Specific Windows Fixes¶

All changes listed below are for very specific use cases, and should not be applied by default or without thought.

Danger

These can seriously break your shit if you blindly execute these. Default recommendation here is not apply these.

Execution Policy: Unrestricted (see: Setting Execution Policy).

Reset Password¶

Windows 10 has a habit of locking out after updates. Reset your password from safe mode.

Be sure to hold shift until the troubleshooting options appear. Login Screen › shift (hold) + Restart › Troubleshoot › Advanced options › Startup Settings › Restart -> Enable Safe Mode with Command Prompt

Find the correct user and set password.¶

net user
net user {USER} {PASS}

Moving User Profile Locations to Alternate Location¶

Relocate certain portions of your user profile to alternate location, to make reinstallation easier, as well as keep music and media folders on separate drives.

⌘ + e › select location › RMB › properties › location tab › move

Select new (or existing) location to relocate.

Move existing files into the new location.

Apply.

ReFS on Windows 10 Pro¶

Recently ReFS create moved to Windows 10 Workstation, effectively removing the ability to create ReFS containers in Windows 10 Pro, but they can still be read. Virtual disks with ReFS formatting can be created and exported for use in 10 Pro machines.

Empty ReFS formatted disk images below, ensure disk is updated and optimized in storage spaces before use. bitlocker can be used.

ReFS 1TB single virtual disk with integrity enabled: refsi.vhdx.tar.xz (200k)
ReFS 1TB mirrored virutal disk: refsi-mirrored.vhdx.tar.xz (450k)

Format ReFS on using a single drive¶

ReFS allows for integrated file checksums, duplication, and error recovery; however by default it requires two disks. This will allow you to use this filesystem on a single disk with integrity enabled which is not possible by default.

Setup disk for ReFS (powershell as admin).¶

diskpart
list disk
select disk [#]
clean
create partition primary
format fs=refs quick

⌘ + x › computer management › disk utilities

Mount ReFS partition to a drive letter.

Reformat drive with integrity enabled.

Format Single Drive with Integrity Enabled & Verify with Test File (powershell as admin).¶

format X: /fs:refs /i:enable /q
echo $null >> X:\test
Get-Item X:\test | Get-FileIntegrity

Note

Both Enabled and Enforced should be set to True.

Disable ReFS Scheduled Tasks

By default ReFS will schedule integrity checks (as well as automatic integrity checks after windows crashes), which cause 100% disk usage on system PID 4. Disabling ReFS Scheduled Tasks prevents these from automatically being scheduled, but can still be manually run.

Addressing 100% Disk Usage Issues¶

Generally speaking, 100% disk usage issues usually means there’s a Filesystem check happening, or another service is hammering the disk. These will address this but may break functionality of your system.

These services either do user data tracking, or are a major performance hit for SSD’s. Disable by RMB › stop and RMB › properties › disable.

Disable Prefetch and Superfetch¶

This addresses 100% disk usage during idle in windows 10, even if you’ve already disabled the superfetching service.

Hiding Local Desktop for Chrome Remote Desktop¶

By default Chrome Remote Desktop will always show locally what is happening when you remotely connect. This disables this feature and presents a login screen instead, allowing you to work privately remotely. CRD will open a connection, then locally connect to remote desktop to hide your current session.

Installing CRD (Chrome Remote Desktop):

Sign in to Chrome.
Disable all sync’ing with account (if wanted).
Install the Remote Desktop Extension.
Launch the installer.

share (green button) › accept and install › run msi installer

On Authorize screen click continue

CRD › my computers › enable remote connections

Create a PIN for connection.
☐ Improve CRD.

⌘ + r › control › System and Security › System › Remote Settings › Remote

☑ Allow remote connections to this computer.
☐ Allow connections only from computers running Remote Desktop with Network Level Authentication.

Fixing Broken Windows Store apps / ‘Trial Expired’ Apps¶

Default windows 10 applications may stop working if you remove dependent apps from the system. Symptoms include apps like xbox controller config never loading, or calculator prompting with trial expired. This resets the system to the default app installation state for windows 10.

