Jump to content

WinNTSetup v5.3.4

JFX

By JFX
in Install Windows from USB

 Share

Recommended Posts

JFX

JFX

Posted
  • Author
Posted (edited)
10 hours ago, freqout said:

This is great.  Wondering if this can be used to make the VHD bootable instead of actuing on my local boot partition, and if it can be scripted and completely automated from Powershell.

Yes, if you select a different boot drive, your local boot partition will not not be touched. 
For automation there are many command line options, see F1 - help.

Edited by JFX
Link to comment
Share on other sites

gbh19930406

gbh19930406

Posted
Posted

Latest Windows Server 2022 20348.2402 cannot run latest WinNTSetup 5.3.4, program said cannot find BCDBoot.exe and cannot keep running. However, WinNTSetup 5.3.4 can run on the Latest Windows 11 Pro 22631.3447. Both of two systems have bcdboot.exe which under /Windows/system32/. Please help to check what's wrong with v5.3.4, thx a lot. Plus, wimlib is upgraded to 1.14.4 (released February 24, 2024), and please add support for Windows Server 2025 thx.:P

Capture.JPG

Link to comment
Share on other sites
JFX

JFX

Posted
  • Author
Posted

Yes, there were some reports of this with Server 2022.
I can't reproduce it and checking if a file exist, is the most basic feature.

I could only assume something like an antivirus or filter driver that does interfere,
but it does not happen if I install Server 2022 with WinNTSetup. The new system does not show any problem.

The version display of wimlib and wimgapi will be removed, it just leads to wrong assumption and
some people start updating them manually, what only causes problems.

Link to comment
Share on other sites
Atari800XL

Atari800XL

Posted
Posted

Good day to everybody. I have been out of the loop for a while, sorry about that.

I'm not a big fan of Windows 11, but the new LTSC 2024h2 leaked build 26100 seems to be a decent build.

On Windows 10, I used to run a short install_wim_tweak script on the install.wim before applying, to remove some components like Defender, Search and Cortana. However, this doesn't seem to work anymore with Windows 11.

 

My question to you kind and knowledgeable people on this board:

- Do you guys know of a method to remove Defender from install.wim, or at least some way to (temporarily) turn it off, etc.?

- Do we really have to learn to live with Defender, or there other ways to tame it?

- Does WinNTSetup have any capabilities to assist with this?

 

If this was discussed in this thread before, please excuse my laziness, I will try to read up on the matter.

Thank you!

Link to comment
Share on other sites
Antonino

Antonino

Posted
Posted (edited)

yes there is, and it is what alacrán and jfx would probably call "brute force", a deletion of both files from the disk and keys from the registry. just delete all occurrences.  

Edited by Antonino
Link to comment
Share on other sites
Antonino

Antonino

Posted
Posted (edited)

it has never turned back up again in my case.

of course, I have blocked updates and zerobyted "softwaredistribution"'s as well.

Am I losing sight of anything? if I am, pls do tell me.

of course, if your "good" way in the post above entails that, in addition to losing windefender. with my bad ways I have also lost other useful services, pls do tell me which ones, so that everybody, including me, knows whether to consider such losses or not in relation to their own needs.

Edited by Antonino
Link to comment
Share on other sites
Atari800XL

Atari800XL

Posted
Posted (edited)

Thank you for your quick replies!

May I ask how the tweak works in WinNTSetup, I would like to replicate that in a manual apply.

Thanks for the link to last June, when this was discussed, sorry to have missed that. Any other links are welcome, so I can read up on the matter.

I have to admit I was sort of ignoring Windows 11 for a while, but now with the upcoming LTSC 2024 (and the leaked 26100 build) I think we have to learn to live with it (or at least work around it).

 

[EDIT: Aahh, wait it minute, it all seems to be coming back to me now <g>, it's the "File Execution Options", right? --Testing now ---)

Edited by Atari800XL
Link to comment
Share on other sites
Atari800XL

Atari800XL

Posted
Posted (edited)

Applying Windows 11 build 26100 with WinNTSetup works fine (of course), the NoDefender tweak works, thank you very much for that. Nice to see that after a successful setup, Defender is off, so my postinstall (with all my programs and settings) is as fast as before (absolutely no need for an antivurs to keep checking these files).

