Jump to content
alt3rn1ty

Windows 10

Recommended Posts

The XBox app and additional XBox windows plugins I thought were completely unecessary in my case

.. Seems the Windows Game Bar depends on them being installed.

The Windows 10 game bar has the ability to do a few nice things, screenshots is one (and works on dedicated screens where sometimes PrtScr will not work), recording mp4 videos without the need for any third party apps is another which is really good, and the best is using its settings icon, you can get Game Bar to recognise a game so that Windows 10 shuts down as many background processes as possible to make the game run smoother without interruptions.

If you start uninstalling the XBox apps or trying to disable them, and you like any of the Game Bar functions, be warned getting Game Bar to work correctly again after can be really awkward and you may not succeed. I managed it, but it was not as straight forward as just re-installing the apps.

--------------------------------------------------------

 

In other news : Windows Defender (A.K.A what used to be called Microsoft Security Essentials, and has been renamed Windows Defender replacing the old Windows Defender) .. is getting even better.

https://cloudblogs.microsoft.com/microsoftsecure/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/

Here's what Steve Gibson had to say about it in Security Now! #688 podcast ..

Quote

This is a big deal, and it was very difficult to pull off. Although Microsoft isn’t saying anything for
antitrust / anti-competitive reasons… doing this required deep and careful plumbing into
Windows which no other Windows add-on A/V will be able to truly duplicate. This is no fault of
Microsoft’s, it’s just the reality of the nature of the problem that any contemporary A/V must
face. The era of the 3rd-party A/V is likely coming to an end.
What’s the big deal?
As we’ve discussed here a number of times in the past, threat modelling is all about
understanding the “attack surface.” A web browser presents a large and rich attack surface for
our modern PCs. But another “attack surface” is untrained employees who freely click on
anything that looks enticing. People are a widely exploited attack surface too.
But perhaps the largest attack surface there is, is today’s anti-virus subsystem whose job it is to
proactively examine everything coming into the machine it has been tasked to protect. So
that’s things users click on in eMail and in their web browser and that they receive in mail and
download from their browser.
A/V presents one of the richest attack surfaces because:
● It's an interpreter which examines and attempts to understand what it's seeing.
● As we know, interpreters are among the most difficult technologies to secure.
● An A/V process must run with full system privileges since it needs to have total visibility
into every nook and cranny of the system's permanent storage, RAM, and the network.
This means that A/V is a huge target of opportunity, because it is both inherently prone to
exploitation because it must be so careful when it looks at potential malware, and because to
do its job it must execute with full access to the entire system.
Microsoft’s blog posting further details the very many challenges the Defender engineers faced.
But suffice to say that it was a truly difficult job, over a long period of re-engineering… and
reading it I realized that not only was it extremely difficult, but that it inherently required inside
access to Windows which no external player could ever have.
And it’s a big deal. Tavis Ormandy, the prolific and frequently showering researcher with Google
Project Zero who has previously discovered and disclosed several of these types of flaws in the
past year, lauded the Microsoft's effort on Twitter, saying it was "game-changing."
All that said, Microsoft is proceeding with caution, so Sandboxing is not yet enabled by default.
Microsoft wrote: “We’re in the process of gradually enabling this capability for Windows insiders
and continuously analyzing feedback to refine the implementation.” But anyone with Windows
10 version 1703 or later -- last year’s Fall Creator’s Update -- can enable Defender’s sandboxing
for themselves:
To enable Windows Defender’s Sandboxing:
● Open Start and Search for "CMD" or "Command Prompt"
● Right Click on it and select "Run as administrator."
● Type: "setx /M MP_FORCE_USE_SANDBOX 1" and then press ENTER.
● Then restart your computer.
However! -- Restart and do not Shutdown Windows. There's a bug which Microsoft has
acknowledged and will eventually fix such that sandboxing changes will ONLY be saved if the
system is restarted and not shutdown and restarted.
Once the sandboxing is enabled, and the system has been restarted without shutdown, its
presence can be verified by using the free SysInternals “Process Explorer” utility.
The traditional antimalware service is “MsMpEng.exe” and a new child process named
“MsMpEngCP.exe” will be attached to it, running underneath and indented. If you see
“MsMpEngCP.exe” your Windows Defender has been safely sandboxed. “CP” stands for Content
Process, which is Microsoft’s formal name for sandboxed processes.
I tried and verified all that. It all works great! :)

 

Share this post


Link to post
Share on other sites
On 11/7/2018 at 4:06 AM, alt3rn1ty said:

The XBox app and additional XBox windows plugins I thought were completely unecessary in my case

.. Seems the Windows Game Bar depends on them being installed.

