Browse Source

Added bypass for UCPD driver restriction

master
Dmitry Nefedov 3 months ago
parent
commit
2284f5593d
  1. 1
      src/Sophia_Script_for_Windows_10/Localizations/de-DE/Sophia.psd1
  2. 1
      src/Sophia_Script_for_Windows_10/Localizations/en-US/Sophia.psd1
  3. 1
      src/Sophia_Script_for_Windows_10/Localizations/es-ES/Sophia.psd1
  4. 1
      src/Sophia_Script_for_Windows_10/Localizations/fr-FR/Sophia.psd1
  5. 1
      src/Sophia_Script_for_Windows_10/Localizations/hu-HU/Sophia.psd1
  6. 1
      src/Sophia_Script_for_Windows_10/Localizations/it-IT/Sophia.psd1
  7. 1
      src/Sophia_Script_for_Windows_10/Localizations/pl-PL/Sophia.psd1
  8. 1
      src/Sophia_Script_for_Windows_10/Localizations/pt-BR/Sophia.psd1
  9. 1
      src/Sophia_Script_for_Windows_10/Localizations/ru-RU/Sophia.psd1
  10. 1
      src/Sophia_Script_for_Windows_10/Localizations/tr-TR/Sophia.psd1
  11. 1
      src/Sophia_Script_for_Windows_10/Localizations/uk-UA/Sophia.psd1
  12. 1
      src/Sophia_Script_for_Windows_10/Localizations/zh-CN/Sophia.psd1
  13. 124
      src/Sophia_Script_for_Windows_10/Module/Sophia.psm1
  14. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/de-DE/Sophia.psd1
  15. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/en-US/Sophia.psd1
  16. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/es-ES/Sophia.psd1
  17. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/fr-FR/Sophia.psd1
  18. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/hu-HU/Sophia.psd1
  19. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/it-IT/Sophia.psd1
  20. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/pl-PL/Sophia.psd1
  21. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/pt-BR/Sophia.psd1
  22. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/ru-RU/Sophia.psd1
  23. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/tr-TR/Sophia.psd1
  24. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/uk-UA/Sophia.psd1
  25. 1
      src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/zh-CN/Sophia.psd1
  26. 76
      src/Sophia_Script_for_Windows_10_LTSC_2019/Module/Sophia.psm1
  27. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/de-DE/Sophia.psd1
  28. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/en-US/Sophia.psd1
  29. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/es-ES/Sophia.psd1
  30. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/fr-FR/Sophia.psd1
  31. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/hu-HU/Sophia.psd1
  32. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/it-IT/Sophia.psd1
  33. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/pl-PL/Sophia.psd1
  34. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/pt-BR/Sophia.psd1
  35. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/ru-RU/Sophia.psd1
  36. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/tr-TR/Sophia.psd1
  37. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/uk-UA/Sophia.psd1
  38. 1
      src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/zh-CN/Sophia.psd1
  39. 80
      src/Sophia_Script_for_Windows_10_LTSC_2021/Module/Sophia.psm1
  40. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/de-DE/Sophia.psd1
  41. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/en-US/Sophia.psd1
  42. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/es-ES/Sophia.psd1
  43. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/fr-FR/Sophia.psd1
  44. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/hu-HU/Sophia.psd1
  45. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/it-IT/Sophia.psd1
  46. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pl-PL/Sophia.psd1
  47. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pt-BR/Sophia.psd1
  48. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/ru-RU/Sophia.psd1
  49. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/tr-TR/Sophia.psd1
  50. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/uk-UA/Sophia.psd1
  51. 1
      src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/zh-CN/Sophia.psd1
  52. 116
      src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1
  53. 1
      src/Sophia_Script_for_Windows_11/Localizations/de-DE/Sophia.psd1
  54. 1
      src/Sophia_Script_for_Windows_11/Localizations/en-US/Sophia.psd1
  55. 1
      src/Sophia_Script_for_Windows_11/Localizations/es-ES/Sophia.psd1
  56. 1
      src/Sophia_Script_for_Windows_11/Localizations/fr-FR/Sophia.psd1
  57. 1
      src/Sophia_Script_for_Windows_11/Localizations/hu-HU/Sophia.psd1
  58. 1
      src/Sophia_Script_for_Windows_11/Localizations/it-IT/Sophia.psd1
  59. 1
      src/Sophia_Script_for_Windows_11/Localizations/pl-PL/Sophia.psd1
  60. 1
      src/Sophia_Script_for_Windows_11/Localizations/pt-BR/Sophia.psd1
  61. 1
      src/Sophia_Script_for_Windows_11/Localizations/ru-RU/Sophia.psd1
  62. 1
      src/Sophia_Script_for_Windows_11/Localizations/tr-TR/Sophia.psd1
  63. 1
      src/Sophia_Script_for_Windows_11/Localizations/uk-UA/Sophia.psd1
  64. 1
      src/Sophia_Script_for_Windows_11/Localizations/zh-CN/Sophia.psd1
  65. 157
      src/Sophia_Script_for_Windows_11/Module/Sophia.psm1
  66. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/de-DE/Sophia.psd1
  67. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/en-US/Sophia.psd1
  68. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/es-ES/Sophia.psd1
  69. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/fr-FR/Sophia.psd1
  70. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/hu-HU/Sophia.psd1
  71. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/it-IT/Sophia.psd1
  72. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pl-PL/Sophia.psd1
  73. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pt-BR/Sophia.psd1
  74. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/ru-RU/Sophia.psd1
  75. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/tr-TR/Sophia.psd1
  76. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/uk-UA/Sophia.psd1
  77. 1
      src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/zh-CN/Sophia.psd1
  78. 157
      src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1