I also have my own little Apply tool, made in AHK (basically scripts with a GUI). Just to learn and experiment. This has also worked very well until now. Even with 26100, the only thing that has changed for me is that Defender was not deactivated.

So now I'm trying to replicate what JFX has done to deactivate Defender in my own scripts. Looks like you do a series of "Image File Execution Option" settings, correct? When I set these for MpCmdRun.exe, MsMpEng.exe and smartscreen.exe, Defender does seem to be deactivated, but the system becomes incredibly unresponsive and slow.

So once again, I feel like I'm so close, yet so far away from the solution :-)

Do you have any tips to nudge me in the right direction?

 

I must have these entries below wrong somehow, this is the only thing I added to an otherwise working .reg file. Without these, apply and setup runs fine, but when I add them back, the system is incredibly slow after Setup finishes.
  

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\temp\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe]
"Debugger"="NUL"

[HKEY_LOCAL_MACHINE\temp\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe]
"Debugger"="NUL"

[HKEY_LOCAL_MACHINE\temp\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartscreen.exe]
"Debugger"="NUL"

 

Edited by Atari800XL
Link to comment
Share on other sites
JFX

JFX

Posted
  • Author
Posted

It does a bit more than just setting IFEO Debuggers. 

If Tweaks_NT6_Array(#Tweaks_NT6_Disbale_Defender, 1)
        
        If *Z\Build > 10100
          ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender", "DisableAntiSpyware", 1)
          ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender", "DisableAntiVirus", 1)
          
          ORSetString(*Z\SftHive, "Microsoft\Windows\CurrentVersion\Explorer", "SmartScreenEnabled", "Off")        
          ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows\System", "EnableSmartScreen", 0)
          ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender\SmartScreen", "ConfigureAppInstallControlEnabled", 1)
          ORSetDword(*Z\SftHive, "Policies\Microsoft\Windows Defender\SmartScreen", "ConfigureAppInstallControl", 1)
          
          ORSetDword_USClasses(*Z, *Z\Usr_Classes_Hive, "Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter", "EnabledV9", 0)
          ORSetDword_US(*Z, "Software\Microsoft\Windows\CurrentVersion\AppHost", "EnableWebContentEvaluation", 0)
          
        EndIf
        
        ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Real-Time Protection", "DisableRealtimeMonitoring", 1)
        ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Real-Time Protection", "DisableAntiSpywareRealtimeProtection", 1)
        
        ORSetDword(*Z\SftHive, "Microsoft\Windows Defender", "DisableAntiSpyware", 1)
        ORSetDword(*Z\SftHive, "Microsoft\Windows Defender", "DisableAntiVirus", 1)
        
        If *Z\Build > 18300
          ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Features", "TamperProtection", 0)
        EndIf
        
        If *Z\Build >= 22000
          ORSetDword(*Z\SftHive, "Microsoft\Windows Defender\Real-Time Protection", "DpaDisabled", 1)
          ORSetString(*Z\SftHive, "Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe", "Debugger", "NUL")          
          ORSetString(*Z\SftHive, "Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe", "Debugger", "NUL")
          ORSetString(*Z\SftHive, "Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartscreen.exe", "Debugger", "NUL")
          
          ORSetDword(*Z\SysHive, "ControlSet001\Services\SecurityHealthService", "Start", 0)
          ORDeleteValue(*Z\SftHive, "Microsoft\Windows\CurrentVersion\Run", "SecurityHealth")
          
        EndIf
        
      EndIf

 

Link to comment
Share on other sites
Atari800XL

Atari800XL

Posted
Posted

Thank you very much for that, great to get a "secret look" in the kitchen :-)

Well, at least you know I'm doing my best, and each time I fail I respect YOUR work that much more.

So you weren't surprised my system went belly-up with my crude attempts?

Link to comment
Share on other sites
JFX

JFX

Posted
  • Author
Posted (edited)

Nope, I can recall something like this happend to me, first time trying this on some windows 10 or 11 build.

Edited by JFX
Link to comment
Share on other sites
Atari800XL

Atari800XL

Posted
Posted

See, that makes me feel a little better :-)

Just seeing your "reversal" script from June last year (that you linked to a few posts up) made me think it was just as easy as "reversing" them back the other way...

 

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...