Remove Deprecated WinSxS?

Besides not using superseded updates, you don't really have much choice!... besides only installing KB958559 (Virtual-PC) if you need it. If you don't, it serves no purpose and not only takes up disk space, but also uses system resources for the virtual drivers etc.

 

You need to login to view this posts content.

 

Thanks for the great link.

Microsoft make me just want to scream, with their bland patronising explaining away their gratuitous creeping ever further onto the console operator's ability to control their own systems.

Dumb end users, of course. Requiring Microsoft (and their Technet army of self-employed professionals) to retain complete remote control.

This just seems moronic to me.

The entire point of SFC is to address corrupted files. Why would it make sense to pull the corrupted files from the offline hives? This is either incompetence beyond the pale, or - far more likely, I guess - a lot more shady.

SFC has been 'finding' corrupted files on my systems for 5 months and hundreds of scans. At least, I think so. The evidence suggests SFC is corrupting clean files. When it's not doing the opposite of what the command line instructed, of course....

sfc /verifyonly = sfc /(something else, but certainly not ONLY verified)



hxxp://i.imgur.com/BX0Ou.png

 

SFC also has a bug in it which Microsoft still hasn't addressed! Its been in there a long time.

When you run SFC, the scan process creates over 1400 temporary files in the WinSxS\Temp\Pendingrenames folder. This folder is where the updates that can't be directly applies when installing updates are kept before they are copied over on reboot (when it says its doing its thing)!

These SFC files aren not to do with the update process, and remain after reboot and after updates are applied. If you run SFC again, another batch of the same files are created, but under slightly differents names so you end up with 2800 files in the folder. I'm not sure how many times you can repeat the process before it doesn't add any more files, possibly indefinitely?

As you can see, these files build up, don't do anything, and just take up space. Once you restart after running sfc (if errors are found) and you have no pending windowsupdates, these files in the temp folder can be safely deleted.

So it would be interesting to see how many files are needlessly kept in there on your computer (@goscuter1). The files aren't large, the largest are a few hundred kilobytes and the smallests are 2kb or something, but still it all adds up.

These files are placed there even if everything comes up fine. I believe its likely they are meant to be true temporary files, its just that the folder used is never emptied. If they used the user temp folder, and only placed any files that needed replacing in the pendingrenames temp folder, the files would be removed on the next disk cleanup.

 

normally space does not matter today any more. so avoide problems and let the winsxs store as it is.

 

space still matters! i'm not gonna buy hundreds of terabytes hdds just for m$ assh0les to fill these with unneeded/unwanted bloat. this s**tty m$ behaviour gets more and more worse.. next release takes maybe tb of s**t, is it ok for you? btw, winsxs can be greately reduced 4-5X without any harm for your system. only takes time and some playing around but you can do it.

 

If you had a nice ultra fast SSD (a Sata 3 one and one that does 500MB+ on read and writes), last thing you want to do if fill it with unneccessary stuff. Even if you had a 'slow' 250MB read/write SATA 2/3 drive, you don't want to be wasting that space!

 

I suspect I've run more sfc /scannow commands than, lol. I have cbs.log files that are millions of lines in Notepad. From a single 'clean' installation and update process. Of which I've done about 120, in 4-5 months. Literally millions of cbs.log entries, no exaggeration. It's pretty hard to convince people to take a look at them, to be honest.

But I only just realise I've never actually seen SFC do that on my systems! (require a reboot) It finds corrupted files almost every time, does tens of thousands of lines of 'repairs'...but that's curious actually - that it never been prevented from changing corrupted files until a reboot. It actually fits in with a theory I have, about my disks' geometry being changed but hidden from detection. Virtual encrypted mirror drives, or something. I know the Windows PE / X: drive is "not linked to any volume" - well, no volume I can touch, ostensibly not on my hard drive...which is kind of interesting, mechanically-speaking. Microsoft have no comment.



hxxp://i.imgur.com/4C0P6.jpg

(sorry for the life of me I cannot work out how to post screenshots lol)

I imagine you'd start BSOD'ing or freezing up or Windows having multiple identity confusion about what system files are the correct system files. I know the Microsoft guy in that article claimed they're all hardlinked to actual files but that doesn't really make sense to me. Because if I delete everything on my drives, the WinSXS folder - which I cannot touch - remains. I guess they're all hardlinked to themselves? (or that mirror drive)

I don't think they're harmless like people think. Whenever someone says "oh that? that's nothing, it's innocuous - but no, you cannot delete it" - (obviously too innocuous to delete? like the hundreds of desktop.ini global objects I have self spawning at will, in every other folder on my drives) - I know they're talking utter nonsense.

And I don't believe Microsoft makes mistakes.

I believe they like people to think that.

I'm sure they could be.

But I cannot delete them. They're obviously too important to my Microsoft Windows system, for BUILTIN Administrator to be given such reckless privileges.

I'm surprised they're not Invisible - AND - Hidden, like my System Critical desktop.ini global access objects.

