Fix game stutter on Win 10 1703-1809

Discussion in 'Videocards - NVIDIA GeForce Drivers Section' started by Mott, Apr 3, 2018.

  1. Smough

    Smough Master Guru

    Messages:
    639
    Likes Received:
    112
    GPU:
    GTX 1060 3GB
    Useful info, I will keep this in mind and give it a go sometime. I've disabled the 3 ASLR protections on Windows Defender; don't remember who from this thread said disabling those helped tremendously when Windows needs to manage Standby Memory and so far, it seems to help quite a bit, haven't touched exploit protections yet, kinda unsure about disabling that, already disabling ASLR makes you more vulnerable on the internet, however, I am very careful with that I download and what I install, I always check latency to see if anything is wrong and suspicious processes with process explorer and such and even then, I could be infected without really knowing it. I also disabled Spectre&Meltdown mitigations for my CPU, so yeah, I assume the risks, but I won't trade performance over being "safe", besides reinstalling Windows from time to time it's pretty much normal to me now anyway.

    I will list down some games that seem to stutter on my computer and turn those protections off to see what happens.
     
    Last edited: May 8, 2021
  2. Chrysalis

    Chrysalis Master Guru

    Messages:
    223
    Likes Received:
    24
    GPU:
    RTX 3080 FE
    If I was to go down the route of disabling globally, I will of course make sure its still enabled for attack vectors.

    Those are going to be.

    Web browsers
    Email clients
    Office apps that can load code such as MS Office
    Adobe Reader/Java/Flash etc.

    It will still be possible to enable mitigations on these if off globally by default, and process explorer even seems to indicate many things still are using CFG, it doesnt force you to have it disabled on everything, and this is the approach apps like malwarebytes anti exploit and hitman pro alert take, they target the mitigations to specific executables.

    I have already enabled everything but CFG and ASLR again and its no impact on any of the things I mentioned so as suspected its either ASLR, CFG or a combination of both.
     
  3. Chrysalis

    Chrysalis Master Guru

    Messages:
    223
    Likes Received:
    24
    GPU:
    RTX 3080 FE
    I fixed FF7 by applying overrides to dwm.exe, the window manager executable. So not nearly as bad in terms of security implications as setting default to disable. I expect this will potentially help any windowed or borderless full screen game.
     
  4. MajorMagee

    MajorMagee Active Member

    Messages:
    60
    Likes Received:
    15
    GPU:
    GTX 670
    Which override did you apply to dwm.exe to resolve the issue?
     

  5. Chrysalis

    Chrysalis Master Guru

    Messages:
    223
    Likes Received:
    24
    GPU:
    RTX 3080 FE
    bottom up aslr off and cfg off. Aslr is what had most of the impact, but cfg was more than insignificant so i did that too,
     
  6. mbk1969

    mbk1969 Ancient Guru

    Messages:
    10,932
    Likes Received:
    8,237
    GPU:
    GF RTX 2070 Super
    I still do not understand (as a developer) how ASLR can affect any process after it was created and started. I mean ASLR is applied only during the process creation stage, before the code is executed.
     
  7. theoneofgod

    theoneofgod Ancient Guru

    Messages:
    4,611
    Likes Received:
    252
    GPU:
    RX 580 8GB
    @Wagnard

    [​IMG]

    It should be clearing the standby list now right?

    Edit: I had Firefox.exe and Steam.exe in the exclusions list. I just cleared them two and it finally purged. Something not right there.
     
  8. Smough

    Smough Master Guru

    Messages:
    639
    Likes Received:
    112
    GPU:
    GTX 1060 3GB
    How you do that?
     
  9. Smough

    Smough Master Guru

    Messages:
    639
    Likes Received:
    112
    GPU:
    GTX 1060 3GB
    If you are on the latest Windows versions (1809, 1909 and above) most likely you don't need this, test your games without this, really, this is only if your games stop hitching with this, if they still do, you need another fix.
     
  10. Chrysalis

    Chrysalis Master Guru

    Messages:
    223
    Likes Received:
    24
    GPU:
    RTX 3080 FE
    Security applet, app and browser control, exploit protection settings (scroll down to see it), program settings, add program to customise, add by path, then tick the override you want and apply.