1
src/Sophia_Script_for_Windows_10/Localizations/de-DE/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Fehler/Warnungen
DialogBoxOpening = Anzeigen des Dialogfensters... DialogBoxOpening = Anzeigen des Dialogfensters...
Disable = Deaktivieren Disable = Deaktivieren
Enable = Aktivieren Enable = Aktivieren
UserChoiceWarning = Microsoft hat den Schreibzugriff auf den UserChoice-Schlüssel für die .pdf-Erweiterung und das http/https-Protokoll mit der Version KB5034765 gesperrt.
AllFilesFilter = Alle Dateien AllFilesFilter = Alle Dateien
FolderSelect = Einen Ordner auswählen FolderSelect = Einen Ordner auswählen
FilesWontBeMoved = Dateien werden nicht verschoben. FilesWontBeMoved = Dateien werden nicht verschoben.

1
src/Sophia_Script_for_Windows_10/Localizations/en-US/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Errors/Warnings
DialogBoxOpening = Displaying the dialog box... DialogBoxOpening = Displaying the dialog box...
Disable = Disable Disable = Disable
Enable = Enable Enable = Enable
UserChoiceWarning = Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release.
AllFilesFilter = All Files AllFilesFilter = All Files
FolderSelect = Select a folder FolderSelect = Select a folder
FilesWontBeMoved = Files will not be moved. FilesWontBeMoved = Files will not be moved.

1
src/Sophia_Script_for_Windows_10/Localizations/es-ES/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Errores/Advertencias
DialogBoxOpening = Viendo el cuadro de diálogo... DialogBoxOpening = Viendo el cuadro de diálogo...
Disable = Desactivar Disable = Desactivar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = Microsoft ha bloqueado el acceso de escritura a la clave UserChoice para la extensión .pdf y el protocolo http/https con el lanzamiento de KB5034765.
AllFilesFilter = Todos los Archivos AllFilesFilter = Todos los Archivos
FolderSelect = Seleccione una carpeta FolderSelect = Seleccione una carpeta
FilesWontBeMoved = Los archivos no se transferirán. FilesWontBeMoved = Los archivos no se transferirán.

