https://forums.mydigitallife.net/posts/1824829/ https://forums.mydigitallife.net/posts/1824878/ previous converter version was silently fail (and can cause dism session to hang) latest version properly stop operation on error and unload dism session the issue is not caused by converter (or dism itself) it's unknown incompatibility between dismhost.exe and host OS (specially W11 22H2/23H2) 26052 servicing stack has other issues as well, it's unstable canary
uup-converter v101 - Added workaround to fix RPC-failed issue when adding Apps for builds 26040+ (by temporary disabling ASLR BottomUp & HighEntropy mitigation for dismhost.exe) thanks to @Paul Mercer for discovering the fix and testing - Removed DISM Cleanup suppression for builds 26000+
sorry but there's a new problem now: Windows Defender is killing main cmd script translation: this dangerous program executes the intruder's commands
Blocked on execution? or directly on extraction? I guess it's triggered by "MitigationOptions" or the registry path itself "Image File Execution Options", since AVs don't like messing with that
it's deleted right after adding the registry key but the key remains in the registry, so it doesn't prevent that maybe this operation should be moved to the start of the script so that Defender can kill it at the start and not after the install.wim creation which takes a long time
http://put.nu/files/B8RaJK0.zip i moved DismHostON to be executed before creating install.wim i was thinking to use Powershell Set-ProcessMitigation but it's retard and doesn't allow to properly remove or reset the added mitigations (either force disable or force enable)
I booted up the same VM, got Defender updates, checked all the settings and that reg key for dismhost, then tested it with the same UUP set new reg was in binary format, and it was added and removed correctly, no errors with apps integration as well not sure what helped but this time Defender didn't bother to delete the main script, the whole process was very slow though that's a win I guess, thank you Spoiler: UUP Converter v101 Code: === Running UUP Converter v101 === === Checking UUP Info . . . === Configured Options . . . AutoStart 1 === Parsing Apps CompDB . . . === Preparing Reference ESDs . . . Containers-Dynamic-Image-FoD-Package-amd64 HyperV-OptionalFeature-VirtualMachinePlatform-Client-Disabled-FOD-Package-amd64 Microsoft-OneCore-ApplicationModel-Sync-Desktop-FOD-Package-amd64 Microsoft-OneCore-DirectX-Database-FOD-Package-amd64 Microsoft-Windows-DirectoryServices-ADAM-Client-FOD-Package-amd64 Microsoft-Windows-DirectoryServices-ADAM-Client-FOD-Package-wow64 Microsoft-Windows-EnterpriseClientSync-Host-FOD-Package-amd64 Microsoft-Windows-EnterpriseClientSync-Host-FOD-Package-wow64 Microsoft-Windows-Ethernet-Client-Intel-E1i68x64-FOD-Package-amd64 Microsoft-Windows-Ethernet-Client-Intel-E2f68-FOD-Package-amd64 Microsoft-Windows-Ethernet-Client-Realtek-Rtcx21x64-FOD-Package-amd64 Microsoft-Windows-Ethernet-Client-Vmware-Vmxnet3-FOD-Package-amd64 Microsoft-Windows-FoDMetadata-Package Microsoft-Windows-Hello-Face-Package-amd64 Microsoft-Windows-InternetExplorer-Optional-Package-amd64 Microsoft-Windows-Kernel-LA57-FoD-Package-amd64 Microsoft-Windows-LanguageFeatures-Basic-en-us-Package-amd64 Microsoft-Windows-LanguageFeatures-Handwriting-en-us-Package-amd64 Microsoft-Windows-LanguageFeatures-OCR-en-us-Package-amd64 Microsoft-Windows-LanguageFeatures-Speech-en-us-Package-amd64 Microsoft-Windows-LanguageFeatures-TextToSpeech-en-us-Package-amd64 Microsoft-Windows-MediaPlayer-Package-amd64 Microsoft-Windows-MediaPlayer-Package-wow64 Microsoft-Windows-Notepad-System-FoD-Package-amd64 Microsoft-Windows-Notepad-System-FoD-Package-wow64 Microsoft-Windows-PowerShell-ISE-FOD-Package-amd64 Microsoft-Windows-PowerShell-ISE-FOD-Package-wow64 Microsoft-Windows-Printing-PMCPPC-FoD-Package-amd64 Microsoft-Windows-ProjFS-OptionalFeature-FOD-Package-amd64 Microsoft-Windows-SenseClient-Fod-Package-amd64 Microsoft-Windows-SimpleTCP-FOD-Package-amd64 Microsoft-Windows-SmbDirect-FOD-Package-amd64 