Logitech software fails to save settings? Fix here.

So, I’m a gamer.

And I’ve sort of settled on the Logitech series of gaming gear, C920, G213, G602. Running their gaming software (except for the overwolf overlay, I don’t need it, don’t stream).

Something that has kind of been nagging me, on the lower end of reality, is that when I set my mouse DPI, or notification preferences, post-reboot, they all disappeared. So at 5 am this morning I decided to find out why.

The answer is, for some reason, part of the tools installed by Logitech, namely LCore.exe in “C:\Program Files\Logitech Gaming Software”, does not run elevated by default. Why doesn’t it? I don’t know. Why does it need Administrator right? That’s actually a good question. I found tons of ACCESS DENIED events when I reproduced setting the check boxes as I preferred in the

To fix this do the following:

  • press the Windows Key + X
  • Select File Explorer
  • paste C:\Program Files\Logitech Gaming Software in the address bar and hit enter
  • Right click on LCore.exe and select Properties
  • Click the tab Compatibility
  • Check the box for Run As Administrator and click OK
  • Close File Explorer. Reboot.

Now you should have a system that saves your settings you want, like mouse DPI scaling, or button preferences, or not getting a notification Every Single Time you run a game that has a profile!

Proof in the pudding

Procmon showing LCore can’t access/write to its own key structure.

I checked the rights assignment. I tried changing rights on the regkey from the default, but the issue persisted. It probably has other keys it is trying to use, that are not located in HK_Local_Machine, but it’s 6:13 AM and I’m doing this pro bono, so maybe Logitech can noodle the specifics out and make a better installer for next rev.

Here’s what the registry rights were:

registry rights (unmodified)

 

 

Q/A

  • What up?  Nadda, you?
  • Why did you get lazy and not figure all this out and document it for Logitech?  I’m kinda tired right now, might edit after I sleep again.
  • What is the security impact of running LCore as administrator? It runs as administrator so it can screw stuff up if it gets exploited, etc. This is a design flaw of some kind in how they either 1) packaged the installer or program; or 2) a poorly tested solution. Well, or 3) both.

I personally had this issue, but it’s well documented at many places as a problem;

https://answers.microsoft.com/en-us/windows/forum/windows_vista-hardware/logitech-g5-mouse-settings-wont-save/

https://superuser.com/questions/421238/logitech-setpoint-doesnt-save-settings-windows-7

 

G303 doesn’t save RGB settings from LogitechG

What does “A referral was returned from the server” on Windows mean?

It turns out, it can mean the binary you are running has a bad certificate.

Bust this.

I downloaded the latest insider preview for the Windows 10 ADK.

Then I simply wanted to capture a trace…

Ok…so, weird? So I launch a command prompt, try it that way, (WPR works fine, just no UI btw).

Ok…weird-er?

So I procmon’d it. ‘Cause, “when in doubt, procmon

Why is WPRUI.exe being scanned heavily by Defender? What gives?

Ok, and what is BAM.sys? Exactly?

So, I did some searching, and someone noticed if they get this error “A referral was returned from the server” it meant digital sigs were busted… so I checked. Surely Microsoft didn’t ship a binary with a bad cert…right?

……..

So that’s a quick and dirty “Why the hell is this happening” brought to you by the dude.

 

Cheers

 

What does the new Microsoft Ultimate Power Plan do? (not much)

There has been some excitement in the announcement of Microsoft’s new Ultimate Power Plan. This power plan, for those who haven’t heard about it, is destined for Windows 10 Professional for Workstations. The setting also is present in Windows 10 Professional and Enterprise build 1803, but you have to add it in an administrative cmdline.

powercfg -duplicatescheme e9a42b02-d5df-448d-aa00-03f14749eb61

 

After doing this, it appears in your Power Options:

Ultimate Power is ready!

So, what does it do exactly?

Well, right now, I don’t think it does anything High Performance doesn’t do.

What what?!

Yeah, so here I am running minerd, a CPU hashing program. It’s parked on 4 cores of my AMD Ryzen 2700x.

Now what is the hash rate for each. The same.

hash rates on each plan

So, what gives?

Do a dump of High Performance, and Ultimate. It’s not hard.

Dump:

set power plan to high performance
powercfg -query > C:\temp\high.txt
change to your power plan to ultimate
powercfg -query > C:\temp\ultimate.txt
???
compare
profit!

 

So what’s next?

Uh, nothing? I’m personally staying on Ryzen because it works a ton better than Balanced and saves a smidge of power. For an Intel in a production environment? High. What about Ultimate? Meh for now. Sorry Microsoft.

