For those who use windows 10 19044: To those who want stability (from newcomers to advanced): remain at 19044.1826 or update and face research to solve problems. Testers: Be aware that above 19044.1826 many instability began to appear especially regarding the integration of updates. I made an ISO 19045.1889 and installed it on my use machine ... Sometimes we make this bet to have extra fun. Inplace Update from 19044.1862 with the new Custom ISO 19045.1889. At the end I was with 19041.1. error code 0x8007001F – 0x20006 “The installation failed in the SAFE_OS phase with an error during REPLICATE_OC operation.” Now I'm having fun trying to find out how to make an update Inplace that doesn't give error and rollback to the previous installation. Anyone who has a similar problem and does not want to waste time, do clean installation.
You should try to perform in-place upgrade with 19044.1889, I guess 22H2 isn't stable enough at the moment
Already tried. Does not work. I will do manual update, but only after next Tuesday, when I will try the next build. I don't want to do the clean install at the moment, I'm still researching some alternative possibilities other than the clean install. If anyone has gone through this problem and wants to share some solution ... I'm grateful. Note: This only increases experience and learning.
Better to wait for an update from @MSMG for the month of August, may be this is the case you're getting that error.
inTerActionVRI I have an ISO image. In which folder exactly should I put this ISO in order to work with it in the Custom Toolkit?
It seems to be too difficult to go back to page one and search for: https://forums.mydigitallife.net/threads/msmg-toolkit.50572/ SPOILER: THANKS TO CYBERCPU TECH
The problem that is happening has nothing to do with Toolkit or Custom Toolkit. ".\Toolkit\ISOsource" folder (for untouched ISOs) or ".\Toolkit\ISO" folder (for saving your customized ISOs)
I have untouched ISO, but where is "ISOsource" folder (can't see it)? Should I create the "ISOsource" folder myself?
When you start (GenericStart_LauncheMenu.cmd) Custom Toolkit for the first time the required folders will be created.
inTerActionVRI Thank you for your answerses! I have a small doubt. My ISO was created via uupdump.net Is it "untouched ISO" or "customized ISO"?
This started happening to me today, keep an eye on Windows Defender. It started flagging Trojan:Win32/Mamson.A!ml when trying to remove components. Allow it in defender and whitelist your toolkit folder and you'll be good to go.
How to add the nogenticket value to a protected registry key? Cannot take ownership and cannot change permissions. On a live system, without having to rebuild the image with toolkit and reinstall Registry subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\slui.exe\ Value: Nogenticket data: 1
Hey, Try the registry file from AveYo? RunAsTI.reg Atleast it works fine on a mounted registry hive... Code: Windows Registry Editor Version 5.00 ; Context Menu entries to use RunAsTI - lean and mean snippet by AveYo, 2018-2022 ; [FEATURES] ; - innovative HKCU load, no need for reg load / unload ping-pong; programs get the user profile ; - sets ownership privileges, high priority, and explorer support; get System if TI unavailable ; - accepts special characters in paths for which default run as administrator fails ; - show on the new 11 contextmenu