Hello!

[mjmeans]

Hello. Yes I am new and that is because I have a WS 2016 Essentials (that used a customized hybrid deployment process in 2017) with a current windows update/dism issue. But I want to learn how to fix it myself. So I'll be lurking around the threads with similar issues and hopefully be able to see what the various logs people posted and look into the fix zips to learn what was done on those cases and trace the reasoning back to the provided logs, i.e. what the fix was and more importantly why it was the appropriate thing to do in that case.

It looks like many of the experts here have answers within minutes or hours of a new post. I'm sure many of the quick solutions are things people have seen many times. But I want to learn and hopefully become at least competent enough to fix the simpler issues before I ask for help. I've been a DOS/Windows & Microcontroller software developer for over 30 years. I have already come to believe my specific problem is more complicated than usual. Maybe as I learn, I will be able to logically arrive at a series of steps that will be a solution for my issue that so far has eluded me.

 

[xrobwx71]

Welcome to Sysnative!

 

[Corrine]

Welcome to Sysnative!

 

[Corday]

 

[plodr]

 

[x BlueRobot]

Welcome to Sysnative!

 

[mjmeans]

Thank you all for welcoming me. I aim to learn not just what to do to repair my system, but why it fails in the first place, and different ways to fix the issue as well as why a particular fix is the right or best solution. And maybe be able to help others in the process. I see that the tools SFCfix and FRST and others have the ability to run a script that is dropped onto them. Obviously, these tools take the tediousness out of manually tying in regsvr a hundred times (among other things). Is there documentation for these tools that go into details on how the scripting works? Are these tools available on github?

 

[Corday]

Sysnative BSOD Academy

 

[mjmeans]

Analysis of memory dumps isn't what I'm looking for. I don't have experience/knowledge of the internal mechanisms of Windows. Correct me if I'm wrong, but I don't think I would need to know the "internal mechanisms" of Windows in the areas like how the kernel ring 0 is implemented, or how interrupts bubble up through various levels to the actual device drivers, or how DMA is implemented with different MMUs, or how to do serial kernel debugging.

What I'm looking to learn is only the mechanisms involved with WU, DISM and CBS. So, like all the information necessary to understand enough to actually be able to write my own C# utility that duplicates dism functions like scanhealth, and checkhealth. If I could learn that level of detail, perhaps I could write a more targeted tool for specific problems rather than a one size fits all approach that dism uses (and obviously sometimes fails at).

 

[x BlueRobot]

Is there documentation for these tools that go into details on how the scripting works? Are these tools available on github?

There's no public documentation other than what is already provided. There is a tutorial for FRST on GeeksToGo though: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

SFCFix isn't open source and probably never will be. Most of the SFCFix commands aren't that useful in my opinion other than the usual :: which is shorthand for PowerCopy:: and RegistryScript::. As you may have seen, RegistryScript:: basically imports RegEdit formatted keys into the registry. On the other hand, PowerCopy:: will copy files from a destination folder to a source folder and take care of any permissions for you.

So, like all the information necessary to understand enough to actually be able to write my own C# utility that duplicates dism functions like scanhealth, and checkhealth.

Why duplicate functionality which already exists in a command-line tool? And besides that, you will find it very difficult to duplicate the functionality of /ScanHealth correctly. Most of Windows Update is undocumented and it will probably stay that way. /CheckHealth just checks two registry values and is pretty useless in my opinion.

If I could learn that level of detail, perhaps I could write a more targeted tool for specific problems rather than a one size fits all approach that dism uses (and obviously sometimes fails at).

Each error code can be caused by a multitude of reasons and more often that not, you're reliant on the information of the CBS log, this is often very difficult to parse accurately since it often changes between different Windows releases. ComponentsScanner is able to pick up a number of possible issues but you can't guarantee those are actual issues without examining the CBS log. Most fixes involve replacing registry keys or replacing files, the difficult part is deciphering the different logs and understanding when each log is appropriate.

 

[mjmeans]

Why duplicate functionality which already exists in a command-line tool? And besides that, you will find it very difficult to duplicate the functionality of /ScanHealth correctly. Most of Windows Update is undocumented and it will probably stay that way. /CheckHealth just checks two registry values and is pretty useless in my opinion.

The way to truly understand a process is to code it.

 

[x BlueRobot]

Your best option is to get a Process Monitor trace, examine the CBS and DISM log after you've ran the command and then use IDA Pro or something similar to try and reverse engineer parts of TiWorker.exe which is the principal process behind DISM.

 

[jcgriff2]

Welcome to Sysnative Forums!

John