- 380 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Windows Performance Analysis Field Guide
About this book
Microsoft Windows 8.1 and Windows Server 2012 R2 are designed to be the best performing operating systems to date, but even the best systems can be overwhelmed with load and/or plagued with poorly performing code. Windows Performance Analysis Field Guide gives you a practical field guide approach to performance monitoring and analysis from experts who do this work every day. Think of this book as your own guide to "What would Microsoft support do?" when you have a Windows performance issue.Author Clint Huffman, a Microsoft veteran of over fifteen years, shows you how to identify and alleviate problems with the computer resources of disk, memory, processor, and network. You will learn to use performance counters as the initial indicators, then use various tools to "dig in" to the problem, as well as how to capture and analyze boot performance problems.- This field guide gives you the tools and answers you need to improve Microsoft Windows performance- Save money on optimizing Windows performance with deep technical troubleshooting that tells you "What would Microsoft do to solve this?"- Includes performance counter templates so you can collect the right data the first time.- Learn how to solve performance problems using free tools from Microsoft such as the Windows Sysinternals tools and more.- In a rush? Chapter 1 Start Here gets you on the quick path to solving the problem.- Also covers earlier versions such as Windows 7 and Windows Server 2008 R2.
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weāve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā even offline. Perfect for commutes or when youāre on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Windows Performance Analysis Field Guide by Clint Huffman in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.
Information
Chapter 1
Start here
Abstract
This chapter directs readers to various portions of the book depending on the symptoms.
Keywords
Performance Monitor
Perfmon
Sysmon
Performance counter
Counter path
Data collector
Counter log
BLG
Windows
Windows Server
Performance Analysis of Logs
PAL
Introduction
This book is intended to be a guide through the self-help process of troubleshooting performance issues with Microsoft Windows and Windows Server. As always, if you are in an emergency situation with your computer system, then immediately call Microsoft Support. Otherwise, start at this point in the book for guidance on where to start. The rest of this book covers more detailed concepts and procedures.
Is it a problem with boot or shutdown performance?
A healthy computer running Microsoft Windows 7 or later should be usable after powering it on in about 60 secondsāthis includes the time after logging (postboot). A healthy Windows Server computer might take a bit longer due to specialized hardware. If your system is taking longer than the expected amount of time to be usable, then it is worthy of more investigation. Go to Chapter 11 āBoot Performanceā to learn more about how to troubleshoot boot and shutdown performance.
Is it a hardware or software system hang?
A ācomplete hangā by this definition is where the system does not respond to any input from the keyboard or mouse for more than 1 minute after the system has already booted. If the system responses every few seconds, then it is not a complete hang. If the system is slow during boot, then go to Chapter 11 āBoot Performanceā to learn how to do a boot trace and other tips and tricks for improving boot performance. Otherwise, continue reading. Troubleshooting boot failures is not covered by this book.
There can be many causes of a complete hang and an important troubleshooting step is to determine if it is a hardware or software hang. A trick that Kevin Anderson showed me was to simply press the Num Lock key or the Caps Lock key on the keyboard. If the respective lights on the keyboard do not toggle on and off when the key is pressed, then it is likely a hardware hang. Go to section āCommon environmental and hardware-induced performance problemsā later in this chapter. Otherwise, it is more likely a software-related hang. Go to section āGeneral slow system performanceā later in this chapter.
Troubleshooting hardware system hangs
As mentioned earlier, it is beyond the scope of this book to troubleshoot hardware conditions, but I'll focus on some common conditions.
Review the system event logs
Whether it is a hardware or software system hang condition, if the system is ever in at a point where you can get to the Windows desktop, then try to go to the system event logs and search for possible hardware failure messages.
Potential cause: Busy or malfunctioning hardware
Malfunctioning hardware such as physical memory modules, hard drives, optical drives, and USB devices can cause the system to hang and/or respond slowly. Hardware devices that have been dropped, broken, misrepaired, or simply had coffee spilt into them are obvious (a friend of mine's wife had this happen several times by accident), so I'll focus on the not so obvious hardware problems. By the way, if a system or device ever does get water in it, then DO NOT POWER IT ON! Take the battery out and place the device or components into a bag of rice and let it sit in there until completely dry, which might take several days.