    I am currently considering my position on CFG, I expect if I keep it on by default I will potentially be having to whitelist dozens of games, quite some hassle, so I may end up going disable by default and then just enabling it for browsers, office, java, adobe. But as is for now, I have it on by default, overridden for dwm, macrium and a few games.
     

  11. Chrysalis

    Chrysalis Master Guru

    Messages:
    223
    Likes Received:
    24
    GPU:
    RTX 3080 FE
    I grossly under stated the impact of CFG earlier on macrium.

    My ff7 backup just completed in under 40 seconds with average read speeds of 4mB/sec on the SSD the files are stored on (no actual backup made as no changes, the time is spent scanning files for changes).

    With CFG on it crawls not even reaching a single MB/sec and takes over 20 minutes, so CFG absolutely murders macrium reflect.
     
  12. kman

    kman Master Guru

    Messages:
    294
    Likes Received:
    17
    GPU:
    1080ti Strix
    You guys talking about w10 v1703-1809 only? I have disabled CFG globally since I first discovered it existed a few years ago because it was reported causing stutters/decrease in performance in some games.(currently on w10 20h2)

    You reckon bottom-UP ASLR could effect performance?I think I remember someone mentioning something about it doing something to some dx12 game like a year/2 years ago.Forgot the name of the game.

    I've also seen a video of some guy adding game.exe's and disabling every exploit protection for said games.Seemed like a bit of a hassle tbh.
     
    Last edited: Apr 19, 2021
  13. mbk1969

    mbk1969 Ancient Guru

    Messages:
    10,932
    Likes Received:
    8,237
    GPU:
    GF RTX 2070 Super
    Actually there is PowerShell command to enable or disable any exploit mitigation for one or many exe-files:
    Code:
    NAME
        Set-ProcessMitigation
     
    SYNOPSIS
        Commands to enable and disable process mitigations or set them in bulk from an XML file.
     
     
    SYNTAX
        Set-ProcessMitigation
            [[-Name] <String>]
            [-Disable {DEP | EmulateAtlThunks | SEHOP | ForceRelocate | RequireInfo | BottomUp | HighEntropy | StrictHandle | DisableWin32kSystemCalls | AuditSystemCall | ExtensionPoint | DynamicCode  | AuditDynamicCode | CFG | SuppressExports | StrictCFG | BlockNonMicrosoftSigned | AllowStoreSigned | AuditMicrosoftSigned | AuditStoreSigned | EnforceModuleDepencySigning | DisableNonSystemFonts | FontAuditOnly | AuditFont | BlockRemoteImages | BlockLowLabel | PreferSystem32 | AuditImageLoad | EnableExportAddressFilter | AuditEnableExportAddressFilter | EnableExportAddressFilterPlus | AuditEnableExportAddressFilterPlus | EnableImportAddressFilter | AuditEnableImportAddressFilter | EnableRopStackPivot | AuditEnableRopStackPivot | EnableRopCallerCheck | AuditEnableRopCallerCheck | EnableRopSimExec | AuditEnableRopSimExec | SEHOP | AuditSEHOP | SEHOPTelemetry | TerminateOnHeapError | DisallowChildProcessCreation | AuditChildProcess | UserShadowStack | UserShadowStackStrictMode | AuditUserShadowStack}]
            [-EAFModules <String[]>]
            [-Enable {DEP | EmulateAtlThunks | SEHOP | ForceRelocate | RequireInfo | BottomUp | HighEntropy | StrictHandle | DisableWin32kSystemCalls | AuditSystemCall | ExtensionPoint | DynamicCode | AuditDynamicCode | CFG | SuppressExports | StrictCFG | BlockNonMicrosoftSigned | AllowStoreSigned | AuditMicrosoftSigned | AuditStoreSigned | EnforceModuleDepencySigning | DisableNonSystemFonts | FontAuditOnly | AuditFont | BlockRemoteImages | BlockLowLabel | PreferSystem32 | AuditImageLoad | EnableExportAddressFilter | EnableExportAddressFilterPlus | EnableImportAddressFilter | EnableRopStackPivot | EnableRopCallerCheck | EnableRopSimExec | SEHOP | AuditSEHOP | SEHOPTelemetry | TerminateOnHeapError | DisallowChildProcessCreation | AuditChildProcess | UserShadowStack | UserShadowStackStrictMode | AuditUserShadowStack}]
            [-Force {on | off | notset}]
            [-Remove]
            [-Reset]
            [<CommonParameters>]
     
