LiterallyAnythng
Member
- Sep 28, 2017
- 7
I apologize in advance- I read the thread posting instructions but I'm currently at a point where I can't get a CBS log to write out due to the fact that "logging is not available in offline servicing operations". I'm sure there's a way to get past this, just please let me know. Until then here's a description of my issue-
Backstory (reasons why this occurred)
I was sick of Microsoft shoving updates down my throat and pushing out "features" that user's are unable to disable without jumping though hoops (which are not supported by MS anyway). I also really wanted Cortana gone, but that can't happen since Windows will just undo your changes and/or find other ways to make these services run regardless of what the user wants.
So what I did in order to disable various "features" like Windows Store, Cortana, Windows Store, and to add BACK in the missing ability to set an Ethernet connection as metered, and Windows Update- was remove the ACS permissions for TrustedInstaller and gave myself ownership of directories WinSxS and whichever directory has the files for Cortana. I also edited multiple registry keys. In the end it disabled some of the features but Windows was still able to simply recreate some of the files and run some of the services under a new name (same name but with a hex ID prepended to it). That's some sneaky stuff, but I stuck with it because at least I was able to get rid of the annoying Windows app store and didn't have to deal with Cortana or forced Windows Updates. In other words, after these change my system was still stable and never had any issues booting up. That was, at least, until I decided I should allow Windows to update after about 6 months of not.
I tried to simply manually run Windows Update but upon restart my system would state that it failed and would revert. I then attempted to remember what the exact changes I made 6 months prior were, but since so much time had already passed I essentially forgot everything except from what I mentioned above. So in a moment of pure stupidity I decided running SFC would be an appropriate solution to begin with.
When it booted up again I was met with a bluescreen and Win RE. I then made another stupid decision to allow Windows to try and repair it for me. This caused more issues. On the next boot I had NO Recovery Environment, just the boot options menu (debug, run in safe mode, disable driver signature check, etc.). I found via DiskPart that Windows had renamed my drive lettering and, to make things worse, BootRec /ScanOS could no longer find my Windows BCD (or thinks of it as corrupted since I can see that the file is indeed in there).
Attempted fixes: Windows Recovery Environment tools that only made things worse.
I did multiple SFC scan and repairs from the CLI to no avail.
I set my actual root volume as the active volume in DiskPart and all my drives are showing as they once were, but Windows still won't boot specifically because "winlogin.exe" checks the hashes of these files and when there's a mismatch it immediately kicks you to a bluescreen with error code "0x21a".
Extra tidbits-
Somewhere along the line I believe my BCD file got messed up. BootRec says it cannot repair my MBR because it's a GPT volume, but it isn't. It SHOULD have been, but when migrating my old root disk (HDD) to my SSD I decided to partition it as MBR so as not to run into any compatibility issues... which was never a problem until now.
I have an image of 1607 on a flash drive right now and I'm wondering if I can just replace these files or what (lol probably not). Performing a system reset OR restore is VERY undesirable for me for numerous reasons to the extent that I will manually edit whatever I have to character by character in order to avoid that.
When I attempt to view the CBS log from the SFC scan I don't see one that was created since this issue started occurring. SFC states that logging is disabled in offline servicing scenarios (which this would be since Windows PE is running off of a USB and not my root drive as I attempt to fix this issue). Is there a way to pipe the log out somewhere anyway? I couldn't find a recent answer to this on Google.
The CBS log for the scan that I did originally references a ton of "DIRSD OWNER WARNING"s which are obviously files/directories that I messed up the ownership of. It also references duplicate owner entries. In both cases there are quite a few.
The files that it found were corrupted are-accserv.mibfdeploy.dllfde.dllgpedit.dllgptext.dll
Note that it also mentions that they cannot be repaired because the files in the store DB are also corrupted.
DISM reports that it is unable to find any providers and also states that "C:\Windows" is not a valid Windows folder because it is "unable to set the DLL search path to the servicing stack folder" even though I believe I'm specifying the correct arguments and parameters -
"DISM /Image=C:\ /Cleanup-Image /AnalyzeComponentStore /WinDir:C:\Windows\ /SysDriveDir:C:\ /ScratchDir=D:\DISM\Scratch"
Here's my SFC command too-
"SFC /ScanNow /OffBootDir=C:\ /OffWinDir=C:\Windows"
/ScanOS is able to recognize that there is indeed a Windows image on that drive.