Other power articles:

http://www.wservernews.com/newsletters/archives/power-plan-considerations-12679.html

Server 2012 and balanced power plan

Server 2012 and balanced power plan, part deux – processor queue length

 

 

 

Performance Series Part 2 – How to import an xml file into Perfmon on Windows.

Applies to: Windows 7+, Windows Server 2008 R2+
Target audience: People I support primarily. Anyone who wants to perf like a pro?

Why

There may come a time where you need to import an xml file given to you by a support person into Perfmon. This is so precise, targeted data captures can be made of the impacted system, or sometimes to baseline a system to know what good looks like.

What

The xml file is a template that defines the performance metrics to capture and also sometimes time intervals, file format for the results file, etc.

How

Step 1: Open Perfmon (start/perfmon or computer management/performance)

Step 2: Expand Performance and go to Data Collector Sets then User Defined.

Step 3:  Right Click the User Defined folder then select New > Data Collector Set.

Step 4: Give it a name and leave the “Create from a template” selected. Click Next.

Step 5: Click Browse and then select this file.

Step 6: Click through the wizard (next/next) and then select the top radio button “Open properties for this data collector set“.

Step 7: If you want to tweak anything about this collection, now is the time to do it. Most of the configuration has been done for you though. 200 MB rolling logs created in sequence with host name in the file name. This collects at a 1 second interval, to preserve space you can adjust to 5 or 10 seconds if you like. You do this by right clicking “Pal System Overview” under your data collector.

 

 

 

 

 

And then modifying the field you want to modify (in this example, Seconds)

 

 

 

 

 

 

 

 

 

Step 7: Once you are happy with the configuration, right click your data collector set and select Start.

 

Note this does not sustain through a restart/crash of Windows. To do that you need to follow this article: https://blogs.technet.microsoft.com/jeff_stokes/2011/11/16/how-to-sustain-your-data-collector-set-through-a-reboot/

Edited Why I shouldn’t write while dealing with a fever… under discussion.

So I am mining some coinage in the Cryptocurrency world. Mainly because the miners make GREAT performance testing resources. Nothing like maxing out CPU or GPU or both whenever you need it (and making a little speculative coin on the side).

But, Windows the mining program was doing me wrong. By default, the thread scheduler thing sets a new process to use ALL cores available and apparently go in sequence. This is ‘ok’ but I find I get MUCH better results when I don’t let the thread scheduler miner handle my CPU-based miner threads.

Case in point:

miner going slow

Note CPU #6. Why is it 70,000 hashes/second faster than it’s peers? Because it’s the only miner thread that doesn’t have it’s partner CPU also running at 100%.

Let’s look at this in Task Manager, this is what it looks like:

task manager core count.png

So see the pairings? CPU 0/1, CPU 2/3, CPU 4/5, CPU 6/idle.

That’s why CPU 6 can run faster. It’s hyper-threaded pair isn’t mussing it up. Plus it perhaps has better caching since it isn’t using pipeline cache for another busy thread (conjecture).

Anyway, changing this is trivial. I found my miner in task manager and right clicked it and selected Processor affinity.

proc affinity

See how it’s spread out on all CPUs? Yeah we’re going to fix that.

better proc affinity.png

Now I’m using every odd CPU, and every even CPU is not used by my miner process. Fair enough. I am only allocating 7 miner threads by the way, so we’re giving the miner an extra thread. Who cares. It might not use it. Don’t care.

Hit ok and see the results:

change.png

See, CPU 0, 2, 4, 6 are falling. The odds are all increasing.

The results? Pretty damn good. I went from 990 kH/s on 7 mining threads to 1746 kH/s.

I’ll take it.faster.png

All this because Windows thread scheduling leaves something to be desired…since like, a while ago. But that’s another story…

Carl schooled me.

How to mine Vertcoin (VTC)

So another Cryptocurrency has piqued my interest.

Vertcoincompariso.jpg

Vertcoin is very similar to Bitcoin and Litecoin but is ASIC resistant. I looked at the miner Vertcoin provides on GitHub and found it to have requirements that a normal Windows user could consider to be complicated.

So I wrote this guide cause it’s what I did and it works pretty well.

My system is an Nvidia GPU-based system, meaning the graphics card is made by Nvidia. Specifically I have a GTX 1070. This should work with most modern GPUs made by Nvidia that have CUDA cores in them (and the correct drivers installed, available here).

A quality wallet for VTC can be found here by the way.

Step by Step instructions

Step 1: Download and install 7zip from 7zip.org.

Step 2: Download and the latest CCMINER release from Tpruvot’s github repository. If your Windows is 64 bit, download the x64 version. If your Windows is 32 bit, download the x86 version. You can find your bit-ness by following this article.

