Have you tried a custom signed exe to get passed some av flags? Just curious. If you need info on it let me know. I have easy steps to making a custom signed exe now. You know where to find me. On hard to change system files have you tired changing login as system to get access? That is easy as well if you need info on it. No admin rights needed then. Sorry I haven't been around much but found out I have blood cancer so fighting the good fight. I go March 17 for surgery.
Gez sorry to hear that news, hope it caught early enough and it can be cured or controlled so it not get worse. About signing exe's i had ventured into that area a while ago but i never perfected it, was always hit and miss, majority a miss. Plus defender does not seem to like mrp or the qt im sure, so even with that signed method used m$ will still nab files it not like. I did think about setting defender's exclusion path but the reg keys are now protected. Easy to do in a way but then it could get flagged because of that method! Will have a play. Hmm 'system' login, i got into a right mess playing with things like that, remember my sysprep fun and games The branding tool is going to be open to let anyone continue or clone as i not have time to do much more to that. Alpha may even update his program, i would of tried but i not able to learn c# or vbnet due to limited time and i struggle now to remember new things.
Have uploaded the OEM Branding Tool (With AutoIT source code) this is version 2.5 - 2nd post download link, password and hashes updated. Hope whoever decides to run with this makes a better job of it than me
The next QT (v113) will attempt to set a Defender exclusion path for the QT's work folder when run on Windows 10, if it detects that it been already set then it will skip past that bit and carry on. So if Defender gives you grief when running the QT just exit the QT after the Exclusion bit been done and re-run the QT. Fingers crossed it will prevent Defender flapping about. This is only on Windows 10 the routine is skipped otherwise. Will see how testing goes if this will be part of the QT as it depends if Defender has not changed how it sets those paths!
Sorry cant help with bcdedit entries as it not anything i deal with and would not be part of mrp either, as it is something if entered wrong could cripple the drive's file table etc.
With the qt it seems defender is still being awkward and still nabs files even when the entries are added to the exclusion paths. Testing continues...
For the next MRP v135, that is almost ready for release, some last minute refinements have been done, plus another new 'General OS' option has been added! The option is to add 'Run as administrator' for .ps1 (Powershell) scripts to the right-click context menu so any .ps1 script can be run as admin simply by right clicking Was a bit fiddly to get it to work as intended as those that know, when adding certain registry entries, that some characters need to be 'escaped' such as a quote mark " with a \ , i forgot that and some odd things was happening during tests! Other bits of code has been tweaked a bit plus a few rewords here and there in the log entries. Edited the 'remove all apps' internal PS script so that the 'Camera' App is not removed now as some of you use that to log in with judging by some feed back i have had, you can uninstall it manually if you not want it. Also if a Insider/Preview Build is installed then it should auto adjust so that the 'Feedback Hub' App is not removed otherwise it will be removed by default now when that new option is used. MRP 135 is at BC 4 stage and due to delays because of work commitments it should be ready for release for Monday 8th March.
QT: VL key management does generally not show anything, anymore. Previous versions did, and nothing regarding VL changed on the systems, in the meantime.
Nothing has changed in the code used, it may be that wmic has had something changed in the later OS builds? I am still working on the next QT's code too, and will take another look at that section.
Strange, report from the old 111 tool showed: Code: Licensing Channel {RCode} : VL_KMSClient {0x00000000} License Status Reason : Valid key for product's licensing channel was used for activation. Windows VL Key Management : VL_KMSClient Remaining Time Allowance : 177 days / 256200 minutes Activation Interval Time : 0 days / 120 minutes Renewal Interval Time : 7 days / 10080 minutes Now, the 112 tool shows: Code: Licensing Channel {RCode} : VL_KMSClient {0x00000000} License Status Reason : Valid key for product's licensing channel was used for activation. Windows VL Key Management : Not in use. Could you post the wmic queries responsible for this, for testing manually?
I just looked at that section, nothing has been changed, however i have removed the /Locale part now from those wmic lines in that section, but i doubt that would be the issue as that been in since v98.0 of the QT I am investigating as i type....
This is the method used in the QT, it should set the variables as yes/no depending on if the findstr finds the word or not Code: WMIC path SoftwareLicensingProduct where (Description like '%%KMSCLIENT%%') get Name >nul 2>&1 | FindStr /i "Windows" >nul 2>&1 && ( set "KMSPermitted=Yes" ) || ( set "KMSPermitted=No" ) WMIC path SoftwareLicensingProduct where (Description like '%%KMSCLIENT%%' and PartialProductKey is not NULL) get Name >nul 2>&1 | FindStr /i "Windows" >nul 2>&1 && ( set "VLKInstalled=Yes" ) || ( set "VLKInstalled=No" ) SET "KMSisUsed=" WMIC path SoftwareLicensingProduct where (Description like '%%KMSCLIENT%%' and LicenseStatus='1') get Name >nul 2>&1 | FindStr /i "Windows" >nul 2>&1 && ( set "KMSInstalled=Yes" & SET "KMSisUsed=Yes" ) || ( set "KMSInstalled=No" & SET "NoShowMAKInfo=1" & SET "KMSisUsed=No" ) Before it was WMIC /locale:ms_409 PATH ...blah blah i have just removed the /locale parts.
Output of the WMIC queries (raw, without the checking part): Code: C:\UserProgramFiles\QueryTool>wmic path SoftwareLicensingProduct where (Description like '%KMSCLIENT%') get Name Name Windows(R) 7, Client-ESU-Year3 add-on for Enterprise,EnterpriseE,EnterpriseN,Professional,ProfessionalE,ProfessionalN,Ultimate,UltimateE,UltimateN Windows(R) 7, Client-ESU-Year1 add-on for Enterprise,EnterpriseE,EnterpriseN,Professional,ProfessionalE,ProfessionalN,Ultimate,UltimateE,UltimateN Windows(R) 7, Professional edition Windows(R) 7, Client-ESU-Year2 add-on for Enterprise,EnterpriseE,EnterpriseN,Professional,ProfessionalE,ProfessionalN,Ultimate,UltimateE,UltimateN Code: C:\UserProgramFiles\QueryTool>WMIC path SoftwareLicensingProduct where (Description like '%%KMSCLIENT%%' and PartialProductKey is not NULL) get Name Name Windows(R) 7, Professional edition Code: C:\UserProgramFiles\QueryTool>WMIC path SoftwareLicensingProduct where (Description like '%%KMSCLIENT%%' and LicenseStatus='1') get Name Name Windows(R) 7, Professional edition