111. Program control in Windows
By Andrew D. Wright
Whether you are the master of your Windows computer or it is the master of
you depends a lot on your ability to control its programs.
A program is just a set of instructions to your computer; by itself it is
only a map or guide, not something active. When a program is run, it
creates one or more processes. It's the process that does all the work.
The core of your computer, its brains, is the CPU, a central processor
unit. What it's processing are processes. A process is a mix of the
program instructions being followed and the computer resources needed to
follow those instructions.
With a single CPU, only one process can be worked on at a time. Processes
from many programs will be listed as running, but what's going on is the
CPU switching from one process to another and back so fast it appears
instant to the user. A multicore CPU can execute one process per core at
a time so simultaneous processes can be run.
On Windows XP you can get to the Task Manager by right clicking on an
empty part of the Windows task bar then selecting Task Manager from the
context menu that pops up. You can also get to it with the famous three
finger salute - pressing the Ctrl and Alt and Delete keys at the same time
- should the computer appear to be locked up.
Task Manager has a tab marked Applications and another one marked
Processes. Applications shows the programs you the user are running.
Processes shows everything that's running, a bewildering array of
cryptic-looking names and numbers.
A locked-up program can be stopped by selecting it from the list on the
Applications tab and pressing the End Task button.
The Processes tab can show a lot of different information. In Task Manager
select the Processes tab then click on the View menu item and Select
Columns. Click on PID and now all the processes have their own ID numbers.
The lower the number, the earlier that process started up.
There will be processes from the Windows operating system labelled as the
user SYSTEM as well as processes from anti-virus programs or programs set
up to regularly check for updates. On an infected computer processes from
malware and spyware will be visible as well, sometimes trying to
masquerade as innocent files. Processes can be stopped by highlighting
them and clicking the End Process button.
Two very useful tools come as free downloads from Microsoft Sysinternals.
Process Explorer is everything Task Manager is and more. Color coded
processes make figuring out what belongs and what is excess baggage easier
and helpful menu items can verify program signatures so only real
Microsoft system files can say they are from Microsoft.
Autoruns is a souped up MSCONFIG replacement showing every program set to
run when the computer starts up. You can uncheck the startup of programs,
helper programs, services, and malware, check program signatures and much
more.
Microsoft Sysinternals Process Explorer (free):
http://www.microsoft.com/technet/sysinternals/ProcessesAnd
Threads/ProcessExplorer.mspx
Microsoft Sysinternals Autoruns (free):
http://www.microsoft.com/technet/sysinternals/ProcessesAnd
Threads/Autoruns.mspx
The Mousepad runs every two weeks. It's a service of Chebucto Community
Net, a community-owned Internet provider. If you have a question about
computing, email mousepad@chebucto.ns.ca or
click here. If we use your question
in a column, we'll send you a free mousepad.
Originally published 24 June 2007
