This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
« on: April 20, 2017, 05:56:19 AM »
Finally, version 17.04 is ready and online.
And now look at this Antivirus scan for GetWaikTools
So everyone who get's an false positive in future, stop posting it here
but send a complaint to your Antivirus company.
« on: April 18, 2017, 10:44:07 PM »
« on: April 17, 2017, 09:24:28 AM »
So if someone is writing a replacement builder, why not change the syntax as well. Sure, it will break everybodies projects including mine, but it also gives a lot of new and better commands.
Just my 2 cents.
Totally agree. The syntax of WB is also one of it's main problems.
LSP mostly inherit this style and soon
there will be another builder with this silly synatx
« on: April 17, 2017, 09:14:40 AM »
Exclude the WinPESE directory in your Symantec Endpoint Protection.
« on: April 14, 2017, 09:22:41 PM »
Ahh, you right seems RS2 creates REFS v3.2 volumes and 14393 drivers only support it up to version 3.1.
« on: April 11, 2017, 01:13:37 AM »
Win10PE_SE already supports REFS, you can read and also create a REFS partition with Win10PE_SE 14393.
« on: April 10, 2017, 09:07:32 PM »
There is no virus. If you encounter such messages from your AV than check it on VirusTotal
Also send the file to symantec and ask them to fix their product.
« on: April 06, 2017, 07:39:10 AM »
There is actually just one problem, it's not stable.
On Windows 10 RS1 I get 1 or 2 app crashes a week, well actually that great for everyting that comes after Windows 7.
However on this new RTM, I have crashes every couple of hours.
Left alone the hidden ones, you only noticed looking at the event log.
Specially explorer hangs and crashes are very annoying.
On ADK side they messed up the wofadk.sys driver, it can no longer works under Windows 7. Just like they did with bcdedit.exe.
Also you properly noticed the system context menu "New" sub menu in the new WinPE.
Well, it freeze because it now depends on the StateRepository service.
We can get it to work on WinPE, but will need a workaround because it 's not fully compatible with the FBWF used in WinPE.
« on: April 06, 2017, 05:15:09 AM »
It properly will be be supported in future, like it happened with the previous versions before
Have a strong feeling that there will soon come some refresh ISO, as 15063.0 is pretty much a disaster.
For WAIK I don't intend to update to the even buggier 15063 version unless there is any reason.
« on: March 27, 2017, 07:16:48 AM »
Good weather here, so I'm not going into the headache of why WinPE not sends this message.
I've updated my WinPE loader to fire this message on every time it receives a wm_taskbarcreated message.
This seems to be a perfect solution.
« on: March 23, 2017, 07:26:45 AM »
Yes it's IDA 6.8 with loaded x64 explorer.exe version 14393.
I guess the CTray object has it's own function to enable\disable the show desktop functionallity.
« on: March 23, 2017, 07:07:00 AM »
You rock man
Seems it's explorer himself who send this message.
« on: March 23, 2017, 12:58:39 AM »
They should not be replaced, but could be added.
But there is no need. SMI key is handled by SxS_Unknow Section of the WoW64 Plugin.
« on: March 22, 2017, 07:59:52 AM »
IA64 is an old architecture already superseded by AMD64.
ARM and ARM64 are very new architectures. You can ignore them for now.
It see Microsoft does not really know what they want with ARM and their Windows RT version.
« on: March 22, 2017, 07:55:59 AM »
By SxS error always check the manifest of an application.
This DMDE version 3.2 properly need a newer VCRuntime-
« on: March 22, 2017, 06:48:25 AM »
Microsoft is moving a lot of code into *base.dll or *.core.dll files.
To have a good application compatibility you should add all of them to your WinPE.
« on: March 22, 2017, 02:51:34 AM »
Hmm, will be difficult to find it for other version.
Would be easier if we could find the reason why this byte is set in WinPE.
« on: March 22, 2017, 12:46:55 AM »
Great work Noel
For x86 it's *CTrayObj + 0x231
« on: March 22, 2017, 12:44:26 AM »
good news today on a new Windows 10 RS2 machine, I could reproduce all problems.
The memory patching of wimgapi.dll used by the winload extraction causes quite some memory corruption
and leads to strange results. Actually I wonder why I does not crash.
For the percent progress, it's really a math problem.
The language have no unsigned integer, so I have to change quite a bit.
« on: March 21, 2017, 04:01:22 AM »
I couldn't really reproduce the this locked folder problem you mentioned. But so far the x64 version is now fully working here.