Windows Enterprise Desktop


October 1, 2018  11:47 AM

Marginal Power Mars Win10 USB Flash Drive Access

Ed Tittel Ed Tittel Profile: Ed Tittel
SSD, USB Flash drives, USB ports, Windows 10

I’ve been struggling with an interesting problem lately. And by interesting I mean maddening, vexing and occasionally baffling. Let me explain. I have a number of mSATA SSDs at my disposal. Right now, I house them in Sabrent USB 3.0 drive enclosures (about US$18 at Newegg). I’ve been using them for years without issue, mostly with 250 GB Samsung EVO 840 units. Recently, I acquired 500 GB and 1 TB units, and things started going sideways a bit. And that’s how I learned marginal power mars Win10 USB flash drive access. The bigger-capacity drives would drop out from time to time, or they wouldn’t show in Explorer or Disk Management when plugged into a PC.

Normally these enclosures are dead simple to use: plug in the SSD, screw the holder into its cover, plug it in and off you go. But sometimes . . .

Why I Say That Marginal Power Mars Win10 USB Flash Drive Access

Only gradually did it dawn on me that my issues had to be power related. The bigger drives require more power because they have more circuitry to match greater capacity. While the small capacity units work without a hitch, the bigger ones sometimes don’t work on some of my PCs. This applies even for some powered USB 3 hubs. This came as something of a surprise to me, too. I figured a powered USB hub would be able to deliver maximum safe power to all of the devices it could accommodate. Not so, apparently.

Ultimately, I figured out what was going on. That happened when I switched from a direct USB 3 connection on a desktop to a PCIe Express plug-in card on an older Lenovo laptop. The desktop connection used an Asmedia 2115 USB 3 controller from the Asrock Extreme7+ motherboard. The laptop, an older Startech PCIe ExpressCard with an Asmedia 1153E USB 3 controller. Where the on-board AS2115 was iffy, the older AS1153E was rock-solid. It worked every time, with mSATA drives of 250 GB, 500 GB and even 1 TB. The newer AS2115 did not.

When in Doubt, Change the Hardware Configuration

A little online sleuthing showed me I was not alone in my issues with the AS2115. So I bought a Sabrent HB-UMP3: a 4-port, externally powered USB 3 hub, with individual power switches for each outgoing port. Using it also clued me in firmly and finally to power problems with the bigger mSATA drives. Even when using this device, I couldn’t hook up a second drive (or Ethernet adapter) to the hub when using a 500 GB or 1 TB SSD. Apparently, those suckers draw too much power to allow even an external, self-powered hub to service additional USB 3 devices when they’re plugged in.

Of course, what happened when I tried using more than one device through the hub told the story. The SSD dropped out as soon I plugged in another device. The moral of this tale, apparently, is that high-capacity USB 3 SSDs require an entire USB 3 controller channel to themselves, with all its power. My recent experience teaches me that trying to gang up USB 3 devices when one of them is an SSD of 500GB or more is not always workable. Go figure!

[Note Added 10/20/2018]: I am now able to confirm my hypothesis about insufficient power using Uwe Sieber’s excellent USB Device Tree Viewer tool. When I plug a second USB device into a single USB controller with the tool open, I can see that device mount for a second (almost literally). Then, the device that draws the most power — usually, a 500 MB mSATA SSD device, or better — “falls off” the USB bus. This repeats until I unplug one of the two devices attached to that controller (or hub, as the case may be).

September 28, 2018  12:15 PM

Win10 WSUS Gets Smaller Downloads

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, Windows Update Management, WSUS

In a recent (9/27) post to the Windows IT Pro Blog, MS reports it will start releasing smaller update packages. This applies to “commercial customers using Windows Server Update Services (WSUS) or connected to System Center Configuration Manager.” Windows 10 versions affected include 1703, 1709 and 1803. How, exactly, is that Win10 WSUS get smaller downloads after all? By unbundling components and letting downloaders decide what they want or need.

