Essential Tools For Desktop and Network Support

Every Desktop Support or Security specialist has his own suite of essential software tools, and this is mine. All of these products are free, except as noted. All products install easily, also except as noted.

Note, this list, like most of my lists, is alphabetised. Please don't ever take relative list position, as any evidence of my personal preference for any one item over another.

• AngryZiber Angry IP Scanner


• A-Squared HijackFree


• DiamondCS Port Explorer


• DUMeter DUMeter


• Hover RegSeeker


• HTTrack HTTrack


• Jam Software TreeSize


• Lavalys Everest, previously known as AIDA


• Merijn HijackThis


• Mike Lin Startup Control Panel


• Mikrotek The Dude


• NetStumbler NetStumbler


• PingPlotter PingPlotter


• SiteMeter SiteMeter


• SoftPerfect Research Network Scanner


• StatCounter StatCounter


• SysInternals
  
  
  
  • Autoruns
  
  
  • Filemon
  
  
  • ProcessExplorer
  
  
  • PSTools
  
  
  • Regjump
  
  
  • Regmon
  
  
  • RootkitRevealer
  
  
  • TCPView
  
  


• Technische Universiteit Eindhoven SequoiaView


• UltraVNC Project (SourceForge) UltraVNC


• Visualware VisualRoute

AngryZiber
Angry IP Scanner enumerates each host on your network, listing IP address, MAC address, and Name. It requires no installation, and can be run from any convenient folder. Like SoftPerfect Network Scanner, it's a useful tool in finding out what computers are on your LAN.

A-Squared
HijackFree analyses each process that's automatically started on your computer. Like HijackThis, it checks all known startup lists, and various other system databases, and enumerates each one. But HijackFree goes several steps beyond HijackThis.

• HijackFree presents its findings in a GUI display, with click to sort columns.
  
• HijackFree analyses its findings against the online SysInfo malware database.
  

Like HijackThis, HijackFree requires no install procedure, though I still recommend installing it into a dedicated, well placed folder, such as "C:\Program Files\HijackFree".

DiamondCS
Port Explorer is a detailed port monitor, with numerous configurations to let you identify ip traffic in various ways. The paid version of Port Explorer includes a small packet analyser. Port Explorer makes extensive changes to the network stack, including installing several protocol components, so you will end up closing other programs before installing, and rebooting afterwards, for best results.

DUMeter
DUMeter provides a graphic display of the volume of network traffic flowing into, and out of, your computer. It will alert, or notify, you when specific traffic patterns are detected. DUMeter installs and upgrades unobtrusively. The 30 day trial version of DUMeter is free.

Hover
RegSeeker is a very powerful tool to search the contents of the Windows Registry. It will let you select specific hives, limit the search to data, keys, and / or values, and display a tabular list of all entries found which match the search criteria. It will automatically open the Windows Registry Editor for you, and scroll to display any entry found, which interests you.

HTTrack
HTTrack will download an entire website to your local system, with graphics and links. It will translate all links within the website that you download, and effectually let you create a complete mirror of your entire website, locally on your personal computer. If you have a website, or especially if your website is a blog (where the content is primaruly located on somebody else's computers), and you're not using HTTrack (or a complementary product), why aren't you? HTTrack is free, and it's easy to use. It does require an install, but doesn't force a reboot of the system.

Jam Software
TreeSize shows you, at a glance, where your disk space is being used. Its look and feel is similar to Windows Explorer, with many of the context menu (right mouse click) selections available. The free version, TreeSize Free, lacks many features of the Professional version, but it still gives you detail usage figures which may save you a lot of work. It will require all other programs to be closed when installed, though it won't force a system restart.

Lavalys
Everest, previously known as AIDA, provides a standard analysis and report of all hardware and software on the computer. Any time I am helping to diagnose a computer that I can't stand in front of, I instruct the owner to download and install Everest. Everest Home Edition, previously distributed by Lavalys, was free, though only the Corporate or Ultimate Edition will run on a computer that's a domain member.

Everest / Aida is an essential tool for anybody with a computer. Since Lavalys, having decided to market only to corporate customers, does not provide Aida for small LANs any more, Jim Eshelman and Aumha is now distributing a copy of Aida on his website.

Merijn (Now TrendMicro)
HijackThis is a well known malware dianosis and removal tool. The problem with most malware diagnosis and removal tools is the false positives / false negatives issue. Every security product in this class is known for removing software that some folk wanted to keep, and for leaving bad software that other security products will remove. HijackThis takes a different approach - it presents you with a list of everything that it finds, lets you interpret the findings, and then removes based upon your selections. See Interpreting HijackThis Logs - With Practice, It's Not Too Hard!, for instructions on interpreting, and on installing HijackThis.

Mike Lin
Startup Control Panel is similar in nature to Autoruns. It's a bit more mature than Autoruns, but hasn't been kept as current, and doesn't have as many startup lists enumerated - just a total of 5 lists. It does have two major features that Autoruns doesn't have, though - it allows shortcut creation and relocation. If you want to have a program autostarted, you can drag its shortcut onto the Startup display for any of the 4 best known startup lists. Also, you can move an existing shortcut from one list to another.

• HKLM Run
• HKCU Run
• Startup (Common)
• Startup (Current User)

Mikrotek
The Dude. What a name for a free network monitoring tool. It does an autodiscovery of all network devices on your network, and lets you manually add devices. It then provides configurable polling of each device, using any of the services available on that server - DNS, HTTP, imap4, ping, and/or SNMP. And a GUI colour display, visually providing the status of each device. And a mouseover display showing historical metrics for each device. And configurable SMTP alerts, if any device, when being polled, fails to respond.

