There's a well-worn saying that goes: "What you don't know won't hurt you." It's arguable if that's ever been true, but it certainly doesn't apply to today's world of Windows computing, where what you don't know most certainly can hurt you.
Fortunately, you can buy utilities that make that task much easier, and most of them will effectively sniff out blatantly harmful files, such as pop-up generators or spyware programs that divert your browser's home or search pages. The Ultimate Troubleshooter (TUT) from AnswersThatWork.com approaches the problem from a slightly different the perspective that a program need not necessarily be malevolent to be harmful.
TUT offers up the lion's share of its system information in three main tabs, one each for tasks, services and startup items. Every running task may (or may not) also be a service or a startup item; there is a certain amount of redundancy between the three.
A right-click context menu provides different functions depending on which tab you're using. For example, right-clicking a task lets you terminate it or change its priority, while right-clicking a service lets you stop it or modify its startup mode. The startup tab goes two steps further than MSCONFIG's capabilities, letting you not only disable an entry but also delete it and even delete the file to which the entry refers.
Red Means Stop, Yellow Means Caution
To categorize the items found, TUT uses a color-coded system based on a traffic light metaphor. Therefore, red denotes a program that's deemed bad dangerous or harmful in some way. Yellow indicates a program that is probably harmless but may not be needed by the user, so deciding whether to keep or jettison it depends on whether it's actually being used. Green, not surprisingly, means a program is safe and almost certainly important, if not crucial, to system operation.
In the complex world of Windows, three colors will only get you so far when looking under the hood, so TUT can also categorize programs as blue or white. Harmful programs often use the file name of legitimate Windows system files in an attempt to evade detection, and so the color blue signifies that, based on the filename, a program could be legitimate but possibly may not be.
Finally, TUT flags anything it can't identify as white and makes it simple to e-mail a list of all unknown items to Answersthatwork.com for research and inclusion in future program updates. (They won't provide a personal response, however.)
Categorizing running processes is a good start, but TUT's strength is in the detailed descriptions it provides for items it finds. Similar utilities simply report the publisher name, provide a terse and esoteric description for a file and then leave the rest up to you, TUT offers informative backgrounders and recommendations written in a conversational and easy-to-grasp tone (though in a few cases the information borders on being too verbose).
Given that the goal of TUT is as much to assist in troubleshooting system problems as it is to unearth spyware and the like, most file explanations also include anecdotal information pointing out when a running process has been known to cause problems (at least, in the experience of the authors.)
Looking Under the Hood
After running it on a test Windows XP system, TUT uncovered 51 separate running tasks which broke down as follows: six tasks were labeled red (bad), 11 were yellow (user's discretion), nine green (OK), 14 blue (multiple possibilities), and 11 white (unknown).
In the case of the streaming media "helper" programs, TUT advised disabling them based on the assertion that either they weren't required to use the underlying program (which is often true of most such programs). The update utilities on the other hand were marked red because TUT recommends never allowing any program or utility to automatically update itself.
This recommendation is harder to justify objectively, particularly in the case of Windows update. Considering how often security flaws are found in Windows and how quickly they can be exploited, you can make the argument that letting Windows update itself serves the collective interest by blunting the impact of these flaws. (Indeed, disabling automatic updates for Windows runs counter to Microsoft's own recommendation.)
The 11 items TUT categorized as yellow consisted of several nonessential OS components and device utilities, plus applications like AOL Instant Messenger or MSN Messenger. Any of the items in this category might be useful or even necessary but could just have easily been automatically installed on the system (perhaps at the factory). TUT's explanations for each were informative enough let you make the decision as to whether a particular task was something useful or superfluous.
The 14 items TUT categorized as blue (multiple possibilities) were files with familiar (to technical types) names like explorer.exe, lsass.exe, and svchost.exe. Each was ostensibly a Windows system file but could also have conceivably been a virus or worm trying to pass itself off as legitimate.
TUT provided information for each entry (usually the full and correct path for the valid file and likely paths of imposters) to help determine whether the file was in fact kosher or not. TUT's information also pointed out when its information or recommendations might differ based on the version of Windows being used.
TUT couldn't identify 11 items, which were labeled as white (unknown). This admittedly amounted to about 20 percent of the systems running tasks, which seems like a relatively high percentage. To be fair, most were relatively obscure shareware utilities or applications that were somewhat less than common, including a desktop search tool and a weather utility.
Aside from the detailed information on running tasks, services and startup items, TUT also offers additional info along with convenience items and troubleshooting utilities. It includes its own versions of the network diagnostic tools ping, traceroute, whois, and nslookup (in GUI rather than command-line form). TUT also offers direct links to areas you're likely to need like the Windows Control Panel, the Add/Remove Programs applet and the Registry Editor, and it provides detailed information about system hardware.
Rounding out the extras is a Housekeeping feature that automates a number of cleanup chores like deleting the contents of various folders that store temp files and document histories for both the browser and the operating system itself.
You can download a limited trial version of The Ultimate Troubleshooter that offers a maximum of ten uses as well as limited functionality. You must register the program for $35 in order to have access to the full database of detailed process information and recommendations, as the unregistered version provides information only for a relatively small number of Windows processes.
Even with the unregistered version, you can access the same process information as contained in the registered version through an exhaustive and alphabetically arranged list at the AnswersThatWork Web site, though it's considerably less convenient than having it built into the program.
Overall, The Ultimate Troubleshooter makes a valuable addition to your system resources toolkit, although the $35 price tag seems a tad high compared to the competition.
Pros: Provides detailed and specific information and recommendations on countless Windows and third-party processes
Cons: Incomplete information on Windows services, questionable flagging for some well-known processes, trial download is a limited-function/limited-use release, somewhat pricey at $35
Adapted from winplanet.com.
|Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!|