Win10 WSUS Gets Smaller Downloads.bundled-pkg

Note this bundle mixes business and consumer editions, each in x86 (32-bit) and x64 (64-bit) forms.

User Selection Means Win10 WSUS Gets Smaller Downloads

The preceding graphic shows what goes into what commercial customers downloaded from MS through WSUS or via SCCM. MS states further that “x64 and x86 files were bundled together as a single download … approximately 4.8 GB in size.” The new regime lets downloaded choose to download the x64 file as a separate package. Given the extreme scarcity of x86 systems in commercial use nowadays, the reduced 2.6 GB package size for x64 only translates into an immediate reduction of 2.2 GB as compared to the old regime.

Note: feature updates represent the original RTM version of the OS. They don’t include cumulative updates, Features on Demand (FODs), nor language packs. Thus, admins must apply the latest cumulative quality update to bring systems fully up-to-date. The x64 files map to language versions available when RTM was released: e.g. en-US for English-United States. When 1809 is released, an x64-only feature update will be made available.

What Does This Change Mean to You?

If you’re a commercial Windows 10 organization and use WSUS or SCCM to deploy updates, this will save time and network bandwidth when downloading images from Microsoft to start the deployment process. But as the afore-cited MS blog post states “this change will not save bandwidth between the Configuration Manager and the client (PC) device” (that’s because only targeted, applicable downloads go from one to the other, as always). Also, organizations that DO need x86 feature updates will have to continue to use the old bundled packages. For them, nothing changes.


September 26, 2018  7:16 PM

Hard Disk Warning Prompts Win10 Tool Search

Ed Tittel Ed Tittel Profile: Ed Tittel
hard disk management, Hard drive failure, Troubleshooting, Windows 10

A few days ago, I was fooling around with a disk tool that Asrock offers motherboard owners. That Diskhealth utility provides basic information about storage devices. As I flipped through the list of drives on my production PC, I saw an amber “Caution” flag for my H: drive. Next thing, my disk hard warning prompts Win10 tool search to help me figure out what’s up. Here’s what the H: info looks like:

Hard Disk Warning Prompts Win10 Tool Search.driveH

Investigating errors in amber shows me this drive may have serious problems!

Why a Hard Disk Warning Prompts Win10 Tool Search

I saw the amber flags on two specific SMART values for the drive. In fact, those numbers matched for two items. First was Current Pending Sector Count and and second, Uncorrectable Sector Count (both at 200). But what does this mean? I turned to the SMART page at Wikipedia to learn the following (all text copied verbatim):

Current Pending Sector Count: Count of “unstable” sectors (waiting to be remapped, because of unrecoverable read errors). If an unstable sector is subsequently read successfully, the sector is remapped and this value is decreased. Read errors on a sector will not remap the sector immediately (since the correct value cannot be read and so the value to remap is not known, and also it might become readable later); instead, the drive firmware remembers that the sector needs to be remapped, and will remap it the next time it’s written.

However, some drives will not immediately remap such sectors when written; instead the drive will first attempt to write to the problem sector and if the write operation is successful then the sector will be marked good (in this case, the “Reallocation Event Count” (0xC4) will not be increased). This is a serious shortcoming, for if such a drive contains marginal sectors that consistently fail only after some time has passed following a successful write operation, then the drive will never remap these problem sectors.

Uncorrectable Sector Count: The total count of uncorrectable errors when reading/writing a sector. A rise in the value of this attribute indicates defects of the disk surface and/or problems in the mechanical subsystem.

What to Do about This?

As such things go, these errors are serious enough to indicate possible or even pending drive failure. So I ordered a new drive from Newegg to replace the current 750GB WD Blue drive that’s affected. It’s an older drive (27906 power on hours translates into almost 1163 days, or 3.18 years). If memory serves, I bought this back in 2012 or 2013. It’s also 5,400 RPM, so I’m replacing it with a 2 TB, 7,200 RPM drive with 64 GB of on-board cache.