My friend, Don, once had a system that hung for 3 seconds every 30 seconds. We had a difficult time figuring out why the system was hanging like that. Once we started removing USB devices, it became clear that it was a malfunctioning sound device for recording live music. This is one of the many reasons to consider Microsoft logo'd devices when possible since they are less likely to cause problems.
Hardware diagnostics
Hardware manufacturers typically provide diagnostic tools in the BIOS or downloadable tools from their Web site to help find problems with their respective hardware. Consider running these tools if you suspect a hardware problem.
Potential cause: Virtual machine host
If the system is a virtual machine (a computer running on top of another computer) and hangs, then the host system might have exhausted its resources or throttled the virtual machine's resource usage. Go to section āVirtual machine considerationsā in Chapter 10 āProcessorā.
Potential cause: Power and/or excessive temperatures
Excessive heating and cooling can cause device to perform poorly or malfunction.
Go to section āCommon environmental and hardware-induced performance problemsā later in this chapter for troubleshooting power and heat problems.
Complete or partial system hangs
This section assumes the system eventually hangs after the system boots up normally. If the system hangs during boot, go to Chapter 11 āBoot Performanceā; otherwise, continue.
During a complete system hang after the system has been running for a while, if the keyboard lights are working fine, then it is likely a software condition causing the system to hang or to appear to hang. Very busy or poorly written drivers are the common causes of this condition.
Potential cause: high processor or disk usage
If the system is responsive every few seconds, then that is more likely a high resource usage condition such as processor or disk.
Go to Chapter 10 āProcessorā for processor monitoring and troubleshooting.
Go to Chapter 3 āStorageā for disk monitoring and troubleshooting.
Potential cause: lack of kernel pool memory
If there is no evidence of high processor or disk usage (detailed in Chapters 3 and 10) during the system hang, then the system might be out of memory in one or more various ways. A complete system hang that lasts indefinitelyāmeaning no update to the user interface in several minutesāmight indicate a lack of kernel nonpaged pool memory.
Go to Chapter 5 āKernel Memoryā for kernel pool memory monitoring and troubleshooting.
Potential cause: high processor interrupts or DPCs
This symptom is commonly associated with either high kernel-mode processor usage or frequent processor interrupts.
I was playing a PC game once and it played fine for many hours until the game and the system suddenly began to stutter and pause frequently. This had happened a few times already and this time I was prepared with a Windows Performance Recorder (WPR) trace in the background. Microsoft Support assisted me with the analysis of the ETL trace and discovered that the device driver for my USB headphones was issuing a high number of deferred procedure calls (DPCs). Once I updated the USB driver on my Windows 7 laptop, the problem never occurred again.
Go to Chapter 10 āProcessorā for both user-mode and kernel-mode processor monitoring and troubleshooting.
Process terminated unexpectedly
If a process/application is crashing regularly, then it is often due to poorly written code or unexpected environmental conditions. A process crash dump can be captured that can provide evidence of what led to the crash by using debugging tools such as ADPlus.exe (part of the Debugging Tools for Windows) or ProcDump.exe (part of Windows Sysinternals). Collecting a process crash dump is discussed in Appendix B Collecting Process Memory Dumps.
If the process is crashing due to an out of memory condition such as a System.OutOfMemoryException, then it is most likely runni...
Table of contents
- Cover image
- Title page
- Table of Contents
- Copyright
- Dedication
- Acknowledgments
- Biography
- Foreword
- Introduction
- Chapter 1: Start here
- Chapter 2: Performance monitor
- Chapter 3: Storage
- Chapter 4: Process memory
- Chapter 5: Kernel memory
- Chapter 6: System committed memory
- Chapter 7: Page files
- Chapter 8: Physical memory
- Chapter 9: Network
- Chapter 10: Processor
- Chapter 11: Boot performance
- Chapter 12: Performance Analysis of Logs (PAL) Tool
- Appendix A: Tools
- Appendix B: Collecting Process Memory Dumps
- Appendix C: Debug symbols
- Index