Author: jeffstokes2014

Elite:Dangerous – Mining Lasers vs Deep Core Mining

  Non-authoritative list for me to keep track of what is mined how. Elite Dangerous Odyssey etc.     The following can be mined using mining lasers: Low Temperature Diamonds Platinum Osmium Cobalt Gold Silver Palladium Samarium Coltan Indite Lepidolite Lithium Hydroxide Methane Clathrate Methanol Monohydrate Crystals Painite Rutile   The following can be mined… Continue reading Elite:Dangerous – Mining Lasers vs Deep Core Mining

How to collect a boot trace on Windows 10 with Windows Performance Recorder from the Microsoft ADK

The Dude

For: Windows 10 (any x64 build) Requirements: Windows Performance Toolkit from the Microsoft ADK   Launch WPRUI as administrator (aka Windows Performance Recorder) by clicking Start and searching for WPRUI. Right-click/click run as administrator Check boxes that are important in your scenario. My recommendation is check First Level Triage Expand Resource Analysis check CPU check… Continue reading How to collect a boot trace on Windows 10 with Windows Performance Recorder from the Microsoft ADK

Windows, Zombie Processes, and bullshit code

Hi, In my work at Tanium I do a bit of debugging and performance analytics. Over the last 2-3 years, a LOT of this has centered around how Windows systems get slower and slower over time. This has been a common complaint/statement of ridicule/FUD since I started my career in IT 26 years ago in… Continue reading Windows, Zombie Processes, and bullshit code

CVE-2021-26807 – GOG GALAXY v2.0.35 DLL Load Order Hijacking

Authors: Brian Papile and Jeff Stokes Executive summary The GOG Galaxy version 2.0.35 was vulnerable to a DLL Load Order Hijacking vulnerability. The vendor has patched the vulnerability and released version 2.0.37, as of March 30, 2021. Discovery This vulnerability came about when we tried to uninstall the Folding at Home Client, but its folder… Continue reading CVE-2021-26807 – GOG GALAXY v2.0.35 DLL Load Order Hijacking

Exploring the hidden opportunities of sudden change in enterprise IT management.

Tanium’s blog post featuring Lumentum’s CIO Ralph Loura’s blog post really resonated with me on a couple of levels. The one thing in life that seems predictable is change. I know it is a bit cliche, but this has been true in my life. While sometimes it is difficult to see the positive aspect in situations, it seems  to me… Continue reading Exploring the hidden opportunities of sudden change in enterprise IT management.

EDRefCard.info is down! Long live EdRefCard! How to set up your own instance of EdRefCard so you can create a card for your HOTAS config in Elite Dangerous.

<no longer needed, EDRefCard.info is back up!!!> How to set up your own instance of EdRefCard so you can create a card for your HOTAS config in Elite Dangerous. Share with friends, import friends config files and get cards made for those. What? – This used to be served at https://edrefcard.info but the site has… Continue reading EDRefCard.info is down! Long live EdRefCard! How to set up your own instance of EdRefCard so you can create a card for your HOTAS config in Elite Dangerous.

How to collect a boot trace on Windows 10 using xbootmgr

Sometimes in support you’ll be asked to collect a boot trace to help troubleshoot slow boot or slow logon scenarios. The symptoms are a long time passes from startup to the CTRL+ALT+DEL or  from CTRL+ALT+DEL to a usable desktop experience. This blog will walk you through the steps needed to do this. While you can… Continue reading How to collect a boot trace on Windows 10 using xbootmgr

Windows 10 20H2 boot trace – dropped events

TLDR: At time of writing, Windows 10 20H2 has a bug where the default buffer allocations in boot tracing are inadequate to capture the data of a boot trace. The fix is pretty simple, use good old xbootmgr instead. This is a binary from the older ADK and gets installed when you install the current… Continue reading Windows 10 20H2 boot trace – dropped events

Exit mobile version