---------
If anyone can assist with how to pipe out the CBS log manually I can then upload it.
Thanks in advance.
Backstory (reasons why this occurred)
I was sick of Microsoft shoving updates down my throat and pushing out "features" that user's are unable to disable without jumping though hoops (which are not supported by MS anyway). I also really wanted Cortana gone, but that can't happen since Windows will just undo your changes and/or find other ways to make these services run regardless of what the user wants.
So what I did in order to disable various "features" like Windows Store, Cortana, Windows Store, and to add BACK in the missing ability to set an Ethernet connection as metered, and Windows Update- was remove the ACS permissions for TrustedInstaller and gave myself ownership of directories WinSxS and whichever directory has the files for Cortana. I also edited multiple registry keys. In the end it disabled some of the features but Windows was still able to simply recreate some of the files and run some of the services under a new name (same name but with a hex ID prepended to it). That's some sneaky stuff, but I stuck with it because at least I was able to get rid of the annoying Windows app store and didn't have to deal with Cortana or forced Windows Updates. In other words, after these change my system was still stable and never had any issues booting up. That was, at least, until I decided I should allow Windows to update after about 6 months of not.
I tried to simply manually run Windows Update but upon restart my system would state that it failed and would revert. I then attempted to remember what the exact changes I made 6 months prior were, but since so much time had already passed I essentially forgot everything except from what I mentioned above. So in a moment of pure stupidity I decided running SFC would be an appropriate solution to begin with.
When it booted up again I was met with a bluescreen and Win RE. I then made another stupid decision to allow Windows to try and repair it for me. This caused more issues. On the next boot I had NO Recovery Environment, just the boot options menu (debug, run in safe mode, disable driver signature check, etc.). I found via DiskPart that Windows had renamed my drive lettering and, to make things worse, BootRec /ScanOS could no longer find my Windows BCD (or thinks of it as corrupted since I can see that the file is indeed in there).
Attempted fixes: Windows Recovery Environment tools that only made things worse.
I did multiple SFC scan and repairs from the CLI to no avail.
I set my actual root volume as the active volume in DiskPart and all my drives are showing as they once were, but Windows still won't boot specifically because "winlogin.exe" checks the hashes of these files and when there's a mismatch it immediately kicks you to a bluescreen with error code "0x21a".
Extra tidbits-
Somewhere along the line I believe my BCD file got messed up. BootRec says it cannot repair my MBR because it's a GPT volume, but it isn't. It SHOULD have been, but when migrating my old root disk (HDD) to my SSD I decided to partition it as MBR so as not to run into any compatibility issues... which was never a problem until now.
I have an image of 1607 on a flash drive right now and I'm wondering if I can just replace these files or what (lol probably not). Performing a system reset OR restore is VERY undesirable for me for numerous reasons to the extent that I will manually edit whatever I have to character by character in order to avoid that.
When I attempt to view the CBS log from the SFC scan I don't see one that was created since this issue started occurring. SFC states that logging is disabled in offline servicing scenarios (which this would be since Windows PE is running off of a USB and not my root drive as I attempt to fix this issue). Is there a way to pipe the log out somewhere anyway? I couldn't find a recent answer to this on Google.
The CBS log for the scan that I did originally references a ton of "DIRSD OWNER WARNING"s which are obviously files/directories that I messed up the ownership of. It also references duplicate owner entries. In both cases there are quite a few.
The files that it found were corrupted are-accserv.mibfdeploy.dllfde.dllgpedit.dllgptext.dll
Note that it also mentions that they cannot be repaired because the files in the store DB are also corrupted.
DISM reports that it is unable to find any providers and also states that "C:\Windows" is not a valid Windows folder because it is "unable to set the DLL search path to the servicing stack folder" even though I believe I'm specifying the correct arguments and parameters -
"DISM /Image=C:\ /Cleanup-Image /AnalyzeComponentStore /WinDir:C:\Windows\ /SysDriveDir:C:\ /ScratchDir=D:\DISM\Scratch"
Here's my SFC command too-
"SFC /ScanNow /OffBootDir=C:\ /OffWinDir=C:\Windows"
/ScanOS is able to recognize that there is indeed a Windows image on that drive.
---------
If anyone can assist with how to pipe out the CBS log manually I can then upload it.
Thanks in advance.
