Chiranjib, our regular reader, was asking me continuously to suggest some alternatives to the default Windows system tools that are usually disabled in case of a virus attack. So I thought I would just write about all the tools I know which are helpful in troubleshooting a system. It will be a series of articles, each article with a specific type of tools. I would preferably write about portable tools so that if anybody wants to have them in the USB drive, it can be done easily. Then I will tell you how to safeguard your USB drive from viruses so that no virus affects the tools in the USB drive.
The first type of tool that I have chosen is the Windows Task Manager. Because usually Windows Task Manager is disabled by most of the modern Viruses, it is necessary to have alternatives which can work like the Windows Task Manager for managing all the processes. Killing the malicious process is the first step in troubleshooting.
As I have already told that I’ll be concentrating on portable tools wherever possible, I have selected two tools as alternatives to Windows Task Manager. Both of them are portable and can be run from a USB drive.
Process Explorer is one of the popular of task managers which is portable and is more advanced than Windows Task Manager. The good thing about it is that it is maintained by Microsoft itself.
The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you’ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you’ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.
The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
Process Explorer can be downloaded from the following location:
DTaskManager is another tool that is very good. It also offers more features than the standard Windows Task Manager. Its interface is more like the original Windows Task Manager and so is easier to use. Here is the publisher’s description:
DTaskManager, obviously, is a Task-Manager, but specifically engineered to give additional functionalities that the Windows bundled TaskManager (and other third party products) do not have:1. Three different ways to close a process, as the “termination request”, the standard “forced termination” with dialogue tolerance, and the “forced termination” of any type of process, bypassing all permissions (it can also terminate running system processes).
2. DTaskManager allows you to suspend and reactivate a process (as in Linux). This is useful, for example, to temporarily suspend a task that uses system resources when you don’t want to terminate it (such as a DivX encoding process).
3. DTaskManager allows you to select more than one process at a time, and terminate all of them “simultaneously”.
4. DTaskManager does not need any useless confirmation.
DTaskManager can be downloaded from the following location:
If you find or know about any other tool that is useful in troubleshooting a system, please do let us know about it in the comments. We will, at the end, gather all this information on a separate page called Network Admin’s Troubleshooting Toolkit.