via whitelisted id; plenty other available, f**k needing an app! ; 2022.04.07: PowerShell / Terminal here (if installed, use Terminal as TI, else use PowerShell as TI) [-HKEY_CLASSES_ROOT\RunAsTI] [-HKEY_CLASSES_ROOT\batfile\shell\setdesktopwallpaper] [-HKEY_CLASSES_ROOT\cmdfile\shell\setdesktopwallpaper] [-HKEY_CLASSES_ROOT\exefile\shell\setdesktopwallpaper] [-HKEY_CLASSES_ROOT\mscfile\shell\setdesktopwallpaper] [-HKEY_CLASSES_ROOT\Microsoft.PowerShellScript.1\shell\setdesktopwallpaper] [-HKEY_CLASSES_ROOT\regfile\shell\setdesktopwallpaper] [-HKEY_CLASSES_ROOT\Folder\shell\setdesktopwallpaper] [-HKEY_CLASSES_ROOT\Directory\background\shell\extract] ; To remove entries, copy paste above into undo_RunAsTI.reg file, then import it ; RunAsTI on .bat [HKEY_CLASSES_ROOT\batfile\shell\setdesktopwallpaper] "MUIVerb"="Run as trustedinstaller" "HasLUAShield"="" "Icon"="powershell.exe,0" [HKEY_CLASSES_ROOT\batfile\shell\setdesktopwallpaper\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..40|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% \"%L\"" ; RunAsTI on .cmd [HKEY_CLASSES_ROOT\cmdfile\shell\setdesktopwallpaper] "MUIVerb"="Run as trustedinstaller" "HasLUAShield"="" "Icon"="powershell.exe,0" [HKEY_CLASSES_ROOT\cmdfile\shell\setdesktopwallpaper\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..40|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% \"%L\"" ; RunAsTI on .exe [HKEY_CLASSES_ROOT\exefile\shell\setdesktopwallpaper] "MUIVerb"="Run as trustedinstaller" "HasLUAShield"="" "Icon"="powershell.exe,0" [HKEY_CLASSES_ROOT\exefile\shell\setdesktopwallpaper\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..40|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% \"%L\"" ; RunAsTI on .msc [HKEY_CLASSES_ROOT\mscfile\shell\setdesktopwallpaper] "MUIVerb"="Run as trustedinstaller" "HasLUAShield"="" "Icon"="powershell.exe,0" [HKEY_CLASSES_ROOT\mscfile\shell\setdesktopwallpaper\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..40|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% \"%L\"" ; RunAsTI on .ps1 [HKEY_CLASSES_ROOT\Microsoft.PowerShellScript.1\shell\setdesktopwallpaper] "MUIVerb"="Run as trustedinstaller" "HasLUAShield"="" "Icon"="powershell.exe,0" [HKEY_CLASSES_ROOT\Microsoft.PowerShellScript.1\shell\setdesktopwallpaper\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..40|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% powershell -nop -c iex((gc -lit '%L')-join[char]10)" ; RunAsTI on .reg [HKEY_CLASSES_ROOT\regfile\shell\setdesktopwallpaper] "MUIVerb"="Import as trustedinstaller" "HasLUAShield"="" "Icon"="powershell.exe,0" [HKEY_CLASSES_ROOT\regfile\shell\setdesktopwallpaper\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..40|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% regedit /s \"%L\"" ; RunAsTI on Folder [HKEY_CLASSES_ROOT\Folder\shell\setdesktopwallpaper] "MuiVerb"="Open as trustedinstaller" "HasLUAShield"="" "Icon"="powershell.exe,0" "AppliesTo"="NOT System.ParsingName:=\"::{645FF040-5081-101B-9F08-00AA002F954E}\"" [HKEY_CLASSES_ROOT\Folder\shell\setdesktopwallpaper\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..40|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% \"%L\"" ; Open Terminal or Powershell as trustedinstaller here - can spawn another terminal with: cmd /c $env:wt [HKEY_CLASSES_ROOT\Directory\background\shell\extract] "MuiVerb"="PowerShell / Terminal" "HasLUAShield"="" "NoWorkingDirectory"="" "Position"=- "Position"="Middle" "Icon"="powershell.exe,0" [HKEY_CLASSES_ROOT\Directory\background\shell\extract\command] @="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -win 1 -nop -c iex((10..40|%%{(gp 'Registry::HKCR\\RunAsTI' $_ -ea 0).