Windows Enterprise Desktop

July 19, 2017  3:59 PM

Add Custom Drivers to WinRE

Ed Tittel Ed Tittel Profile: Ed Tittel
Device drivers, Windows 10, Windows RE

The Windows Recovery Environment (aka Windows or RE or WinRE) is a valuable tool for system recovery. But on some PCs, the standard collection of device drivers packaged with Windows itself may not cover your needs. You’ll know if this means you when you find you must add device drivers after completing a clean Windows install or an upgrade install. That’s when it make sense to add custom drivers to WinRE as well. If your regular runtime needs them, your recovery runtime will probably need them also. This turns out to be a simple task.

Add Custom Drivers to WinRE

By default, WinRE.wim resides inside the Windows Recovery partition. Shown using Partition Explorer in MiniTool Partition Wizard.
[Click image for full-sized view]

How to Add Custom Drivers to WinRE

The secret lies to using the Deployment Image Servicing and Management, or DISM, command built into modern Windows versions. That means Windows 7 and newer on the desktop, Windows Server 2008 and newer on the server side of things. Windows 10 users can run some specific PowerShell cmdlets instead to get the job done. Because this involves working on an image file, the basic process works like this:

  1. Mount the Windows image (.wim) file you wish to operate upon
  2. Add the device drivers needed to that image
  3. Dismount the mounted Windows image so it may then be used

For more information on this, please consult the MS Hardware Dev Center document “WinPE: Mount and Customize.” It’s very helpful.

A Script to Add Custom Drivers to WinRE

The operation of the PowerShell script provided here depends on a crafty trick to simplify adding drivers. That trick involves copying all the necessary driver files into a single directory, from which DISM will then add them to the mounted image. For the purposes of this script, I put them into a directory named C:\temp\Drivers. You can put them wherever you want, but that’s where you’ll have to reference them in the command script in place of that reference.

The script also references the version of WinRE that’s included with Macrium Reflect Free, a free and capable backup and restore program. Reflect includes a nice recovery environment, boot repair tools, and more. If you’d rather use a plain-vanilla WinRE image instead, you can. You may find the file named WinRE.wim in C:\Windows\Recovery. Otherwise, if you have access to a recovery partition on one of your disks, you’ll find it at: <DL>:\Recovery\WindowsRE. Of course, <DL> stands for Drive Letter, which means you’ll need to assign a drive letter to the recovery partition (at least temporarily), then use that letter to see (and grab) the WinRE.wim file.

Here’s the script:

# Mount WIM (remove linefeeds following comments # here)
# Each of the mount, add, and unmount commands go on one line
Mount-WindowsImage -ImagePath 
-index 1 -Path "C:\temp\mount"

# Add any device drivers (.inf files)
Add-WindowsDriver -Path "C:\temp\mount" 
-Driver "C:\temp\Drivers\" -recurse

# Unmount the WinPE image
Get-WindowsImage -Mounted -ErrorAction Stop 
| ForEach-Object { Dismount-WindowsImage -Path 
$_.Path -Save -ErrorAction Stop }

Capturing Drivers for Use with WinRE Customization

The every-handy DISM command also captures drivers, too. Once you get your current Windows installation set up the way you want it, with all drivers up-to-date, it will take a snapshot for you. You can use DISM to populate the afore-cited C:\temp\Drivers directory by entering:

dism /online /export-driver /destination:C:\temp\Drivers

at an administrative command prompt, or in PowerShell (admin). Then, you can run the foregoing script, secure in the knowledge that all the drivers you need will be added therein.

[Note: my thanks to user Lx07 at, who posted the original of this script in the message thread entitled “How do I make Wifi work in PE?” on 10/9/2015. I’ll observe that the directory spec for the Macrium boot.wim has changed since then, too. My pointer as referenced in the preceding script is correct for versions 9 and 10. For the record, for a Windows Recovery partition on drive L:, the file specification would be L:\Recovery\WindowsRE\WinRE.wim.]

July 18, 2017  2:11 PM

Periodic Win10 Disk Cleanup Checklist

Ed Tittel Ed Tittel Profile: Ed Tittel
Disk cleanup, Windows 10

Over the years, I’ve developed a drill to keep the trash on my Windows disks under control. For Windows 10, that involves an interesting mix of tools and utilities to get rid of unwanted and unneeded files. Forgive me in advance for dragging in lots of stuff. That said, a genuine periodic Win10 disk cleanup checklist covers many bases. Thus, it should come as no surprise that numerous tools are needed. Here goes!