Microsoft-Windows-StepsRecorder-Package-amd64 Microsoft-Windows-StepsRecorder-Package-wow64 Microsoft-Windows-TabletPCMath-Package-amd64 Microsoft-Windows-Telnet-Client-FOD-Package-amd64 Microsoft-Windows-TerminalServices-AppServer-Client-FOD-Package-amd64 Microsoft-Windows-TerminalServices-AppServer-Client-FOD-Package-wow64 Microsoft-Windows-TFTP-Client-FOD-Package-amd64 Microsoft-Windows-VBSCRIPT-FoD-Package-amd64 Microsoft-Windows-VBSCRIPT-FoD-Package-wow64 Microsoft-Windows-Wallpaper-Content-Extended-FoD-Package-amd64 Microsoft-Windows-Wifi-Client-Broadcom-Bcmpciedhd63-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Broadcom-Bcmwl63a-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Broadcom-Bcmwl63al-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwbw02-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwew00-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwew01-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwlv64-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwns64-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwsw00-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwtw02-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwtw04-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwtw06-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwtw08-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Intel-Netwtw10-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Marvel-Mrvlpcie8897-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Qualcomm-Athw8x-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Qualcomm-Athwnx-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Qualcomm-Qcamain10x64-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Ralink-Netr28x-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Realtek-Rtl8192se-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Realtek-Rtwlane-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Realtek-Rtwlane01-FOD-Package-amd64 Microsoft-Windows-Wifi-Client-Realtek-Rtwlane13-FOD-Package-amd64 Microsoft-Windows-WinOcr-FOD-Package-amd64 Microsoft-Windows-WinOcr-FOD-Package-wow64 Microsoft-Windows-WMIC-FoD-Package-amd64 Microsoft-Windows-WMIC-FoD-Package-wow64 OpenSSH-Client-Package-amd64 === Creating Setup Media Layout . . . === Creating install.wim . . . Using LZX compression with 4 threads Archiving file data: 7132 MiB of 7132 MiB (100%) done === Updating install.wim / 1 image{s} . . . === Servicing Index: 1 Deployment Image Servicing and Management tool Version: 10.0.22621.2792 Mounting image [==========================100.0%==========================] The operation completed successfully. === Adding Microsoft Edge . . . Deployment Image Servicing and Management tool Version: 10.0.22621.2792 Image Version: 10.0.26058.1000 The operation completed successfully. === Adding Apps . . . Microsoft.NET.Native.Framework.x64.2.2 Microsoft.NET.Native.Runtime.x64.2.2 Microsoft.Services.Store.Engagement.x64 Microsoft.UI.Xaml.x64.2.7 Microsoft.UI.Xaml.x64.2.8 Microsoft.VCLibs.x64.14.00 Microsoft.VCLibs.x64.14.00.Desktop Microsoft.WindowsAppRuntime.x64.1.3 Microsoft.WindowsStore_8wekyb3d8bbwe Microsoft.StorePurchaseApp_8wekyb3d8bbwe Microsoft.BingNews_8wekyb3d8bbwe Microsoft.BingSearch_8wekyb3d8bbwe Microsoft.BingWeather_8wekyb3d8bbwe Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe Microsoft.ZuneMusic_8wekyb3d8bbwe Microsoft.WindowsAlarms_8wekyb3d8bbwe Microsoft.ApplicationCompatibilityEnhancements_8wekyb3d8bbwe Microsoft.WindowsCalculator_8wekyb3d8bbwe Microsoft.WindowsNotepad_8wekyb3d8bbwe Microsoft.WindowsTerminal_8wekyb3d8bbwe Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe Microsoft.GetHelp_8wekyb3d8bbwe Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe Microsoft.ScreenSketch_8wekyb3d8bbwe Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe Microsoft.Todos_8wekyb3d8bbwe Microsoft.XboxSpeechToTextOverlay_8wekyb3d8bbwe Microsoft.GamingApp_8wekyb3d8bbwe Microsoft.XboxGamingOverlay_8wekyb3d8bbwe Microsoft.XboxIdentityProvider_8wekyb3d8bbwe Microsoft.Xbox.TCUI_8wekyb3d8bbwe