Introduction to Win7 program monitoring function (1)

After the system is started, the user will see that the system loads a lot of processes from the task manager, including randomly starting programs, loading various services, and so on. In the previous Windows system, we can only rely on the three-party software to see, now Windows7 has enhanced the task manager function, so we are very convenient to know the process of the various programs in the system, even if the virus invades, we can Convenient to know. We can use the program monitoring function to better understand the condition of the computer and protect the security of the computer.

1. View UAC Virtualization Process

In Windows 7, the system enhances User Account Control (UAC) virtualization, which allows us to prevent system files, folders and registries. Damaged due to misuse. UAC can redirect applications in the system to other locations, but users can still use it, but the data written by these applications will not be sent to the system location to help maintain the stability of the entire operating system. With this virtualization capability, it also means that multiple users can now run applications on the same computer because their respective data is written to their respective locations. Played a system security effect.

U UAC function, we need to open it in "Group Policy", type "GPEDIT.MSC" command in the run, open the Group Policy Editor, then expand "Local Computer→Windows" on the left side Set the Settings→Security Settings→Local Policies→Security Options branch, where the “Virtualize files and registry write failures to per-user location” setting under this branch is enabled.

After user account control virtualization is enabled, we can view the UAC process in Task Manager. When viewing, as in the previous system, use the "Ctrl+Alt+Del" combination hotkey to open the "Task Manager", switch to the "Process" item, click "View" → "Select Column" in the menu. Open the Select Process Columns dialog box and check the User Account Control (UAC) Virtualization checkbox here.

Then click the "OK" button, then select "Show all user processes" in the "Process" window, so that we can understand the virtualization information of all processes in the system.

When we have found that the system has disabled virtualization for a certain process, if you want to enable the virtualization process, right click on the name of the process, pop up the right-click menu, then check UAC Virtualization, which enables UAC virtualization for this process.

2. Select CPU for process

The user-configured computer is usually dual-core or higher, so the operation speed is faster, but some programs do not support dual CPU due to writing problems, which is often because Too much resources are used and the system is unstable. In addition, there is a process, we also choose a CPU to perform these processes according to some needs. When setting, enter the process list in the task manager, select a process to be set, click “Right click”, and select “Set Relevance” in the pop-up mail menu to open the “Process Correlation” dialog box. Here we can choose the processor for this often as needed.

3. Troubleshoot Trojans hidden in the process

In the Task Manager, we can easily understand the resources and processes of the system. Sometimes we find that our computer is running very slowly, which may be caused by some Trojans entering a large amount of system resources. After some Trojans enter our system, it will be pretending to run in the background, so we will find it hard to find his whereabouts. In addition to the ability to easily view the progress of each task to see if there is a virus program such as Trojan, we can also use the "resource monitoring" function provided by windows7, so that we can understand the various resources of the system while viewing the process. State, pull out the Trojan program behind the system. First click the "Resource Monitor" button in the "Performance" interface, open the "Resource Monitor" interface, windows7 "Resource Monitor" function, much stronger than the previous version, here we can easily view the resources Happening. Here we can easily check the usage of CPU, memory, network monitor, etc. in the program running in the system. Let's take a look at which program CPU usage is high as an example to understand the viewing method.

General Trojans must copy the file information in the system differently after running, so the program will consume a lot of CPU and memory resources. First, when we first check the CPU resource of a program, switch to the CPU item in the “

Source Monitor” interface, which shows the CPU usage of all running programs. If you find that a process has a high CPU usage, after checking a process that needs to be viewed in the "Process" list, in the "Services" item we can see all the service items associated with the process, below In the "Association Handle" project we can see all the process information associated with the program.

If we want to know more about the process, right click on the process, select "Analysis Process" in the pop-up context menu, we can see the PID and the number of threads of the program. If we want to know the details of a process, we can choose the "online search" function, so the system will automatically open the IE browser, use the default search engine for process related search, so that we can carry out the various uses of the program Learn more about. To prevent the camouflage of the virus. If you feel that the process is suspicious, or if it is a Trojan, we can stop the process and the associated service by using the End Process or End Process Tree command in the context menu. Then open the folder where the process is located and delete the process file. The Windows 7 enhanced "Task Manager" provides us with the convenience of resource monitoring, so that we also have a clear understanding of the various processes in the current system.