Turn On or Off Windows Defender Application Guard in Windows 10  

Page 4 of 6 FirstFirst ... 23456 LastLast
  1. Cliff S's Avatar
    Posts : 24,285
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       #30

    Brink said:
    Hopefully a repair install will fix it so you can enable it.
    It's enabled, it just doesn't open the window.
    In event viewer somehting to do with hvsimgr.exe and hvsicontainer.cpp

    Microsoft-Windows-WDAG-Manager/Operational
    %SystemRoot%\System32\Winevt\Logs\Microsoft-Windows-WDAG-Manager%4Operational.evtx

    A Failure has occurred: HResult = The parameter is incorrect., File = windows\hvsi\hvsimgr\container\hvsicontainer.cpp, LineNumber = 779, Function = NULL, Message = NULL, CallingContext = NULL, Module = hvsimgr.exe, Code = NULL

    and

    Failed to start the container: The parameter is incorrect.
      My Computers

  2. Cliff S's Avatar
    Posts : 24,285
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       #31

    The repair install fixed it!(I didn't expect any less)
    Now to go to feedback hub and tell them.
    I guess it's my responsibility to do that.
    Turn On or Off Windows Defender Application Guard in Windows 10-image.png
      My Computers

  3. Cliff S's Avatar
    Posts : 24,285
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       #32

    Interesting what showed up in the Sonic Suite 3 app.
    Instead of Edge(which for some reason doesn't let you make any changes to the sound effects or routed to another output:
    Turn On or Off Windows Defender Application Guard in Windows 10-image.png

    It looks like WDAG can be?
    More security????
    Turn On or Off Windows Defender Application Guard in Windows 10-image.png

    Nope, just tested it, you can change the effects, but it doesn't change any sound setting(sound remains the same)
      My Computers

  4. Cliff S's Avatar
    Posts : 24,285
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       #33

    By the way, now it's fixed, when I want to open a WDAG window, it's instantaneous now, no loading screen shows at all
      My Computers

  5. Brink's Avatar
    Posts : 48,727
    64-bit Windows 10 Pro for Workstations build 19635
    Thread Starter
       #34

    Great news. It's amazing what all a repair install will fix.
      My Computers

  6. Cliff S's Avatar
    Posts : 24,285
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       #35

    I was looking at something else about Hyper-V at Microsoft Docs, and got on the page about Hyper-V CPU schedule types: https://docs.microsoft.com/en-us/win...cheduler-types

    Months ago I had changed it to Core thinking it would make my VMs more secure(please read the whole page through), and today I noticed something important:

    Root scheduler use on client systems
    Starting with Windows 10 version 1803, the root scheduler is used by default on client systems only, where the hypervisor may be enabled in support of virtualization-based security and WDAG workload isolation, and for proper operation of future systems with heterogeneous core architectures. This is the only supported hypervisor scheduler configuration for client systems. Administrators should not attempt to override the default hypervisor scheduler type on Windows 10 client systems.(which I successfully did)
    The reason I had switched it to core:

    The overall result of the core scheduler is that:

    Guest VPs are constrained to run on underlying physical core pairs, isolating a VM to processor core boundaries, thus reducing vulnerability to side-channel snooping attacks from malicious VMs.

    Variability in throughput is significantly reduced.

    Performance is potentially reduced, because if only one of a group of VPs can run, only one of the instruction streams in the core executes while the other is left idle.

    The OS and applications running in the guest virtual machine can utilize SMT behavior and programming interfaces (APIs) to control and distribute work across SMT threads, just as they would when run non-virtualized.

    A strong security boundary for guest workload isolation - Guest VPs are constrained to run on underlying physical core pairs, reducing vulnerability to side-channel snooping attacks.

    The core scheduler will be used by default starting in Windows Server 2019. On Windows Server 2016, the core scheduler is optional and must be explicitly enabled by the Hyper-V host administrator, and the classic scheduler is the default.
    But I checked today to see what the setting was, since my repair install:

    Code:
    PS C:\Users\cliff> Get-WinEvent -FilterHashTable @{ProviderName="Microsoft-Windows-Hyper-V-Hypervisor"; ID=2} -MaxEvents 1
    
    
       ProviderName: Microsoft-Windows-Hyper-V-Hypervisor
    
    TimeCreated                     Id LevelDisplayName Message                                                                           
    -----------                     -- ---------------- -------                                                                           
    16-May-19 10:07:43               2 Information      Hypervisor scheduler type is 0x4.
    0x4 scheduler is the Root scheduler which WDAG needs

    information   Information
    For anyone having problems getting WDAG to install, and wanting to troubleshoot and check their scheduling, open powershell:

    Get-WinEvent -FilterHashTable @{ProviderName="Microsoft-Windows-Hyper-V-Hypervisor"; ID=2} -MaxEvents 1

    Hypervisor scheduler type is 0x#

    1 = Classic scheduler, SMT disabled

    2 = Classic scheduler

    3 = Core scheduler

    4 = Root scheduler


    I already sent my find to Microsoft through the Feedback Hub: Feedback Hub - Windows Insider
      My Computers

  7. Steve C's Avatar
    Posts : 5,252
    Windows 10 Pro 64 bit
       #36

    Please see this thread What is this large folder?

    Installing Application Guard creates a large 6GB folder tree under C:\ProgramData\Microsoft\Windows\Containers. These files are not removed when Application Guard is disabled.

    Is this a bug and can these files be safely deleted in Safe Mode without breaking my PC?
      My Computers


  8. Cliff S's Avatar
    Posts : 24,285
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       #37

    Steve C said:
    Please see this thread What is this large folder?

    Installing Application Guard creates a large 6GB folder tree under C:\ProgramData\Microsoft\Windows\Containers. These files are not removed when Application Guard is disabled.

    Is this a bug and can these files be safely deleted in Safe Mode without breaking my PC?
    Actually Guard has it's own folder: C:\ProgramData\Microsoft\WDAG
      My Computers

  9. Cliff S's Avatar
    Posts : 24,285
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       #38

    Steve C said:
    Please see this thread What is this large folder?

    Installing Application Guard creates a large 6GB folder tree under C:\ProgramData\Microsoft\Windows\Containers. These files are not removed when Application Guard is disabled.

    Is this a bug and can these files be safely deleted in Safe Mode without breaking my PC?
    Actually Guard has it's own folders
    : C:\ProgramData\Microsoft\WDAG
    And
    C:\Windows\Containers\serviced
      My Computers

  10. Steve C's Avatar
    Posts : 5,252
    Windows 10 Pro 64 bit
       #39

    Cliff S said:
    Actually Guard has it's own folders
    : C:\ProgramData\Microsoft\WDAG
    And
    C:\Windows\Containers\serviced
    Why then did today's experiment to enable then disable Application Guard cause the dates of all folders in C:\ProgramData\Microsoft\Windows\Containers to be updated from 13th March to today? I don't have the two folders you mentioned since I disabled Application Guard
      My Computers


 
Page 4 of 6 FirstFirst ... 23456 LastLast

Tutorial Categories

Turn On or Off Windows Defender Application Guard in Windows 10 Tutorial Index Network & Sharing Instalation and Upgrade Browsers and Email General Tips Gaming Customization Apps and Features Virtualization BSOD System Security User Accounts Hardware and Drivers Updates and Activation Backup and Restore Performance and Maintenance Mixed Reality Phone


Related Threads
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 20:38.
Find Us




Windows 10 Forums