Mark Russinovich, over at Sysinternals, has written written a ton of useful utilities—two of which no real Windows user should be without: Process Explorer & TCPView.
Process Explorer is a replacement for the Windows Task Manager's "Processes" tab—actually it really could be a replacement for the entire Windows Task Manager. This program adds some functionality really missing from the Windows Task Manager. First, it can show you the entire command line path to the all the process running. Next, it will show you all the handles and threads opened by the each process—and it's even searchable. This is great for tracking down rogue process or finding out what problems are locking a file down. This is one of the first things I download when a friend is having PC problems. I'll use this to discover various process that shouldn't be running (such as Trojans and Spyware.) It's extremely helpful. Best of all, no fancy install, just download and extact it to your system.
TCPView was designed to show all the open TCP & UDP ports currently on your computer. Just like Process Explorer, all this information is updated in near realtime (for actual realtime spool of your traffic, check out their free tool TDIMon.) With TCPView, you can quickly located what programs may be listening for remote traffic or for what programs may be trying to connect to remote servers. This is especially useful for finding programs that should not be accessing the Internet—such as trojans and spyware.
Best of all, both of these utilities are free! I can't say enough about the usefulness of these applications. They can really help you to track down stray processes or find those programs that are doing things they shouldn't be. For those .NET users, Process Explorer even has special handling especially for .NET applications.
2 Comments
Comments for this entry have been disabled.