1
src/Sophia_Script_for_Windows_10/Localizations/fr-FR/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Erreurs/Avertissements
DialogBoxOpening = Afficher la boîte de dialogue... DialogBoxOpening = Afficher la boîte de dialogue...
Disable = Désactiver Disable = Désactiver
Enable = Activer Enable = Activer
UserChoiceWarning = Microsoft a bloqué l'accès en écriture à la clé UserChoice pour l'extension .pdf et le protocole http/https avec la version KB5034765.
AllFilesFilter = Tous les Fichiers AllFilesFilter = Tous les Fichiers
FolderSelect = Sélectionner un dossier FolderSelect = Sélectionner un dossier
FilesWontBeMoved = Les fichiers ne seront pas déplacés. FilesWontBeMoved = Les fichiers ne seront pas déplacés.

1
src/Sophia_Script_for_Windows_10/Localizations/hu-HU/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Hibák/Figyelmeztetések
DialogBoxOpening = Párbeszédablak megjelenítése... DialogBoxOpening = Párbeszédablak megjelenítése...
Disable = Kikapcsolás Disable = Kikapcsolás
Enable = Engedélyezés Enable = Engedélyezés
UserChoiceWarning = A Microsoft a KB5034765 kiadással blokkolta a UserChoice kulcs írási hozzáférését a .pdf kiterjesztéshez és a http/https protokollhoz.
AllFilesFilter = Minden fájl AllFilesFilter = Minden fájl
FolderSelect = Válasszon ki egy könyvtárat FolderSelect = Válasszon ki egy könyvtárat
FilesWontBeMoved = A fájlok nem lesznek áthelyezve. FilesWontBeMoved = A fájlok nem lesznek áthelyezve.

1
src/Sophia_Script_for_Windows_10/Localizations/it-IT/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Errori/avvisi
DialogBoxOpening = Visualizzazione della finestra di dialogo... DialogBoxOpening = Visualizzazione della finestra di dialogo...
Disable = Disattivare Disable = Disattivare
Enable = Abilitare Enable = Abilitare
UserChoiceWarning = Microsoft ha bloccato l'accesso in scrittura alla chiave UserChoice per l'estensione .pdf e il protocollo http/https con il rilascio della KB5034765.
AllFilesFilter = Tutti i file AllFilesFilter = Tutti i file
FolderSelect = Selezionare una cartella FolderSelect = Selezionare una cartella
FilesWontBeMoved = I file non verranno trasferiti. FilesWontBeMoved = I file non verranno trasferiti.

1
src/Sophia_Script_for_Windows_10/Localizations/pl-PL/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Błędy/Ostrzeżenia
DialogBoxOpening = Wyświetlanie okna dialogowego... DialogBoxOpening = Wyświetlanie okna dialogowego...
Disable = Wyłączyć Disable = Wyłączyć
Enable = Włączać Enable = Włączać
UserChoiceWarning = Microsoft zablokował dostęp do zapisu klucza UserChoice dla rozszerzenia .pdf i protokołu http/https wraz z wydaniem KB5034765.
AllFilesFilter = Wszystkie pliki AllFilesFilter = Wszystkie pliki
FolderSelect = Wybierz folder FolderSelect = Wybierz folder
FilesWontBeMoved = Pliki nie zostaną przeniesione. FilesWontBeMoved = Pliki nie zostaną przeniesione.

1
src/Sophia_Script_for_Windows_10/Localizations/pt-BR/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Erros/Avisos
DialogBoxOpening = Exibindo a caixa de diálogo... DialogBoxOpening = Exibindo a caixa de diálogo...
Disable = Desativar Disable = Desativar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = A Microsoft bloqueou o acesso de gravação à chave UserChoice para extensão .pdf e protocolo http/https com a versão KB5034765.
AllFilesFilter = Todos os arquivos AllFilesFilter = Todos os arquivos
FolderSelect = Escolha uma pasta FolderSelect = Escolha uma pasta
FilesWontBeMoved = Os arquivos não serão transferidos. FilesWontBeMoved = Os arquivos não serão transferidos.

