About Atari800XL
Profile Information
-
OS
none specified
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
Atari800XL's Achievements
18
Reputation
-
Thanks for the new version, very good to see you're still around. We need you in 2025 for all the ways in which Microsoft will try to screw up Windows NT! Hope you will have a great new year. I was actually just visiting this topic to write some holiday wishes, just to get rid of that "wish I could help you" message that was there for the last 4 weeks, I feared the topic was dying, but it's so wonderful to see the brand new version 5.4!!!
-
Ermm... Maybe JFX means "feature complete" status? I believe he mentioned that before. So hopefully not EOL? But for now I hope he enjoys a nice vacation...
-
So now we need to know (from that MDL user or by testing) if Smartscreen is -actually- enabled or not. Het mentioned it was set to "on", without the option to turn it off, but I will ask if that is actually the case. It might be a problem in that case.
-
The MDL user I mentioned did some more research. Sorry for the dirty cut-and-pase, but my previously edited message disappeared when I tried to post it here: (My question was: "What is 'reputation based protection'?") Quote: Smartscreen. I try to disable it but it doesn't want to. https://i.imgur.com/kLnERuZ.mp4 I also tried to disable it from registry and policy editor but it was still enabled. Probably happens only on IoT version. Edit: I did some tests. It happens on both IoT and non IoT version of LTSC 2024. When I don't disable Defender with WinNTSetup I can disable Smartscreen. I tested to disable Defender with a script from TairikuOkami "Microsoft Defender Disable.bat" https://github.com/TairikuOokami/Windows (Windows Defender quarantines the script so disable tamper and real time protection first) and both Defender and Smartscreen was disabled after using the script. So it is the way WinNTSetup disables Defender that is the problem. You can contact the dev and report it. Thanks
-
Antonino, MDL is a great forum with some very clever developers (I'm sure you heard of Abbodi1406's script collection), why not join there and open a topic? A little "warning" though: Don't be discouraged by some of the most active users that seem to have nothing better to do than criticize other people. Just ignore them and calmly wait for serious reactions from users that maybe only have time to post once a week, due to busy jobs etc. This patient approach can be difficult, I know, but it's the only way to "survive".
-
I always advertise WinNTSetup to as many people as possible, among others on the MDL forum. One of the users there tried it, with the "No Defender" tweak, and left the comment below. I have to say I haven't had any problems like that, but then again I haven't tested W11-24h2 that much yet (only tested it to see if I could live with it if I ever have no other options). But I wanted to leave his comment here, to see what you guys think of this. Here it comes: (About the "No Defender" tweak): "When I tried this on IoT LTSC 2024 I noticed that reputation based protection in settings was enabled and I could not disable it so I had to re install and disable defender in other way. On my 26100 Enterprise G it is showing as disabled. So maybe it's better to not disable WD this way on IoT or perhaps both versions of LTSC 2024."
-
Interesting, didn't know about that Bitlocker stuff in W11. I guess I didn't run into it yet, because I never save data in places where Microsoft "recommends" it, only on my own drive letters and TrueCrypt containers. So other data that you store in (for example) the "My Documents" folder etc. is now always encrypted? Who can share some more info on this please?
-
I am happy to say I got it to work finally!!!! I had to throw in some more settings that somebody sent me from a NTLite forum link, so I'm not sure which one of the settings below finally did the trick, but I thought I'd throw them in here in case somebody might need to use them some day. Once again: This is just for my own scripts and experiments, WinNTSetup itself was doing it correctly already (for which I'm giving HUUUGE thanks to JFX!!!) So here are the things I added: (All are EXTRA things on top of the stuff in JFX's code example) Software hive: ============== [HKEY_LOCAL_MACHINE\temp\Microsoft\Windows Defender\Real-Time Protection] "DisableBehaviorMonitoring"=dword:00000001 "DisableOnAccessProtection"=dword:00000001 "DisableScanOnRealtimeEnable"=dword:00000001 [HKEY_LOCAL_MACHINE\temp\Policies\Microsoft\Windows Defender] "DisableRealtimeMonitoring"=dword:00000001 "DisableRoutinelyTakingAction"=dword:00000001 "DisableSpecialRunningModes"=dword:00000001 "ServiceKeepAlive"=dword:00000001 [HKEY_LOCAL_MACHINE\temp\Policies\Microsoft\Windows Defender\Signature Updates] "ForceUpdateFromMU"=dword:00000001 [HKEY_LOCAL_MACHINE\temp\Policies\Microsoft\Windows Defender\SmartScreen] "ConfigureAppInstallControlEnabled"=dword:00000001 "ConfigureAppInstallControl"=dword:00000001 [HKEY_LOCAL_MACHINE\temp\Policies\Microsoft\Windows Defender\Spynet] "DisableBlockAtFirstSeen"=dword:00000001 System hive: ============ [HKEY_LOCAL_MACHINE\temp\ControlSet001\Services\WdFilter] "Start"=dword:00000004 [HKEY_LOCAL_MACHINE\temp\ControlSet001\Services\WdNisDrv] "Start"=dword:00000004 [HKEY_LOCAL_MACHINE\temp\ControlSet001\Services\WdNisSvc] "Start"=dword:00000004 [HKEY_LOCAL_MACHINE\temp\ControlSet001\Services\WinDefend] "Start"=dword:00000004
-
I feel like I'm getting closer, I copied all the settings from your last piece of code to my reg files, still haven't found the single culprit yet, though.... I even set up two partitions, one applied with WinNTSetup (and all the tweaks and settings), didn't actually rebooted to start the setup, but got a list of all the files, and the SOFTWARE and SYSTEM hives. Second partition has the same install.wim, this time applied with my own scripts. Reg Load'ed the hives and exported them to .reg, then textdiff'd them to find missing stuff in mine. Still no luck (have to check once more if I really got everything), but I'll keep trying... Not sure when that will be... Some people actually call this fun :-) Once again it is proven that WinNTSetup rules!!! [Of course, in the mean time I've been doing 26100 tests using WinNTSetup itself, working just fine and providing great command line options for all its powerful capabilities. Thanks once more, JFX!!!!!!]
