Defrag Tools (HD) - Channel 9

In this episode of Defrag Tools, Paula Januszkiewicz from CQURE, joins us to discuss Information Security (InfoSec).We talk about what InfoSec is, how to get started, what the role entails, and how the profession is evolving.Twitter: @PaulaCqurePaula on Channel 9 

The celebrate the 200th episode of Defrag Tools, three Microsoft Legends join us in the Channel 9 Studios, with a live studio audience, for a Game Show!Questions range from campus trivia, all the way through to obscure command switches.Raymond Chen, KC Lemson and Larry Osterman have all been at Microsoft for decades and have many stories to tell... so many that we needed two parts. So you don't have to wait, both parts are available for binging straight away!Episode #200 - Game Show Part 1Episode #201 - Game Show Part 2Raymond ChenThe Old New ThingChannel 9KC LemsonMicrosoft Life@kclemsonLarry OstermanWebLogChannel 9@osterman

The celebrate the 200th episode of Defrag Tools, three Microsoft Legends join us in the Channel 9 Studios, with a live studio audience, for a Game Show!Questions range from campus trivia, all the way through to obscure command switches.Raymond Chen, KC Lemson and Larry Osterman have all been at Microsoft for decades and have many stories to tell... so many that we needed two parts. So you don't have to wait, both parts are available for binging straight away!Episode #200 - Game Show Part 1Episode #201 - Game Show Part 2Raymond ChenThe Old New ThingChannel 9KC LemsonMicrosoft Life@kclemsonLarry OstermanWebLogChannel 9@osterman

In this episode of Defrag Tools, Chris Jackson, the "App Compat Guy" (@appcompatguy), joins us to discuss Windows Desktop App Assure - a program for eligible customers and partners to access FastTrack Specialists who provide advisory and remediation guidance on deploying Windows 10 and Office 365 ProPlus - notably Application Compatibility.We delve into some examples that the program has diagnosed and show some of the tools the specialists (and yourselves) can use to determine the root cause.Desktop App Assure - https://aka.ms/DesktopAppAssureSysinternals Process MonitorLUA Buglight 2.3Brad Anderson's announcement on Channel 9 Endpoint ZoneChris on Channel9

In this episode of Defrag Tools, Aaron Margosis joins us to discuss AaronLocker - a set of scripts that help you configure AppLocker. AppLocker restricts application execution, auditing or protecting your system from unwanted/malicious software.We delve into the abilities of AppLocker, what the AaronLocker scripts automate, and see what it looks like when an application is blocked..AaronLocker - Application whitelisting with “AaronLocker”Aaron's Blog - Aaron Margosis' Non-Admin, App-Compat and Sysinternals WebLogAaron on Channel9 - https://channel9.msdn.com/Events/Speakers/aaron-margosis 

In this episode of Defrag Tools, Chris Jackson, the "App Compat Guy" (@appcompatguy), joins us to discuss Windows Defender Advanced Threat Protection (ATP) - a unified platform for preventative protection, post-breach detection, automated investigation, and response.Defender ATP can be used to automatically investigate alerts and remediate complex threats in minutes.We delve into the Windows Defender Security Center, and perform Kusto queries to discover security events for the associated enterprise. Star a trial here.Example Queries - https://github.com/Microsoft/windowsDefenderATP-Hunting-Queries/ATP Blog - https://techcommunity.microsoft.com/t5/What-s-New/bd-p/WDATPNewChris on Channel9 - https://channel9.msdn.com/Events/Speakers/Chris-Jackson

In this episode of Defrag Tools, we discuss Windows Defender Application Guard, a great security feature in the Edge browser which allows you to easily run browser sessions in a virtual machine.

In this episode of Defrag Tools, we geek out on our favorite Command Prompt commands.Command covered:where.exe - WhereShows where a executable/script is on the PATH environment variablewhere notepad.exeipconfig.exe - IP ConfigurationIP Address Configuration - BasicipconfigIP Address Configuration - Advanced/Allipconfig /allIP Address Renewal/Resetipconfig /flushdnsipconfig /releaseipconfig /renewipconfig /registerdnsfindstr.exe - Find String/s - Sub Directories/n - Line Number/p - Search Pattern. e.g. Foo*Bar to match: Footastic Barcode/c - Escaped characters. e.g. /c:"\"Foo\" Bar" to find the text: "Foo" BarContact us at defragtools@microsoft.com and/or @defragtools