Code:

534 File(s)    154,488,461 bytes
  2 Dir(s)  51,775,455,232 bytes free

.....0.50727_443de60f3f6e0828.cdf-ms - Access is denied.
PendingRenames\f48827a6892dcc01fd0f0000ac08e404.$$.cdf-ms - Access is denied.
PendingRenames\f54d2bf0892dcc01bf160000ac08e404.$$_syswow64_21ffbdd2a2dd92e0.cdf
-ms - Access is denied.
PendingRenames\f5c822318b2dcc01f21f0000ac08e404.$$_system32_en-us_429cd25484dc6f
94.cdf-ms - Access is denied.
PendingRenames\f67d3584c82dcc0197130000f003e40b.WatWeb.dll - Access is denied.
PendingRenames\f6e6048ec92dcc0155190000f003e40b.$$_syswow64_21ffbdd2a2dd92e0.cdf
-ms - Access is denied.
PendingRenames\f74dbdb1c72dcc01dc0e0000f003e40b.$$_system32_21f9a9c4a2f8b514.cdf
-ms - Access is denied.
PendingRenames\f79579f8892dcc0144170000ac08e404.$$_system32_21f9a9c4a2f8b514.cdf
-ms - Access is denied.
PendingRenames\f86043da892dcc01ea140000ac08e404.wow64_microsoft-windows-gdi_31bf
3856ad364e35_6.1.7600.16763_none_10305b4da889affa_atmfd.dll_ff796bf0 - Access is
 denied.
PendingRenames\f865e8a3892dcc01de0f0000ac08e404.$$_microsoft.net_framework_83386
eac0379231b.cdf-ms - Access is denied.
PendingRenames\f87e20ab892dcc014e100000ac08e404.amd64_microsoft-windows-msxml30_
31bf3856ad364e35_6.1.7600.16605_none_e4b9b753b04640d0_msxml3r.dll_d752d00e - Acc
ess is denied.
PendingRenames\f8be8f268a2dcc0181190000ac08e404.$$_system32_21f9a9c4a2f8b514.cdf
-ms - Access is denied.
PendingRenames\f94bb8388a2dcc01411a0000ac08e404.amd64_microsoft-windows-dfsclien
t_31bf3856ad364e35_6.1.7600.16804_none_e3e4a818ff8ce469_dfsc.sys_ff9a943d - Acce
ss is denied.
PendingRenames\f95486cc892dcc0119140000ac08e404.x86_microsoft-windows-d2d_31bf38
56ad364e35_6.1.7600.16699_none_a76c73d5bd490765.manifest - Access is denied.
PendingRenames\fa0780edc72dcc0155100000f003e40b.amd64_microsoft-windows-b..gertr
ansport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933_kdcom.dll_d
b5e7744 - Access is denied.
PendingRenames\fa26f98dc92dcc0154190000f003e40b.$$.cdf-ms - Access is denied.
PendingRenames\fd9840b4892dcc0102110000ac08e404.$$_system32_drivers_dc1b782427b5
ee1b.cdf-ms - Access is denied.
PendingRenames\fdeb11b7892dcc0119110000ac08e404._0000000000000000.cdf-ms - Acces
s is denied.
PendingRenames\fe3925318b2dcc01fc1f0000ac08e404.program_files_x86_common_files_d
fa3680ec228c528.cdf-ms - Access is denied.
PendingRenames\fe5b3cda892dcc01e3140000ac08e404.amd64_microsoft-windows-gdi_31bf
3856ad364e35_6.1.7600.16763_none_05dbb0fb7428edff_atmlib.dll_fe5ca5c9 - Access i
s denied.
PendingRenames\ff388eedc72dcc0157100000f003e40b.amd64_microsoft-windows-b..envir
onment-windows_31bf3856ad364e35_6.1.7600.16757_none_c55000c1a6617837_winload.efi
_75834aa0 - Access is denied.
PendingRenames\ff865744c82dcc0154120000f003e40b.$$_syswow64_21ffbdd2a2dd92e0.cdf
-ms - Access is denied.
PendingRenames\ffeb2e62ca2dcc01851f0000f003e40b.x86_microsoft-windows-x..rtifica
teenrollment_31bf3856ad364e35_6.1.7600.16418_none_f3bbbf4defbefb1d_certenroll.dl
l_d6e4c532 - Access is denied.
Access is denied.

C:\Windows\winsxs\Temp>whoami
fukoffmicrosoft\administrator

C:\Windows\winsxs\Temp>

I have a very different philosophy about the nature of Microsoft's 'oversights'. Especially the ones they don't fix, for years and years.

I would love to, and I did, for a decade - without a virus. Then one day, a DELL technician did something unexplainable, and 5 months later, I've lost 5 months of my life. And "leaving" things alone, is not an option. For thousands of reasons, every 'clean' reinstall.

The corrupted files are coming from the offline Winsxs hive/s. They get burned back onto my wiped hard drives (zero-filled for up to 40 hours), from ? magical air. Not linked to a volume on my hard drive.

I don't think much of M$ scummy lack of ethics, but I can understand people who think space isn't an issue - it's really kind of not, any more right? Virtual drives, RAID arrays, clouds, compression, hard-links, junction points...it's not the space I'm concerned about, it's what's being done with it. It's very...malicious. And not at all random or mere happen-stance or corruption. This is...INTELLIGENT hacking, like well, as if Microsoft were doing it themselves. It seems, at times...

The WinSxS folder is a never ending series of snap-shots taken of your system, it seems. And it seems Microsoft don't like to have their journals (on you) cleaned or trimmed or erased. But of course, it's all FOR you. That's why they can't trust you, with the priviledges you need to protect yourself.

* Just because you think you've reinstalled Windows, doesn't necessarily mean a thing....to the USN journal, or the PE virtual / magical environment in the cloud. At least, that has not been my experience.

It has also been my experience that, just because you've never or you're not presently experiencing the negatives of a threat, does not mean the threat is absent. That should probably be common sense, but alas....