Step 3: Once it is downloaded, right click the .7z file and select properties. Then 1) check the box for “unblock” and 2) click Ok.

unblock.jpg

Step 4: Right click the 7z you just Unblocked and select 7-Zip and Extract files…

uncompress.png

Step 5: Pick a place to run your program. I’m lazy so I pick my Desktop. Then I click OK a couple times.

desktop.png

Step 5a: If at this point your PC’s anti-virus is alerting you, uninstall it and get a quality AV solution.

Step 6:  Rename one of the .bat files already present to vert.bat. Pick one, doesn’t matter.

So far so good, this will prompt for a file name, simply type vert.bat and then hit the del key a couple times to remove the .txt ending.

vert.png

You then get a prompt warning you of impending doom (a rename dialog box). Click Ok.

rename.png

Step 7: Right click/edit the vert.bat file.

replace the 1st line with the following:

ccminer-x64 -a lyra2v2 -o stratum+tcp://coinotron.com:3340 -u jeffstokes72.juan -p sanchez

If you were 32 bit instead make the command

ccminer -a lyra2v2 -o stratum+tcp://coinotron.com:3340 -u jeffstokes72.juan -p sanchez

Step 8: Go register at https://coinotron.com/app?action=register. In the vert.bat replace the ‘jeffstokes72.juan’ with your username.worker and the ‘sanchez’ with your password for your worker.

If you don’t do this you’ll be mining for my worker id and giving me free credit for VTC coins.

The Coinotron help site has an example of how it should look too.

Step 9: double click the vert.bat file. If you’ve configured it properly and your system works with this miner, then you’ll see mining happening. On my GTX 1070 I am getting about 35 million hashes/sec. I’m making 2-3 coins a day.

Q: What do I do if this doesn’t work? Can you help me?

A: No. Not really. I have a day job. If you can’t get this guide to work for you, maybe go buy some VTC for cash instead. Sorry.

 

Q: I want to send you VTC as thanks!

A: cool my receive addresses are:

VTC –  VgvHkaGAFtgR5UQa8ao8PrNNNvoFDrnXZY

BTC – 16V5ccxZ3KUt9DdpeLtfKmrTk2Uaf4gCBX

ETH – 0x31F8f3f1deD3297b4285f2650A925c82ca11522D

 

For more info hit up https://vertcoin.org/blog/

 

Dude, where’s my RAM? (aka ShellExperienceHost steals my stuff)

So, there I was at my computer one night and I realized “wow, this thing is slow, wth”. No really, that’s what happened, scouts honor.

So I fired up TaskManager, my favorite level 1 triage tool.

taskman.png

And ZOINKS yo! (as Jay from Jay and Silent Bob fame is wont to say)

1.8GB of RAM. Not, like, stuff anywhere, but code in my RAM. Now granted, I have 24GB installed, but still. Why do bro?

So why is this happening? Let us discover why, on a vision quest-esque journey through Windows….

To find out what is going on, we need the PID, luckily for us, it’s right in front of us;

pid.png

Ok, so what are we going to do with that?

rammap1.png

We are going to check out the process and see what is going on here…

With VMMAP. Why? Dunno. Lets see.

heap.png

Ok so we attached VMMAP to the process, we see it’s all heap. The reason I did this, really, is because I had a pseudo-morbid curiosity that it might be META, but it’s heap. Okie, so spewage. Swell. Why? Dunno.

In comes Debug Diag 2.2

dd1.pngWhy yes Mr DebugDiag2.2, we want to analyze, (I hit cancel here btw)

dd2.png

Find the PID, create a dump for later perusal, why not.

dd3.png

Yay!

For fun I check strings on the process…w…t…h..strings.png

Apparently MeowMix took over my process….

whatevar.png

I right click, and tell DebugDiag to create a series of dumps on the process, start with a full, end with a full, make 8 dumps, 10 seconds apart. Ok? Ok!

working.png

Now we’re cookin with gas!

proof.png

Hey look, dumpage!

analysis.png

Now I fire up the easy button. Do you have an easy button? Mine is named “DebugDiag 2 Analysis”.

anal1.png

I check “PerfAnalysis” cause it’s a series of dumps, and leaktrack would not insert so it’s not present to track on.

anal2.png

Add the dumps, and start (assuming you have a valid symbol path, I do).

Ok, so why are we taking up 1.8 GB of ram for a suspended process in Windows?

I hate to say it, I really do. Cause I like these guys, but it looks like it might be Nvidia….

derp.png

DebugDiag’s report is a clarion call from on high. Update yo drivers sir!

Someone already bitched, and they bitched August 1st.

NVIDIA Drivers hanging Outlook

Someone did my work for me. They have the same stacks complaining, just different Thunks. Thunk!

You ain’t thunk, you ain’t nothin!