Periodic Win10 Disk Cleanup Checklist

Right-click and run this tool as administrator to clean up system files automatically.

Populating the Periodic Win10 Disk Cleanup Checklist

What’s the period? Up to you to decide. I try to hit every item on the list at least once every three months (or after a Windows Upgrade) but some of them I repeat weekly or more often. Those looking for guidance can consider my suggested frequency entries in the following table.

Tool Description Suggested Frequency
Disk Cleanup Run as admin or choose “Clean up system files” Weekly
CCleaner Read over cleanup options carefully! Weekly
Uncleaner Temporary/working file cleanup only Weekly
WizTree Shows disk space consumption, biggest consumers Monthly
WinDirStat Shows disk space consumption, biggest consumers Monthly
DISM Various options clean up files (see notes) Monthly/Quarterly
PatchCleaner Cleans up orphaned WinSxS entries Quarterly
Fsutil See Fsutil 7/17/17 blog post Quarterly
RAPR.exe Use it to prune duplicate/obsolete device drivers Quarterly

Because WordPress won’t let me easily include hyperlinks inside a table, here are links to 3rd-party items:

CCleaner (Piriform)
Uncleaner (Josh Cell Softwares)
WizTree (Antibody Software)
WinDirStat (Sourceforge)
PatchCleaner (homedev)
RAPR.exe (aka Driver Store Explorer, GitHub)

And likewise, here are some relevant links to built-in Windows utilities also referenced in the table:

Disk Cleanup: Disk Cleanup Beats CCleaner Post-Win10-Upgrade
DISM: see information on startcomponentcleanup and resetbase on TechNet as in “Clean Up the WinSxS Folder
Fsutil: Fsutil Cleans Up Excess Old Transactions

I’m sure this doesn’t exhaust the possibilities for a periodic Win10 disk cleanup checklist, but it’s a pretty good start. Please comment here or email me through my Website to suggest additions or substitutions. I still believe that you can’t have too many good tools in the old admin toolbox. The more, the merrier, in fact.

July 17, 2017  12:16 PM

Fsutil Cleans Up Excess Old Transactions

Ed Tittel Ed Tittel Profile: Ed Tittel
Command line, Disk cleanup, Windows 10

In reading over TenForums this weekend, I came across a new potential source of disk space consumption in Windows. It turns out that NTFS can sometimes allocate lots of space for transactions. It uses a built-in facility called the Kernel Transaction Manager (KTM), along with the Common Log File System to implement transactional NTFS, aka TxF. Potential pathologies can result, and consume 100s of MBs or even GBs of disk space. I learned all this, and more, from Chapter 12 of Windows Internals, Part 2, 6th Edition (pp. 469-477). Fortunately, the “file system utility” command, fsutil cleans up excess old transactions. It can also easily report on what’s up with TxF. Here’s a screen cap of one particularly useful such command:

Fsutil Cleans Up Excess Old Transactions

The “resource info \” parameters for fsutil describe transaction space and data for the boot/system drive.
[Click image to see full-sized view.]

Details: How Fsutil Cleans Up Excess Old Transactions

Just to be clear, the info shown in the preceding screen shot shows what a typical Windows 10 desktop looks like (based on my local sample of 7 physical machines, and 4 VMs). The TenForums message thread I saw voiced a desire to identify and repair the cause of 28GB of “missing” disk space on an SSD (see item#8 for details). It runs out that the poster’s system had been writing huge volumes of transaction logs and data that weren’t getting cleaned up. Running a specific fsutil command cleaned up and reclaimed the excess disk space consumed thereby:

fsutil resource setautoreset true <drive-spec>

There <drive-spec> is the volume ID for the volume you wish to clean up (such as C:\ or D:\). The poster also reported that this took upwards of 30 minutes to complete. Thus, for systems with lots of space consumed by TOPS, be prepared to spend some time to reclaim such space.

A Few Explanatory Notes on FSUTIL Output

TOPS stands for TxF Old Page Stream. It maintains a default data stream in the $Tops file, along with an alternate data stream called $T. Windows Internals says this about the function of the $T stream:

The $T stream contains file data that is partially overwritten by a transactional writer (as opposed to a full overwrite, which would move the file into the $TxT directory). NTFS keeps a structure in memory that keeps  track of which parts of a file are being modified under a transaction so that nontransacted readers can still access the noncommitted data by have their reads forwarded to $Tops:$T. When the transaction is committed or aborted, the pages are … moved from the $T stream into the original file …” [pg. 474].