        Set-ProcessMitigation
            [-Disable {DEP | EmulateAtlThunks | SEHOP | ForceRelocate | RequireInfo | BottomUp | HighEntropy | StrictHandle | SystemCall | AuditSystemCall | ExtensionPoint | DynamicCode | AuditDynamicCode | CFG | SuppressExports | StrictCFG | BlockNonMicrosoftSigned | AllowStoreSigned | AuditMicrosoftSigned | AuditStoreSigned | EnforceModuleDepencySigning | DisableNonSystemFonts | FontAuditOnly | AuditFont | BlockRemoteImages | BlockLowLabel | PreferSystem32 | AuditImageLoad | EnableExportAddressFilter | EnableExportAddressFilterPlus | EnableImportAddressFilter | EnableRopStackPivot | EnableRopCallerCheck | EnableRopSimExec | SEHOP | AuditSEHOP | SEHOPTelemetry | TerminateOnHeapError | DisallowChildProcessCreation | AuditChildProcess | UserShadowStack | UserShadowStackStrictMode | AuditUserShadowStack}]
            [-EAFModules <String[]>]
            [-Enable {DEP | EmulateAtlThunks | SEHOP | ForceRelocate | RequireInfo | BottomUp | HighEntropy | StrictHandle | SystemCall | AuditSystemCall | ExtensionPoint | DynamicCode | AuditDynamicCode | CFG | SuppressExports | StrictCFG | BlockNonMicrosoftSigned | AllowStoreSigned | AuditMicrosoftSigned | AuditStoreSigned | EnforceModuleDepencySigning | DisableNonSystemFonts | FontAuditOnly | AuditFont | BlockRemoteImages | BlockLowLabel | PreferSystem32 | AuditImageLoad | EnableExportAddressFilter | EnableExportAddressFilterPlus | EnableImportAddressFilter | EnableRopStackPivot | EnableRopCallerCheck | EnableRopSimExec | SEHOP | AuditSEHOP | SEHOPTelemetry | TerminateOnHeapError | DisallowChildProcessCreation | AuditChildProcess | UserShadowStack | UserShadowStackStrictMode | AuditUserShadowStack}]
            [-Force {on | off | notset}]
            [-Remove]
            [-Reset]
            [-System]
            [<CommonParameters>]
     
        Set-ProcessMitigation [-IsValid] -PolicyFilePath <String> [<CommonParameters>]
     
     
    DESCRIPTION
        Used to turn on and off various process mitigation settings. Can also apply (Or Validate) an XML file to apply settings for many processes at once.
     
    PARAMETERS
        -Disable <String[]>
            Comma separated list of mitigations to disable. Disable list takes priority over enable list. If specified in both, it will be disabled.
     
        -EAFModules <String[]>
            Modules to be added to the EAF+ mitigation.
     
        -Enable <String[]>
            Comma separated list of mitigations to enable. Disable list takes priority over enable list. If specified in both, it will be disabled.
     
        -Force <String>
            Overrides a system setting either on or off depending on the level this is set at. Will force "on"/"off" all mitigations provided in the -Enable list
     
        -IsValid [<SwitchParameter>]
            Set to check the given XML file for validity. Requires local .xsd
     
        -Name <String>
            Name of the process to apply mitigation settings to. Can be in the format "notepad" or "notepad.exe"
     
        -PolicyFilePath <String>
            An XML file with mitigation settings for many processes that is applied to the registry
     
        -Remove [<SwitchParameter>]
            Removes a mitigation entry from the registry.
     
        -Reset [<SwitchParameter>]
            Resets a specific mitigation entry to defer.
     
        -System [<SwitchParameter>]
            Used to configure system defaults rather than individual apps.
     
        <CommonParameters>
            This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and  OutVariable. For more information, see about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
     
        Example 1
     
        PS C:\>  set-ProcessMitigation -Name Notepad.exe -Enable SEHOP -Disable MandatoryASLR
     
        Gets the current process mitigation for "notepad.exe" from the registry and then enables SEHOP, and disables MandatoryASLR.
    
