Good point, i will add an hint. Although i prefer the Powershell WU Module which i already linked in the Little Helper part.
Added capture command lines, for use with capture exclusion script for ImageX, DISM and Wimlib-Imagex Wimcapture, at my previous post.
What would the exclusion script look like . That info is missing, then i add it to post#1. Afaik when using imagex at least a lot of stuff is skipped by default.
I was hoping abbodi1406 would post them Win7.ini: Spoiler Code: [ExclusionList] \Boot \Recovery \Recovery.txt \BOOTSECT.BAK \ProgramData\Microsoft\Network\Downloader\* \Users\Administrator \Windows\debug\* \Windows\inf\*.etl \Windows\inf\*.log \Windows\Logs\CBS\* \Windows\Logs\DISM \Windows\Logs\DPX \Windows\Logs\PBR \Windows\Logs\DirectX.log \Windows\Panther \Windows\Prefetch \Windows\security\database\*.chk \Windows\security\database\*.log \Windows\security\database\*.jrs \Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-*.dat \Windows\servicing\Packages\wuindex.xml \Windows\SoftwareDistribution \Windows\System32\catroot2\*.chk \Windows\System32\catroot2\*.log \Windows\System32\catroot2\*.jrs \Windows\System32\CodeIntegrity\bootcat.cache \Windows\System32\Sysprep\Panther \Windows\System32\Sysprep\Sysprep_succeeded.tag \Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate \Windows\System32\winevt\Logs\* \Windows\Temp\* \Windows\WinSxS\ManifestCache\* \Windows\WinSxS\Temp\PendingDeletes\* \Windows\DtcInstall.log \Windows\PFRO.log \Windows\setupact.log \Windows\setuperr.log \Windows\TSSysprep.log.log \Windows\vmgcoinstall.log \Windows\WindowsUpdate.log Win8.1/10.ini: Spoiler Code: [ExclusionList] \Boot \Recovery \Recovery.txt \BOOTSECT.BAK \ProgramData\Microsoft\Network\Downloader\* \Users\Administrator \Windows\debug\* \Windows\inf\*.etl \Windows\inf\*.log \Windows\Logs\CBS\* \Windows\Logs\DISM \Windows\Logs\dosvc \Windows\Logs\DPX \Windows\Logs\PBR \Windows\Logs\SetupCleanupTask \Windows\Logs\SIH \Windows\Logs\WindowsUpdate \Windows\Logs\DirectX.log \Windows\Panther \Windows\Prefetch \Windows\security\database\*.chk \Windows\security\database\*.log \Windows\security\database\*.jrs \Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-*.dat \Windows\SoftwareDistribution \Windows\System32\catroot2\*.chk \Windows\System32\catroot2\*.log \Windows\System32\catroot2\*.jrs \Windows\System32\CodeIntegrity\bootcat.cache \Windows\System32\Sysprep\Panther \Windows\System32\Sysprep\Sysprep_succeeded.tag \Windows\System32\winevt\Logs\* \Windows\Temp\* \Windows\WinSxS\ManifestCache\* \Windows\WinSxS\Temp\PendingDeletes\* \Windows\comsetup.log \Windows\DtcInstall.log \Windows\lsasetup.log \Windows\PFRO.log \Windows\setupact.log \Windows\setuperr.log \Windows\TSSysprep.log.log \Windows\vmgcoinstall.log Standard exclusions aren't added, they get excluded by default. Provided by @abbodi1406
@S1ave77, at the OP you say: It's executed after OOBE has run (User account creation, personalizing, etcetc...) or not?
I believe oobe.cmd and setupcomplete can co-exist and it may worth to mention that oem key disables both on Windows 8 and later
Ah yes, I remember @xinso and I noticed this oem key and oobe "issue" when working for the very first time KMS activation and Windows 8.1 Single Language with Bing.
I use an OOBE.cmd (MRP) + a setupcomplete.cmd (murphy78's Enable MSUpdate script) on win 7 SP1 inside the "install.wim\windows\setup\scripts\" folder.
Didn't know they can co-exist. Thought they act at the same setup stage . I usually use setupcomplete.cmd (Daz Loader) and start the script for firstlogon stage (Prog installs and tweaks) via RunOnceEx reg key.
This guide states that Start Menu adjustments in Audit mode carry-over with SysPrep, but it is not fully the case. Tile adjustments are ignored for sure. MSMG Toolkit leaves blank Store tile and removing it in Audit mode does not remove it from other profiles after SysPrep.
After sysprep, and maping the VM Ware virtual disk i'm capturing the image with the next command: wimcapture E:\ D:\WinStuff\install.wim "Windows 10 Enterprise" "Windows 10 Enterprise" --config=D:\WinStuff\excludelist\winscript.ini When i check the result file (install.wim) files like pagefile.sys,swapfile.sys and folders like System Volume Information are there, shouldnt these files be excluded even if they are not listed on winscript.ini?
Not on my sysprepped/captured wims: Spoiler: Win 7 SP1 Captured x64 WIM Spoiler: W8.1 Captured x64 install.esd Spoiler: Win 10 x64 Captured WIM Oh wait, you've used wimlib imagex, mine were captured by normal imagex (will capture using wimlib next time).
Captured with wimlib imagex using the exclusion list by abbodi1406: Code: Microsoft Windows [Version 10.0.15063] (c) 2017 Microsoft Corporation. All rights reserved. C:\WINDOWS\system32>d:\Downloads\wimlib\wimcapture h:\ d:\Test7\wimlib\install.wim Index_Name Index_Description --config=d:\W10UI_1.8\winscript.2.ini Scanning "h:\" 1550 MiB scanned (88 files, 13 directories) Excluding "\\?\h:\Recovery" from capture 1607 MiB scanned (241 files, 115 directories) Excluding "\\?\h:\Windows\lsasetup.log" from capture Excluding "\\?\h:\Windows\Panther" from capture Excluding "\\?\h:\Windows\setuperr.log" from capture Excluding "\\?\h:\Windows\setupact.log" from capture Excluding "\\?\h:\Windows\Prefetch" from capture 1619 MiB scanned (252 files, 132 directories) Excluding "\\?\h:\Windows\DtcInstall.log" from capture 5440 MiB scanned (33164 files, 9204 directories) Excluding "\\?\h:\Windows\WinSxS\ManifestCache\c51851603bc3818b_blobs.bin" from capture 5576 MiB scanned (37511 files, 9209 directories) Excluding "\\?\h:\Windows\Temp\FXSTIFFDebugLogFile.txt" from capture Excluding "\\?\h:\Windows\Temp\FXSAPIDebugLogFile.txt" from capture Excluding "\\?\h:\Windows\Temp\MpCmdRun.log" from capture Excluding "\\?\h:\Windows\Temp\tem2F8.tmp" from capture 5580 MiB scanned (44168 files, 9592 directories) Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-LiveId%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Security-SPP-UX-Notifications%4ActionCenter.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SettingSync%4Debug.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SettingSync%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Provisioning-Diagnostics-Provider%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsBackup%4ActionCenter.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4Packaged app-Deployment.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4Packaged app-Execution.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4MSI and Script.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4EXE and DLL.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4LogonTasksChannel.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4AppDefaults.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4ActionCenter.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-PushNotification-Platform%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-PushNotification-Platform%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-CoreSystem-SmsRouter-Events%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Biometrics%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-WorkFolders%4WHC.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-StorageSpaces-ManagementAgent%4WHC.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-ConnectedAccountState%4ActionCenter.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-HomeGroup Control Panel%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scheduled%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-All-User-Install-Agent%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-WinRM%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-ApplicationResourceManagementSystem%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppModel-Runtime%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4CompatAfterUpgrade.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBClient%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Store%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-BackgroundTaskInfrastructure%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-FileHistory-Core%4WHC.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Troubleshooter.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Steps-Recorder.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Inventory.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Telemetry.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-TWinUI%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PCW%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeployment%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Client-Licensing-Platform%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Storage-ClassPnP%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppReadiness%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-AppReadiness%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Security.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Connectivity.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Audit.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Connectivity.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Security.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4PlaybackManager.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4CaptureMonitor.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Known Folders API Service.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkProfile%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-User Device Registration%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-UniversalTelemetryClient%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4WHC.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-VPN%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-WFP%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-IKE%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBWitnessClient%4Informational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBWitnessClient%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Maintenance.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Wcmsvc%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-WinINet-Config%4ProxyConfigChanged.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-HotspotAuth%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-NCSI%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcpv6-Client%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcp-Client%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Containers-Wcnfs%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Containers-Wcifs%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceSetupManager%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceSetupManager%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Errors.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-User Profile Service%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-StateRepository%4Restricted.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-StateRepository%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-VolumeSnapshot-Driver%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4WHC.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-UserPnp%4ActionCenter.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-UserPnp%4DeviceInstall.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-PnP%4Configuration.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Boot%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Setup.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\HardwareEvents.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Internet Explorer.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Key Management Service.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Windows PowerShell.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Security.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\Application.evtx" from capture Excluding "\\?\h:\Windows\System32\winevt\Logs\System.evtx" from capture 5645 MiB scanned (45592 files, 9832 directories) Excluding "\\?\h:\Windows\System32\Sysprep\Sysprep_succeeded.tag" from capture Excluding "\\?\h:\Windows\System32\Sysprep\Panther" from capture 6075 MiB scanned (57936 files, 10928 directories) Excluding "\\?\h:\Windows\security\database\edb.log" from capture Excluding "\\?\h:\Windows\security\database\edb.chk" from capture Excluding "\\?\h:\Windows\security\database\edbres00002.jrs" from capture Excluding "\\?\h:\Windows\security\database\edbres00001.jrs" from capture Excluding "\\?\h:\Windows\security\database\edbtmp.log" from capture 6084 MiB scanned (59646 files, 11778 directories) Excluding "\\?\h:\Windows\Logs\DISM" from capture Excluding "\\?\h:\Windows\Logs\DPX" from capture Excluding "\\?\h:\Windows\Logs\dosvc" from capture Excluding "\\?\h:\Windows\Logs\WindowsUpdate" from capture Excluding "\\?\h:\Windows\Logs\CBS\CBS.log" from capture 6759 MiB scanned (70385 files, 12687 directories) Excluding "\\?\h:\Windows\debug\PASSWD.LOG" from capture Excluding "\\?\h:\Windows\debug\sammui.log" from capture 7751 MiB scanned (72962 files, 13950 directories) Excluding "\\?\h:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat" from capture Excluding "\\?\h:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat" from capture 7754 MiB scanned (81972 files, 14984 directories) Setting the DESCRIPTION property of image 1 to "Index_Description". Using LZX compression with 8 threads Archiving file data: 7149 MiB of 7149 MiB (100%) done C:\WINDOWS\system32> Spoiler: Wimlib captured Install.wim = 2.99 GB (3,215,384,828 bytes) Capturing using normal imagex (GimageX tool, just a gui for imagex), no exclusions list: Spoiler: ImageX No exclusion list used Install.wim = 2.86 GB (3,079,557,862 bytes) Capturing using normal imagex (GimageX tool, just a gui for imagex), exclusions list used: Spoiler: ImageX exclusion list used Install.wim = 2.86 GB (3,077,778,013 bytes) The captured install was a clean sysprepped install.
So yeah, wimlib capture method definetly doesn't use any other exclusion (default) apart from the ones specified. I captured with imagex now and the install.wim is much cleaner since it uses both exclusions; the one you provide from abbodi1406 list and it's own default one. Spoiler: IMAGEX Default exclusion list ImageX Tool for Windows Copyright (C) Microsoft Corp. All rights reserved. Version: 10.0.10011.16384 Files/folders excluded from image capture by default: \$windows.~bt \$windows.~ls \winpepge.sys \Windows\CSC \Recycled \Recycler \$Recycle.Bin\* \System Volume Information \swapfile.sys \pagefile.sys \hiberfil.sys