Reinstall default Windows applications (powershell as admin).¶

Get-AppXPackage -AllUsers | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}

Enable Bitlocker on USB drives over RDP¶

By default, bitlocker does not allow encryption to be enabled on USB devices over RDP connections – this happens because RDP treats USB drives as mapped network drives and not external drives. This enables direct drive access for RDP connections. This is unsafe.

Fix Windows Applications Not Appearing in Start Menu Searches ¶

Background Tasks need to be enabled for the application index to be updated when new programs are installed. By disabling all background tasks (global toggle) this index is never updated, and therefore apps will stop appearing in start menu searches. You can still disable all apps in the background, however the service still needs to be enabled.

⌘ + r › ms-settings:privacy-backgroundapps

Let apps run in the background: ☑

Disable Hibernation for Windows 10 Sleep Resume Problems ¶

If your system doesn’t seem to be resuming from sleep properly (e.g. power is on, but keyboard/mouse won’t resume it), disable hibernation. This does affect power consumption and probably shouldn’t be used on laptops.

Disable hibernation (powershell as admin).¶

powercfg /h off

Enabling SSH Access¶

See SSHD Windows Setup to enble SSHD on Windows.

NTFS File Ownership Access Denied ¶

When reinstalling windows, or moving a drive to another system, sometimes the NTFS file system will deny access to files you own. This is generally because the default well known SIDs were removed from the file permissions, and replaced with a specific user SID that no longer exists (and now can no longer be removed, prompting this perms error everytime you access it). You can fix this by replacing the old SID with the new SID:

Replace old SID with current system SID (powershell as admin).¶

setacl.exe -on c:\ -ot file -actn trustee -trst "n1:S-old-501;n2:S-new-501;ta:repltrst" -rec cont

Alternatively take ownership and copy files to a NTFS partition with proper SID’s set.

The affected NTFS partition should really be nuked and re-formatted using well known SIDs which will remove this issue.

OEM Partition / Low Disk Space Warning After 1803 Update¶

After updating to Windows 10 1803, a consistent low disk space warning appears. This happens as the upgrade now sets the OEM partition (~450MB) to be mounted on boot. This drive is almost entirely full (~400MB) and triggers a low disk warning.

Unmount OEM partition from drive (powershell as admin).¶

mountvol {OEM PARTITION DRIVE}: /d

Application Using the Wrong Audio Output Device ¶

Some applications will not respect the default output device in Windows 10 and output to the wrong device. Output settings can be set for specific applications via the settings menu.

⌘ + r › ms-settings:sound › Advanced sound options › App volume and device preferences

Set preferred output for device (application must be running).

Disable Caret Browsing Notifications¶

Remove notification on F7 press for caret browsing. This is a holdover from Internet Explorer.

Windows Bootloader Missing / Multiple OS¶

Fix the UEFI bootloader if it is missing or has extra entries.

Restart in Diagnostics Mode:

shift + restart › troubleshooting › command prompt

Note

shift can be held during normal boot to get to the same menu.

First remove any extra EFI boot configuration data from other operating systems.

Remove extra EFI entries before rebuilding Boot Configuration Data for Windows.¶

diskpart
list disk
sel disk 0
sel vol 2
assign letter=Z:
exit
cd Z:
cd EFI
dir
rmdir -S ubuntu

Note

Look for ~100MB FAT32 partition, this is the standard partition Windows uses for storing EFI data. Adjust highlighted lines as needed for specific case. ubuntu removed here. Boot and Microsoft should be left intact.

Fix MBR, scan for all OS’s on drive and rebuild Boot Configuration Data for Windows.¶

bootrec /fixmbr
bootrec /scanos
bootrec /rebuildbcd

Restart machine.

If there are extra menu options, you may also edit UEFI boot options in firmware or use EasyUEFI to do it in windows directly.

Display Driver Has Been Restarted¶

Windows Vista+ has a feature called Timeout Detection and Recovery, which detects if the GPU becomes unresponsive and restarts the driver. The GPU running at 100% load can inadvertantly trip this reset the driver, causing applications to crash. This can saftely be increased from the default 2 seconds to a larger value with the only negative impact being that an actual crashing driver will take that much longer to be reset. A bump to 8 to 10 seconds is generally ok; it is not recommended to disable TDR entirely.