In this episode of Defrag Tools, we continue talking about the Windows Upgrade Log files.We delve into the Application and Device Inventory Files, that describe application compatibility issues between OS Releases.The logs pre/post upgrade can be found in:\$Windows.~bt\sources\panther\$Windows.~bt\Sources\Rollback\Windows\Panther\Windows\Panther\NewOSYou can review the logs manually, or use SetupDiag.Contact us at defragtools@microsoft.com and/or @defragtools

In this episode of Defrag Tools, we talk about the Windows Upgrade Log files.The "Panther" logs track the installation of a Windows Upgrade. The logs contain Information, Warnings and Errors. Not all errors are fatal, the trick is to look at only the (last) fatal error if an upgrade fails.The logs pre/post upgrade can be found in:\$Windows.~bt\sources\panther\$Windows.~bt\Sources\Rollback\Windows\Panther\Windows\Panther\NewOSYou can review the logs manually, or use SetupDiag.In the next episode, we'll dive deep into the logs when there is an application migration issue.Contact us at defragtools@microsoft.com and/or @defragtools

In this episode of Defrag Tools, we talk about Windows Update and Windows Setup. We describe the different technologies, what each does to download the software, prepare the installation, and finish the installation.In the next episode, we'll dive deep into the logs, showing you how to troubleshoot an installation issue. 

In this episode of Defrag Tools, we talk about HRESULT based Error Codes. The 32bits in the HRESULT have meanings, allowing the reader to gain additional insights into the error.Of note:The 32nd bit (the top bit) indicates if an error occurred or not. This is why errors are 0x8xxxxxxx.The 16-26 bits are the Facility - the originating API (Win32, CLR, XAML, etc.).The 0-15 bits are the (Error) Code.Common NULL Facility Error CodesNameDescriptionValueS_OKOperation successful0x00000000S_FALSEOperation successful but returned no results0x00000001E_ABORTOperation aborted0x80004004E_FAILUnspecified failure0x80004005E_NOINTERFACENo such interface supported0x80004002E_NOTIMPLNot implemented0x80004001E_POINTERPointer that is not valid0x80004003E_UNEXPECTEDUnexpected failure0x8000FFFFCommon Win32 Facility Error CodesThese are built by passing a System Error Code to HRESULT_FROM_WIN32NameDescriptionValueE_ACCESSDENIEDGeneral access denied error0x80070005E_HANDLEHandle that is not valid0x80070006E_INVALIDARGOne or more arguments are not valid0x80070057E_OUTOFMEMORYFailed to allocate necessary memory0x8007000ERelated Links:HRESULTHRESULT Facility – By ValueHRESULT Facility – By Name

In this episode of Defrag Tools, Chad Beeder is joined by Jorge Novillo and Ojasvi Choudhary to discuss the Performance Power Slider in Windows 10. We discuss how it works, how hardware partners can customize it, and how users can adjust some of its settings.Related Links:Overview & how to customize the default Perf Power Slider positionMicrosoft DocsPerf Power Slider Knob 1 – Processor TuningProcessor Power Management TuningPerformance Energy Preference TuningPerf Power Slider Knob 2 – Power Throttling background appsApp developers can define power throttling levels using the SetProcessInformation functionWindows blogHow to customize fan speeds, thermals, or other power settings for each slider positionINF AddPowerSetting DirectiveWinHEC Fall 2017 Power Lab (exercise 2D)Timeline:[00:00] Overview of the Performance Power Slider[02:54] Performance Power Slider on AC and DC power[04:02] Requirements to view the Performance Power Slider[04:49] Behind the scenes of the Performance Power Slider[07:22] Querying the custom processor settings[09:13] Power throttling user controls[14:14] How OEMs can customize the Performance Power Slider[19:25] Questions? Email us at defragtools@microsoft.com

Announcing the Inside Show, the show that takes you inside Windows!Inside covers Windows Features, Windows Internals, Exception Codes, Bugcheck Codes and Debugger Commands. Each episode is just 5 minutes, with no specific order between episodes. Watch the Welcome video!For longer topics (15-30min), we'll continue to cover them on Defrag Tools in 1 or more parts.Email questions, comments and requests to InsideShow@microsoft.com and DefragTools@microsoft.com

