Create Capture Media Issue

[ashcrafa]

I recently came across this and decided to try it. I downloaded the files and ran the command to run windows updates and build a USB with autopilot and unattend files for Windows 10. However it keeps failing at creating the capture media, saying the "Mount-WindowsImage : The specified service does not exist." I have uninstalled and reinstalled ADK and WinPE add-on and the issue persists.

Do you have any recommendations?

FFUDevelopment.log

[rbalsleyMSFT]

Do you have a 3rd party EDR or AV solution installed? I just had another user have a similar issue. If so, try disabling or uninstalling to see if it works. You may need to put an exclusion rule in for the ADK path.

Thanks, Richard

---

From: ashcrafa @.> Sent: Wednesday, June 26, 2024 1:18:12 PM To: rbalsleyMSFT/FFU @.> Cc: Subscribed @.***> Subject: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

I recently came across this and decided to try it. I downloaded the files and ran the command to run windows updates and build a USB with autopilot and unattend files for Windows 10. However it keeps failing at creating the capture media, saying the "Mount-WindowsImage : The specified service does not exist." I have uninstalled and reinstalled ADK and WinPE add-on and the issue persists.

Do you have any recommendations?

FFUDevelopment.loghttps://github.com/user-attachments/files/15994660/FFUDevelopment.log

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AMYE2BEM27P242D6GM6MMXLZJMOYJAVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM3TMMJZGE4DGNQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>

[ashcrafa]

We do have an EDR. I disabled it and the issue persisted. I did have a previous version, downloaded it in February, of ADK and WinPE that seemed to work fine before the upgrade for a different WinPE project.

Andrew Ashcraft

---

From: rbalsleyMSFT @.> Sent: Wednesday, June 26, 2024 3:56 PM To: rbalsleyMSFT/FFU @.> Cc: Andrew Ashcraft @.>; Author @.> Subject: [External Email] Re: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

[EXTERNAL EMAIL] Please report any suspicious attachments, links, or requests for sensitive information.

Do you have a 3rd party EDR or AV solution installed? I just had another user have a similar issue. If so, try disabling or uninstalling to see if it works. You may need to put an exclusion rule in for the ADK path.

Thanks, Richard

---

From: ashcrafa @.> Sent: Wednesday, June 26, 2024 1:18:12 PM To: rbalsleyMSFT/FFU @.> Cc: Subscribed @.***> Subject: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

I recently came across this and decided to try it. I downloaded the files and ran the command to run windows updates and build a USB with autopilot and unattend files for Windows 10. However it keeps failing at creating the capture media, saying the "Mount-WindowsImage : The specified service does not exist." I have uninstalled and reinstalled ADK and WinPE add-on and the issue persists.

Do you have any recommendations?

FFUDevelopment.loghttps://github.com/user-attachments/files/15994660/FFUDevelopment.log

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AMYE2BEM27P242D6GM6MMXLZJMOYJAVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM3TMMJZGE4DGNQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31#issuecomment-2192689775, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BJPEY2HAVTPKI4YLVXHYXFLZJM2HNAVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOJSGY4DSNZXGU. You are receiving this because you authored the thread.Message ID: @.***>

[rbalsleyMSFT]

Since the release of 24h2 ADK, you and the other user I mentioned are the first I've seen of these issues.

Can you attach your dism log and the output of fltmc from the command line after disabling your EDR? Fltmc will list the filter drivers on the system. My guess is that even disabled, the EDR filter driver is probably present. If you can uninstall it completely, the driver should be removed, and I hope that it works.

Thanks, Richard

---

From: ashcrafa @.> Sent: Wednesday, June 26, 2024 4:55:59 PM To: rbalsleyMSFT/FFU @.> Cc: Richard Balsley @.>; Comment @.> Subject: Re: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

We do have an EDR. I disabled it and the issue persisted. I did have a previous version, downloaded it in February, of ADK and WinPE that seemed to work fine before the upgrade for a different WinPE project.

Andrew Ashcraft Technology Specialist | Bonneville Joint School District 93 Office: (208)525-4493 ext. 9327 Email: @.***

---

From: rbalsleyMSFT @.> Sent: Wednesday, June 26, 2024 3:56 PM To: rbalsleyMSFT/FFU @.> Cc: Andrew Ashcraft @.>; Author @.> Subject: [External Email] Re: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

[EXTERNAL EMAIL] Please report any suspicious attachments, links, or requests for sensitive information.

Do you have a 3rd party EDR or AV solution installed? I just had another user have a similar issue. If so, try disabling or uninstalling to see if it works. You may need to put an exclusion rule in for the ADK path.

Thanks, Richard

---

From: ashcrafa @.> Sent: Wednesday, June 26, 2024 1:18:12 PM To: rbalsleyMSFT/FFU @.> Cc: Subscribed @.***> Subject: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

I recently came across this and decided to try it. I downloaded the files and ran the command to run windows updates and build a USB with autopilot and unattend files for Windows 10. However it keeps failing at creating the capture media, saying the "Mount-WindowsImage : The specified service does not exist." I have uninstalled and reinstalled ADK and WinPE add-on and the issue persists.