What about those tools?

I went looking around for SMART monitoring and reporting tools. The freebie from Asrock wasn’t too bad. I quickly figured out that I wanted something that didn’t have to be installed. That means it should run as a so-called “portable” app. In other words, download an .exe file, launch it and it tells you the story you seek. For my purposes this meant that the .ZIP file version of CrystalDiskInfo also did the trick nicely. The (free) HDDScan utility also did a nice job. Actually, it also told me I had a number of UltraDMA CRC errors equal to the other two counts (which Wikipedia explains as “count of errors in data transfer via the interface cable as determined by interface CRC”).

There are plenty more such tools, but few of them run as portable apps. Because a disk monitoring/health assessment tool is something I’d rather run from an admin USB flash drive than install on each machine,

that’s just my preference. Hopefully, you too can find something in here you’ll like. If not, check one or both of these articles:

  1. Gizmo’s Freeware: Best Free Hard Drive Health Monitoring and Diagnostic Programs (May 2016)
  2. Lifewire: 14 Free Hard Drive Testing Programs (Updated September 2018)


September 24, 2018  3:08 PM

Logoff Disconnected Win10 Users Via Command Line

Ed Tittel Ed Tittel Profile: Ed Tittel
Command line, Windows 10

Saw an interesting question raised on TenForums.com this morning. The thread was entitled “Log off all but current user.” On a PC where multiple users share the same machine, but don’t always log out, the poster sought a way to log off all but the currently active user. Turns out the command line – which means either cmd.exe/Command Prompt or PowerShell – supports this ability. The key is to run either with administrative permissions. Then it’s simple to logoff disconnected Win10 users via command line instructions. Here’s how:

Logoff Disconnected Win10 Users Via Command Line.ps

A simple series of commands logs off all disconnected accounts.

Instructions to Logoff Disconnected Win10 Users Via Command Line

The preceding example shows PowerShell, but the same commands work at the Command Prompt (cmd.exe) equally well. Here’s a breakdown:

quser: Queries for users currently logged in. The State of the current login is “Active” and the state for all other logins is “Disc” (for Disconnected). Note also the ID column, which provides a single-digit shorthand for each associated account. (It’s much faster to type “3” than “administrator”!) The final quser command in the preceding window shows that only the active “etitt” account remains logged in.

logoff <ID>: logs the user account associate with the ID from the PC. We can string multiple such commands together using the pipe (vertical bar “|”) character on a single command line. Thus logoff 3 | logoff 4 | logoff 5 is the same as logging off administrator, localonly and xtraadmin accounts.

More Automation, Please!

A single, more eloquent PowerShell command will read the state for each user who’s logged in and log off any whose state equals “Disc” (for disconnected). It’s a beaut (please enter on a single command line; WordPress makes me break it into multiple lines for readability):

quser | Select-String "Disc" |
ForEach
{logoff ($_.tostring() -split ' +')[2]}

This command can be understood in terms of the following pseudo-code:

  1. Check all logged in users
  2. For each logged in user
  3. Log off user whose state = “Disc”

Pretty neat, especially for lab, library, kiosk, or other systems where one may routinely find numerous disconnected logins hanging ‘round. Good stuff!


September 21, 2018  1:02 PM

Getting KB4458469 Installed When Windows Update Offer Absent

Ed Tittel Ed Tittel Profile: Ed Tittel

Yesterday, September 20, MS issued yet another Cumulative Update for Windows 10. Why do I call it that, listed only as “Update” in Update History? The Win10 Build number changes from 17134.286 to 17135.319 post-install. By definition, any update that ups the Build designation counts as a cumulative update. And in fact, if you check its Release Notes you’ll see it fixes a boatload of gotchas, minor and major, in the current-for-not-too-much longer version of Windows 10. But although my systems already had the Servicing Stack update (KB4456655) installed – a necessary pre-req for KB4458469 – WU didn’t offer it to any of the four PCs I have currently running 17134.286. That’s why I dug into the topic of getting KB4458469 installed when Windows Update offer absent this morning.

