WDAGUtilityAccount Windows Security Log

The event ID 4797 with a description of “An attempt was made to query the existence of a blank password for an account.” is related to Windows Defender Application Guard. It was found during digging through event logs because of separate issue.
If you see an alert in your log solution for a new local account created for username: WDAGUtilityAccount (event id 4720 or 4722).

This account is part of Windows Defender Application Guard which is included with RS3 (aka windows 10 fall update). The account is disabled also WDAG is not enabled.
Basically you have user enrolled in the Windows 10 insider program and their box was updated with a new build that includes the WDAG bits.

How to Remove OneDrive from Quick Access

OneDrive comes built-in on Windows 10, and even if you uninstall it via PowerShell’s Remove-AppxPackage, the GUI or a program like Windows XApp Remover it will remain in the left pane in File Explorer Quick Access. While Windows 10 doesn’t include an option to remove the OneDrive shortcut, we’ll show you how to remove OneDrive from Quick Access by jumping into the Registry and removing the shortcut manually. In this Windows 10 guide, we’ll walk you through the steps to tweak the Registry to remove the OneDrive entry in the left pane of File Explorer, but without ditching the service completely in case you need to manage or upload files to the cloud.

OneDrive (previously SkyDrive, Windows Live SkyDrive, and Windows Live Folders) is a file-hosting service operated by Microsoft as part of its suite of online services. It allows users to store files as well as other personal data like Windows settings or BitLocker recovery keys in the cloud. Files can be synced to a PC and accessed from a web browser or a mobile device, as well as shared publicly or with specific people.

Windows 10 Builds List

Windows 10 Release Information
Microsoft has updated its servicing model. The Semi-Annual Channel is a twice-per-year feature update release targeting March and September, and 18-month servicing timelines for each release. The Semi-Annual Channel replaces the Current Branch (CB) and Current Branch for Business (CBB) concepts starting July 2017 with Windows 10, version 1703. This page is designed to help you determine if your devices are up to date with the latest Windows 10 feature and quality updates and to plan deployment schedules.

With each Semi-Annual Channel release, we recommend beginning deployment right away to targeted devices and ramp up to full deployment at your discretion. This will enable you to gain access to new features, experiences, and integrated security as soon as possible. For more information, see the blog post and Quick guide to Windows as a service.

How to Create Symbolic Links on Windows

Windows 10, 8, 7, and Vista all support symbolic links, also known as symlinks, that point to a file or folder on your system.
Symbolic links are basically advanced shortcuts. Create a symbolic link to an individual file or folder, and that link will appear to be the same as the file or folder to Windows—even though it’s just a link pointing at the file or folder.

For example, let’s say you have a program that needs its files at C:\Program. You’d really like to store this directory at D:\Stuff, but the program requires that its files be at C:\Program. You could move the original directory from C:\Program to D:\Stuff, and then create a symbolic link at C:\Program pointing to D:\Stuff. When you relaunch the program, it will try to access its directory at C:\Program. Windows will automatically redirect it to D:\Stuff, and everything will just work as if it were in C:\Program.

Windows Performance Monitor Disk Counters Explained

Why the Performance Monitor?
When it comes to the subject of disk performance in Windows, the majority of questions can be quickly answered by Performance Monitor alone. Performance Monitor is very low overhead, does a great job with averages and can also capture and store data over long periods of time. It is an excellent choice to record a performance baseline and to troubleshoot.
For short in this text, we are going to call the Windows Performance Monitor by its nickname: Perfmon. The nickname comes from its executable file located at %systemroot%system32Perfmon.exe.

    Advertisment ad adsense adlogger