Microsoft Tools For Windows 7
Home > Sample chapters > Windows
If you are installing Windows 10 on a PC running Windows XP or Windows Vista, or if you need to create installation media to install Windows 10 on a different PC, see Using the tool to create installation media (USB flash drive, DVD, or ISO file) to install Windows 10. Microsoft Office Tools free download - Microsoft Office 2010, Microsoft Office Outlook 2007, Microsoft Office Word 2007 Update, and many more programs.
- By Mike Halsey
- 10/25/2010
- Performance Information and Tools
In Chapter 2, “The Basic Windows 7 Utilities,” you learned about the basic diagnostic and help utilities included with Windows 7. In this chapter, I cover some of the advanced tools that come with Windows 7, describing the features and capabilities of each one and explaining how you can use them to help you troubleshoot your Windows 7 system.
Performance Information and Tools
Performance Information and Tools is a central location for many types of information about your PC and how Windows 7 performs on it. The easiest way to access Performance Information and Tools is by typing performance in the Start menu search box, as shown in Figure 14-1. You can access its components separately in Control Panel by selecting System and SecurityAdministrative Tools.
Figure 14-1 Accessing Performance Information and Tools
The basic function of Performance Information and Tools is to provide a front end to features such as the Windows Experience Index and options for adjusting the visual effects, power settings, and indexing options of your copy of Windows. Once you’re in the Performance Information and Tools window, which is shown in Figure 14-2, click Advanced Tools in the left pane to access the advanced tools, which are shown in Figure 14-3.
Figure 14-2 Performance Information and Tools window
Figure 14-3 Advanced tools in Performance and Information Tools
These advanced tools are extremely useful in diagnosing performance problems with Windows 7 and your software and hardware drivers. I don’t provide details for every tool in this chapter, but I do cover what I consider the vital ones individually: Event Log, Performance Monitor, Resource Monitor, Task Manager, System Information, System Health Report, and the Computer Management console.
This chapter is from the book
Related resources
- By Mark E. Russinovich, David A. Solomon, Alex Ionescu
- eBook (Watermarked) $39.99
- By Mark E. Russinovich, David A. Solomon, Alex Ionescu
- Book $49.99
- By Mark E. Russinovich, David A. Solomon, Alex Ionescu
- eBook (Watermarked) $35.99
The Sysinternals web site was created in 1996 by Mark Russinovich to host his advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications.
- Read the official guide to the Sysinternals tools, Troubleshooting with the Windows Sysinternals Tools
- Read the Sysinternals Blog for a detailed change feed of tool updates
- Watch Mark's Sysinternals Update videos on YouTube
- Watch Mark’s top-rated Case-of-the-Unexplained troubleshooting presentations and other webcasts
- Read Mark’s Blog which highlight use of the tools to solve real problems
- Check out the Sysinternals Learning Resources page
- Post your questions in the Sysinternals Forum
Sysinternals Live
Sysinternals Live is a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as live.sysinternals.com/<toolname> or live.sysinternals.comtools<toolname>.
You can view the entire Sysinternals Live tools directory in a browser at https://live.sysinternals.com/.
What's New
What's New (January 11, 2021)
Sysmon v13.00
This update to Sysmon adds a process image tampering event that reports when the mapped image of a process doesn’t match the on-disk image file, or the image file is locked for exclusive access. These indicators are triggered by process hollowing and process herpaderping. This release also includes several bug fixes, including fixes for minor memory leaks.Process Monitor v3.61
This update to Process Monitor adds monitoring for RegSaveKey, RegLoadKey and RegRestoreKey APIs, as well as fixes a bug in the details output for some types of directory queries.
What's New (November 04, 2020)
AdExplorer v1.50
This release of AdExplorer, an Active Directory (AD) viewer and editor, adds support for exporting data from the 'Compare' dialog and is now available for x64 and ARM64.Disk Usage (DU) v1.62
This release of Disk Usage (DU), a tool for viewing disk usage information, now also accounts for the MFT (Master File Table), removes the MAX_PATH limitation and is now available for ARM64.
What's New (October 15, 2020)
VMMap v3.30
This update to VMMap, a utility that reports the virtual memory layout of a process, identifies .NET Core 3.0 managed heaps.RAMMap v1.60
This release to RAMMap, a utility that analyzes and displays physical memory usage, adds customizable map colors and a new command line option, -e, to empty the different types of system working sets.
What's New (September 17, 2020)
Sysmon v12.0
In addition to several bug fixes, this major update to Sysmon adds support for capturing clipboard operations to help incident responders retrieve attacker RDP file and command drops, including originating remote machine IP addresses.Process Monitor v3.60
This update to Process Monitor, a utility that logs process file, network and registry activity, adds support for multiple filter item selection, as well as decoding for new file system control operations and error status codes.Procdump v10.0
This release of Procdump, a flexible tool for manual and trigger-based process dump generation, adds support for dump cancellation and CoreCLR processes.ARM64 ports
In addition, several tools have been newly ported to and are now available for ARM64. These include: AdInsight v1.2, AutoLogon v3.1, Autoruns v13.98, ClockRes v2.1, DebugView v4.9, DiskExt v1.2, FindLinks v1.1, Handle v4.22, Hex2Dec v1.1, Junction v1.07, PendMoves v1.02, PipeList v1.02, Procdump v10.0, Process Explorer v16.32, RegDelNull v1.11, RU v1.2, Sigcheck v2.8, Streams v1.6, Sync v2.2, VMMap v3.26, WhoIs v1.21 and ZoomIt v4.52. Download all ARM64 tools in a single download with the Sysinternals Suite for ARM64.
What's New (June 24, 2020)
Windows Toolkit For Windows 7
Sysmon v11.10
This update to Sysmon now captures stream content for alternate data streams into logged events, which is useful for investigating downloads tagged with ‘Mark of the Web’ (MOTW) streams, introduces an ‘is-any’ filter condition, and fixes several bugs.Sigcheck v2.80
Sigcheck, a flexible tool for showing file versions, file signatures, and certificate stores, introduces a -p option for specifying a trust GUID for signature verification, and it now shows certificate signing chains even when a certificate in the chain is untrusted.Sysinternals June 24 Update Video
Mark Russinovich covers what’s new in this update, with demos of Sysmon’s alternate data stream content capture and new features in Sigcheck.
What's New (April 28, 2020)
Microsoft Office Tools For Windows 7
Sysmon v11.0
This major update to Sysmon includes file delete monitoring and archive to help responders capture attacker tools, adds an option to disable reverse DNS lookup, replaces empty fields with ‘-‘ to work around a WEF bug, fixes an issue that caused some ProcessAccess events to drop, and doesn’t hash main data streams that are marked as being stored in the cloud.Sysinternals April 27 Update Video
Mark Russinovich covers what’s new in this update, with a demo of Sysmon’s new file delete monitoring and capture capability.