1
src/Sophia_Script_for_Windows_10/Localizations/ru-RU/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Ошибки/предупрежде
DialogBoxOpening = Диалоговое окно открывается... DialogBoxOpening = Диалоговое окно открывается...
Disable = Отключить Disable = Отключить
Enable = Включить Enable = Включить
UserChoiceWarning = Microsoft заблокировала возможность записать в раздел реестра UserChoice для расширения .pdf и протоколов http/https с релизом обновления KB5034765.
AllFilesFilter = Все файлы AllFilesFilter = Все файлы
FolderSelect = Выберите папку FolderSelect = Выберите папку
FilesWontBeMoved = Файлы не будут перенесены. FilesWontBeMoved = Файлы не будут перенесены.

1
src/Sophia_Script_for_Windows_10/Localizations/tr-TR/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Hatalar/Uyarılar
DialogBoxOpening = İletişim kutusu görüntüleniyor... DialogBoxOpening = İletişim kutusu görüntüleniyor...
Disable = Devre dışı bırak Disable = Devre dışı bırak
Enable = Aktif et Enable = Aktif et
UserChoiceWarning = Microsoft, KB5034765 sürümü ile .pdf uzantısı ve http/https protokolü için UserChoice anahtarına yazma erişimini engellemiştir.
AllFilesFilter = Tüm Dosyalar AllFilesFilter = Tüm Dosyalar
FolderSelect = Klasör seç FolderSelect = Klasör seç
FilesWontBeMoved = Dosyalar taşınmayacak. FilesWontBeMoved = Dosyalar taşınmayacak.

1
src/Sophia_Script_for_Windows_10/Localizations/uk-UA/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Помилки/попереджен
DialogBoxOpening = Діалогове вікно відкривається... DialogBoxOpening = Діалогове вікно відкривається...
Disable = Вимкнути Disable = Вимкнути
Enable = Увімкнути Enable = Увімкнути
UserChoiceWarning = Microsoft заблокувала можливість писати в розділ реєстру UserChoice для розширення .pdf, а також протоколів http/https з релізом оновлення KB5034765.
AllFilesFilter = Усі файли AllFilesFilter = Усі файли
FolderSelect = Виберіть папку FolderSelect = Виберіть папку
FilesWontBeMoved = Файли не будуть перенесені. FilesWontBeMoved = Файли не будуть перенесені.

1
src/Sophia_Script_for_Windows_10/Localizations/zh-CN/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = 错误/警告
DialogBoxOpening = 显示对话窗口..... DialogBoxOpening = 显示对话窗口.....
Disable = 禁用 Disable = 禁用
Enable = 启用 Enable = 启用
UserChoiceWarning = 微软在发布 KB5034765 时阻止了对 .pdf 扩展和 http/https 协议的 UserChoice 密钥的写入访问
AllFilesFilter = 所有文件 AllFilesFilter = 所有文件
FolderSelect = 选择一个文件夹 FolderSelect = 选择一个文件夹
FilesWontBeMoved = 文件将不会被移动 FilesWontBeMoved = 文件将不会被移动