In a subsequent paragraph, the authors go onto observe that the TxF log files reside in a hidden directory named $Extend. To find his problem, the Tenforums poster used a file analysis program called WizTree. Turns out it’s adept at displaying both hidden files and on-disk space consumption. This combination is particularly important when detecting TxF related space consumption issues. In the poster’s case, WizTree showed space consumption of 34GB in the $Extend directory tree. Of course, you can always use fsutil to look for such issues explicitly. Because Fsutil cleans up excess old transactions, I’ve added it to my quarterly disk space inspection and cleanup routine.

More Info on the Fsutil Command

For more information on the fsutil command, see its Windows Server Command-Line Reference entry. There, you’ll find examples of proper syntax and usage. It’s worth consulting before putting this useful and informative tool to work.

[Note: The 7th edition of Volume 1 of Windows Internals is currently available, but the 7th edition of Volume 2 isn’t scheduled for release until late 2017 or early 2018. That’s why I had to consult the previous edition, instead of the current one, for the fsutil information cited here. The newest version of that coverage is apparently still in development!]

July 14, 2017  5:55 PM

Free Microsoft Press eBooks July 2017

Ed Tittel Ed Tittel Profile: Ed Tittel
eBooks, Windows 10

From time to time, Microsoft Press offers free eBooks to interested readers for their download and use. Recently, Sales Director Eric Ligman posted a whopper of an offer. It appears in an MSDN blog entitled “Free! Multi-Million eBook Giveaway!” I count a total of 252 titles in this list of free Microsoft Press eBooks July 2017. That’s a LOT of free books, perhaps enough to justify two exclamation points in Ligman’s title.


Perhaps this isn’t pure hyperbole: lots of interesting stuff for FREE!

Here’s how the total list breaks down by category. After that, I’ll recite the Windows Client (mostly Windows 10-related) books on offer:

July 2017 MS Press eBook Giveaway
Category Name # of Titles Formats available
Azure 12 Some in PDF/MOBI/EPUB; most PDF only
BizTalk 2 1 PDF, 1 DOC
Cloud 2 1 PDF/MOBI/EPUB, 1 PDF only
Developer 14 Some in PDF/MOBI/EPUB; most in PDF only
Dynamics 23 PDF only
General 4 2 PDF, 2 DOC
Licensing 4 PDF only
Office 70 Most PDF only; other miscellany
Power BI 12 PDF or DOC
PowerShell 13 PDF only
SharePoint 11 PDF only
SQL Server 30 Most PDF only; other miscellany
Surface 2 PDF only
System Center 19 some PDF/MOBI/EPUB; rest miscellany
Virtualization 1 XPS/PDF
Windows Client 17 Most PDF/MOBI/EPUB; rest miscellany
Windows Server  14 Most PDF/MOBI/EPUB; rest PDF only

Like I said, that’s a LOT of books. I know those who read this blog are interested in Windows Client. (“Desktop OS” is mostly what that means.) So, here’s a complete list of those items. It’s reproduced verbatim from the MSDN blog post.(Click on any format ID in the right column for a corresponding download link):

Deploying Windows 10: Automating deployment by using System Center Configuration Manager PDF/MOBI/EPUB
Deploying Windows 10: Automating deployment by using System Center Configuration Manager – Mobile PDF
Getting the most out of Microsoft Edge DOC
Introducing Windows 10 for IT Professionals PDF/MOBI/EPUB
Introducing Windows 10 for IT Professionals, Preview Edition PDF/MOBI/EPUB
Introducing Windows 8.1 for IT Professionals PDF/MOBI/EPUB
Introducing Windows 8: An Overview for IT Professionals PDF/MOBI/EPUB
Licensing Windows desktop operating system for use with virtual machines PDF
Protecting your data with Windows 10 BitLocker DOC
RAP as a Service for Windows Desktop PDF
Shortcut Keys for Windows 10 DOC
Use Reset to restore your Windows 10 PC DOC
Volume Licensing Reference Guide Windows 10 Desktop Operating System PDF
Windows 10 IT Pro Essentials Support Secrets PDF/MOBI/EPUB
Windows 10 IT Pro Essentials Top 10 Tools PDF/MOBI/EPUB
Windows 10 IT Pro Essentials Top 10 Tools – Mobile PDF
Work Smart: Windows 8 Shortcut Keys PDF

When facing this kind of largesse, I’m reminded of an old rule for eating in a military cafeteria. It goes like this: “Take all you want, but eat all you take.” Or read, as in this case… Enjoy!