Do you have any recommendations?

FFUDevelopment.loghttps://github.com/user-attachments/files/15994660/FFUDevelopment.log

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AMYE2BEM27P242D6GM6MMXLZJMOYJAVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM3TMMJZGE4DGNQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31#issuecomment-2192689775, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BJPEY2HAVTPKI4YLVXHYXFLZJM2HNAVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOJSGY4DSNZXGU. You are receiving this because you authored the thread.Message ID: @.***>

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31#issuecomment-2192807890, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AMYE2BH7YRKNFMXG2JH4KF3ZJNII7AVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOJSHAYDOOBZGA. You are receiving this because you commented.Message ID: @.***>

[ashcrafa]

Attached is the dism log and the fltmc output. However I'm not familiar with that command, so if I didn't get the right output let me know.

Andrew

---

From: rbalsleyMSFT @.> Sent: Thursday, June 27, 2024 9:44 AM To: rbalsleyMSFT/FFU @.> Cc: Andrew Ashcraft @.>; Author @.> Subject: [External Email] Re: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

[EXTERNAL EMAIL] Please report any suspicious attachments, links, or requests for sensitive information.

Since the release of 24h2 ADK, you and the other user I mentioned are the first I've seen of these issues.

Can you attach your dism log and the output of fltmc from the command line after disabling your EDR? Fltmc will list the filter drivers on the system. My guess is that even disabled, the EDR filter driver is probably present. If you can uninstall it completely, the driver should be removed, and I hope that it works.

Thanks, Richard

---

From: ashcrafa @.> Sent: Wednesday, June 26, 2024 4:55:59 PM To: rbalsleyMSFT/FFU @.> Cc: Richard Balsley @.>; Comment @.> Subject: Re: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

We do have an EDR. I disabled it and the issue persisted. I did have a previous version, downloaded it in February, of ADK and WinPE that seemed to work fine before the upgrade for a different WinPE project.

Andrew

---

From: rbalsleyMSFT @.> Sent: Wednesday, June 26, 2024 3:56 PM To: rbalsleyMSFT/FFU @.> Cc: Andrew Ashcraft @.>; Author @.> Subject: [External Email] Re: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

[EXTERNAL EMAIL] Please report any suspicious attachments, links, or requests for sensitive information.

Do you have a 3rd party EDR or AV solution installed? I just had another user have a similar issue. If so, try disabling or uninstalling to see if it works. You may need to put an exclusion rule in for the ADK path.

Thanks, Richard

---

From: ashcrafa @.> Sent: Wednesday, June 26, 2024 1:18:12 PM To: rbalsleyMSFT/FFU @.> Cc: Subscribed @.***> Subject: [rbalsleyMSFT/FFU] Create Capture Media Issue (Issue #31)

I recently came across this and decided to try it. I downloaded the files and ran the command to run windows updates and build a USB with autopilot and unattend files for Windows 10. However it keeps failing at creating the capture media, saying the "Mount-WindowsImage : The specified service does not exist." I have uninstalled and reinstalled ADK and WinPE add-on and the issue persists.

Do you have any recommendations?

FFUDevelopment.loghttps://github.com/user-attachments/files/15994660/FFUDevelopment.log

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AMYE2BEM27P242D6GM6MMXLZJMOYJAVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM3TMMJZGE4DGNQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31#issuecomment-2192689775, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BJPEY2HAVTPKI4YLVXHYXFLZJM2HNAVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOJSGY4DSNZXGU. You are receiving this because you authored the thread.Message ID: @.***>

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31#issuecomment-2192807890, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AMYE2BH7YRKNFMXG2JH4KF3ZJNII7AVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOJSHAYDOOBZGA. You are receiving this because you commented.Message ID: @.***>

— Reply to this email directly, view it on GitHubhttps://github.com/rbalsleyMSFT/FFU/issues/31#issuecomment-2195051740, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BJPEY2F7EQIKFMXR57KRFH3ZJQXMLAVCNFSM6AAAAABJ6SUV7KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOJVGA2TCNZUGA. You are receiving this because you authored the thread.Message ID: @.***>

[ashcrafa]

It seems like the files did not get attached correctly. I am attaching them using a comment instead.

dism.log

Andrew

[rbalsleyMSFT]

That looks pretty good.

The dism log shows that you're running into a filter driver related issue.

If you were to mount a wim using dism manually, does that work?

You can also try to use dism from the installed ADK (Start - Windows Kits - Deployment and Imaging Tools environment). If you run it from that command prompt, it should use a newer version of dism.

[ashcrafa]

Mounting it manually fails as well.

-Andrew

[rbalsleyMSFT]

Definitely something on that machine that's causing dism from being able to mount a WIM.

Do you have access to another machine and can you test mounting a WIM manually?

[ashcrafa]

I was able to mount wim files successfully before upgrading to the latest ADK, which occurred when I ran the powershell script for the first time. I'm also going to build a machine without the EDR and test that. I apologize for the time lag between responses. I'm often out fixing stuff and appreciate your help.

-Andrew