124
src/Sophia_Script_for_Windows_10/Module/Sophia.psm1

@ -63,7 +63,7 @@ function InitialActions
# Extract strings from %SystemRoot%\System32\shell32.dll using its number # Extract strings from %SystemRoot%\System32\shell32.dll using its number
# https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1 # https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1
# [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\system32\schedsvc.dll,-100") # [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\System32\schedsvc.dll,-100")
# https://github.com/PowerShell/PowerShell/issues/21070 # https://github.com/PowerShell/PowerShell/issues/21070
$Script:CompilerParameters = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll") $Script:CompilerParameters = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll")
@ -3671,8 +3671,8 @@ public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int ou
Add-Type @Signature Add-Type @Signature
} }
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry # We cannot set a value to EnShellFeedsTaskbarViewMode, having called any of APIs, except of copying powershell.exe (or any other tricks) with a different name, due to a UCPD driver tracks all executables to block the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force Copy-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell.exe" -Destination "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
@ -3690,10 +3690,7 @@ public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int ou
# Get value to save in EnShellFeedsTaskbarViewMode key # Get value to save in EnShellFeedsTaskbarViewMode key
$DWordData = [System.BitConverter]::ToUInt32($bytesOut,0) $DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token & "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command {New-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds -Name EnShellFeedsTaskbarViewMode -PropertyType DWord -Value $DWordData -Force}
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
"Enable" "Enable"
{ {
@ -3709,14 +3706,11 @@ public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int ou
# Get value to save in EnShellFeedsTaskbarViewMode key # Get value to save in EnShellFeedsTaskbarViewMode key
$DWordData = [System.BitConverter]::ToUInt32($bytesOut,0) $DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token & "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command {New-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds -Name EnShellFeedsTaskbarViewMode -PropertyType DWord -Value $DWordData -Force}
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force Remove-Item -Path "$env:SystemRoot\System32\reg_temp.exe" -Force
} }
<# <#
@ -8919,16 +8913,13 @@ function WindowsLatestUpdate
Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0" Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0"
.EXAMPLE .EXAMPLE
Set-Association -ProgramPath MSEdgeMHT -Extension .html Set-Association -ProgramPath MSEdgeHTM -Extension .html
.LINK .LINK
https://github.com/DanysysTeam/PS-SFTA https://github.com/DanysysTeam/PS-SFTA
https://github.com/default-username-was-already-taken/set-fileassoc https://github.com/default-username-was-already-taken/set-fileassoc
https://forum.ru-board.com/profile.cgi?action=show&member=westlife https://forum.ru-board.com/profile.cgi?action=show&member=westlife
.NOTES
Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034763 release
.NOTES .NOTES
Machine-wide Machine-wide
#> #>
@ -8959,18 +8950,9 @@ function Set-Association
$Icon $Icon
) )
# Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034763 release # Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release, so we have to write values with a copy of powershell.exe to bypass a UCPD driver restrictions
if (@(".pdf", "http", "https") -contains $Extension) # UCPD driver tracks all executables to block the access to the registry so all registry records will be made within powershell_temp.exe in this function just in case
{ Copy-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell.exe" -Destination "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.UserChoiceWarning -Verbose
Write-Error -Message $Localization.UserChoiceWarning -ErrorAction SilentlyContinue
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
$ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath) $ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath)
@ -9309,7 +9291,25 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force
}
# Getting a hash based on the time of the section's last modification. After creating and setting the first parameter # Getting a hash based on the time of the section's last modification. After creating and setting the first parameter
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice"
@ -9318,7 +9318,15 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
if (@(".pdf", "http", "https") -contains $Extension)
{
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
}
# Setting a block on changing the UserChoice section # Setting a block on changing the UserChoice section
# Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey() # Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey()
@ -9736,10 +9744,30 @@ public static long MakeLong(uint left, uint right)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force
} }
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice"
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
} }
}
# Setting additional parameters to comply with the requirements before configuring the extension # Setting additional parameters to comply with the requirements before configuring the extension
Write-AdditionalKeys -ProgId $ProgId -Extension $Extension Write-AdditionalKeys -ProgId $ProgId -Extension $Extension
@ -9767,6 +9795,8 @@ public static void Refresh()
} }
[WinAPI.Signature]::Refresh() [WinAPI.Signature]::Refresh()
Remove-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
} }
<# <#
@ -10101,7 +10131,7 @@ function InstallVCRedist
return return
} }
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -10212,7 +10242,7 @@ function InstallDotNetRuntimes
{ {
NET6x64 NET6x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -10259,7 +10289,7 @@ function InstallDotNetRuntimes
} }
NET8x64 NET8x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -11824,11 +11854,17 @@ function CortanaAutostart
$Enable $Enable
) )
if (-not (Get-AppxPackage -Name Microsoft.549981C3F5F10))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{
if (Get-AppxPackage -Name Microsoft.549981C3F5F10)
{ {
if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId")) if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId"))
{ {
@ -11836,10 +11872,7 @@ function CortanaAutostart
} }
New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId" -Name State -PropertyType DWord -Value 1 -Force New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId" -Name State -PropertyType DWord -Value 1 -Force
} }
}
"Enable" "Enable"
{
if (Get-AppxPackage -Name Microsoft.549981C3F5F10)
{ {
if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId")) if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId"))
{ {
@ -11849,7 +11882,6 @@ function CortanaAutostart
} }
} }
} }
}
<# <#
.SYNOPSIS .SYNOPSIS
@ -12022,24 +12054,26 @@ function XboxGameTips
$Enable $Enable
) )
if (-not ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or(Get-AppxPackage -Name Microsoft.GamingApp)))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{
if ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or (Get-AppxPackage -Name Microsoft.GamingApp))
{ {
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force
} }
}
"Enable" "Enable"
{
if ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or (Get-AppxPackage -Name Microsoft.GamingApp))
{ {
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 1 -Force
} }
} }
} }
}
<# <#
.SYNOPSIS .SYNOPSIS
@ -12154,14 +12188,14 @@ function GPUScheduling
$WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null) $WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null)
if ($WddmVersion_Min -ge 2700) if ($WddmVersion_Min -ge 2700)
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 2 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 2 -Force
} }
} }
} }
} }
"Disable" "Disable"
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 1 -Force
} }
} }
} }

