as seen on: Microsoft Windows [Version 6.1.7601] also known as Windows 7 Ultimate SP1 with automatic Updates enabled.
What is it?
„CBS stands for „Component-Based Servicing“ and it basically (as far as I’ve read) is the way components get installed and uninstalled during updates. It is the reason you see „Stage 1“, „Stage 2“, and „Stage 3“ during the Service Pack 1 install. „Stage 2“ and „Stage 3“ exists for the registry keys and files that are normally locked during regular operation.
If you want to investigate the CBS, check out %windir%\Logs\CBS\ and the log files inside of it. You might have a file in there called „FilterList.log“ that lists the various filter drivers that the setup program „saw“ during instal“
„Prior to Windows Vista, if you wanted to install optional components, Windows Updates or driver files on your system, the process was fairly simple.
Great… complexity always fails. (can not be handled after a certain point… because mankind is STUPID and not the CENTER OF THE UNIVERSE)
In Windows Vista, the new componentization architecture, known as Component-Based Servicing (CBS) changes the way that these components are installed.
The CBS architecture is far more robust and secure than the installers in previous operating systems.
Users benefit from a more complete and controlled installation process that allows updates, drivers and optional components to be added while simultaneously mitigating against instability issues caused by improper or partial installation.
CBS allows components and features from IIS to Windows Media Player to be packaged as small modules that encompass the full functionality of the component. In other words, each module contains all of the files, registry settings, and methods required for a full installation or removal of the component it contains. The Core componentization services include the following:
CBS (Component Based Servicing) – Also known as the trusted installer (TRUSTEDINSTALLER.EXE), which works at the package / update level
CSI (Component Servicing Infrastructure) – Works at the deployment/component level
DMI (Driver Management and Install) – Advanced driver installation processes
CMI (Component Management Infrastructure) – Handles the advanced installers
SMI (Systems Management Infrastructure) – Used to manage registry settings
Kernel Transaction Manager (KTM) – Enables clients to use the transactional registry and file system
The Servicing Stack in Windows Vista consists of three levels:
At the top of the stack are the top level clients, such as Windows Update, Programs and Features, and MSI, which deliver packages to a system. The top-level clients are also responsible for control of user input and collection of user preferences during the servicing process.
In the middle of the servicing stack is the Trusted Installer, CBS. The top-level clients pass downloaded packages to CBS, which evaluates each individually to determine if they are applicable to the system. For applicable updates, CBS provides the components to CSI, generates appropriate installation events, and registers packages with Programs and Features if needed. Finally, CBS exposes the interfaces to enumerate and inventory the updates.
At the bottom of the servicing stack is CSI, which uses the Kernel Transaction Manager (KTM) to do its work.
CSI is responsible for the actual installation of components. To install components, CSI utilizes the Component Store (the %windir%\WinSXS folder) which is a collection of all components, manifests (%windir%\WinSXS\Manifests) and files on the system. As new components are added, CSI moves them into the Component Store, and determines what state the component should enter. Staging determines the current state of the package on the file system. There are different staging activities that occur during the installation of a package:
Identify any files that are missing from the package. For a file to be installed, it must first be staged. Some may already present in the system store, others may need to be transferred from installation media or downloaded from network locations
Determine which files are required to install a package and identify files in other packages that may also be required
Resolve dependencies and ensure that all required files are present before installation begins
When a package is uninstalled, the process is reversed:
The installer creates a list of any files in use, and other actions that require system reboot
Remove the files or dependencies – files may either be removed from the system completely or may remain in the system store for future use.
Files not in use may be removed from the system, and the system is rebooted to release and remove any files that were in use
When a newer version of a component is installed on the system, CSI queries the Component Store to determine what components are being updated. When installing a component, CSI sets up a Primitive Operations Queue (POQ) which contains all files and registry keys that will be installed. Advanced installers or generic commands are then executed to complete installation. Advanced installers run in-process using CMI.
If there is a failure during installation of a component, CSI rolls back the entire installation. If a file or process is in use during a component installation and cannot be replaced, generic commands and advanced installer actions are written to %windir%\WinSXS\Pending.xml, and then written to disk on the following reboot. If several packages are installed at the same time, each additional package appends to Pending.xml. Additional logging during this phase occurs in %windir%\Logs\CBS\CBS.log.
And that brings us to the end of our post on Component-Based Servicing. Until next time …“
C:\Users\Administrator>sfc Microsoft(R) Windows (R)-Ressourcenüberprüfungsprogramm, Version 6.0 Copyright (C) 2006 Microsoft Corporation. Alle Rechte vorbehalten. Überprüft alle geschützten Systemdateien und ersetzt falsche Versionen mit Microsoft-Originalversionen. SFC [/SCANNOW] [/VERIFYONLY] [/SCANFILE=] [/VERIFYFILE=] [/OFFWINDIR= /OFFBOOTDIR=] /SCANNOW Überprüft die Integrität aller geschützter Systemdateien und repariert ggf. Dateien mit Problemen. /VERIFYONLY Überprüft die Integrität aller geschützter Systemdateien. Es erfolgt keine Reparatur. /SCANFILE Überprüft die Integrität der angegebenen Datei, und repariert ggf. die Datei, wenn Probleme gefunden werden. Es muss ein vollständiger Pfad angegeben werden. Pfad /VERIFYFILE Überprüft die Integrität der angegebenen Datei. Es erfolgt keine Reparatur. /OFFBOOTDIR Gibt den Speichort des Offlinestartverzeichnisses für Offlinereparaturen an. /OFFWINDIR Gibt den Speichort des Offline-Windows-Verzeichnisses für Offlinereparaturen an. z.B. sfc /SCANNOW sfc /VERIFYFILE=c:\windows\system32\kernel32.dll sfc /SCANFILE=d:\windows\system32\kernel32.dll /OFFBOOTDIR=d:\ /OFFWINDIR=d:\windows sfc /VERIFYONLY C:\Users\Administrator>sfc /VERIFYONLY