In this episode of Defrag Tools, Chad Beeder and Andrew Richards talk about what tech you could buy on Cyber Monday.We talk about USB Sticks, USB Cables, MicroSD Readers, International Power Adapters, Charging Stations, UPS Backup, Network Testers, Memory Sticks, Disk Drives, Drive adapters, Xbox Live, Xbox Game Pass, ... and many more things.For Intel Product Specs (to determine supported RAM, etc.), refer to http://ark.intel.com(Apologies for Andrew's poor voice)

In this episode of Defrag Tools, Chad Beeder and Andrew Richards talk to Marc Goodner and Reid Borsuk about the maker community at Microsoft, and the cool Ninjacat statue they built. Make sure to watch to the end to see all of its, shall we say... special features! 

In this episode of Defrag Tools, Andrew Richards is joined by JCAB (Juan Carlos Arevalo Baeza) and Jordi Mola from the Windows Debugger team to demonstrate some more advanced usage of a new feature of WinDbg Preview: Time Travel Debugging (TTD).Related Links:WinDbg Preview (download from Microsoft Store)Time Travel Debugging Overview (Online documentation)Debugging Tools for Windows BlogTime Travel Debugging FAQTimeline:[00:00] Introductions[01:07] Seeing a memory corruption crash in the Chakra Core when running a script. Difficult to debug![05:33] Now reproduce the same crash while recording a Time Travel Debugging trace[07:06] Looking at the TTD trace with unoptimized code[07:55] Use the !events command to list interesting events and exceptions in the trace and jump to them[11:43] Found the corrupt memory, step backwards to figure out where it came from.[13:15] Identifying the memory location containing a bad value with dx command, and setting a data breakpoint (with ba) to see who previously wrote to it.[17:37] Getting closer. Keep following the trail backwards...[19:29] Found where the bad value came from![21:08] Another use case: Find where a value is bad and track it back from there with a binary search (use !tt with a percentage value to jump to locations in the trace)[22:09] Second demo: Looking at the same crash but with optimized production code.[25:09] Exceptions will be hit when running the trace either forward or backward.[26:54] To give feedback on WinDbg Preview, use the Feedback Hub. 

In this episode of Defrag Tools, Chad Beeder is joined by James Pinkerton and Ivette Carreras to introduce a new feature of WinDbg Preview: Time Travel Debugging (TTD).Related Links:WinDbg Preview (download from Microsoft Store)Time Travel Debugging Overview (Online documentation)Debugging Tools for Windows BlogTime Travel Debugging FAQTimeline:[00:00] Introductions[00:54] Introducing Time Travel Debugging (TTD)[05:06] Tracing[07:33] Debugging Forwards[09:23] Debugging Backwards![13:31] Data is available[17:20] Great for Customer Support[19:11] Email us at defragtools@microsoft.com

In this episode of Defrag Tools, we continue our series on the new WinDbg Preview. Andrew Richards is joined by Bill Messmer to talk about the updated scripting engine.Related Links:WinDbg Preview (download from Microsoft Store)Documentation for WinDbg Preview (Dev Center)Announcement blog postRelated Episodes:Defrag Tools #138 - Debugging - 'dx' Command Part 1Defrag Tools #139 - Debugging - 'dx' Command Part 2Defrag Tools #169 - Debugging Tools For Windows TeamDefrag Tools #170 - Debugger - JavaScript ScriptingDefrag Tools #182 - WinDbg Preview Part 1Defrag Tools #183 - WinDbg Preview Part 2 

In this episode of Defrag Tools, Chad Beeder is joined by Nickolay Ratchev and Tim Misiak to show off some features of WinDbg Preview, a new version of the WinDbg tool.Also see our previous episode, if you missed it: Defrag Tools #182 - WinDbg Preview Part 1Related Links:WinDbg Preview (download from Microsoft Store)Documentation for WinDbg Preview (Dev Center)Announcement blog postTimeline:[00:00] Welcome and introductions[00:42] Recent targets - every debugging session is saved for easy access next time[01:44] New features of the locals window and watch window: Use LINQ expressions[03:22] Model window allows different views (i.e. grid)[04:05] Demo: Use a NatVis script to modify how data is shown in the Model window. JavaScript supported as well.[06:00] New interactions between windows, new features in Command window... better copy & paste[08:15] Right-click to search on MSDN[08:58] Use the Feedback Hub for bug reports and feature requests!