Jun 28 2011

Troubleshooting Windows 7

Utilize these built-in tools to get to the root of a problem fast.

If there weren't already enough good reasons to upgrade to Windows 7, new and improved troubleshooting tools can help to reduce support costs. Here's an introduction to four of the best.

Reliability Monitor

The first question a support professional or user should ask themselves when a problem occurs is "What's changed?" Any modification to a complex system has the potential to wreak havoc, so a tool to help track configuration changes is invaluable for troubleshooting.

The Reliability Monitor displays a timeline of events and errors that can be used to pinpoint changes to the system and when they occurred. Application, hardware, system and miscellaneous failures are displayed, along with information about software installs, which all help narrow down the exact change that may have caused the current problem.

Figure 1 – Reliability Monitor

To open Reliability Monitor in Windows 7, type reliability in the search box on the Start menu and click View reliability history. Changes in Windows 7 include the ability to save reliability history to disk, a dedicated management console and a helpful Action column for additional information or possible solutions.

Resource and Performance Monitor

Resource Monitor is basically a task manager on steroids, providing more comprehensive information on a greater variety of OS components in real time. There are many improvements since Vista, including the ability to end processes, stop and start system services, view threads that are blocking a resource owned by another process (Analyze Wait Chain) and highlight hung processes. Windows 7 Resource Monitor also allows you to filter information by process, making it easier to track down the required information. Resource Monitor can be started by typing resmon in the search box on the Start menu and pressing ENTER.

Figure 2 – Resource Monitor

Performance Monitor has been around since the days of Windows NT and delivers a comprehensive view of performance, configuration and diagnostic information that's provided by almost all Windows system components (and sometimes by third-party applications), either in real time or during a given period using a data collector set. The art of using Performance Monitor is knowing what information to monitor, but a few templates are provided to make getting started easier.

Table 1 - Components of a data collector set

 Data collector set  component  Use
 Performance counter  Performance counters provide simple high-level  information about an OS component or application's  state or activity, and this data is collected at specified  time intervals.
 Event trace  Applications or OS components can use Event Tracing  for Windows (ETW) to send out detailed diagnostic  information about important actions or events.
 Configuration information  Data can be collected from registry key values.


Though the Performance Monitor GUI is largely unchanged in Windows 7, the performance monitoring infrastructure now has additional counters and can be programmed via PowerShell.

Launch Performance Monitor by typing perfmon in the search box on the Start menu and press ENTER. Click Performance Monitor under Monitoring Tools in the left pane, and you'll see that the %Processor_Time counter is added by default to the real-time graph. Additional counters can be added by clicking the green cross at the top of the console window. User-defined data collector sets can be created by expanding Data Collector Sets in the left pane and selecting New > Data Collector Set from the User Defined folder's right-click context menu.

Figure 3 – Adding performance counters to a data collector set

A simple wizard then allows you to create a new set from a template or select your own items to monitor. Performance Counter Alerts can also be configured to write to the Event Log (Applications and Services Logs/Microsoft/Windows/Diagnosis-PLA/Operational) or perform a custom Windows Management Interface (WMI) task when a defined threshold is met. Reports are automatically created from the resulting log files after you run a data collector set.

For details on gathering information from performance counters programmatically, run get-help get-counter –examples from a PowerShell window for several useful examples. Import-counter and export-counter cmdlets can also be used to manipulate performance data.

System Health Reports

System health reports can be generated by running the System Diagnostics data collector set in Performance Monitor, or run from the Advanced tools section of the Performance Information and Tools Control Panel.

Figure 4 – A system health report

Easy Connect

Remote Assistance, an often overlooked feature that's been part of Windows since XP, has been improved in Windows 7 and makes it easier to establish a connection to a remote user easier. Easy Connect uses IPv6 technology, or the Peer Name Resolution Protocol (PNRP) to be precise, to initiate Remote Assistance sessions without the need for users to supply the help desk with an IP address or computer name. Even if your network doesn't currently support IPv6, IPv4 to IPv6 transition technologies in Windows 7 work behind the scenes to make Easy Connect work seamlessly. For more information on IPv6, see What You Need to Know About IPv6.

By default, only the Private and Domain Windows Firewall profiles have exceptions enabled for Remote Assistance. Even if both computers are on the same LAN, Easy Connect requires Internet connectivity and router PNRP support.

To start a Remote Assistance session using Easy Connect, the user launches Windows Remote Assistance from the Start menu and selects Invite someone you trust to help you. Assuming a Remote Assistance invitation has not yet been created for the helper using Easy Connect, the user selects Invite someone to help you to create a new contact and is presented with up to three options for sending the invitation, as shown in Figure 5.

Figure 5 – Windows Remote Assistance invitations via Easy Connect

The user is then provided with an Easy Connect password, which the helper enters, and a connection between the two computers is established. If the user needs support from the same helper a second time, Easy Connect can be used without sharing a password.