Tag Archives: Bootable USB

How to Install a Fresh Windows 10 Booted from UEFI Secure Boot using a Bootable USB


Most of Windows machines are delivered with a limited Windows version and unnecessary preinstalled software.

You want to format the hard drive and install a fresh Windows that can be booted from UEFI secure boot to improve machine performance and stability.

You have a 8Gb USB stick and an ISO file of Windows 10, version 2004.


Step 1: Backup your machine and create an USB recovery by entering “Create a recovery drive” text to the search box on the task bar and follow the instructions.

Step 2: Create a bootable USB with Windows installation files.

Right click Windows logo, click Command Prompt (Admin).
Enter diskpart.exe, press Enter.
DISKPART> list disk
DISKPART> select disk 1 -- the USB disk should be selected, the number may be different in your machine.
DISKPART> create partition primary size=1024
DISKPART> select partition 1
DISKPART> active
DISKPART> format quick fs=fat32
DISKPART> assign
DISKPART> create partition primary
DISKPART> select partition 2
DISKPART> format quick fs=ntfs
DISKPART> assign
Double click on the ISO file of Windows 10, version 2004 to create a virtual drive.
xcopy f:\sources\boot.wim d:\sources\ /s /e 

f: the virtual drive and 
d: the USB fat32 partition.
We copy only the f:\sources\boot.wim file to d:\sources\.
robocopy f:\ d:\ /IS /S /XD sources 

f: the virtual drive and 
d: the USB fat32 partition.
We copy everything from f:\ to d:\ except the sources folder.
xcopy f:* e:\ /s /e 

f: the virtual drive and 
e: the USB ntfs partition.

Step 3: Install Windows.

  1. Plug the USB to a machine.
  2. For a Dell laptop, power on the machine, press F12 until a one-time boot up menu appears. Select the option to boot the machine from the USB. (You may need to access BIOS to enable Boot from an USB).
  3. For a Sony VAIO laptop, power off the machine, then press the Assist button to enter VAIOCare. Select the option to boot the machine from the USB. (You may need to access BIOS to enable Boot from an USB).
  4. For a ThinkPad laptop, go to Settings > Update & Security > Recovery, click the Restart now button under the Advanced setup section and follow the instructions to boot the machine from an USB.
  5. Follow the instructions to install Windows (set Windows partition size to 716916Mb for DellPrecision if you want to have 700Gb C drive, or 262789Mb for DellXPS if you want to have a 255Gb C drive, or 819316Mb for DellXPS if you want to have a 800Gb C drive).
  6. You can delete all the partitions, including MRP (Microsoft Reserved Partition – this is just a reserved partition for Windows later use if needed), ESP (EFI System Partition – this is where UEFI firmware files are stored to boot Windows), WINRETOOLS (Windows Recovery Environment (WinRE) Tools – this is where files for repairing or recovering Windows are stored), and PBR image (this is where original the manufacture Windows installation file  are stored) because you already created an USB recovery in the Step 1.

Step 4: Configure Windows for Developer’s needs.

  1. Change Computer Name, turn off System Restore, enable Remote Desktop.
  2. Add Wireless LAN Service feature for Windows Server 2019.
  3. Install Dell Wireless 1820A 1830 WiFi Driver
  4. Change Time Zone.
  5. Turn on Network discovery and file sharing by clicking on Network icon on the left side of Explorer, turn off BitLocker (manage-bde -status, manage-bde -off C:).
  6. Activate Windows.
  7. Configure Auto Logon (netplwiz), disable Hibernation (powercfg.exe /h off), configure Power options (Hard disk >> Turn of hard disk after: 0, Wireless Adapter Settings >> Power Saving Mode: Maximum Performance, Sleep >> Sleep after: 0).
  8. Install Dell Command Update and use it to install necessary drivers.
  9. Install Chipset Device, Graphics, Audio, Ethernet, Bluetooth, Memory Card Reader, Dynamic Platform and Thermal Framework driver for Windows Server 2019.
  10. Turn the following Windows features on: .NET 3.5, ASP.NET 4.8, Internet Information Services, Telnet Client.
  11. Install Hyper-V, create an external Virtual Switch for Internet access, set Scheduler Type to Core.
  12. Apply Windows updates to the machine.
  13. Configure secure protocols using IIS Crypto GUI (Select Best Practices, disable TLS 1.0, TLS 1.1, MD5, SHA).
  14. Install Total Commander, Remote Desktop Connection Manager, PuTTY 0.7.3, WinSCP 5.17, Zoom.
  15. Install Firefox, MPC-HC.1.7.13.
  16. Install MS Office 2007 SP3 (Display >> Scale and layout: 125% for DellPrecision, 175% for DellXPS), MS Project 2016, MS Visio 2016, MS SQL Server 2008 R2, Visual Studio 2015, Adobe Acrobat Pro DC v15.8, Adobe Photoshop CC 2015, TortoiseSVN 1.13.1
  17. Install Python 3.6.8, TensorFlow, Keras
  18. Create VPN Connection.

Go to Control Panel >> Network and Sharing Center >> Change adapter settings >> Right click >> VPN Connection’s Properties >> Select Networking tab:
1. Disable Internet Protocol Version 6 (TCP/IPv6).
2. Select Internet Protocol Version 4 (TCP/IPv4) >> Properties >> Advanced… >> select IP Settings tab: Uncheck Use default gateway on remote network option.