Getting KB4458469 Installed When Windows Update Offer Absent.history

Although I had the servicing stack update installed, WU didn’t offer KB4458469 automatically.

Getting KB4458469 Installed When Windows Update Offer Absent Requires Manual Update

When WU doesn’t offer updates automatically, there’s always the Microsoft Update Catalog. As you can see (visiting the preceding link), it offers various versions of KB458469 for download. I grabbed x64 version for my systems, then ran the self-installing update file (.msu) to add it to my runtime image. Given the number of fixes it provides, this took a while to complete, as I’d more or less expected it to.

When DISM analyzed the component store afterward, it found a whopping six (6!) reclaimable packages in need of clean-up. That took a while, too. But it dropped the size of the component store from 8.10GB reported/7.64GB on-disk size to 6.90GB reported/6.74GB on disk. This makes post-install clean-up a bit more urgent than usual, IMO. For detailed instructions on component store cleanup, check this TenForums tutorial: Clean Up Component Store (WinSxS folder) in Windows 10.

Another Take on Post-KB4458469 Cleanup

The preceding numbers are from my Lenovo T520 laptop. On my i7-6700 Asrock Extreme7+ mobo production PC, they were a bit more dramatic. After installing the update manually there, things read: 9.26 GB reported/8.75GB on disk before DISM cleanup. Afterward, they dropped to 6.66GB reported/6.50GB on disk. That’s a pretty substantial space drop (2.6GB reported, 2.25GB on disk)! But I left the /startcomponentcleanup command running for over an hour before I got tired of waiting for it to complete. So I struck the Ctrl-C sequence to end the processing. Instead: the command line reported 100%, and then I ran /analyzecomponentstore again to get the “after” numbers. Weird!

 


September 20, 2018  6:02 PM

Preserving Cleanmgr.exe for Future Use

Ed Tittel Ed Tittel Profile: Ed Tittel

Last week, I posted news about the pending deprecation of Disk Cleanup, aka cleanmgr.exe. I’m still not sure that the program is really going to vanish from Windows 10. But if it does, I’ve learned what’s involved in preserving cleanmgr.exe for future use. Because Disk Cleanup is a pretty simple utility it doesn’t include much scaffolding or underlying supporting software elements. Take a look at what a search for cleanmgr.* produces in its home directory of C:\Windows\System32:

Preserving Cleanmgr.exe for Future Use.search

Only two files must be saved to rescue Disk Cleanup from oblivion!

Preserving Cleanmgr.exe for Future Use Is Easy!

Built-in Windows apps, like Disk Cleanup, need a language support file in addition to the .exe file that does the real work. The language support file ends in .MUI, which stands for Multilingual User Interface. Thus, the subdirectory in which the MUI lives takes the language code for the installed language in which it should display its contents. I run United States English as my primary (and only) language, so the corresponding language code is en-US. Notice that the MUI file for cleanmgr.exe lives in C:\Windows\System32\en-US.

To boost the odds that you can run Disk Cleanup in a future Windows (10) version, you need to save both the cleanmgr.exe and the cleanmgr.exe.mui files. When you put them somewhere to run them (it doesn’t have to be in the …\System32 folder), you must put the .exe file in a parent folder (let’s say: C:\Cleanmgr for example). Then, the .mui file must go into C:\Cleanmgr\en-US.

Just for grins I did that work on my trusty old Lenovo T520 laptop. When I created that folder and file structure on an external USB drive, then double clicked cleanmgr.exe, it fired off like a champ. When I remembered to right-click and use the “Run as administrator” option, it even offered to clean up otherwise inaccessible system files. In short, this relocated Disk Cleanup continues to work, just like the real thing . . . because it is!