Anyway I was on 384.94 courtesy of WU, 385.28 released 8/14. A little behind. But still my problem persists….after updating.

 

Sigh… maybe someday I can has my RAM back?

nvwgf2umx_cfg!NVAPI_Thunk+9ce75
nvwgf2umx_cfg!NVAPI_Thunk+d001a
nvwgf2umx_cfg!NVAPI_Thunk+7b736d

kinda reads like a haiku….a haiku of eating my ram….or maybe Windows needs 2GB now to display the shell? The world may never know.

This post brought to you by the gram positive cocci that put me in the hospital last week.

Build a Perfmon data collector set from a PAL xml template

Howdy, simple walk-through post on how to build a Perfmon data collector set using the excellent templates available from Clint Huffman’s PAL utility.

Step 1: Export the appropriate template from PAL;

perfxml

One just clicks Threshold File (1), then Export to Perfmon template file (2), and gives it a file name to save as.

Step 2: Open Perfmon. Expand Data Collector Sets, User Defined, right-click, new – Data Collector Set. Give it a friendly name and hit next.

Step 3: click Browse, pick your XML file created in step 1. Click finish.

Step 4: Right click the new data collector set, properties. click on Stop Condition. Make it as so (200 MB limited file creation, restart at limit). Then click OK.

collectdata

Step 5: right click the PAL_System_Overview under your data collector set, properties, change sample interval to 5 seconds. Click File, set File name format to ddHHmmss and check Prefix file with computer name.

collectdata2

Click OK. right click and start the data collector set. Verify the files are being created in the Perflogs directory.

 

Docker on Windows: MobyLinuxVM failed to realize – fixed

Scenario:

  1. Download Docker for Windows (edge or stable branch, doesn’t seem to matter).
  2. Boot up and Docker will fail to start with MobyLinuxVM failed to realize.DBTDIHvU0AAdvLk

The hint is the text “<No file>” in the window above, for my scenario fix anyway.

To fix:

  1. Further investigation reveals the vhd is actually not there, nor is the VM present in Hyper-V manager. Looking further, something is amiss.
  2. Right-click the Docker icon in your system tray, select Settings.2017-06-02_3-44-56
  3. Select Advanced and validate your path for “Images and volumes VHD location”.2017-06-02_3-46-59
  4. Note the path. Does it exist? For me, no. It’s an old setting from a previous installation of Hyper-V on this system. The path is invalid as I removed Hyper-V to a dedicated host and deleted the directories post migration.
  5. Uninstall Docker (rerun the installer you downloaded, select Remove).
  6. Open Hyper-V Manager. (start, type “Hyper-V” and click it) 2017-06-02_4-03-38
  7. Right click your host name in Hyper-V Manager and select “Hyper-V Settings”.
  8. Browse your “Virtual Hard Disks” and “Virtual Machines” paths and set to valid directories, Save/Ok/Apply/etc.2017-06-02_4-05-33.png
  9. Reinstall Docker from the downloaded installer. Now that the Hyper-V path for VM/disks is valid, Docker can place the MobyLinuxVM disk and create the Virtual Machine in Hyper-V and start it. yay.
  10. ???
  11. Profit

 

Suggestion: Pre-flight installer for Docker for Windows might want to check that the paths are valid for the creation of the vhd file/VM.

Further suggestion: When you run Hyper-V for a bit, then remove the feature from Windows. MAYBE, just maybe, Windows should remove the damn settings so when you re-enable Hyper-V it starts off fresh, instead of with stale info.

Further further suggestion: Live long and prosper.

This is the bug I filed, looks like they might fix it (should be a hyper-v fix too honestly, maybe I’ll feedback that too).

 

Dude out

 

Windows 10 VDI Optimization Script

Hello party people!

Dude here. Carl Luberti has worked some scriptastic magic on WIndows 10 to make it a friendly (er) VM guest for VDI. Edit – non-persistent pooled VMs may have issues. Undocumented/untested/etc.

Twitter post is here  and includes a nice picture I took at Gibbs Gardens in North Georgia.

If you prefer to go straight to the meat and potatoes, the script is now hosted in GitHub:

Carl's VDI Repo

And what has the dude been listening to lately? What have I been up to, one might ask?

I fell in February actually and fractured my skull. I am recovering from a head concussion still and therefore don't have a lot of interesting things to report, other than, well, mistakes I make at work because I can't remember things?

Yay me?

Oh hey I did a VDI webinar with eGinnovations, you can see it here.

And check this out as well (not me but neat). Unidesk has some real magic to show you on VDI.

And what have I been listening to?

Right now, out of character for me, is Boz Scaggs and Duane Allman, singing Loan Me a Dime.