        Example 2
     
        PS C:\> set-ProcessMitigation -PolicyFilePath settings.xml
     
        Applies all settings inside settings.xml
    
        Example 3
     
        PS C:\> set-ProcessMitigation -PolicyFilePath settings.xml -IsValid
     
        Checks if the given file is a valid settings.xml, requires local .xsd
    
    REMARKS
        To see the examples, type: "get-help Set-ProcessMitigation -examples".
        For more information, type: "get-help Set-ProcessMitigation -detailed".
        For technical information, type: "get-help Set-ProcessMitigation -full".
    

    And there is "get" counterpart command
    Code:
    NAME
        Get-ProcessMitigation
     
    SYNOPSIS
        Gets the current process mitigation settings, either from the registry, from a running process, or saves all to a XML.
     
     
    SYNTAX
        Get-ProcessMitigation [-FullPolicy] [<CommonParameters>]
     
        Get-ProcessMitigation [-Id] <Int32[]> [<CommonParameters>]
     
        Get-ProcessMitigation [-Name] <String> [-RunningProcesses] [<CommonParameters>]
     
        Get-ProcessMitigation [-RegistryConfigFilePath <String>] [<CommonParameters>]
     
        Get-ProcessMitigation [-System] [<CommonParameters>]
     
     
    DESCRIPTION
        Gets all process mitigation settings either by process name (either running or from -Registry), or by process ID. Can also save all settings to an XML file.
     
    PARAMETERS
        -FullPolicy [<SwitchParameter>]
            Returns every processes' current mitigation settings in the registry
     
        -Id <Int32[]>
            Process Id to retrieve current running process mitigation settings from
     
        -Name <String>
            Current process name to get current running (Or from registry) process mitigation settings from one (Can be more than one instance)
     
        -RegistryConfigFilePath <String>
            File to save the current registry process mitigation configuration to
     
        -RunningProcesses [<SwitchParameter>]
            Pull the current process mitigation settings from a running instance instead of the registry.
     
        -System [<SwitchParameter>]
            Pulls the current system defaults for process mitigations.
     
        <CommonParameters>
            This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and  OutVariable. For more information, see about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
     
        Example 1
     
        PS C:\> Get-ProcessMitigation -Name notepad.exe -RunningProcess
     
        Gets the current settings on all running instances of notepad.exe
    
        Example 2
     
        PS C:\> Get-ProcessMitigation -Name notepad.exe
     
        Gets the current settings in the registry for notepad.exe
    
        Example 3
     
        PS C:\> Get-ProcessMitigation -Id 1304
     
        Gets the current settings for the running process with pid 1304
    
        Example 4
     
        PS C:\> Get-ProcessMitigation -RegistryConfigFilePath settings.xml
     
        Gets the all process mitigation settings from the registry and saves them to the xml file settings.xml
    
        Example 5
     
        PS C:\> Get-ProcessMitigation -FullPolicy
     
        Gets all policies for all processes set in the registry.
    
        Example 6
     
        PS C:\> Get-ProcessMitigation -System
     
        Gets the current system process mitigation defaults stored in the registry.
    
        Example 7
     
        PS C:\> Get-Process notepad | Get-ProcessMitigation
     
        Gets the current process mitigation settings for all running instances of notepad.exe
    
    REMARKS
        To see the examples, type: "get-help Get-ProcessMitigation -examples".
        For more information, type: "get-help Get-ProcessMitigation -detailed".
        For technical information, type: "get-help Get-ProcessMitigation -full".
    
    So using these two commands you can disable mitigations in bulk:
    - manually disable mitigations for one exe-file (and apply);
    - get XML-file with mitigations for that file with "Get-ProcessMitigation" command and add as many other exe-files to that XML-file;
    - apply your XML-file with "Set-ProcessMitigation" command.

    PS Of course, it is possible to write tool which will made all this but with simple GUI, if you will manage to find not-so-lazy-programmer.

    PPS Also it is possible to create a PowerShell script which will search for exe-files in specified folders and disable a set of mitigations for all found ones.
     
    Last edited: Apr 19, 2021
    enkoo1 likes this.
  14. Chrysalis

    Chrysalis Master Guru

    Messages:
    223
    Likes Received:
    24
    GPU:
    RTX 3080 FE
    Another update on dwm, previously my entire system used to briefly hang when editing tasks in task scheduler, was a very odd behaviour, since I have removed mitigations from it that behaviour has stopped. Essentially what I am saying is there is more and more justification to freeing dwm, its unlikely to be a viable attack vector on your system so no real security implications.

