Best free troubleshooting tools
Free troubleshooting tool adds network tracking
|
By
Ryan Russell
The new release of my favorite Windows tool makes it even easier to troubleshoot your PC. Version 2 of Mark Russinovich's free Process Monitor utility adds network monitoring to its arsenal of system-analysis tools. |
Monitor processes and their network activity
Mark Russinovich, the (previously) Sysinternals guy who now works for Microsoft, has released version 2 of one of my all-time favorite Windows freebies, Process Monitor. I wrote a series of columns about this program earlier this year.
The utility supports Windows 2000 SP4 through Vista (but doesn't list Windows Server 2008, which may have been omitted from the documentation as an oversight). Most importantly, the program now monitors network traffic. My previous columns on Process Monitor listed packet capture as a separate tool. There has been a very useful enhancement in that area in version 2, though it's not quite a full replacement for a dedicated packet-capture utility yet.
Keeping an eye on your network traffic
After you download and run the new version of Process Monitor, you see the new Show Network Activity option. In the button bar below the menu on the right, there are five Show buttons. If you leave Network Activity on and turn off the other four options, the new feature stands out quickly. You'll see a send or receive option, as well as the hostnames or IP addresses or port numbers of the Path. (You're given the option to resolve names.) Under Detail, you see the amount of transferred data.
In terms of having all of your event information in one place, having this network data at hand is huge. You can now use Process Monitor to get a fairly clean log of what each process does to your Registry, file system, and network. So whether you're watching for suspicious network activity or troubleshooting a balky PC, one utility's got you covered.
Unfortunately, Process Monitor is not completely wartless. If you're a packet snob like me, you'll miss not having the exact packet data and a good decode of it. However, just knowing the IP addresses and ports is sufficient about 80% of the time. Having this information available will save me from opening the Wireshark utility, which I described in my Mar. 20 column.
Process Monitor 2 is also a little buggy. If you ask to see numbers instead of names for network ports, the program will give you the numbers in network order instead of human-readable form — for example, "13568" instead of "53" for DNS.
Perusing the Sysinternals forums, I see a number of other complaints. The program crashed on me once. I anticipate the release of version 2.0.1 very soon.
Antivirus apps don't like password-cracker tool
I'd like to follow up on my Sept. 25 column on the Cain & Abel password-recovery utility. Windows Secrets technical editor Dennis O'Reilly partially addressed the issue of antivirus apps flagging the program as malware in last week's Known Issues column.
Still, I want to elaborate here. A number of readers reported that their AV software identified Cain & Abel as something malicious. We heard from users of WinPatrol, McAfee, Avira, and other antivirus tools. The readers wanted to make sure we hadn't been fooled and that we were aware of the situation.
First off, Cain & Abel is neither a virus nor a Trojan. In fact, by any definition, the program is not malware of any kind. The tool uses all kinds of tricky programming techniques, such as process injection and decryption, to discover the passwords on your PC. Of course, bad guys use these same methods to gain unauthorized access to your system.
So why is Cain & Abel not considered malware? Because the program tells you exactly what it does and does only what it claims to do. In this regard, the utility is no more evil than format.exe, the Windows component that can erase your hard drive.
Then why do anti-malware programs complain so loudly about a "legitimate" tool? Because the apps don't know whether you intended to download the program. Any tool that helps you find the passwords stored on a PC will attract the attention of data thieves.
A number of such tools get a bad rap because someone uses them for evil. In the future, I'll be sure to warn you if a program I recommend might set off false positives in your security apps.
The Perimeter Scan column gives you the facts you need to test your systems to prevent weaknesses. Ryan Russell is quality assurance manager at BigFix Inc., a configuration management company. He moderated the vuln-dev mailing list for three years under the alias "Blue Boar." He was the lead author of Hack-Proofing Your Network, 2nd Ed., and the technical editor of the Stealing the Network book series.
How to solve DVI problems
Many modern monitors and home electronic devices now use a DVI connection. However, it's a system that often proves troublesome. As subscriber Dan M writes "Gizmo, in most cases getting DVI to work is not quite as easy as plugging in a toaster. For anyone who has purchased a new monitor and/or graphics card and who is unable to get DVI to work, the best link that I've found to solve your problems is the "Troubleshooting DVI problems" page on this site [1]. For a brief description of DVI-I, DVI-D (Digital), and DVI-A (Analog) see the Avid Knowledge Base here [2]."