Microsoft.Windows.Photos_8wekyb3d8bbwe Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe Microsoft.WindowsCamera_8wekyb3d8bbwe Microsoft.DesktopAppInstaller_8wekyb3d8bbwe Microsoft.Paint_8wekyb3d8bbwe Microsoft.WebMediaExtensions_8wekyb3d8bbwe Microsoft.RawImageExtension_8wekyb3d8bbwe Microsoft.HEIFImageExtension_8wekyb3d8bbwe Microsoft.HEVCVideoExtension_8wekyb3d8bbwe Microsoft.VP9VideoExtensions_8wekyb3d8bbwe Microsoft.AV1VideoExtension_8wekyb3d8bbwe Microsoft.AVCEncoderVideoExtension_8wekyb3d8bbwe Microsoft.MPEG2VideoExtension_8wekyb3d8bbwe Microsoft.WebpImageExtension_8wekyb3d8bbwe MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy MicrosoftWindows.CrossDevice_cw5n1h2txyewy Microsoft.SecHealthUI_8wekyb3d8bbwe Clipchamp.Clipchamp_yxz26nhyzhsrt MicrosoftCorporationII.QuickAssist_8wekyb3d8bbwe Microsoft.OutlookForWindows_8wekyb3d8bbwe MicrosoftTeams_8wekyb3d8bbwe Microsoft.Windows.DevHome_8wekyb3d8bbwe Microsoft.YourPhone_8wekyb3d8bbwe MicrosoftCorporationII.MicrosoftFamily_8wekyb3d8bbwe Deployment Image Servicing and Management tool Version: 10.0.22621.2792 Saving image [==========================100.0%==========================] The operation completed successfully. Deployment Image Servicing and Management tool Version: 10.0.22621.2792 Image File : C:\Users\L\Desktop\B8RaJK0\ISOFOLDER\sources\install.wim Image Index : 1 Unmounting image [==========================100.0%==========================] The operation completed successfully. === Rebuilding install.wim . . . "ISOFOLDER\sources\install.wim" original size: 3534297 KiB Using LZX compression with 4 threads Archiving file data: 8338 MiB of 8338 MiB (100%) done "ISOFOLDER\sources\install.wim" optimized size: 3502670 KiB Space saved: 31627 KiB === Creating winre.wim . . . Using LZX compression with 4 threads Archiving file data: 1204 MiB of 1204 MiB (100%) done === Adding winre.wim to install.wim . . . === Creating boot.wim . . . === Creating ISO . . . OSCDIMG 2.56 CD-ROM and DVD-ROM Premastering Utility Copyright (C) Microsoft, 1993-2012. All rights reserved. Licensed only for producing Microsoft authorized content. Scanning source tree (500 files in 45 directories) Scanning source tree complete (959 files in 88 directories) Computing directory information complete Image file is 4830560256 bytes (before optimization) Writing 959 files in 88 directories to 26058.1000.240209-1555.GE_RELEASE_CLIENTPRO_OEMRET_X64FRE_EN-US.ISO 100% complete Storage optimization saved 51 files, 19605504 bytes (1% of image) After optimization, image file is 4813193216 bytes Space saved because of embedding, sparseness or optimization = 19605504 Done. Finished. Press 0 or q to exit.
Defender still complains and removes the converter script. I have to allow it first so that I can keep the script.
This one uses powershell Set-ProcessMitigation (if detected, otherwise regedit.exe) but it will not remove the mitigations at the end http://put.nu/files/n1eYSfL.zip
Maybe with the -Remove switch (Removes a mitigation entry from the registry)? OK, defender seems to be happy now. No, still not happy.
-Remove switch only work for -System, not per process --- what if we make the script exclude itself? not sure if that works without relaunch Code: WMIC /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Add ExclusionPath="script_path" Force=True
For Quick Edit and these new changes. Could you provide a "RollBackHostChanges" script to reset the changes, such as Remove_Failure_MountDir_TempDir.cmd which is used when a failure occurs or the user prematurely closes the script? In one of these incidents, in which I closed the script, my system had the Ctrl+M (Mark mode) shortcut broken. I've used convert-UUP and W10UI a few times until the end, thinking something would be resolved. But the shortcut is no longer working here at the moment.
Another way to disable ASLR BottomUp, but not very practical Code: reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\MitigationOptions\ProcessMitigationOptions" /f /v dismhost.exe /d "??????????1???1?????????????????" gpupdate.exe /Target:Computer