Show Password on Wifi Network¶

Dump wifi configuration including password (powershell as admin).¶

netsh wlan show profile WiFi-name key=clear

DRIVER_IRQL_NOT_LESS_OR_EQUAL (Epfwwfp.sys)¶

shift + Reset › Troubleshoot › Advanced options › Start-up Settings › Restart › 4 (Safe Mode) Troubleshoot › Command Prompt

Remove ESET driver and reboot.¶

del /F /S /Q /A “c:\Windows\System32\drivers\epfwwfp.sys”

Offending program should be reinstalled.

Uninstall Edge Browser ¶

Heavily integrated into Windows 10. Will probably break stuff.

Download and build install_wim_tweak.

Remove Edge browser and reboot.¶

REM Move to script dirrectory for working directory and remove edge.
REM Requires install_wim_tweak to be in the path.
@echo off
cd /d "%~dp0"
echo Uninstalling Microsoft Edge ...

install_wim_tweak.exe /o /l
install_wim_tweak.exe /o /c Microsoft-Windows-Internet-Browser-Package /r
install_wim_tweak.exe /h /o /l

echo Reboot to apply changes.
pause

remove-edge.cmd

USB Devices Slow¶

In Windows 1809+ default USB removal policy changed to Quick removal for additional safety instead of Better performance for additional speed; as a result USB devices may appear slower than normal. This reverts to the old behavior.

Disable Windows Backup Schedule ¶

Removed since Windows 7 but added back into Windows 10.

powershell (as admin).¶

sdclt.exe /DISABLEJOB

Debug DNS Issues ¶

Windows 10 aggressively caches DNS with a DNS caching service and can sometimes lead to invalid results. First flush resolver caches and test.

powershell¶

ipconfig /flushdns
Clear-DnsClientCache

If that does not work, disabling the DNS caching service can be used. Cannot be disabled via services.msc.

After resolving, re-enable the caching service and Reboot.

Disable Hyper-V Per Boot ¶

Some applications and games detect Hyper-V virtualization and refuse to start. Disable Hyper-V on Windows boot instead of through the BIOS. This removes the hypervisor kernel modules which prevents this from happening without needing to turn it off.

powershell (as admin).¶

bcdedit --% /copy {current} /d "No Hyper-V"

bcdedit --%  /set {GUID} hypervisorlaunchtype off

Restart holding shift to show boot options. Select No Hyper-V.

Specific Windows Fixes¶

Reset Password¶

Moving User Profile Locations to Alternate Location¶

ReFS on Windows 10 Pro¶

Format ReFS on using a single drive¶

Addressing 100% Disk Usage Issues¶

Disable Prefetch and Superfetch¶

Hiding Local Desktop for Chrome Remote Desktop¶

Fixing Broken Windows Store apps / ‘Trial Expired’ Apps¶

Enable Bitlocker on USB drives over RDP¶

Fix Windows Applications Not Appearing in Start Menu Searches¶

Disable Hibernation for Windows 10 Sleep Resume Problems¶

Enabling SSH Access¶

NTFS File Ownership Access Denied¶

OEM Partition / Low Disk Space Warning After 1803 Update¶

Application Using the Wrong Audio Output Device¶

Disable Caret Browsing Notifications¶

Windows Bootloader Missing / Multiple OS¶

Display Driver Has Been Restarted¶

Show Password on Wifi Network¶

DRIVER_IRQL_NOT_LESS_OR_EQUAL (Epfwwfp.sys)¶

Uninstall Edge Browser¶

USB Devices Slow¶

Disable Windows Backup Schedule¶

Debug DNS Issues¶

Disable Hyper-V Per Boot¶

Fix Windows Applications Not Appearing in Start Menu Searches ¶

Disable Hibernation for Windows 10 Sleep Resume Problems ¶

NTFS File Ownership Access Denied ¶

Application Using the Wrong Audio Output Device ¶

Uninstall Edge Browser ¶

Disable Windows Backup Schedule ¶

Debug DNS Issues ¶

Disable Hyper-V Per Boot ¶