[Note] Thanks to TenForums user Bree who casually mentioned this in passing in a recent thread, and led me to investigate and put the pieces together for this blog post.


September 17, 2018  11:51 AM

8GadgetPack Remains Viable and Valuable

Ed Tittel Ed Tittel Profile: Ed Tittel
gadgets, Monitoring, Network monitoring, Windows 10, Windows monitoring

Those who’ve been using Windows for a while probably remember that Desktop Gadgets came and went during the Windows Vista and 7 era. A desktop gadget is a handy little applet of sorts that remains constantly visible in a fenced-off area on the desktop called “the sidebar.” MS did away with them officially on July 10, 2012 when a security advisory warning against remote code execution was issued. Though the security warning still stands, I’ve yet to find a credible report of any exploits against desktop gadgets. Thanks to Helmut Buhler’s work to forward port these applets, 8GadgetPack remains viable and valuable to this day. Here’s what my sidebar looks like this morning:

Why 8GadgetPack Remains Viable and Valuable

Looking at these gadgets, I hope you can understand why I find them so useful. They permit me to easily view things I always want to know. That is, CPU Meter (bottom item) constantly shows system, performance, and resource consumption info. Also Network Meter (top item) does likewise for network connectivity, upload/download speeds, and addressing. I also like the middle item – named “Control System.”  That’s because it provides easy, push-button access to shut down, restart, logout and other OS controls. I use RDP often. Sometimes, I want to restart the remote PC I’m accessing. Thus, easy one-click access to such functions is a real Godsend.

The program’s developer (Helmut Buhler) also offers a large collection of gadgets. That’s good: they’re no longer directly available from Microsoft, as they closed the Gadget Gallery down in 2016. You can still find 49 different gadgets through the program’s built-in “Add Gadgets” function. I don’t mess around with this much any more. I’ve found what I like and I’m sticking to it. But there are plenty of options for others to investigate, if they’re so inclined.

I find these three gadgets sufficient for my needs. They’re incredibly helpful when I’m working with Windows programs, updates, or repair or clean-up activities. In fact, they provide insight when something makes the OS slow, balky, or unresponsive. The two “Meter” gadgets can usually tell me enough about what’s going on that I can quickly and easily decide if I need to terminate active jobs or start troubleshooting activities, as is occasionally the case.

Is 8GadgetPack Right for You?

My friend and business partner in Win10.Guru, Kari Finn thinks I’m crazy to use these old-fangled gadgets. But I find them suitable for keeping track of my PC’s health and well-being, in much the same way that I use the instrument panels in my cars. If you share this inclination, you may want to try 8GadgetPack out for yourself, too. Besides the various items that I myself use, you may find other things that also meet your needs for constant, always-visible information on your own Windows PC(s).


September 14, 2018  10:54 AM

Bye-Bye Disk Cleanup?

Ed Tittel Ed Tittel Profile: Ed Tittel
Disk cleanup, Storage resource management, Windows 10

A small remark at the end of the Storage at Microsoft blog published on August 30, 2018 got past me. After explaining a raft of new features in Storage Sense – the Settings-based storage management toolset in Windows 10 – it concludes with a brief statement that cleanmgr.exe, aka Disk Cleanup “is being deprecated.” Though it reads further “We’re retaining the Disk Cleanup tool for compatibility reasons,” it may be just a matter of time before that tool disappears. Thus, it could be time to say bye-bye Disk Cleanup. Read all the details at “What’s new in Storage Sense?

bye-bye disk cleanup.settings

Get to know the tool on the left, and be ready to bid adieu to the one on the right.
[Click image for full-sized view.]

After Bye-Bye Disk Cleanup, Then What?

Newer versions of Storage Sense add some significant new features to the mix for cleanup activities, and help to explain why the immanent demise of Disk Cleanup need not spell doom and gloom. Take a look at the detail pane that appears in Build 17758.1 when you click “Change how we free up space…” in the preceding left-hand screencap:

bye-bye disk cleanup.freeup

Notice new options for locally available cloud content and OneDrive. These will help users minimize unwanted, obsolete or excess cloud-based holdings. Note also that Storage Settings notices when Windows.old is present from a recent upgrade and also offers to “Delete previous versions of Windows.”