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/de-DE/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Fehler/Warnungen
DialogBoxOpening = Anzeigen des Dialogfensters... DialogBoxOpening = Anzeigen des Dialogfensters...
Disable = Deaktivieren Disable = Deaktivieren
Enable = Aktivieren Enable = Aktivieren
UserChoiceWarning = Microsoft hat den Schreibzugriff auf den UserChoice-Schlüssel für die .pdf-Erweiterung und das http/https-Protokoll mit der Version KB5034765 gesperrt.
AllFilesFilter = Alle Dateien AllFilesFilter = Alle Dateien
FolderSelect = Einen Ordner auswählen FolderSelect = Einen Ordner auswählen
FilesWontBeMoved = Dateien werden nicht verschoben. FilesWontBeMoved = Dateien werden nicht verschoben.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/en-US/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Errors/Warnings
DialogBoxOpening = Displaying the dialog box... DialogBoxOpening = Displaying the dialog box...
Disable = Disable Disable = Disable
Enable = Enable Enable = Enable
UserChoiceWarning = Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release.
AllFilesFilter = All Files AllFilesFilter = All Files
FolderSelect = Select a folder FolderSelect = Select a folder
FilesWontBeMoved = Files will not be moved. FilesWontBeMoved = Files will not be moved.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/es-ES/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Errores/Advertencias
DialogBoxOpening = Viendo el cuadro de diálogo... DialogBoxOpening = Viendo el cuadro de diálogo...
Disable = Desactivar Disable = Desactivar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = Microsoft ha bloqueado el acceso de escritura a la clave UserChoice para la extensión .pdf y el protocolo http/https con el lanzamiento de KB5034765.
AllFilesFilter = Todos los Archivos AllFilesFilter = Todos los Archivos
FolderSelect = Seleccione una carpeta FolderSelect = Seleccione una carpeta
FilesWontBeMoved = Los archivos no se transferirán. FilesWontBeMoved = Los archivos no se transferirán.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/fr-FR/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Erreurs/Avertissements
DialogBoxOpening = Afficher la boîte de dialogue... DialogBoxOpening = Afficher la boîte de dialogue...
Disable = Désactiver Disable = Désactiver
Enable = Activer Enable = Activer
UserChoiceWarning = Microsoft a bloqué l'accès en écriture à la clé UserChoice pour l'extension .pdf et le protocole http/https avec la version KB5034765.
AllFilesFilter = Tous les Fichiers AllFilesFilter = Tous les Fichiers
FolderSelect = Sélectionner un dossier FolderSelect = Sélectionner un dossier
FilesWontBeMoved = Les fichiers ne seront pas déplacés. FilesWontBeMoved = Les fichiers ne seront pas déplacés.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/hu-HU/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Hibák/Figyelmeztetések
DialogBoxOpening = Párbeszédablak megjelenítése... DialogBoxOpening = Párbeszédablak megjelenítése...
Disable = Kikapcsolás Disable = Kikapcsolás
Enable = Engedélyezés Enable = Engedélyezés
UserChoiceWarning = A Microsoft a KB5034765 kiadással blokkolta a UserChoice kulcs írási hozzáférését a .pdf kiterjesztéshez és a http/https protokollhoz.
AllFilesFilter = Minden fájl AllFilesFilter = Minden fájl
FolderSelect = Válasszon ki egy könyvtárat FolderSelect = Válasszon ki egy könyvtárat
FilesWontBeMoved = A fájlok nem lesznek áthelyezve. FilesWontBeMoved = A fájlok nem lesznek áthelyezve.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/it-IT/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Errori/avvisi