NetStumbler
NetStumbler provides a site survey of your WiFi neighborhood. It inventories, over time, all of the WiFi Access Points visible from your location, and provides useful detail like Channel used, SSID, and various signal strength figures, at any time. For each AP inventoried, it also builds a running signal strength graph, with measurements taken every 5 seconds. If you have a GPS, NetStumbler will use the GPS to gather location and distance measurements for each AP observed. NetStumbler takes a bit of effort to install, but it is worth the effort.

PingPlotter
PingPlotter combines the standard IP utilities ping and traceroute, and presents the results in a GUI display, over time. It has numerous configurations that let you change the graph to show the results in different time scales, and to let you dynamically zoom in on time periods of interest. I can think of no better tool to help identify and document time of day, and location in route, of a network problem. For more discussion about PingPlotter, see Diagnosing Network Problems Using PingPlotter. PingPlotter installs and upgrades unobtrusively. The trial version of PingPlotter is free.

Site Meter
Site Meter places a meter on your web page, and counts individual visitors to the web page. It will also record numerous details about each visitor, and their various views of your website. It's similar to Stat Counter. Site Meter records each individual visitor to any page being tracked; the free version limits itself to 100 unique visitor tracked at any time. You will see more visitor information overall than Stat Counter; though Site Meter shows you only the first and last pages viewed by each visitor.

SoftPerfect Research
SoftPerfect Network Scanner enumerates each host on your network, listing IP address, MAC address, and Name. It requires no installation, and can be run from any convenient folder. Like Angry IP Scanner, it's a useful tool in finding out what computers are on your LAN.

Stat Counter
Stat Counter places a meter on your web page, and counts individual visits to the web page. It will also record numerous details about each visit, and the unique visitors to your website. It's similar to Site Meter. Stat Counter records each individual page load of any page being tracked; the free version limits itself to 100 page loads tracked at any time. You will see more complete visit information than Site Meter; though Stat Counter shows you detail about less unique visitors overall.

SysInternals
I'm almost tempted to write a whole separate article on SysInternals, which is now an elite division of Microsoft. They put so many excellent products out there, free for us. But let me start with the ones I know best. All SysInternals utilities require no installation, and can be run from any convenient folder.

• Autoruns lists each process automatically started by the system, looking in close to a dozen startup lists, including the well known 4 lists, and a host of lesser known ones. This is an excellent lightweight process inventory tool, similar in effect to HijackThis. For one example (of many possible) use of Autoruns, see LSP / Winsock Analysis Using A Log From Autoruns.


• Filemon makes a scrolling display of each file as it is accessed, including the process accessing it, the action used in the access, and the status (success / failure). Its display, and logged output, can be filtered by a variable string, which can be used to identify a process, or a file, as you need.


• Process Explorer shows a very detailed list of all processes running on your computer, including how each process started, what resources each is using, what components are used in each process. It is highly configurable, and constantly keeps me busy with new discoveries.


• PSTools is a collection of command line utilities that let you diagnose and maintain your computer, and the other computers on the network. The name PSTools is based, in the words of the author, upon "the fact that the standard UNIX process listing command-line tool is named "ps". It does, in fact, give UNIX like command control to you.


• Regjump is a batch utility, that opens Regedit, and jumps immediately to the registry key which you specify. Copy and paste a registry key, from any text, into a command window, preceded by "regjump ". Instant access to any key which you need to access, without having to parse down the registry tree (opening half a dozen branches, repeatedly, gets tiresome).


• Regmon makes a scrolling display of each registry value as it is accessed, including the process accessing it, the action used in the access, and the status (success / failure). Its display, and logged output, can be filtered by a variable string, which can be used to identify a process, or a registry value, as you need.


• Rootkit Revealer lists each resource on the system from two perspectives, first by enumerating each resource thru standard system calls, then by analysing the contents of the system itself, byte by byte. It compares the difference between the two lists, and identifies everything it finds in the detailed system analysis that is NOT reflected in the standard enumeration. This final list it presents to you for interpretation.


• TCPView lists all open ports on the system, what process owns each port, and its local and remote endpoints. It complements Process Explorer quite nicely.

Technische Universiteit Eindhoven
SequoiaView shows you, at a glance, where your disk space is being used. It uses a technique known as Cushion Treemaps, to graphically map, by relative size, the larger folders or files in your storage. It will require all other programs to be closed when installed, though it won't force a system restart.

UltraVNC Project (SourceForge)
UltraVNC provides a remote desktop support structure that runs on all operating systems, not just Windows XP as Remote Desktop does. It also has a solution for your clients who may use dynamic public ip addresses, and / or connect thru a NAT router, a problem that has always hampered server access. You make a server out of your desktop, and let your client connect to you, even though it's their desktop on display. It does have a rather complex setup procedure, but you can do most of the setup yourself, or walk your client thru the process. It's worth the time, in the resulting support ability that you will have.

Visualware
VisualRoute superimposes a traceroute over a map, to geographically show the various hops traversed between you and the host that interests you. It provides a suite of details about the network, and the hosts traversed by the path. VisualRoute requires Java; other than that, its installation (and periodic upgrade) is painless and unobtrusive.