent manner across many servers, this tool allows you to create logs for each computer in your organization that show which fixes are installed. Once those logs are created, you can easily scan them for consistency.
» There are rare situations in which, because of a network problem, a problem with the update itself, or a subsequent update that improperly overwrites a previous fix, updates could be damaged or removed in error. This tool ensures that not only have the fixes been installed, but that they are current on the computer.
Qfecheck.exe determines which hotfixes are installed by reading the information that is stored in the Registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates
Using the file version information that is stored in this key by each hotfix that is installed, the Qfecheck.exe tool checks the installed binary files to verify that they match.
Qfecheck.exe identifies the following types of issues:
» Files that have been hotfixed, but for which the installed binary file is not current.
Qfecheck reads the Registry key that is associated with each update, and checks the version number that is recorded in the Registry against the current version of the same file that is installed. If the current version is lower than the version that is recorded in the Registry, Qfecheck reports an error.
» Hotfix files that are current, but are not considered valid by the installed catalogs.
For each file that is installed by a hotfix, Qfecheck checks to see that the current catalogs on the computer contain the information that would be used by Windows File Protection (WFP) to validate the file. If a file is valid according to the hotfix information in the registry, but the installed catalogs do not concur, Qfecheck reports an error.
NOTE: If WFP were to be triggered in this case, the hotfixed file would be rolled back to an earlier version.
Qfecheck displays its information in a command-prompt window when you run it. If you log the results of Qfecheck to a log file with the /l switch, the log file is stored in the current folder unless you specify a location. This location can be any valid path, including a Universal Naming Convention (UNC) path. Qfecheck does not log information in the event log.
If Qfecheck reports that some files are not valid in the system catalog, see the following article in the Microsoft Knowledge Base:
Q281767 Updated Sp2.cat Available to Resolve Versioning Issues with Post Service Pack 1 Hotfixes
Qfecheck.exe is available as a free download from Microsoft.
The Qfecheck.exe Command Syntax:
QFECHECK [/l[:location] /v /q /?]
/l Log output to <Computername>.log in the current folder location. Use the specified location to store the log file.
/v Verbose output
/q Quiet mode
/? Help
[ Article ID: Q282784 ]
«210» Pstat.exe: Process and Thread Status
PStat is a character-based tool that lists all running threads and displays their status. This tool is similar to Qslice.exe, but uses a command-line rather than a GUI interface.
The current version of PStat takes a system snapshot and shows old PStat-style and Pmon.exe (a Support Tool on the Windows 2000 CD) data, along with Drivers.exe output [see Item 205], in a single output stream. This output can be useful for troubleshooting.
Pstat has no command-line switches. To use it, simply run pstat from the command prompt.
This tool is included in the Windows 2000 Resource Kit. It is also available as a free 1.17 MB Download File from Microsoft.
| Copyright © 2000-2009 treewalkdns.com All rights are reserved |
