Some Notes on the Machines

Well, it rocked my little world. This came from the excellent Terry Powell. He had a Server 2016 machine where Explorer would crash and restart every time Devices and Printers was opened. A very large number of common fixes was tried, including four different DISM methods with SFC and others, no change, DISM said the image was fixable but nothing would fix, and the only thing clearly missing according to DISM and SFC logs was a .lnk file. Terry found a reference stating that if one clears everything here except “(Default)”:

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Devices

and then restarts the printer spooler, all begins working well. And indeed, it appears that this is space in which bad gunk can build up! He found about 100 there, removed them, and lo and behold, all is well. Powershell code to do this:

function Remove-AllItemProperties
{
    [CmdletBinding()]
    param([string]$Path)

    Remove-ItemProperty -Name * @PSBoundParameters
}

Remove-AllItemProperties "HKCU:\SOFTWARE\microsoft\windows nt\currentversion\devices"

Stop-Service Spooler
Start-Service Spooler

If you get PsTools, and do this:

psexec -i -s CMD.exe

you’ll get another CMD box, where the username is SYSTEM, that is to say, the hostname of the machine with a dollar sign on the right end. If the machine is on a domain, it is DOMAIN\hostname$, have not tested it on a non-domain machine yet.

One software installer recently, required that the folder containing its installer package be TAKEOWNed and ICACLSed, as that system user, before it would run to completion, it must have some odd permissions bug in it.

There are likely to be quite a few circumstances in which this special CMD can be useful.

To see if there is cleanup to be done:

DISM /Online /Cleanup-Image /AnalyzeComponentStore

To remove obsolete and unused system files:

DISM /Online /Cleanup-Image /StartComponentCleanup

To remove obsolete and unused system files and also service pack uninstallation files:

dism /online /Cleanup-Image /SPSuperseded

To remove obsolete and unused system files and everything prior, making it impossible to reverse any patches:

dism /online /Cleanup-Image /StartComponentCleanup /ResetBase

If MMC for any Windows administrative tool gets stuck, delete everything here:

C:\Users\USERNAME\AppData\Roaming\Microsoft\MMC

This command:

wmic product where name="Application Name" call uninstall /nointeractive

appears to do it. Put the whole long name from the software list in Control Panel, within those double parentheses. This works in at least some cases where msiexec /x does not. And it is not version-specific.

To get a full list of names with GUIDs, try this:

get-wmiobject Win32_Product | sort-object -property Name | Format-Table IdentifyingNumber, Name, LocalPackage -AutoSize

The MMCSS (not sure why the extra letters) is a service in Vista (SP1+), 7, Server 2008, and Server 2008R2, which places priority on video and audio data. Here are some good tweaks. Click here for a VBS script, called MCSO, which does everything below automatically.

So we go here in the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Multimedia\SystemProfile

open the item named “NetworkThrottlingIndex”, and change it to “FFFFFFFF” (that’s eight F’s) hex. We can do the same for “SystemResponsiveness”.

Then drill further down to here:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Multimedia\SystemProfile\Tasks

and you’ll see a list of folders. Each folder is a “multimedia profile” according to one reference. Each can contain the following:

Affinity        dword:00000000
Background Only        False
BackgroundPriority        dword:00000001
Clock Rate       dword:00002710
GPU Priority        dword:00000001
Priority       dword:00000001
Scheduling Category       High
SFIO Priority       High

I kept the “Window Manager” set at the default, and set the rest to the above. According to one reference it is possible to create custom multimedia profiles and use some applications’ capabilities to assign them, I have not tried this yet.

According to one reference, the above changes only activate at reboot. However, I have found that if you restart MMCSS and then Audiosrv, the same results obtain.

Addendum. Have just recently looked into Windows 10 in this. It appears to be a driver, not a service, in 10. Will be investigating further. Not sure about Audiosrv either.

Finally, a real repair tool:

https://support.microsoft.com/en-us/help/2698555/microsoft-net-framework-repair-tool-is-available

These are the new style of “apps” which Windows 10 and 8.1 accept as part of their quasi-tableteering behaviors. To see the list of currently installed appx’s:

get-appxpackage -allusers | ft

Please do be aware that many of them cannot be removed at all, and in many cases, if you try hard enough, the system will be compromised. However, many can be removed for conservation of resources. Below is a list of these at this writing. You’ll notice that the last one is Skype, this is deprecated and replaced with Teams, Teams will connect with legacy Skype users. In addition, “WindowsCommunicationsApps” includes the Windows 10 built-in email client, this is helpful to avoid confusion for many users.

Get-AppxPackage "Microsoft.XboxApp" -allusers | Remove-AppxPackage -allusers  -ErrorAction SilentlyContinue | Out-Null
Get-AppxPackage "Microsoft.XboxGameOverlay" -allusers | Remove-AppxPackage -allusers  -ErrorAction SilentlyContinue | Out-Null
Get-AppxPackage "Microsoft.XboxIdentityProvider"  -allusers | Remove-AppxPackage -allusers  -ErrorAction SilentlyContinue | Out-Null
Get-AppxPackage "Microsoft.Xbox.TCUI" -allusers | Remove-AppxPackage -allusers  -ErrorAction SilentlyContinue | Out-Null
Get-AppxPackage "Microsoft.XboxSpeechToTextOverlay" -allusers | Remove-AppxPackage  -allusers  -ErrorAction SilentlyContinue | Out-Null
Get-AppxPackage "Microsoft.WindowsCommunicationsApps" -allusers | Remove-AppxPackage -allusers  -ErrorAction SilentlyContinue | Out-Null
Get-AppxPackage "Microsoft.BingNews" -allusers | Remove-AppxPackage  -allusers  -ErrorAction SilentlyContinue | Out-Null
Get-AppxPackage "Microsoft.BingWeather" -allusers | Remove-AppxPackage -allusers  -ErrorAction SilentlyContinue | Out-Null
Get-AppxPackage "Microsoft.Advertising.Xaml" -allusers | Remove-AppxPackage -allusers  -ErrorAction SilentlyContinue | Out-Null
Get-AppxPackage "*Microsoft.Skype*" -allusers | Remove-AppxPackage -allusers  -ErrorAction SilentlyContinue | Out-Null

This can solve lots of problems:

# Reregisters the remaining Appx items, this can solve lots of problems

"Reregistering needed Appx items..."

Get-AppXPackage -AllUsers | Foreach {
	Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)AppXManifest.xml" -ErrorAction SilentlyContinue | Out-Null
	}

If you see “BitLocker waiting for activation”, this is a situation needing careful action: the machine is in an unstable state, and is likely to bluescreen and/or misbehave in other ways unless handled well.

What has happened, is Microsoft’s BitLocker, embedded into Windows, has done at least some encryption of the hard drive, but has lost whatever tool it was that controlled the encryption, so it is not “activated” even though the encryption is in place at least to some extent. One of the tools known to do this, is McAfee Security, it is not unlikely that there are many others.

If you see this situation, don’t try to install or remove anything yet, don’t try diagnostics, just run this from administrative CMD:

manage-bde C: -off

Then, in Control Panel, in the Small Icons, you’ll notice BitLocker Drive Encryption. Please be aware that status reporting in this Control Panel area is not reliably informative. To know what is happening, run this:

manage-bde -status

Discovered by the excellent Yvonne Wynkoop.