    Also thanks for info mbk1969, that is useful for perhaps scripted/automated configuration, probably will use it to batch whitelist games as you suggested.
     
    Last edited: Apr 21, 2021
  15. Chrysalis

    Chrysalis Master Guru

    Messages:
    223
    Likes Received:
    24
    GPU:
    RTX 3080 FE
    Yep I am on 1809.

    I will tell you my opinion.

    I dont think CFG is a blanket large performance hit to everything, I think its a case if you write your code to be aware of it, it will perform better, kind of like REBAR on nvidia, how it benefits some games but not others, depends how the workflow of the code is. Microsoft Office on my rig right now flies, its way faster than office 2010 was on Windows 8, and Windows 8 doesnt have CFG.

    One could argue similar with ASLR, Windows has 2 ASLR options, one is to enable it on applications that support it, the other is to force enable it on other applications, the second is off by default as one might guess, it could cause unpredictable stability. The reason I think DWM is bad with ASLR, is DWM interacts with any program that utilises gpu acceleration in the windowed environment, my theory is if that application is not supporting ASLR natively (such as the 20+ year old final fantasy 7) then it can have a negative effect on performance. ASLR basically randomises the address space, to me logically that shouldnt have a huge performance hit so the results on FF7 did surprise me, I think its an edge case.

    When you look at what CFG does however, its easy to see how that can hurt performance.

    An interesting note as well from google developers, on a memory exploit document written for chrome, they advise people to not use EMET to force mitigations vs what is natively compiled in as OS managed exploit protection has much bigger performance impact vs app managed.

    Given I am now aware of a command line command, I am probably going to keep CFG enabled globally now, and make a script that scans for executables in my game folders, and then exempt them, probably a little bit risky if someone ever managed to dump malware in those folders, but I would rather do that then disable it globally. I already have ASLR disabled globally. However I expect I will change that back to default as well, and use the script, as I think most of the benefit I am getting from the ASLR off is on DWM, so just need to override it on that and specific games. ASLR has no effect on macrium reflect or the task scheduler UI, for those two its just CFG.
     
    Last edited: Apr 21, 2021

  16. mbk1969

    mbk1969 Ancient Guru

    Messages:
    10,932
    Likes Received:
    8,237
    GPU:
    GF RTX 2070 Super
    Last edited: Apr 21, 2021
  17. Chrysalis

    Chrysalis Master Guru

    Messages:
    223
    Likes Received:
    24
    GPU:
    RTX 3080 FE
    Yeah thanks, it might be the chrome devs were referring to other mitigations as the article talks about multiple exploits, DEP, ASLR etc.

    Here is the article, it doesnt mention CFG. Was written before CFG was widely used.

    https://www.chromium.org/Home/chromium-security/chromium-and-emet
     
    Last edited: Apr 21, 2021
  18. mbk1969

    mbk1969 Ancient Guru

    Messages:
    10,932
    Likes Received:
    8,237
    GPU:
    GF RTX 2070 Super
    "ROP chain detection and prevention" - but they talk about EMET protecting Windows API functions, not functions in code of executable itself. Windows API functions are well known and reside in OS code itself...
     
  19. BlackNova92

    BlackNova92 Member Guru

    Messages:
    135
    Likes Received:
    8
    GPU:
    16gb
    Was wondering, with newer versions of W10, 20H2 for example, is it better to not use standbylist cleaner and the 0.5 timer-res? (i don't know if windows uses 0.5 anyway when you play games for example)
    Would be good to know if i can finally forget about this program.
    i'm really curious.
     
  20. Smough

    Smough Master Guru

    Messages:
    639
    Likes Received:
    112
    GPU:
    GTX 1060 3GB
    Since Windows 10 version 1803 17134.320 it was fixed, so any Windows version after that should be free of the problem, however some people still report better performance using standby list cleaner, so you just have to keep testing it, some say they still have the problem, so keep that in mind.

    As for the timer res, don't touch bcdedit and don't change it to 0.5 randomly in Windows thinking "I know better". Lleave this as stock, Windows knows that its doing and when to set it to 0.5. It's weird you say "0.5" since Windows 10 handles this as an uneven number; 0.4992 in my case when I change it, leave this alone in Windows, don't make it an "even" number, this is a debug number for a reason, if you change it to "even number" on 10 it will hurt other system timers and some games could have odd frametiming issues, I learned that the hard way.
     

Share This Page