July 13, 2017  1:23 PM

Win10 Volume Shadow Copies May Need Cleanup

Ed Tittel Ed Tittel Profile: Ed Tittel
Disk cleanup, Shadow Copy, VSS Backup, Windows 10

Mostly, the Windows Volume Shadow Copy Service works behind the scenes. This service coordinates among backup tools, applications in need of backup, and OS-provided storage management and hardware. Usually abbreviated VSS, this service enables creation and capture of shadow copies. Helpfully, TechNet defines “a consistent shadow copy” as “a snapshot or a point-in-time copy” of the runtime environment and the data it uses. Shadow copies let the OS and applications keep running and changing, even while backup is underway. Over time, shadow copies can accumulate, sometimes alarmingly. And that, dear readers, is why Win10 volume shadow copies may need cleanup or occasional pruning.

VSSadmin Helps When Win10 Volume Shadow Copies May Need Cleanup

Use the VSSadmin command to grapple with VSS and the shadow copies it creates and stores. Thus, you can (and should) consult the TechNet Command Line Reference for all the details on VSSadmin. For now, here’s an overview:

Vssadmin Command Description
delete shadows Deletes volume shadow copies.
list providers Lists registered volume shadow copy providers.
list shadows Lists existing volume shadow copies.
list shadowstorage Lists all shadow copy storage associations on the system.
list volumes Lists volumes that are eligible for shadow copies.
list writers Lists all subscribed volume shadow copy writers on the system.
resize shadowstorage Resizes the maximum size for a shadow copy storage association.

Source: TechNet Command Line Reference: Vssadmin page. All links are live to command options and details.
[Note: Command options not shown in this table are not supported in Windows 10.]

Getting a Handle on Volume Shadow Storage Consumption

By no coincidence, Vssadmin helps you explore shadow copy storage consumption in Windows 10. First, for an overview of which volumes use VSS, and how it lays out, the “list shadowstorage” option is handy. [Note: for Vssadmin, either PowerShell (Admin) or cmd.exe (“Run as administrator”) works equally well. I prefer PowerShell, because it is more powerful and responsive, and supports simpler cut’n’paste operations.]

Here’s a screen cap of the output for this command from my Lenovo T520 laptop:


Three of the five volumes available to the T520 currently support VSS storage.
[Click image to see full-sized version, please.]

Decoding Vssadmin Shadowstorage Info

Here’s some discussion to illuminate shadowstorage data:

  • The C: drive is the boot/system drive, a 250 GB (nominal, actual 237 GB) SSD. It has a relatively low maximum allocation of 9.5 GB to VSS. 6.04 GB of copy storage space is currently allocated, and 5.58 GB is currently used. On a smaller, faster SSD, this is just the way I like it.
  • The D: drive is an internal data and backup storage drive. Nominally 1 TB (931 GB actual) it has a maximum allocation of 179 GB. 172 GB is currently allocated, and 163 GB is currently used. This drive is my built-in backup storage. It handles Macrium Reflect and the built-in Backup and Restore (Windows 7) utility, too. I’m OK with a big allocation and usage load because it provides insurance. But 172 GB is a lot of storage!
  • The E: drive is an external, USB-attached data and backup storage drive. Nominally 2 TB (1.81 GB actual) it has a maximum allocation of 279 GB, of which only 13 GB is currently allocated and used. It’s my remote or “extra” backup, and provides coverage in case the laptop gets lost, stolen, or becomes unusable.

Pruning Shadow Copies Using Vssadmin

Current consumption and allocation numbers for D: are kind of high. Thus, I use the Vssadmin list shadows /for=D: command to show them to me. Indeed, I count 27 separate shadow copies in total, dated back as far as Christmas day, 2016. I don’t need this many, so I will do some pruning.

Sure, you can prune using delete shadows, with any of a variety of options. I prefer to resize shadowstorage instead. It automatically prunes shadow copies as the allocation for shadow copy storage is reduced. Pruning starts with the oldest shadow copy, and works up to the most recent shadow. Accordingly, I reset the maximum allocation to 50% of its current value (179 GB goes down to 85 GB). As expected, that cuts the number of shadow copies to 13. Of those copies, the oldest is now dated April 16, 2017. The syntax for that command is:

vssadmin resize shadowstorage /for=D: /on=D: /maxsize=85GB

Dealing with “Foreign Shadow Copies”

The resize shadowstorage option also offers another useful benefit. As I look at what’s on my E: drive, I see that its shadows come from an obsolete PC.  That is, they come from a previous incarnation of my production PC named “ETprodPC.” Notice what happens when I try to delete one of those shadow copies, as shown in this screen capture:


If your PC didn’t create a shadow copy, Vssadmin won’t let you delete it directly. But there’s a trick…

Because the running OS didn’t create that shadow copy, Vssadmin won’t let you delete it. But if you can use resize shadowstorage with /maxsize set to a low number. 400MB works fine, because it’s less than what most shadow copies consume. And that gets rid of foreign shadow copies when executed. Afterward, you can re-run the resize command to upsize your storage allocation.

I’d recommend checking shadow copies no less frequently than twice a year. You can prune excess copies quickly and easily and save big on disk space consumption. This is especially helpful on tablets and laptops, where storage space is usually at a premium.

July 12, 2017  11:05 AM

WUMT Rescues Win10 Release Preview 15063.483

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, Windows Update Management

I just got back from a 5-day family visit to northern Virginia on Monday evening. That meant the bulk of yesterday was spent catching up. That included dealing with the Patch Tuesday release of Cumulative Update KB4025342, and the latest Malicious Software Removal Tool (MSRT). By and large, things went well with those updates. But my Surface Pro 3, running Release Preview proved a notable and highly resistant exception to that rule. I fought with Windows Update for over an hour on that PC, without ever effecting a repair. Fortunately, upon trying it out, WUMT rescues Win10 Release Preview 15063.483 for my Surface Pro 3.

When WU Hangs, WUMT Rescues Win10 Release Preview

I took the Surface Pro 3 on the road with me, along with my still-new Brydge 12.3 Aluminum Keyboard. I’m still not sure if I shot myself in the foot by ripping the Surface out of that keyboard, plugging in the Microsoft Type Cover, and then plugging the unit into the Surface Pro 3 Dock. But when I tried to access the Patch Tuesday updates, I got a series of failure messages from Windows Update indicating that pending items could not be applied.

For experienced Windows 10 users, there’s a standard drill one goes through when WU fails to cooperate. I confirmed the issue by running the update facility within Windows Defender, which likewise reported being unable to download updates. Next, I ran the built-in update troubleshooter (Control Panel –> Troubleshooting –> Fix problems with Windows Update). Didn’t help. So I turned to the WU troubleshooter download (a more recent and presumably more powerful version of the built-in tool). No dice there, either.

Then I pondered the next step in the troubleshooting chain — namely, the excellent tutorial “Reset Windows Update in Windows 10.” As I read over its instructions, I remembered that the Windows Update MiniTool (aka WUMT) can sometimes grab and apply updates when WU itself gets stuck. (See my November 2016 post “WUMT Does Updates When WU Can’t or Won’t” for another recitation.) “Not much to lose,” I figured, and gave it a shot. As the following screen cap of the WUMT Update History shows, it managed to install 2 of the 3 pending updates:

WUMT Rescues Win10 Release Preview

WUMT reports that CU KB4025342 and Defender Updates applied successfully, MRT update fails.
[Click image to see full-sized view, please.]

Though WU itself didn’t tell me much about what was going wrong, WUMT let me know the problem lay with the MSRT update. Thus, I was able to visit the MSRT page at the Microsoft Download Center, grab the latest version, and run the .exe file manually myself. That cleared up all the pending items from WU.

And sure enough, the next time I ran an update check in Settings (Windows Update –> Check for updates), it produced a clean bill of health. Problem solved! And again, that’s why I recommend that Windows admins keep a copy of WUMT around (it runs just fine from a USB stick) as part of their standard toolboxes.


July 11, 2017  11:32 AM

Disk Cleanup Beats CCleaner Post-Win10-Upgrade

Ed Tittel Ed Tittel Profile: Ed Tittel
Disk cleanup, Windows 10, Windows Upgrades

In days gone by, I’ve recommended using Piriforum CCleaner for post-upgrade cleanups on Windows 10. But no longer does the third-party tool beat the built-in Disk Cleanup utility. In fact, the latter is now as fast (or faster) than the former, and it gets rid of more stuff, too. That’s why I must now report that built-in Disk Cleanup beats CCleaner post-Win10-upgrade. Here’s a screen shot to prove my contention:

Disk Cleanup Beats CCleaner Post-Win10-Upgrade

CCleaner sees just under 21 GB to clean up, but Disk Cleanup sees 24.4 GB!
[Click image to see full-sized view.]

How Disk Cleanup Beats CCleaner Post-Win10-Upgrade

The secret to the deeper clean that the built-in utility provides lies in the checkbox details from the Disk Cleanup utility. To the left, we see that CCleaner sizes the Old Windows Installation to 21,957,944 KB (20.94 GB). To the right, the Disk Cleanup utility sizes that installation at 24.4 GB. The difference lies in the files that each utility can access and remove. To make a long and complex story short, the built-in utility can find and delete more entries in the WinSxS folder. Thus, it can remove more of the holdovers from the previous installation. This results in a more svelte and compact disk layout once post-upgrade clean-up is complete. Especially for those who run Windows 10 on low-cost tablets and laptops with limited storage, the 15% added space savings can be significant.

That’s why I’m compelled to recant my earlier advice and advise readers to use Disk Cleanup rather than CCleaner for post-upgrade cleanup on Windows 10 PCs. I last made the contrary recommendation in December 2015 in a blog post entitled “CCleaner Gets Faster, Cleaner v5 Incarnation.” For the current Insider Preview version of Windows 10, CCleaner now falls behind Disk Cleanup on all counts. Does that mean it’s time to retire this tool? Not at all! It just means that for those who choose to clean up old Windows installs before the OS does it automatically, Disk Cleanup is once again the best tool for the job.

July 5, 2017  10:51 AM

DriveCleanup Clears Stale Win10 Storage Metadata

Ed Tittel Ed Tittel Profile: Ed Tittel
Device Manager, Disk cleanup, Storage management, Windows 10

Disk cleanup is one Windows admin topic to which I return from time in this blog. Usually, that means jumping onto storage volumes and rooting out unwanted, unneeded, or unnecessary files and folders. Today, thanks to German programming whiz Uwe Sieber, I’m going to come at this from a different angle. His terrific tool, Drive Cleanup v1.4 tackles stale device entries, and removes them from the device tree shown in Device Manager. It also removes orphaned items from the registry for those same devices, when they’re no longer used. And that, dear Reader, is how DriveCleanup clears stale Win10 storage metadata. In so doing, it offers a cleaner, more accurate view of what’s in (and on) your systems.

When DriveCleanup Clears Stale Win10 Storage Metadata, What Does That Mean?

A few examples will help explain this in real-world terms. Before using the tool, check Device Manager (with Show Hidden Devices checked). On my production PC, it lists 53 entries named “Generic volume shadow copy” under the “Storage volume shadow copies” item. Of that 53, 16 are greyed-out, which means they’re inaccessible. Likewise, my “Universal Serial Bus controllers” entry lists 9 “USB Composite Device” entries, of which 7 are greyed-out. The “USB Mass Storage Device” count is at 13, of which 11 are greyed-out. Lots of stale or inaccessible stuff. In fact, Drive Cleanup –run at the command line — summarizes what could be removed at the end of its output listing when run in “Test” mode. Here’s what it says about my production PC:

DriveCleanup Clears Stale Win10 Storage Metadata

When run in test mode, Drive Cleanup reports on what it could clean up if instructed to do so.

Thus, I can see from the summary that Drive Cleanup can do more than remove the 11 USB devices I determined myself from inspection of Device Manager. It can also remove 22 disk devices, 3 CD-ROM devices, and 73 (!) storage volumes of one kind or another (most of which will be volume shadow copies). It will also remove 117 stale registry entries, more than the sum of all devices involved.

Using DriveCleanup Couldn’t Be Easier

All the details of what is to be removed appear in test output from Drive Cleanup for those curious to see what it can root out on their systems. You can pipe that output to a file (it’s too big to look at in the CLI) like so:

drivecleanup -t > dc-output.txt

Note: dc-output.txt is the name of the file to which the output will be written, and it will be stored in whatever disk directory the command is run from/in. Looking that stuff over, I can see entries for lots of USB flash drives not currently plugged in. I can also see a whole lotta entries labeled “VOLUMESNAPSHOT” which is where volume shadow copies come into play.

