How to analyze Windows minifilter performance impact

A question was brought to me, of how can one analyze minifilter driver impact on Windows clients? For the answer, I went back to my roots. Because, with agents from security and management tools enterprises use, like AV, SCCM, Tanium, BigFix, etc, generally you don’t know what its doing at a specific time, and then… Continue reading How to analyze Windows minifilter performance impact

PSA: Corsair iCUE has a handle leak and makes Windows explorer slower over time

Impacted version is current plus several previous: 4.21.173 and below Handle leak is pretty obvious: Over time, a day or two, it’ll climb into the several hundred thousands. Process Explorer shows the handles are to drive resources (including Xbox/Store games that install xhd)   Disabling the storage widget and restarting the service shows handles stay… Continue reading PSA: Corsair iCUE has a handle leak and makes Windows explorer slower over time

Elite:Dangerous – Mining Lasers vs Deep Core Mining

  Non-authoritative list for me to keep track of what is mined how. Elite Dangerous Odyssey etc.     The following can be mined using mining lasers: Low Temperature Diamonds Platinum Osmium Cobalt Gold Silver Palladium Samarium Coltan Indite Lepidolite Lithium Hydroxide Methane Clathrate Methanol Monohydrate Crystals Painite Rutile   The following can be mined… Continue reading Elite:Dangerous – Mining Lasers vs Deep Core Mining

How to collect a boot trace on Windows 10 with Windows Performance Recorder from the Microsoft ADK

The Dude

For: Windows 10 (any x64 build) Requirements: Windows Performance Toolkit from the Microsoft ADK   Launch WPRUI as administrator (aka Windows Performance Recorder) by clicking Start and searching for WPRUI. Right-click/click run as administrator Check boxes that are important in your scenario. My recommendation is check First Level Triage Expand Resource Analysis check CPU check… Continue reading How to collect a boot trace on Windows 10 with Windows Performance Recorder from the Microsoft ADK

Windows, Zombie Processes, and bullshit code

Hi, In my work at Tanium I do a bit of debugging and performance analytics. Over the last 2-3 years, a LOT of this has centered around how Windows systems get slower and slower over time. This has been a common complaint/statement of ridicule/FUD since I started my career in IT 26 years ago in… Continue reading Windows, Zombie Processes, and bullshit code

CVE-2021-26807 – GOG GALAXY v2.0.35 DLL Load Order Hijacking

Authors: Brian Papile and Jeff Stokes Executive summary The GOG Galaxy version 2.0.35 was vulnerable to a DLL Load Order Hijacking vulnerability. The vendor has patched the vulnerability and released version 2.0.37, as of March 30, 2021. Discovery This vulnerability came about when we tried to uninstall the Folding at Home Client, but its folder… Continue reading CVE-2021-26807 – GOG GALAXY v2.0.35 DLL Load Order Hijacking

Exploring the hidden opportunities of sudden change in enterprise IT management.

Tanium’s blog post featuring Lumentum’s CIO Ralph Loura’s blog post really resonated with me on a couple of levels. The one thing in life that seems predictable is change. I know it is a bit cliche, but this has been true in my life. While sometimes it is difficult to see the positive aspect in situations, it seems  to me… Continue reading Exploring the hidden opportunities of sudden change in enterprise IT management.

EDRefCard.info is down! Long live EdRefCard! How to set up your own instance of EdRefCard so you can create a card for your HOTAS config in Elite Dangerous.

<no longer needed, EDRefCard.info is back up!!!> How to set up your own instance of EdRefCard so you can create a card for your HOTAS config in Elite Dangerous. Share with friends, import friends config files and get cards made for those. What? – This used to be served at https://edrefcard.info but the site has… Continue reading EDRefCard.info is down! Long live EdRefCard! How to set up your own instance of EdRefCard so you can create a card for your HOTAS config in Elite Dangerous.

Exit mobile version