[1] http://www.playtool.com/pages/dvitrouble/dvitrouble.html
[2] http://avidtechnology.custhelp.com/cgi-bin/avidtechnology.cfg/php/enduser/std_adp.php?p_faqid=69452
Learn how to solve elusive Windows problems
Is your Windows installation slowing down? Do you have unexpected system crashes? This 75-minute video, which features Sysinternal's Guru Mark Russinovich, shows you how to investigate and solve these problems using free tools. Experienced users and techies will find this video a revelation. To watch this video you will need Microsoft's free SilverLight viewer, which is available on the video site. Thanks to JW.
http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=722h
Get Fix-It Utilities v7 for free
Subscriber Harm Slagter writes "Gizmo, I've stumbled on a deal where you can get a free copy of Fix-it Utilities Express Version 7. You only have to ask for a serial from the author's website [1] and then download it from either of these two locations [2], [3]. It worked fine for me. It is a very nice program - I can remember that a while back you were enthusiastic about version 4." Nice find there. This version of the Fix-it suite includes a whole bunch of useful utilities, but for me the pearl is the registry cleaner. For a long time this was the registry cleaner I used, and I don't recall that it ever created problems. That's exactly what you want in a registry cleaner but, all too commonly, not what you get.
[1] http://www.avanquest.co.uk/vnu/fixit
[2 | http://www.computeractive.co.uk/vnunet/downloads/2215035/vcom-fix-utilities-express
[3] http://www.vnunet.com/vnunet/downloads/2215035/vcom-fix-utilities-express
A free program that identifies problems with your pc
Subscriber Keith Richmond writes:
"Gizmo, I have been using, for about 4 months now, a program called Spotlight on Windows to view the data flow and troubleshoot related problems on any computer on my network. The look and feel is very cool, so cool, in fact, that I at first suspected it was all show and little substance. I could not have been more wrong.
The main interface is a dynamic visual that lets me know where any bottlenecks might be that are slowing down my computer. Anything that is functioning satisfactorily appears in green, but when a slow-down occurs, the visual which represents the affected area turns yellow, orange or red, depending on the severity of the problem detected.You can then click on the visual and get a drill down related to the problem, any metrics involved, and related drill downs.
It has great graphs and charts that are populated by the data it obtains from the continuous scan of the computer involved.
Best part is this: I can run it to get feedback for my local machine, or connect through Spotlight to any computer on my network to easily diagnose problems from afar. If someone calls me at the helpdesk and tells me their computer is running very slowly, I can, with a few clicks, connect the relevant PC through the network using Spotlight by using their IP address and network admin user name and password. I can then see right away exactly where the bottleneck is occurring. It runs completely form the host computer. No need to install anything on the remote machine.
So far, the only issue I have with it is that it seems to be very processor intensive on the host machine, so older machines will suffer a hit. I am running it without an issue on a Pentium D 2.8 GHz with 1.5 GB RAM, and it is fine and dandy."
This a great find, Keith. I tried it on a single workstation and it worked like a charm, flagging problems in the write rate of one of the hard drives and excessive page file usage. It didn't, however, pick up a motherboard fault that I know exists on the test PC, but neither has any other diagnostic program, other than a specialist card-based hardware diagnostic suite I tried last year.
Yes, there was a minor performance hit when running Spotlight, but it was quite acceptable. Besides, this is not a utility that you would want to leave permanently running. Rather, it should be used only when diagnosis is required.
OK, it's not perfect, but it's still a must-have program for your PC toolkit. It's great for individual PCs but it's network admins who should really be smiling.
Spotlight on Windows: Freeware with one year renewable license, all Windows versions, 22.4MB
http://www.quest.com/spotlight-on-windows/
Top process viewer updated
SysInternals Process Explorer has long been one of my favorite free process viewers. The latest V10 release includes dozens of small enhancements rather than new features. The result is an outstanding free product that leaves Windows Task Manager looking brain damaged by comparison.
http://www.sysinternals.com/Utilities/ProcessExplorer.html
Free utility fixes PC problems
Dial-a-fix is an interesting product that bundles together a large number of fixes to known Windows problems as documented in many different Microsoft Knowledgebase articles. These problems fall into five specific areas: Scripting, the Windows Installer, Windows Update, Secure site problems and Program registration. The last area includes specific fixes for Windows Explorer, Internet Explorer and Windows Media Player problems. If you have problems in any of these areas you should check this utility out. I've now used it successfully on two machines with IE problems, so it's become a standard item in my tool kit. Note though, that this program is intended to be used only on machines with known problems in the designated areas, so read the online notes before using. If your PC is running fine, you don't need it and may risk actually causing problems. Recommended for experienced users only. Freeware, Windows 9x and later, 261KB.
http://djlizard.net/software/dial-a-fix/