WDAGUtilityAccount Windows Security Log

The event ID 4797 with a description of “An attempt was made to query the existence of a blank password for an account.” is related to Windows Defender Application Guard. It was found during digging through event logs because of separate issue.
If you see an alert in your log solution for a new local account created for username: WDAGUtilityAccount (event id 4720 or 4722).

This account is part of Windows Defender Application Guard which is included with RS3 (aka windows 10 fall update). The account is disabled also WDAG is not enabled.
Basically you have user enrolled in the Windows 10 insider program and their box was updated with a new build that includes the WDAG bits.

How to Remove OneDrive from Quick Access

OneDrive comes built-in on Windows 10, and even if you uninstall it via PowerShell’s Remove-AppxPackage, the GUI or a program like Windows XApp Remover it will remain in the left pane in File Explorer Quick Access. While Windows 10 doesn’t include an option to remove the OneDrive shortcut, we’ll show you how to remove OneDrive from Quick Access by jumping into the Registry and removing the shortcut manually. In this Windows 10 guide, we’ll walk you through the steps to tweak the Registry to remove the OneDrive entry in the left pane of File Explorer, but without ditching the service completely in case you need to manage or upload files to the cloud.

OneDrive (previously SkyDrive, Windows Live SkyDrive, and Windows Live Folders) is a file-hosting service operated by Microsoft as part of its suite of online services. It allows users to store files as well as other personal data like Windows settings or BitLocker recovery keys in the cloud. Files can be synced to a PC and accessed from a web browser or a mobile device, as well as shared publicly or with specific people.

How to Create Symbolic Links on Windows

Windows 10, 8, 7, and Vista all support symbolic links, also known as symlinks, that point to a file or folder on your system.
Symbolic links are basically advanced shortcuts. Create a symbolic link to an individual file or folder, and that link will appear to be the same as the file or folder to Windows—even though it’s just a link pointing at the file or folder.

For example, let’s say you have a program that needs its files at C:\Program. You’d really like to store this directory at D:\Stuff, but the program requires that its files be at C:\Program. You could move the original directory from C:\Program to D:\Stuff, and then create a symbolic link at C:\Program pointing to D:\Stuff. When you relaunch the program, it will try to access its directory at C:\Program. Windows will automatically redirect it to D:\Stuff, and everything will just work as if it were in C:\Program.

Windows Performance Monitor Disk Counters Explained

Why the Performance Monitor?
When it comes to the subject of disk performance in Windows, the majority of questions can be quickly answered by Performance Monitor alone. Performance Monitor is very low overhead, does a great job with averages and can also capture and store data over long periods of time. It is an excellent choice to record a performance baseline and to troubleshoot.
For short in this text, we are going to call the Windows Performance Monitor by its nickname: Perfmon. The nickname comes from its executable file located at %systemroot%system32Perfmon.exe.

Convert x509/PEM SSL Certificate to PFX/P12 from Linux to Windows

OpenSSL is used for many things other than running encryption on a website. It is also used for the generation of CSR keypairs, and more importantly within this article converting.

The Italic parts in the conversions below are examples of you own files, or your own unique naming conventions adapt these Italic name examples to your own files names for openssl commands.
Note: .pem, .cer, crt. are all the same type of x509/pem certificate only with different extensions.

    Advertisment ad adsense adlogger