Just a quick warning, this is going to be a very long guide with a lot of screenshots. Remote Task Manager is a fairly in-depth tool with a lot of features which I would like to illustrate.

Like most things the installation is very simple, just download the file, run it, and click next until it stops asking. Once that’s finished fire it up and let’s take a look at it.

The first section is Applications and mirrors the first page of the regular Task Manager with a few exceptions. The most important feature here is what happens when you right click on a task. As you can see in the screenshot a menu pops up allowing you to end the task or Go To Process. The Go To Process option is very handy when you are trying to figure out what executable is responsible for a given task, which isn’t always obvious.

The next tab is the Process tab, again it looks a lot like the standard task manager with a few more columns, however right clicking on a process brings up a much more powerful menu than the basic task manager. Here you can Suspend a process which will leave it open, but not running. Very handy if you need to keep a piece of spyware from opening more windows while you hunt it down. You can also End Process from here and this End Process doesn’t mess around, it’s akin to the Kill -9 command in linux. When the regular task manager says Access Denied RTM doesn’t even blink; it kills the process. You also still have the option to End Process Tree, which kills the process and any process it has started.

The next option is one that I’ve just started playing with. It allows you choose which processor in a multi-processor (Or multi-core) machine the process should run on. I haven’t determined whether I can make any real performance difference or not with this option, but it’s pretty freakin cool nonetheless. You can also set the priority of the process from here, I like to keep things like antivirus and my firewall at a lower priority so they don’t bog my system down.

The next option is Go To Parent, which is one of the handier options I’ve found when hunting spyware, finding the process which spawned a known rogue process can make it a LOT easier to track down the real culprit and eliminate it. The Properties screen is also incredibly in depth showing the path the process is running from, the command line that executed it, all of the modules involved, the system threads, and performance stats. Very detailed. There’s also a Process Tree button in the bottom right which lets you view the processes in tree view which makes it very easy to track what is spawning what process.

The Services tab is something that the normal Task Manager doesn’t have and I’ve found this screen to be invaluable. The right click menu is like wielding some kind of magic wand on this screen, you can see the services that depend on a given service and from there you can create a new service which depends on the service you right clicked on! You can start and stop the services from here, edit the services, and go directly to the process which the service spawned. In the bottom right are a set of buttons which do essentially the same thing. Allowing you to start, stop, pause, restart, edit or delete an existing service or create a new service with the click of a button. This lets you run pretty much anything as a service.

The Devices screen works in much the same way. You can start and stop devices, create new device entries, edit existing entries and check the dependencies. You can also see where the driver file for each device resides in a convenient PATH column right there on the main screen.

The Events tab is a direct window to the Event Viewer including the ability to change which log you are viewing. There is no ultra powerful right click menu here, but there are several handy buttons in the bottom right. You can view the details of any log entry, change the log entry settings including the log size and you can filter the events in a myriad of ways with the filter button. You also have the option of saving or clearing the log from here with just one touch of the button.

The performance tab is your basic Task Manager performance tab showing your CPUs and your memory usage, nothing special here.

The Shares tab lets you delete connections, create connections, and edit the connection details. Useful, but not ground breaking.

The Networking tab is the same as your regular one. It shows your network connections and the bandwidth being used. Moving the slider bar lets you switch between total traffic, incoming traffic, and outgoing traffic which is a handy little addition.

The Hardware Resources tab contains a lot of information that I’ve never really needed, but some of you hardware fanatics might find it useful. In the lower left is a drop down box that lets you switch between DMA, I/O, IRQ, and Memory resources.

The Netstat tab is another of my personal favorites. Here it shows every network connection your system is making, along with the process associated with it, the local and remote address, the local and remote port, the protocol, the process ID and the connection state. Clicking on an established connection lets you close that connection with the button in the bottom right, and right clicking lets you jump to the process involved in the connection.

The Security Patch Analyzer is a feature that is only available in the registered version, but it’s very powerful. It checks your system against a database of known vulnerabilities and will let you know which ones affect you. This tab alone makes the program worth purchasing.

Now, even just having all of this info for your PC is great, but the fact is you can click on File, Connect and point this thing at any PC on your network. You’ll need login credentials on that machine, and it’s easiest if they are the same ones you use to log in to your own PC, but once you are connected you can get every bit of information without leaving your desk.

Now, I’ve saved the best for last. If you press F6 (or click on File, Remote Execute) you get the option to specify a program, the logon credentials, and a few other options and actually execute programs remotely on that PC. This can let you run scripts to change registry entries, alter the local security policies, change drive mappings, the possibilities are endless. Or of course you could use it to play pranks on your co-workers by opening and closing their browser windows, popping up games when the boss comes around, whatever floats your boat.

Remote Task Manager is one of the most highly regard tools I use and I can not recommend it highly enough. This is something EVERYONE can get some use out of.

Process Explorer is an excellent tool available from Microsoft for free. Using it you can see all of the processes running on your PC and what files they are using.

The installation is incredibly simple, just download the file and extract it. Then double click on Process Explorer. Tada it runs. You’ll see a screen that looks something like this:

From here you can trace which process has what file open. It’s as simple as it can be, jut click on Find at the top and type in the name of the file you want to searh for. Process explorer returns a list of every process that is involved with that file. Now if you click on one of the entries it will take you to the specific thread and you can kill that thread to free the file.

That’s the meat and potatoes of process explorer. There are many other things you can do with it, such as suspending a process, which leaves it alive but stops it from running, changing the priority that the system assigns to a process, and monitoring your systems resource usage more comprehensively than the regular task manager. Process Explorer is a very simple, but very powerful tool and is a fantastic resource for every kind of trouble shooting.

If you were helped by this review and enjoy the product please

One of the most frustrating things that my users have run into is Malware or Virus infections which lock down the Task Manager, The Control Panel, and your ability to run regedit. In order to defeat this kind of nasty virus you’ll need to use the command line to re-enable your ability to edit your registry and view the task manager and control panel. The specific registry keys involved are listed below:

Enable Registry Edit:
User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Policies\System]
Value Name: DisableRegistryTools
Data Type: REG_DWORD
Value Data: (0 = disable restriction, 1 = enable restriction)

Enable Control Panel
User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Policies\Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\Policies\Explorer]
Value Name: NoControlPanel
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disable restriction, 1 = enable restriction)

Enable Task Manager
Hive: HKEY_CURRENT_USER
Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
Name: DisableTaskMgr
Type: REG_DWORD
Value: 1=Enablethis key, that is DISABLE TaskManager
Value: 0=Disablethis key, that is Don’t Disable, Enable TaskManager

SOLUTION:
Now to simplify this process I’ve written a batch script that enables all of these keys for you.
You can download it from here or you can copy and paste the below text into a command prompt:

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoControlPanel /t REG_DWORD /d 0 /f
REG add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoControlPanel /t REG_DWORD /d 0 /f
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f

After running these commands you will have access to your Control Panel, Task Manager, and Regedit again and can continue cleaning your system.

Remember, if you found this helpful

And feel free to leave comments and questions if you have any trouble.