Citrix tool: VolatilePool Enabler

When the stack of a process is overrun by a second process, analysis of the dump is not possible because the crash occurs when the original process writes to kernel space occupied by a second process.

Special pool tagging causes the offending driver to crash as soon as it tries to write to the kernel space, before overwriting the space, and enables the debugger to analyze the crash.

VolatilePool is a debugging tool that enables the special pool flag for all drivers on the system without the need to restart the machine. This is useful, especially on provisioned machines that otherwise require the administrator to create a new image for the registry changes to persist.

Prerequisites

VolatilePool can run on any Microsoft Windows computer that is Windows Vista or later.

It must be run as a user with Administrative privileges for all features to be functional.

Installing VolatilePool

To install VolatilePool, copy the VolatilePool.exe file to the desired location.

How to Use VolatilePool

When the user opens VolatilePool.exe, it automatically enables a special pool for all drivers installed on the system

Security Permissions Required by VolatilePool

Administrative permissions are required for all features to be functional.

Data Modified by VolatilePool

Not Applicable

How to Undo the Changes Made by VolatilePool

Not Applicable

Uninstalling VolatilePool

To uninstall VolatilePool and undo changes made to the system, delete the VolatilePool.exe file.

Download the tool here.

You can read the original post here.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.