Jump to content


  • Posts

  • Joined

  • Days Won

  • Donations

    0.00 USD 

Everything posted by JFX

  1. That's because vmware mounts in the user session and WinNTSetup now uses TrustedInstaller for WIM operations. You can get back old behavior by adding this to WinNTSetup.ini [WimHost] RunAsTI=0 However VMware did removed the buggy disk mapping in version 17, so maybe better to mount the VDMK with OFSMount. This allow you to mount as physical disk and the capture won't have problems with special files like WIMBoot pointer files.
  2. File permission are changed for MinWin by default, so Admin users have full access to the entire file system. Profile\Options.ini --> options --> AdminAccess To use modified *.inf files, drvinst.exe need to be patched. you can remove signature check of inf files with: WinNTSetup_x64.exe drvinstpatch
  3. Just add this to your unattend.xml --> oobsystem. <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" language="neutral" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS"> <PreventDeviceEncryption>true</PreventDeviceEncryption> </component> If you want to keep most of the WinSxS folder than delete WinSxS.ini. Without it you black\white list WinSxS files like all other in the Remove folder.
  4. That's because it is part of Windows 10/11. But old systems and WinPE are missing it.
  5. I forgot offreg.dll again, re-uploaded.
  6. WinNTSetup 5.3.5 - removed redudant code, WimHost options removed - updated wimlib to version 1.14.4 - enforce modded wimlib - HideProductKeys option defaults to 1 - minwim crash fixed - minwim speed improved - minwim extended log files - fixed WinRE GUI bugs - fixed crash installing WinXP
  7. Listviews group header text color is back to dark blue on dark mode. Was good with SAB 3.7.3.
  8. @dimo70 You can't disable defender while the system is still running, it does protect it self.
  9. No sure if you still can disable defender online. This should work from WinPE/WinRE. Another Windows would need to run it with TrustedInstaller rights. Defender.cmd reg load HKLM\SOFT C:\Windows\System32\config\software reg load HKLM\SYS C:\Windows\System32\config\system reg import Defender.reg reg unload HKLM\SOFT reg unload HKLM\SYS Defender.reg Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=- [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows\CurrentVersion\Explorer] "SmartScreenEnabled"="Off" [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 "DisableAntiVirus"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows Defender\Features] "TamperProtection"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows Defender\Real-Time Protection] "DisableRealtimeMonitoring"=dword:00000001 "DisableAntiSpywareRealtimeProtection"=dword:00000001 "DpaDisabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe] "Debugger"="NUL" [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe] "Debugger"="NUL" [HKEY_LOCAL_MACHINE\SOFT\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartscreen.exe] "Debugger"="NUL" [HKEY_LOCAL_MACHINE\SOFT\Policies\Microsoft\Windows\System] "EnableSmartScreen"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFT\Policies\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 "DisableAntiVirus"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFT\Policies\Microsoft\Windows Defender\SmartScreen] "ConfigureAppInstallControlEnabled"=dword:00000001 "ConfigureAppInstallControl"=dword:00000001 [HKEY_LOCAL_MACHINE\SYS\ControlSet001\Control\CI\Policy] "VerifiedAndReputablePolicyState"=dword:00000000 [HKEY_LOCAL_MACHINE\SYS\ControlSet001\Services\SecurityHealthService] "Start"=dword:00000000 [HKEY_LOCAL_MACHINE\SYS\ControlSet001\Services\WinDefend] "Start"=dword:00000004 P.S: Not sure why I set SecurityHealthService to autostart, either there was a problem with disabling or it's a typo.
  10. Glad, you got it work.
  11. Nope, I can recall something like this happend to me, first time trying this on some windows 10 or 11 build.
  12. It does a bit more than just setting IFEO Debuggers. If Tweaks_NT6_Array(#Tweaks_NT6_Disbale_Defender, 1) If *Z\Build > 10100 ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender", "DisableAntiSpyware", 1) ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender", "DisableAntiVirus", 1) ORSetString(*Z\SftHive, "Microsoft\Windows\CurrentVersion\Explorer", "SmartScreenEnabled", "Off") ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows\System", "EnableSmartScreen", 0) ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender\SmartScreen", "ConfigureAppInstallControlEnabled", 1) ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender\SmartScreen", "ConfigureAppInstallControl", 1) ORSetDword_USClasses(*Z, *Z\Usr_Classes_Hive, "Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter", "EnabledV9", 0) ORSetDword_US(*Z, "Software\Microsoft\Windows\CurrentVersion\AppHost", "EnableWebContentEvaluation", 0) EndIf ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Real-Time Protection", "DisableRealtimeMonitoring", 1) ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Real-Time Protection", "DisableAntiSpywareRealtimeProtection", 1) ORSetDword(*Z\SftHive, "Microsoft\Windows Defender", "DisableAntiSpyware", 1) ORSetDword(*Z\SftHive, "Microsoft\Windows Defender", "DisableAntiVirus", 1) If *Z\Build > 18300 ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Features", "TamperProtection", 0) EndIf If *Z\Build >= 22000 ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Real-Time Protection", "DpaDisabled", 1) ORSetString(*Z\SftHive, "Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe", "Debugger", "NUL") ORSetString(*Z\SftHive, "Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe", "Debugger", "NUL") ORSetString(*Z\SftHive, "Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartscreen.exe", "Debugger", "NUL") ORSetDword(*Z\SysHive, "ControlSet001\Services\SecurityHealthService", "Start", 0) ORDeleteValue(*Z\SftHive, "Microsoft\Windows\CurrentVersion\Run", "SecurityHealth") EndIf EndIf
  13. Don't think there is a good way to remove defender. But WinNTSetup's tweak should completely disable it. This can be reversed later, it needed.
  14. Yes, there were some reports of this with Server 2022. I can't reproduce it and checking if a file exist, is the most basic feature. I could only assume something like an antivirus or filter driver that does interfere, but it does not happen if I install Server 2022 with WinNTSetup. The new system does not show any problem. The version display of wimlib and wimgapi will be removed, it just leads to wrong assumption and some people start updating them manually, what only causes problems.
  15. Yes, if you select a different boot drive, your local boot partition will not not be touched. For automation there are many command line options, see F1 - help.
  16. That could happen if you update wimlib, the official version is no longer supported.
  17. I would ignore them. If there is no lpq.exe in system32 than that applications is no installed and does not need a .mui file. If it get's installed (by dism) later, it should copy the .mui, too.
  18. I guess system32 mui folder is a fallback location for it's subfolders. Added recursive scanning for mui candidates. WIMHost_1.2.3.0.zip
  19. Ok, could generate a crash under some WinPE environments. WIMHost_1.2.1.0.zip
  20. Well I can't reproduce it. Where can I download that exact ISO? Did you try with different source, maybe a clean MDSN version?
  21. Yes, noticed there was a problem, should be fixed now.
  22. I don't get that error. Make sure you don't miss any dependency of this proxy dll.
  23. That should be fixed with WimHost.exe, posted yesterday.
  • Create New...