What’s Missing from Storage Settings?

I still don’t see explicit settings in Storage Sense for certain things that appear when Disk Cleanup is opened with administrative privileges (or system cleanup is selected). I’ll be curious to see if Storage Sense cleans them up anyway when 1809 is released. These include the following:

• Windows Update Cleanup
• Language Resource Files
• DirectX Shader Cache
• Delivery Optimization Files
• Device driver packages

I guess it’s too early to tell if MS will expose APIs or commands for use in PowerShell to take over for “the ultimate cleanup” command sequence, too:

cmd.exe /c Cleanmgr /sageset:65535 & Cleanmgr /sagerun:65535

This has proven to be an essential activity when trying to recover from some Windows Update based upgrades or updates gone wrong. I don’t see anything in Storage Settings that offers the same capability. Maybe this is what MS meant by “retaining the Disk Cleanup tool for compatibility reasons?” We’ll probably find out, if and when the tool retires (or not).

[NOTE] Thanks to Sergey Tkachenko, whose blog post “Microsoft is Ditching Classic Disk Cleanup in Windows 10” brought the utility’s immanent deprecation to my attention.


September 12, 2018  12:02 PM

Handling Intel Management Engine Exploits . . . or Not!

Ed Tittel Ed Tittel Profile: Ed Tittel
Device drivers, firmware update, Windows 10

In checking over new posts at TenForums this morning, I came across information about new vulnerabilities in Intel’s Active Management Technology (AMT). The latest advisory is labelled INTEL-SA-00141. Such exploits could “allow arbitrary code execution, a partial denial of service or information disclosure.” Naturally I wanted to see if, by way of handling Intel Management Engine exploits, I could install a new firmware version. It took a while for me to figure things out. But alas, the situation for my Asrock Extreme7+ motherboard, with its Z170 chipset, is “No dice!” Here’s what’s currently resident, courtesy of Intel’s helpful meinfowin64.exe program. (This is part of the Station-Drivers download package, so here’s that package link.)

Handling Intel Management Engine Exploits.meinfowin64

Important values here are the FW Version and MEI Driver Version.
These are 11.8.50.3425 (FW) and 11.7.0.1045 (MEI), respectively.
[Click image for full-sized view]

Requirements for Handling Intel Management Engine Exploits

Alas, as it turns out there’s an ingredient missing for my motherboard. I was able to find two versions of the CSME 11.8.55 that Intel recommends for my current firmware. Asus offered one for its Z170M-Plus mobo, modder Pacman cobbled the other together for Station-Drivers. Neither worked on my Asrock Extreme7+ motherboard, though. The installers informed me the drivers and firmware weren’t compatible with my mobo. Attempts to install those drivers manually through DevMgr also failed.

What about Asrock and Other Support Pages?

A quick visit to the driver downloads for the Extreme7+ showed no relevant updates since December of 2017 (the version supported there is 11.7.0.1045, which is what I currently have installed). Cruising the support forums there, I found no word of a new round of impending updates for my 4-year-old motherboard. At this point, all I could do was hope. One, Asrock might get off its duff and release a new set of drivers and firmware. Two, some intrepid driver/firmware modder might put something together. Frankly, I put a lot more faith in the latter, and my faith was rewarded fairly quickly, as I’m about to relate.

Naturally, that led me to Win-RAID.com, where such things happen with celerity and grace. And in fact, I found an entry there entitled Intel CSME Firmware v.11.8.55.3510 on the Intel Management Engine Drivers Firmware page. This produces a .bin file that works with the Intel Firmware update utility FWUPdL aka fwupdate.exe. The Asus version of 11.8.55.3510 drivers and firmware includes that tool, in both x86 and x64 versions, which I was able to rescue from my Recyle Bin. So here’s a link to that item, too, for would-be DIY firmware updaters: Version 11.8.55.3510.