DialogBoxOpening = Visualizzazione della finestra di dialogo... DialogBoxOpening = Visualizzazione della finestra di dialogo...
Disable = Disattivare Disable = Disattivare
Enable = Abilitare Enable = Abilitare
UserChoiceWarning = Microsoft ha bloccato l'accesso in scrittura alla chiave UserChoice per l'estensione .pdf e il protocollo http/https con il rilascio della KB5034765.
AllFilesFilter = Tutti i file AllFilesFilter = Tutti i file
FolderSelect = Selezionare una cartella FolderSelect = Selezionare una cartella
FilesWontBeMoved = I file non verranno trasferiti. FilesWontBeMoved = I file non verranno trasferiti.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/pl-PL/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Błędy/Ostrzeżenia
DialogBoxOpening = Wyświetlanie okna dialogowego... DialogBoxOpening = Wyświetlanie okna dialogowego...
Disable = Wyłączyć Disable = Wyłączyć
Enable = Włączać Enable = Włączać
UserChoiceWarning = Microsoft zablokował dostęp do zapisu klucza UserChoice dla rozszerzenia .pdf i protokołu http/https wraz z wydaniem KB5034765.
AllFilesFilter = Wszystkie pliki AllFilesFilter = Wszystkie pliki
FolderSelect = Wybierz folder FolderSelect = Wybierz folder
FilesWontBeMoved = Pliki nie zostaną przeniesione. FilesWontBeMoved = Pliki nie zostaną przeniesione.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/pt-BR/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Erros/Avisos
DialogBoxOpening = Exibindo a caixa de diálogo... DialogBoxOpening = Exibindo a caixa de diálogo...
Disable = Desativar Disable = Desativar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = A Microsoft bloqueou o acesso de gravação à chave UserChoice para extensão .pdf e protocolo http/https com a versão KB5034765.
AllFilesFilter = Todos os arquivos AllFilesFilter = Todos os arquivos
FolderSelect = Escolha uma pasta FolderSelect = Escolha uma pasta
FilesWontBeMoved = Os arquivos não serão transferidos. FilesWontBeMoved = Os arquivos não serão transferidos.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/ru-RU/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Ошибки/предупрежде
DialogBoxOpening = Диалоговое окно открывается... DialogBoxOpening = Диалоговое окно открывается...
Disable = Отключить Disable = Отключить
Enable = Включить Enable = Включить
UserChoiceWarning = Microsoft заблокировала возможность записать в раздел реестра UserChoice для расширения .pdf и протоколов http/https с релизом обновления KB5034765.
AllFilesFilter = Все файлы AllFilesFilter = Все файлы
FolderSelect = Выберите папку FolderSelect = Выберите папку
FilesWontBeMoved = Файлы не будут перенесены. FilesWontBeMoved = Файлы не будут перенесены.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/tr-TR/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = Hatalar/Uyarılar
DialogBoxOpening = İletişim kutusu görüntüleniyor... DialogBoxOpening = İletişim kutusu görüntüleniyor...
Disable = Devre dışı bırak Disable = Devre dışı bırak
Enable = Aktif et Enable = Aktif et
UserChoiceWarning = Microsoft, KB5034765 sürümü ile .pdf uzantısı ve http/https protokolü için UserChoice anahtarına yazma erişimini engellemiştir.
AllFilesFilter = Tüm Dosyalar AllFilesFilter = Tüm Dosyalar
FolderSelect = Klasör seç FolderSelect = Klasör seç
FilesWontBeMoved = Dosyalar taşınmayacak. FilesWontBeMoved = Dosyalar taşınmayacak.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/uk-UA/Sophia.psd1