The Windows 10 game bar has the ability to do a few nice things, screenshots is one (and works on dedicated screens where sometimes PrtScr will not work), recording mp4 videos without the need for any third party apps is another which is really good, and the best is using its settings icon, you can get Game Bar to recognise a game so that Windows 10 shuts down as many background processes as possible to make the game run smoother without interruptions.

If you start uninstalling the XBox apps or trying to disable them, and you like any of the Game Bar functions, be warned getting Game Bar to work correctly again after can be really awkward and you may not succeed. I managed it, but it was not as straight forward as just re-installing the apps.

I previously thought them to be unnecessary as well and removed them using Powershell. I also had Game Bar disabled via Group Policy and Reg Edit as it was causing weird overlay issues for me in Oblivion and Skyrim, despite having them disabled in its own preferred way of doing it within its own app. When the October 1809 got released, I did the big update on day one and all of it was restored to as it was. It now seems to be problem free and harmless. I may even use it to record a video someday. 

Share this post


Link to post
Share on other sites

While I was playing Skyrim on Thursday (Thanksgiving), it downloaded 1809 in the background. I had no idea until shutdown, when the prompt changed to "Update and Shutdown". I'd set the Update Advanced to wait 30 days for new features, so looks like they are pushing this one now (even though it had only been a week after the relaunch). Nothing like wasting an hour on a holiday morning checking for new security settings. Grumble.

Share this post


Link to post
Share on other sites

I've been lucky so far I guess. It's not been trying to offer me 1809 at all up to this point, and it's still not pending now. For all I care I'd just as soon never get it :P

Share this post


Link to post
Share on other sites

My machine updated yesterday to 1809 and has been okay, no random mass deletion of documents anyway <touch wood> :).

It also resolved the slight issue I had remaining with the Game Bar (having uninstalled previously all XBox apps, realised the Game Bar was part of that, reinstalled Game Bar only (which then gets listed as "XBox Overlay" in the installed apps), then to occasionally have it ask for an app to run for the Game Bar hot key even though the Game bar was installed ... )

I no longer have any XBox apps in my installations list, but a separate Game Bar app is now listed (so it seems 1809 flushes the XBox Overlay app, and replaces that with the Game Bar app), and all works as it should. Strange sequence of events, at one point I had about five apps in the install list called Xbox whatever, none of them have reappeared thankfully.

Share this post


Link to post
Share on other sites

That's interesting- the hotkey (def  win-G) invokes the gamebar settings within game for a non XBox app? Sadly not here.

The XBox app here can't be uninstalled gracefully either:

1659356417_XBoxapp.JPG.c73846b94576b1974d924f667043cd9f.JPG

It also has a service- is yours running?

355014863_XBoxservice.JPG.ee49fdcd3b785fc958326dc467db41af.JPG

Share this post


Link to post
Share on other sites

If you guys want to uninstall some Apps, you can do it via PowerShell. Here is a link on how to do it.

https://www.askvg.com/guide-how-to-remove-all-built-in-apps-in-windows-10/

1809 is working very well so far for me. I was able to get it on day one when they first released it and it did have its issues, most of which did not affect me. They pulled it due to some nasty bugs with file deletion and CPU usage inaccuracy, but thats all fixed. I still have one issue that I would like them to fix, and its been awhile and I'm starting to think they wont fix it. I'll give them more time though before I try to fix it on my own. In Event Viewer, I get Warning: User Profile Service Event ID 1534 spamming very often. At the time of typing this out, I have 3,169 errors under Administrative, most of which are from this 1534 spam. Did some research on it and apparently its caused by remnants of a feature they removed from 1809 but didnt fully remove. Some have found some registry entries to delete via reg edit and it supposedly clears it up, but I will give MS some more time to fix it themselves.

https://www.tenforums.com/general-support/118976-new-1809-update-now-shows-event-viewer.html

Share this post


Link to post
Share on other sites

Gamebar isn't all that perfect either.

Spoiler

Faulting application name: GameBar.exe, version: 2.22.1810.11001, time stamp: 0x5bbfcc75
Faulting module name: ucrtbase.dll, version: 10.0.17763.1, time stamp: 0x309241e0
Exception code: 0xc0000409
Fault offset: 0x000000000006f08e
Faulting process ID: 0xd9bc
Faulting application start time: 0x01d482a7dcc37aed
Faulting application path: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.22.11001.0_x64__8wekyb3d8bbwe\GameBar.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report ID: f8d0aee2-ecec-4a5e-8543-9933cfa30060
Faulting package full name: Microsoft.XboxGamingOverlay_2.22.11001.0_x64__8wekyb3d8bbwe
 

The 1534 looks like it's for the Tiles in the start menu. They come through as warnings, and there are not too many here at this stage- but will keep an eye on them, thanks. The fiddly-doo fix in that thread looks like it has promise!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Support us on Patreon!

×