Right now, I’m wavering on whether I should install the firmware or not, for fear of bricking my production desktop. I think I’ll do a bit more research, and reach out to the Win-RAID forums to see if anybody has successfully updated my specific Extreme7+ motherboard before proceeding. The last thing I want to do is put my primary PC out of action, in the interest of tightening security. That’s a real tough choice, for sure.

But it do get interesting sometimes, keeping up with these security vulnerabilities. And it always comes with great opportunities for learning, too.


September 10, 2018  5:32 PM

Macrium Patches Skipahead Preview Reflect Win10 Bug

Ed Tittel Ed Tittel Profile: Ed Tittel

I don’t often write about Insider Preview stuff in this blog because it mostly focuses on production Windows. But every now and then, something comes up that cries out for coverage. This time, it’s an incredibly gutsy, quick, and proactive maneuver from Macrium. The latest Windows 10 Skipahead release 18234 hit on Friday, September 7. Before that day was out, users were reporting issues trying to back that new release up using Macrium Reflect. Here’s what the error looks like, taken from the Macrium website’s patch announcement. Notably, this fix appeared the next day (September 8, on a Saturday). That’s right: Macrium patches Skipahead Preview Reflect Win10 bug. In fact, it does so exactly one day after the release goes live and the bug pops up. Over the weekend, no less. I’m in awe of their attentiveness and responsiveness!

Macrium Patches Skipahead Preview Reflect Win10 Bug.error-msg

I’m running 18234 on my Surface Pro 3. I was able to provoke this error message on that machine by running Reflect. Then, I applied the patch, and completed a successful backup.

Appreciating Macrium Patches Skipahead Preview Reflect Win10 Bug

Here’s the really interesting twist to this repair. According to Macrium’s website, the problem stems from Windows itself, not from an outright bug in Reflect. The title for the page of interest hints at this: “Windows 10 Insider Preview Build 18234 Bug.” The explanatory paragraph is entitled “What’s the problem?”  and reads:

NTFS contains a series of meta data file records that describe the layout and format of the file system. One of these records is named$BITMAP and contains a series of ‘Bits’ in a data stream that indicate which clusters in the file system are in use and which are not. Each record has multiple attributes to further describe the record and location and size of data streams.  The $FILE_NAME attribute contains the allocated and actual size of the data in the stream. For the $BITMAP record the $FILE_NAME attribute contains incorrect size information. This would appear to be a problem with, or an undocumented change to, the NTFS driver shipped with the OS. This caused the file system to update the $BITMAP record incorrectly at the time of installation.

If Backup Doesn’t Work, It Doesn’t Matter Who’s at Fault

Frankly, what blows me away about this is reaction time. Macrium figured this out and sussed out a fix within 24 hours of a new OS preview. That solution, apparently, retrieves the problem data using Windows APIs  (which Macrium asserts are “unaffected by this problem”). Usually, Macrium reads system meta data directly, without using API calls. But for this patch they must’ve drawn upon that alternate source for the same data to fix an ostensible bug in the NTFS file system driver. Zounds!

My hat is off to these guys. Their understanding of their subject matter is inspiring, as is the quality and speed of their fix. One could argue (as they have, ever so gently) that it’s really not a problem with Reflect itself that’s causing the issue. But they fixed it anyway, and darned quickly, too. Even though Skipahead Insider Preview users are a tiny fraction of the overall Win10 user base, Macrium understands very well that they need backup just as urgently as do other users. Kudos to Macrium and their developers.

[Note:] Thanks to TenForums user Jimbo whose thread “Only patch and use Macrium update on Skippy 18234” alerted me to this situation and its fix. It helped me figure out the usual built-in update facility in Reflect wasn’t enough to address this special problem.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: