Hello. Please, if you can ask what registry key should be changed or inserted to disable SignatureFallbackOrder: MicrosoftUpdateServer|MMPC, it was like you showed zero 0. Thank you. LowThreatDefaultAction : 0 MAPSReporting : 0 ModerateThreatDefaultAction : 0 PUAProtection : 0 QuarantinePurgeItemsAfterDelay : 0 RandomizeScheduleTaskTimes : False RealTimeScanDirection : 0 RemediationScheduleDay : 8 RemediationScheduleTime : 00:00:00 ReportingAdditionalActionTimeOut : 0 ReportingCriticalFailureTimeOut : 0 ReportingNonCriticalTimeOut : 0 ScanAvgCPULoadFactor : 5 ScanOnlyIfIdleEnabled : False ScanParameters : 0 ScanPurgeItemsAfterDelay : 0 ScanScheduleDay : 8 ScanScheduleQuickScanTime : 00:00:00 ScanScheduleTime : 00:00:00 SevereThreatDefaultAction : 0 SharedSignaturesPath : SignatureAuGracePeriod : 0 SignatureDefinitionUpdateFileSharesSources : SignatureDisableUpdateOnStartupWithoutEngine : True SignatureFallbackOrder : MicrosoftUpdateServer|MMPC SignatureFirstAuGracePeriod : 0 SignatureScheduleDay : 8 SignatureScheduleTime : 00:00:00 SignatureUpdateCatchupInterval : 0 SignatureUpdateInterval : 0 SubmitSamplesConsent : 2 ThreatIDDefaultAction_Actions : ThreatIDDefaultAction_Ids : UILockdown : False UnknownThreatDefaultAction : 0 PSComputerName : Windows 10 Pro 21H2 19044.1469 x64 License
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Signature Updates" /v "FallbackOrder" /t REG_SZ /d "Reg Value" /f Accepted Reg Values as follows : "InternalDefinitionUpdateServer", "MicrosoftUpdateServer", "MMPC", and "FileShares" Use any from among reg values. [ Impressed & you did a good job ] kind regards COIN INDIA
Now everything is as it should be. Thank you for efficiency. ========================================================== Windows 10 Pro 21H2 19044.1469 x64 License ==========================================================
Kindly share the reg tweaks you applied to make it same as me for others to get 100% benefits from it
Awesome More then Awesome . Thanks & Credits Goes to you | Pleasure reamins always mine Edit : Added WD Services to Permanently Disable WD Using Your REG Tweaks as if we apply these reg tweaks without disabling WD services they will change automaticaly after reboot as per WD svcs triggers set by M$ ====> Code: Windows Registry Editor Version 5.00 [HKLM\SYSTEM\ControlSet001\Services\MsSecFlt] "Start"=dword:00000004 [HKLM\SYSTEM\ControlSet001\Services\Sense] "Start"=dword:00000004 [HKLM\SYSTEM\ControlSet001\Services\WdBoot] "Start"=dword:00000004 "HKLM\SYSTEM\ControlSet001\Services\WdFilter] "Start"=dword:00000004 "HKLM\SYSTEM\ControlSet001\Services\WdNisDrv] "Start"=dword:00000004 "HKLM\SYSTEM\ControlSet001\Services\WdNisSvc] "Start"=dword:00000004 "HKLM\SYSTEM\ControlSet001\Services\WinDefend] "Start"=dword:00000004 "HKLM\SYSTEM\ControlSet001\Services\wscsvc] "Start"=dword:00000004 "HKLM\SYSTEM\ControlSet001\Services\SecurityHealthService] "Start"=dword:00000004 [HKLM\SYSTEM\CurrentControlSet\Services\MsSecFlt] "Start"=dword:00000004 [HKLM\SYSTEM\CurrentControlSet\Services\Sense] "Start"=dword:00000004 [HKLM\SYSTEM\CurrentControlSet\Services\WdBoot] "Start"=dword:00000004 [HKLM\SYSTEM\CurrentControlSet\Services\WdFilter] "Start"=dword:00000004 [HKLM\SYSTEM\CurrentControlSet\Services\WdNisDrv] "Start"=dword:00000004 [HKLM\SYSTEM\CurrentControlSet\Services\WdNisSvc] "Start"=dword:00000004 [HKLM\SYSTEM\CurrentControlSet\Services\WinDefend] "Start"=dword:00000004 [HKLM\SYSTEM\CurrentControlSet\Services\wscsvc] "Start"=dword:00000004 [HKLM\SYSTEM\CurrentControlSet\Services\SecurityHealthService] "Start"=dword:00000004 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] "PUAProtection"=dword:00000000 "RandomizeScheduleTaskTimes"=dword:00000000 "ServiceKeepAlive"=dword:00000000 "DisableAntiSpyware"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions] "DisableAutoExclusions"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\MpEngine] "MpEnablePus"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Quarantine] "LocalSettingOverridePurgeItemsAfterDelay"=dword:00000000 "PurgeItemsAfterDelay"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection] "DisableBehaviorMonitoring"=dword:00000001 "DisableIOAVProtection"=dword:00000001 "DisableOnAccessProtection"=dword:00000001 "DisableRoutinelyTakingAction"=dword:00000001 "DisableScanOnRealtimeEnable"=dword:00000001 "DisableScriptScanning"=dword:00000001 "DisableRawWriteNotification"=dword:00000001 "DisableRealtimeMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Remediation] "Scan_ScheduleDay"=dword:00000008 "Scan_ScheduleTime"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting] "AdditionalActionTimeOut"=dword:00000000 "CriticalFailureTimeOut"=dword:00000000 "DisableGenericRePorts"=dword:00000001 "NonCriticalTimeOut"=dword:00000000 "DisableEnhancedNotifications"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Scan] "AvgCPULoadFactor"=dword:00000005 "DisableArchiveScanning"=dword:00000001 "DisableCatchupFullScan"=dword:00000001 "DisableCatchupQuickScan"=dword:00000001 "DisableRemovableDriveScanning"=dword:00000001 "DisableRestorePoint"=dword:00000001 "DisableScanningMappedNetworkDrivesForFullScan"=dword:00000001 "DisableScanningNetworkFiles"=dword:00000001 "PurgeItemsAfterDelay"=dword:00000000 "ScanOnlyIfIdle"=dword:00000000 "ScanParameters"=dword:00000000 "ScheduleDay"=dword:00000008 "ScheduleTime"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates] "DisableUpdateOnStartupWithoutEngine"=dword:00000001 "ScheduleDay"=dword:00000008 "ScheduleTime"=dword:00000000 "SignatureUpdateCatchupInterval"=dword:00000000 "DisableScanOnUpdate"=dword:00000001 "DisableScheduledSignatureUpdateOnBattery"=dword:00000001 "RealtimeSignatureDelivery"=dword:00000000 "UpdateOnStartUp"=dword:00000000 "FallbackOrder"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen] "ConfigureAppInstallControl"="Anywhere" "ConfigureAppInstallControlEnabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet] "DisableBlockAtFirstSeen"=dword:00000001 "LocalSettingOverrideSpynetReporting"=dword:00000000 "SpyNetReportingLocation"=hex(7):30,00,00,00,00,00 "SpynetReporting"=dword:00000000 "SubmitSamplesConsent"=dword:00000002 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\UX Configuration] "Notification_Suppress"=dword:00000001 "UILockdown"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 "DisableAntiVirus"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features] "TamperProtection"=dword:00000004 "TamperProtectionSource"=dword:00000002 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates] "DisableDefaultSigs"=dword:00000000 "FirstAuGracePeriod"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet] "SpyNetReporting"=dword:00000000 "SubmitSamplesConsent"=dword:00000002 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\UX Configuration] "DisablePrivacyMode"=dword:00000001 "Notification_Suppress"=dword:00000001 "UILockdown"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "EnableSmartScreen"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter] "EnabledV9"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter] "PreventOverride"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy] "HasAccepted"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Speech_OneCore\Settings\VoiceActivation\UserPreferenceForAllApps] "AgentActivationEnabled"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Speech_OneCore\Settings\VoiceActivation\UserPreferenceForAllApps] "AgentActivationOnLockScreenEnabled"=dword:00000000 Plus i suggest to apply this reg using TI rights
One question please. When i delete folder "%SystemRoot%\servicing\LCU" needs privileges as SYSTEM user, Not as Administrators. This script can help me?
Yes, TI (TrustedInstaller) = SYSTEM + extra group that owns pretty much all windows files and registry keys
Thanks @BAU Spoiler Code: Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\RunAsTI] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\RunAsTI] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\background\shell\RunAsTI] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RunAsTI] ;On MyPC [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\RunAsTI] "SubCommands"="" "MUIVerb"="Run As TI" "Icon"="powershell.exe,1" "Position"="Bottom" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\RunAsTI\shell\RegAsTI] "MUIVerb"="Regedit as TI" "Icon"="regedit.exe" "Position"="Top" "HasLUAShield"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\RunAsTI\shell\RegAsTI\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..39|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% regedit.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\RunAsTI\shell\ExpAsTI] "MUIVerb"="Explorer as TI" "Icon"="explorer.exe,1" "Position"="Bottom" "HasLUAShield"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\RunAsTI\shell\ExpAsTI\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..39|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% explorer.exe" ;On Folder name [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\RunAsTI] "SubCommands"="" "MUIVerb"="Run as TI" "Icon"="powershell.exe,1" "Position"="Bottom" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\RunAsTI\shell\RegAsTI] "MUIVerb"="Regedit as TI" "Icon"="regedit.exe" "Position"="Top" "HasLUAShield"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\RunAsTI\shell\RegAsTI\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..39|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% regedit.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\RunAsTI\shell\ExpAsTI] "MUIVerb"="Explorer as TI" "Icon"="explorer.exe,1" "Position"="Bottom" "HasLUAShield"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\RunAsTI\shell\ExpAsTI\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..39|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% explorer.exe \"1=%V\"" ;On Folder [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\background\shell\RunAsTI] "SubCommands"="" "MUIVerb"="Run as TI" "Icon"="powershell.exe,1" "Position"="Bottom" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\background\shell\RunAsTI\shell\RegAsTI] "MUIVerb"="Regedit as TI" "Icon"="regedit.exe" "Position"="Top" "HasLUAShield"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\background\shell\RunAsTI\shell\RegAsTI\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..39|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% regedit.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\background\shell\RunAsTI\shell\ExpAsTI] "MUIVerb"="Explorer as TI" "Icon"="explorer.exe,1" "Position"="Bottom" "HasLUAShield"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\background\shell\RunAsTI\shell\ExpAsTI\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..39|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% explorer.exe \"1=%V\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RunAsTI] "10"="function RunAsTI ($cmd,$arg) { $id='RunAsTI'; $key=\"Registry::HKU\\$(((whoami /user)-split' ')[-1])\\Volatile Environment\"; $code=@'" "11"=" $I=[int32]; $M=$I.module.gettype(\"System.Runtime.Interop`Services.Mar`shal\"); $P=$I.module.gettype(\"System.Int`Ptr\"); $S=[string]" "12"=" $D=@(); $T=@(); $DM=[AppDomain]::CurrentDomain.\"DefineDynami`cAssembly\"(1,1).\"DefineDynami`cModule\"(1); $Z=[uintptr]::size " "13"=" 0..5|% {$D += $DM.\"Defin`eType\"(\"AveYo_$_\",1179913,[ValueType])}; $D += [uintptr]; 4..6|% {$D += $D[$_].\"MakeByR`efType\"()}" "14"=" $F='kernel','advapi','advapi', ($S,$S,$I,$I,$I,$I,$I,$S,$D[7],$D[8]), ([uintptr],$S,$I,$I,$D[9]),([uintptr],$S,$I,$I,[byte[]],$I)" "15"=" 0..2|% {$9=$D[0].\"DefinePInvok`eMethod\"(('CreateProcess','RegOpenKeyEx','RegSetValueEx')[$_],$F[$_]+'32',8214,1,$S,$F[$_+3],1,4)}" "16"=" $DF=($P,$I,$P),($I,$I,$I,$I,$P,$D[1]),($I,$S,$S,$S,$I,$I,$I,$I,$I,$I,$I,$I,[int16],[int16],$P,$P,$P,$P),($D[3],$P),($P,$P,$I,$I)" "17"=" 1..5|% {$k=$_; $n=1; $DF[$_-1]|% {$9=$D[$k].\"Defin`eField\"('f' + $n++, $_, 6)}}; 0..5|% {$T += $D[$_].\"Creat`eType\"()}" "18"=" 0..5|% {nv \"A$_\" ([Activator]::CreateInstance($T[$_])) -fo}; function F ($1,$2) {$T[0].\"G`etMethod\"($1).invoke(0,$2)}" "19"=" $TI=(whoami /groups)-like'*1-16-16384*'; $As=0; if(!$cmd) {$cmd='control';$arg='admintools'}; if ($cmd-eq'This PC'){$cmd='file:'}" "20"=" if (!$TI) {'TrustedInstaller','lsass','winlogon'|% {if (!$As) {$9=sc.exe start $_; $As=@(get-process -name $_ -ea 0|% {$_})[0]}}" "21"=" function M ($1,$2,$3) {$M.\"G`etMethod\"($1,[type[]]$2).invoke(0,$3)}; $H=@(); $Z,(4*$Z+16)|% {$H += M \"AllocHG`lobal\" $I $_}" "22"=" M \"WriteInt`Ptr\" ($P,$P) ($H[0],$As.Handle); $A1.f1=131072; $A1.f2=$Z; $A1.f3=$H[0]; $A2.f1=1; $A2.f2=1; $A2.f3=1; $A2.f4=1" "23"=" $A2.f6=$A1; $A3.f1=10*$Z+32; $A4.f1=$A3; $A4.f2=$H[1]; M \"StructureTo`Ptr\" ($D[2],$P,[boolean]) (($A2 -as $D[2]),$A4.f2,$false)" "24"=" $Run=@($null, \"powershell -win 1 -nop -c iex `$env:R; # $id\", 0, 0, 0, 0x0E080600, 0, $null, ($A4 -as $T[4]), ($A5 -as $T[5]))" "25"=" F 'CreateProcess' $Run; return}; $env:R=''; rp $key $id -force; $priv=[diagnostics.process].\"GetM`ember\"('SetPrivilege',42)[0]" "26"=" 'SeSecurityPrivilege','SeTakeOwnershipPrivilege','SeBackupPrivilege','SeRestorePrivilege' |% {$priv.Invoke($null, @(\"$_\",2))}" "27"=" $HKU=[uintptr][uint32]2147483651; $NT='S-1-5-18'; $reg=($HKU,$NT,8,2,($HKU -as $D[9])); F 'RegOpenKeyEx' $reg; $LNK=$reg[4]" "28"=" function L ($1,$2,$3) {sp 'Registry::HKCR\\AppID\\{CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}' 'RunAs' $3 -force -ea 0" "29"=" $b=[Text.Encoding]::Unicode.GetBytes(\"\\Registry\\User\\$1\"); F 'RegSetValueEx' @($2,'SymbolicLinkValue',0,6,[byte[]]$b,$b.Length)}" "30"=" function Q {[int](gwmi win32_process -filter 'name=\"explorer.exe\"'|?{$_.getownersid().sid-eq$NT}|select -last 1).ProcessId}" "31"=" $11bug=($((gwmi Win32_OperatingSystem).BuildNumber)-eq'22000')-AND(($cmd-eq'file:')-OR(test-path -lit $cmd -PathType Container))" "32"=" if ($11bug) {'System.Windows.Forms','Microsoft.VisualBasic' |% {$9=[Reflection.Assembly]::LoadWithPartialName(\"'$_\")}}" "33"=" if ($11bug) {$path='^(l)'+$($cmd -replace '([\\+\\^\\%\\~\\(\\)\\[\\]])','{$1}')+'{ENTER}'; $cmd='control.exe'; $arg='admintools'}" "34"=" L ($key-split'\\\\')[1] $LNK ''; $R=[diagnostics.process]::start($cmd,$arg); if ($R) {$R.PriorityClass='High'; $R.WaitForExit()}" "35"=" if ($11bug) {$w=0; do {if($w-gt40){break}; sleep -mi 250;$w++} until (Q); [Microsoft.VisualBasic.Interaction]::AppActivate($(Q))}" "36"=" if ($11bug) {[Windows.Forms.SendKeys]::SendWait($path)}; do {sleep 7} while(Q); L '.Default' $LNK 'Interactive User'" "37"="'@; $V='';'cmd','arg','id','key'|%{$V+=\"`n`$$_='$($(gv $_ -val)-replace\"'\",\"''\")';\"}; sp $key $id $($V,$code) -type 7 -force -ea 0" "38"=" start powershell -args \"-win 1 -nop -c `n$V `$env:R=(gi `$key -ea 0).getvalue(`$id)-join''; iex `$env:R\" -verb runas" "39"="}; $A=([environment]::commandline-split'-[-]%+ ?',2)[1]-split'\"([^\"]+)\"|([^ ]+)',2|%{$_.Trim(' \"')}; RunAsTI $A[1] $A[2]; # AveYo, 2022.01.28" ;
Hi is there any update to RunAsTi.reg to use the new Terminal in Dev channel builds instead of native PowerShell?
Did I not give you solutions in the last conversation? Working new Terminal profile as TI, working RunAsTI Terminal entry? I won't fix retarded windows behavior because that could spiral into something worse. %USERPROFILE%\AppData\Local\Microsoft\WindowsApps\ is where the wt.exe hard-link resides and is unusable with TI rights. It's not a matter of method, wt.exe without full path probably fails with any solution - by asshole design. Anyway, I've updated RunAsTI.reg 'Powershell as trustedinstaller here' entry (renamed to PowerShell / Terminal) to work dynamically: if Terminal found, launch it, else use PowerShell. There's already half the code working around 11 bulls**t..
you did and it worked. The issue is whenever Terminal is updated the path gets altered as the build number keeps changing. Now i get why that's happening ms screwed it..
Also showed you how to refresh that The updated entry should not have that issue, as the executable is searched in Program Files\WindowsApps every time. Forgot to share an updated command line for a "TI Terminal" profile: Code: powershell.exe -nop -c iex($(foreach($l in 10..40){(gp 'Registry::HKCR\RunAsTI' $l -ea 0).$l})-join [char]10); # --% cmd /c %wt%
@BAU - Server 2022 - 25083.1000 - based win11 - installed - and personalized - terminal - by Chocolatey - works well. - Spoiler: photos-screny After your .reg - it opens differently - without settings? Does not remember the settings?
Missed the last posts? Terminal is designed in a s**tty way, hybrid win32 and store app - and the store part comes with some security implications that mess the whole thing up when running as system. My clever preserving of HKCU does not help with that. But I don't see what's the problem in one-time copy-pasting the non-ti configuration you've made (Settings - open JSON file) into the ti instance default configuration (Settings - open JSON file). Your existing one is probably saved in; %USERPROFILE%\AppData\Local\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\LocalState\settings.json The RunAsTI one is probably saved in: %USERPROFILE%\AppData\Local\Microsoft\Windows Terminal\settings.json edit: And can you place those 3 large images under a spoiler tag? why do you even need so many entries? ain't the proper one enough?
Actually, the terminal is in two locations. After replacing Settings.json - it's OK. And I have entries because I test which are more versatile and more useful for me. As for the photos - I will adapt and I will insert them under the spoiler. I have 43 inches 4K screen - and although I reduce them before inserting, I do not know how they look on other screens and resolutions. Sorry.