-
See, that makes me feel a little better :-) Just seeing your "reversal" script from June last year (that you linked to a few posts up) made me think it was just as easy as "reversing" them back the other way...
-
Thank you very much for that, great to get a "secret look" in the kitchen :-) Well, at least you know I'm doing my best, and each time I fail I respect YOUR work that much more. So you weren't surprised my system went belly-up with my crude attempts?
-
Applying Windows 11 build 26100 with WinNTSetup works fine (of course), the NoDefender tweak works, thank you very much for that. Nice to see that after a successful setup, Defender is off, so my postinstall (with all my programs and settings) is as fast as before (absolutely no need for an antivurs to keep checking these files). I also have my own little Apply tool, made in AHK (basically scripts with a GUI). Just to learn and experiment. This has also worked very well until now. Even with 26100, the only thing that has changed for me is that Defender was not deactivated. So now I'm trying to replicate what JFX has done to deactivate Defender in my own scripts. Looks like you do a series of "Image File Execution Option" settings, correct? When I set these for MpCmdRun.exe, MsMpEng.exe and smartscreen.exe, Defender does seem to be deactivated, but the system becomes incredibly unresponsive and slow. So once again, I feel like I'm so close, yet so far away from the solution :-) Do you have any tips to nudge me in the right direction? I must have these entries below wrong somehow, this is the only thing I added to an otherwise working .reg file. Without these, apply and setup runs fine, but when I add them back, the system is incredibly slow after Setup finishes. Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\temp\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe] "Debugger"="NUL" [HKEY_LOCAL_MACHINE\temp\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe] "Debugger"="NUL" [HKEY_LOCAL_MACHINE\temp\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartscreen.exe] "Debugger"="NUL"
-
Thank you for your quick replies! May I ask how the tweak works in WinNTSetup, I would like to replicate that in a manual apply. Thanks for the link to last June, when this was discussed, sorry to have missed that. Any other links are welcome, so I can read up on the matter. I have to admit I was sort of ignoring Windows 11 for a while, but now with the upcoming LTSC 2024 (and the leaked 26100 build) I think we have to learn to live with it (or at least work around it). [EDIT: Aahh, wait it minute, it all seems to be coming back to me now <g>, it's the "File Execution Options", right? --Testing now ---)
-
Good day to everybody. I have been out of the loop for a while, sorry about that. I'm not a big fan of Windows 11, but the new LTSC 2024h2 leaked build 26100 seems to be a decent build. On Windows 10, I used to run a short install_wim_tweak script on the install.wim before applying, to remove some components like Defender, Search and Cortana. However, this doesn't seem to work anymore with Windows 11. My question to you kind and knowledgeable people on this board: - Do you guys know of a method to remove Defender from install.wim, or at least some way to (temporarily) turn it off, etc.? - Do we really have to learn to live with Defender, or there other ways to tame it? - Does WinNTSetup have any capabilities to assist with this? If this was discussed in this thread before, please excuse my laziness, I will try to read up on the matter. Thank you!
-
Sorry, maybe I was not clear. I downloaded the latest Windows 11 (business) esd, then exported image 6 (Enterprise) from it, did some "servicing" on it (removing some components) and also, like I always do, delete winre.wim from it (I have no use for it, as I always use my own PE). Looks like Windows 11 is now the first OS to complain about winre.wim missing from install.wim after my manual apply and rebooting. Must be a setting/ registry setting somewhere? Thanks for listening, Antonino!