Network boot of Windows Defender Offline will not update

I have been working on configuring a network bootable virus removal suite, and I am using the Windows Defender WinPE iso generated from using this 64-bit tool. The tool downloads and creates an ISO for you. I extract the ISO in order to get the source boot.wim file and I make the following edits with the DISM tool:

• Mount the WIM file locally using DISM
• Remove bootfix.bin file (Removes "Press Any Key to Boot from CD/DVD.." message)
• Drop two files, mpam-fex64.exe & FilesList64.dll into the root of the wim file (Most current definitions at time of downloading)
• Add generic networking drivers to allow older machines to get a DHCP address
• Commit changes to WIM file and unmount it

Once all that is done, I transfer the boot.wim file to my Windows Deployment Server and add it as a boot image. Clients are now able to boot into the environment, here is the process:

Client Network Boot > DHCP Request > PXE Boot Screen > Windows Deployment Services > Virus Removal Environment

Once the client machine is booted into this environment, you can scan your computer or update the virus definitions, but any time I try to update the definitions, it fails due to a network error and gives me the error code 0x80004005.

Things I have tried:

• Putting Client machine on an outside VLAN (results in 0x80072ee7 error code)
• Using ipconfig /release & ipconfig /renew while in the environment
• Disabling the firewall via command line while in the environment
• Giving the program / user accounts involved write access to the WDS Server
• I wrote a script that automatically downloaded new updates, injected them into the image, and re-uploaded it to the server. But for whatever reason, each time this would occur it would fatten the WinSxS folder by ~80mb, so this quickly grew to an unreasonable size.

Any research of the two error codes given has been somewhat unsuccessful, they seem to be more of general windows update / networking errors. Unless someone is seeing something I didn't.

So with all of that given information, my question is: Why is my Network Bootable WDO environment not able to update?

Any insight is appreciated, let me know if you need additional information

This was such an AWESOME idea that I had to try it myself. What I did was:

1. Open the iso to get the boot.wim file.
2. Mount the wim locally.
3. Inject a bunch of drivers offline for my environment. (Not just older drivers, all of them.)
4. Drop the mpam-fex64.exe file into the top level of the wim.
5. Unmount the wim.
6. Add it to the WDS boot options.

Mine works flawlessly, successfully updating the definitions and auto-running Windows Defender without making me press a key. I'm going to guess that either you're missing a network card driver or that something else got mangled while you were adding and removing files, as those are the only things we did differently.