$_})-join[char]10); # --%% cmd /c pushd \"%V\" & start \"RunAsTI\" %%wt%%" ; RunAsTI function [HKEY_CLASSES_ROOT\RunAsTI] "10"="function RunAsTI ($cmd,$arg) { $id='RunAsTI'; $key=\"Registry::HKU\\$(((whoami /user)-split' ')[-1])\\Volatile Environment\"; $code=@'" "11"=" $I=[int32]; $M=$I.module.gettype(\"System.Runtime.Interop`Services.Mar`shal\"); $P=$I.module.gettype(\"System.Int`Ptr\"); $S=[string]" "12"=" $D=@(); $T=@(); $DM=[AppDomain]::CurrentDomain.\"DefineDynami`cAssembly\"(1,1).\"DefineDynami`cModule\"(1); $Z=[uintptr]::size " "13"=" 0..5|% {$D += $DM.\"Defin`eType\"(\"AveYo_$_\",1179913,[ValueType])}; $D += [uintptr]; 4..6|% {$D += $D[$_].\"MakeByR`efType\"()}" "14"=" $F='kernel','advapi','advapi', ($S,$S,$I,$I,$I,$I,$I,$S,$D[7],$D[8]), ([uintptr],$S,$I,$I,$D[9]),([uintptr],$S,$I,$I,[byte[]],$I)" "15"=" 0..2|% {$9=$D[0].\"DefinePInvok`eMethod\"(('CreateProcess','RegOpenKeyEx','RegSetValueEx')[$_],$F[$_]+'32',8214,1,$S,$F[$_+3],1,4)}" "16"=" $DF=($P,$I,$P),($I,$I,$I,$I,$P,$D[1]),($I,$S,$S,$S,$I,$I,$I,$I,$I,$I,$I,$I,[int16],[int16],$P,$P,$P,$P),($D[3],$P),($P,$P,$I,$I)" "17"=" 1..5|% {$k=$_; $n=1; $DF[$_-1]|% {$9=$D[$k].\"Defin`eField\"('f' + $n++, $_, 6)}}; 0..5|% {$T += $D[$_].\"Creat`eType\"()}" "18"=" 0..5|% {nv \"A$_\" ([Activator]::CreateInstance($T[$_])) -fo}; function F ($1,$2) {$T[0].\"G`etMethod\"($1).invoke(0,$2)}" "19"=" $TI=(whoami /groups)-like'*1-16-16384*'; $As=0; if(!$cmd) {$cmd='control';$arg='admintools'}; if ($cmd-eq'This PC'){$cmd='file:'}" "20"=" if (!$TI) {'TrustedInstaller','lsass','winlogon'|% {if (!$As) {$9=sc.exe start $_; $As=@(get-process -name $_ -ea 0|% {$_})[0]}}" "21"=" function M ($1,$2,$3) {$M.\"G`etMethod\"($1,[type[]]$2).invoke(0,$3)}; $H=@(); $Z,(4*$Z+16)|% {$H += M \"AllocHG`lobal\" $I $_}" "22"=" M \"WriteInt`Ptr\" ($P,$P) ($H[0],$As.Handle); $A1.f1=131072; $A1.f2=$Z; $A1.f3=$H[0]; $A2.f1=1; $A2.f2=1; $A2.f3=1; $A2.f4=1" "23"=" $A2.f6=$A1; $A3.f1=10*$Z+32; $A4.f1=$A3; $A4.f2=$H[1]; M \"StructureTo`Ptr\" ($D[2],$P,[boolean]) (($A2 -as $D[2]),$A4.f2,$false)" "24"=" $Run=@($null, \"powershell -win 1 -nop -c iex `$env:R; # $id\", 0, 0, 0, 0x0E080600, 0, $null, ($A4 -as $T[4]), ($A5 -as $T[5]))" "25"=" F 'CreateProcess' $Run; return}; $env:R=''; rp $key $id -force; $priv=[diagnostics.process].\"GetM`ember\"('SetPrivilege',42)[0]" "26"=" 'SeSecurityPrivilege','SeTakeOwnershipPrivilege','SeBackupPrivilege','SeRestorePrivilege' |% {$priv.Invoke($null, @(\"$_\",2))}" "27"=" $HKU=[uintptr][uint32]2147483651; $NT='S-1-5-18'; $reg=($HKU,$NT,8,2,($HKU -as $D[9])); F 'RegOpenKeyEx' $reg; $LNK=$reg[4]" "28"=" function L ($1,$2,$3) {sp 'Registry::HKCR\\AppID\\{CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}' 'RunAs' $3 -force -ea 0" "29"=" $b=[Text.Encoding]::Unicode.GetBytes(\"\\Registry\\User\\$1\"); F 'RegSetValueEx' @($2,'SymbolicLinkValue',0,6,[byte[]]$b,$b.Length)}" "30"=" function Q {[int](gwmi win32_process -filter 'name=\"explorer.exe\"'|?{$_.getownersid().sid-eq$NT}|select -last 1).ProcessId}" "31"=" $env:wt='powershell'; dir \"$env:ProgramFiles\\WindowsApps\\Microsoft.WindowsTerminal*\\wt.exe\" -rec|% {$env:wt='\"'+$_.FullName+'\" \"-d .\"'}" "32"=" $11bug=($((gwmi Win32_OperatingSystem).BuildNumber)-eq'22000')-AND(($cmd-eq'file:')-OR(test-path -lit $cmd -PathType Container))" "33"=" if ($11bug) {'System.Windows.Forms','Microsoft.VisualBasic' |% {$9=[Reflection.Assembly]::LoadWithPartialName(\"'$_\")}}" "34"=" if ($11bug) {$path='^(l)'+$($cmd -replace '([\\+\\^\\%\\~\\(\\)\\[\\]])','{$1}')+'{ENTER}'; $cmd='control.exe'; $arg='admintools'}" "35"=" L ($key-split'\\\\')[1] $LNK ''; $R=[diagnostics.process]::start($cmd,$arg); if ($R) {$R.PriorityClass='High'; $R.WaitForExit()}" "36"=" if ($11bug) {$w=0; do {if($w-gt40){break}; sleep -mi 250;$w++} until (Q); [Microsoft.VisualBasic.Interaction]::AppActivate($(Q))}" "37"=" if ($11bug) {[Windows.Forms.SendKeys]::SendWait($path)}; do {sleep 7} while(Q); L '.Default' $LNK 'Interactive User'" "38"="'@; $V='';'cmd','arg','id','key'|%{$V+=\"`n`$$_='$($(gv $_ -val)-replace\"'\",\"''\")';\"}; sp $key $id $($V,$code) -type 7 -force -ea 0" "39"=" start powershell -args \"-win 1 -nop -c `n$V `$env:R=(gi `$key -ea 0).getvalue(`$id)-join''; iex `$env:R\" -verb runas" "40"="}; $A=([environment]::commandline-split'-[-]%+ ?',2)[1]-split'\"([^\"]+)\"|([^ ]+)',2|%{$_.Trim(' \"')}; RunAsTI $A[1] $A[2]; # AveYo, 2022.04.07" ; [code] [QUOTE="Yanta, post: 1750647, member: 861057"] Registry subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\slui.exe\ Value: Nogenticket data: 1[/QUOTE]
Yup. For our case (use of tools to modify), I am considering custom, only those Images that undergo modifications made by the end user.
See if it works with mounting hives to apply the tweak commands. I think that only the last command can give error as it is applying directly to the Local Machine Registry. Save as "NoGenTicket.cmd" and Run as Admin or even as Thrustedinstaller Code: @echo OFF cd /d "%~dp0" setlocal EnableExtensions EnableDelayedExpansion for /f %%f in ('dir /B /ADH-I /OG "%HomeDRIVE%\Users" ^| findstr.exe /I "Default" 2^>nul') do ( if exist "%HomeDRIVE%\Users\%%f\NTUSER.dat" ( set "DU_NTUSERdat=%HomeDRIVE%\Users\%%f\NTUSER.dat" ) ) if exist "%USERPROFILE%\NTUSER.dat" ( set "CUP_NTUSERdat=%USERPROFILE%\NTUSER.dat" ) TaskKill.exe /F /IM "explorer.exe" :: Mounting Live Windows Session Image Registry Hive for: rem Default USER reg.exe load HKLM\HKDU "!DU_NTUSERdat!" rem Current USER Profile reg.exe load HKLM\HKCUP "!CUP_NTUSERdat!" reg.exe add "HKLM\HKDU\Software\Classes\AppID\slui.exe" /v "NoGenTicket" /t REG_DWORD /d "1" /f reg.exe add "HKLM\HKDU\Software\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform" /v "NoGenTicket" /t REG_DWORD /d "1" /f reg.exe add "HKLM\HKCUP\Software\Classes\AppID\slui.exe" /v "NoGenTicket" /t REG_DWORD /d "1" /f reg.exe add "HKLM\HKCUP\Software\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform" /v "NoGenTicket" /t REG_DWORD /d "1" /f rem Directly to Classes ROOT entries reg.exe add "HKCR\AppID\slui.exe" /v "NoGenTicket" /t REG_DWORD /d "1" /f rem Directly to Local Machine entries reg.exe add "HKLM\SOFTWARE\Classes\AppID\slui.exe" /v "NoGenTicket" /t REG_DWORD /d "1" /f reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform" /v "NoGenTicket" /t REG_DWORD /d "1" /f :: Un-Mounting Image Registry Hive reg.exe unload HKLM\HKDU reg.exe unload HKLM\HKCUP start "" /I "explorer.exe" exit /B 0 EDIT: I put the entrance you mentioned (...\Classes\AppID\slui.exe) in the commands.