To run the actual cleanup, simply run the command with no parameter and it will root out all the items that Test mode finds. You can also selectively remove devices by type using various 1-letter abbreviations as parameters (for example “-R” cleans up Registry entries, “-U” USB entries, and so forth). Download and use this tool, and DriveCleanup clears stale Win10 storage metadata from your PC, too!

[Shout out to user jumanji at for bringing Sieber’s excellent Drive Tools for Windows suite to my attention in the post entitled “Not recognizing any USB devices” on 7/4/17. Thanks!]

July 4, 2017  1:14 PM

Win10 Virtual Disk Image Galleries

Ed Tittel Ed Tittel Profile: Ed Tittel
Hyper-V, VM management, Windows 10

There’s an absolutely fascinating story making the rounds online right now, courtesy of Rafael Rivera at Entitled “Online Gallery Support Coming to Hyper-V Quick Create,” it explains a point-and-click method for firing off VMs. For those not already in the know, this feature is called Online Gallery. It’s popping up in current Insider Preview build and supports a “You select an image, click Create Virtual Machine, and you’re done” approach to creating VMs. Now THAT’s what I’m talkin’ about! It also explains why Win10 virtual disk image galleries could prove to be something more than simply a “That’s nice” feature.

Virtual Disk Image Galleries

Here’s a cropped version of the Online Gallery image from Rivera’s story at

When Will We See Win10 Virtual Disk Image Galleries?

This feature could makes it into the next major update for Windows 10. Now labeled 1709, that release should go public in two months. Thus, Online Gallery could appear as early as September 2017, two months from now.

Rivera’s investigations into the workings of Online Galleries show some simple and straightforward supporting infrastructure. He’s discovered that this feature uses a JSON file that “contains one or more images and any associated metadata like name, publisher, version, virtual disk location…” and so forth. He also discovered that one can host one’s own Online Gallery using a specific registry hack. One needs to define a REG_MULTI_SZ key named GalleryLocations in:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization

The value of this key must include at least one URL for the aforementioned JSON file. Properly tweaked, the Hyper-V Quick Create app automatically looks for VMs at the locations provided. They appear in a selection menu for selection and instantiation. Rivera even provides a sample gallery at GitHub so interested experimenters can leverage his efforts. This lets them create their own custom Online Galleries. He also provides a patched copy of VMcreate.exe that provides this feature. My colleague and occasional collaborator Kari the Finn is already working on creating a gallery with recent Insider Preview images. Great stuff!

July 3, 2017  1:44 PM

MS Gives Fall Creators Update 1709 Label

Ed Tittel Ed Tittel Profile: Ed Tittel
Release cycles, Windows 10, windows 10 upgrade

Eagle-eyed Windows watchers report that a June 30 blog post makes definitive mention of the next Windows 10 version. This morning, drew on a tweet from infamous Windows rumor-meister Wzor. He quotes from this Mobile Device Management document from the Windows IT Center: “Policy DDF File.” In that document, MS gives Fall Creators Update 1709 label, as shown here:

MS Gives Fall Creators Update 1709 Label

The last line in this snippet from the Policy DDF File document shows the next Windows 10 label — and projected release date.
[Click image for full-size view, if that last line is too tiny to decipher.]

What It Means When MS Gives Fall Creators Update 1709 Label

For Windows 10, its four-digit nomenclature may be decoded as follows: yymm, where yy is a two-digit number for the year, and mm is a two-digit number for the month. Thus, 1709 means September (the 9th month) of 2017. This tells us when Microsoft is planning to peg the official release date of the next big Windows 10 release. Remember, though, that the first Creators Update, labeled 1703 (March 2017) didn’t go public until April, so this is more of promise than an ironclad guarantee.

Now that the word is out, after a fashion, I expect we’ll start seeing many more mentions of the 1709 label. The pace of Insider Preview releases has been somewhat leisurely of late (3 in June), so it’s not unreasonable to expect that pace to pick up soon. The two most recent releases, 16226 (6/21) and 16232 (6/28) have introduced lots of new features and functions to Windows 10. Going forward, I expect those introductions to keep coming, and the frequency of releases to spike as well. There’s still lots of work to do to make Windows 10 ready for an official 1709 release, with less than two months to go before the clock runs out. Stay tuned, and I’ll report back as and when the next release date firms up further.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: