Installation getting stuck due to Access to path 'C:\Windows\System32\WEbThreatDefSvc' being Denied

[luffy-cmd]

What's the problem?

I am downloading flare vm onto Windows 11 version 22631. It gives the pop ups of Access to path 'C:\Windows\System32\WebThreatDefSvc' is Denied Although I have disabled Windows Defender and anti-malware files. Kindly help me out as I have tried thrice and could not have even 1 successful installation. At times it gets stuck in a restart loop through box starter, at times says access denied, type enter to exit

The latest issue is the one below

Steps to Reproduce

1. Download Windows 11 iso
2. Load it onto Virtual box and disable defender and updates
3. open pwrshell as admin and follow the same steps as mentioned in the repo
4. keep all paths to default

Environment

Virtual Box Windows 11 v22631 Chocolatey v2.3.0 Boxstarter v3.0.3.0

Additional Information

Kindly let me know how to get the log as I am new to this field. In case the logs are required.

[emtuls]

Hello @luffy-cmd!

I may need the logs to determine the full issue as this seems to be a combination of 3 separate issues. You can find the logs in C:\ProgramData\_VM\log.txt and C:\ProgramData\chocolatey\logs\chocolatey.log

1. The "Access to path 'C:\Windows\System32\WebThreatDefSvc' is Denied" error seems to be a warning that is possibly related to the automated credential usage from the script. I don't think is causing any issues with installation, but it is an annoyance that I will look into.

2. I just performed an install and did not get an issue with libraries.python3.vm, so I would need to see the logs in order to look into this more.

3. The Import-StartLayout failure is related to this issue, and I posted a temporary workaround here, until the following PRs get merged: https://github.com/mandiant/VM-Packages/pull/1137 https://github.com/mandiant/flare-vm/pull/617