@ -46,7 +46,6 @@ ErrorsMessage = Помилки/попереджен
DialogBoxOpening = Діалогове вікно відкривається... DialogBoxOpening = Діалогове вікно відкривається...
Disable = Вимкнути Disable = Вимкнути
Enable = Увімкнути Enable = Увімкнути
UserChoiceWarning = Microsoft заблокувала можливість писати в розділ реєстру UserChoice для розширення .pdf, а також протоколів http/https з релізом оновлення KB5034765.
AllFilesFilter = Усі файли AllFilesFilter = Усі файли
FolderSelect = Виберіть папку FolderSelect = Виберіть папку
FilesWontBeMoved = Файли не будуть перенесені. FilesWontBeMoved = Файли не будуть перенесені.

1
src/Sophia_Script_for_Windows_10_LTSC_2019/Localizations/zh-CN/Sophia.psd1

@ -48,7 +48,6 @@ ErrorsMessage = 错误/警告
DialogBoxOpening = 显示对话窗口..... DialogBoxOpening = 显示对话窗口.....
Disable = 禁用 Disable = 禁用
Enable = 启用 Enable = 启用
UserChoiceWarning = 微软在发布 KB5034765 时阻止了对 .pdf 扩展和 http/https 协议的 UserChoice 密钥的写入访问
AllFilesFilter = 所有文件 AllFilesFilter = 所有文件
FolderSelect = 选择一个文件夹 FolderSelect = 选择一个文件夹
FilesWontBeMoved = 文件将不会被移动 FilesWontBeMoved = 文件将不会被移动

76
src/Sophia_Script_for_Windows_10_LTSC_2019/Module/Sophia.psm1

@ -63,7 +63,7 @@ function InitialActions
# Extract strings from %SystemRoot%\System32\shell32.dll using its number # Extract strings from %SystemRoot%\System32\shell32.dll using its number
# https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1 # https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1
# [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\system32\schedsvc.dll,-100") # [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\System32\schedsvc.dll,-100")
# https://github.com/PowerShell/PowerShell/issues/21070 # https://github.com/PowerShell/PowerShell/issues/21070
$Script:CompilerParameters = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll") $Script:CompilerParameters = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll")
@ -7156,16 +7156,13 @@ function ActiveHours
Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0" Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0"
.EXAMPLE .EXAMPLE
Set-Association -ProgramPath MSEdgeMHT -Extension .html Set-Association -ProgramPath MSEdgeHTM -Extension .html
.LINK .LINK
https://github.com/DanysysTeam/PS-SFTA https://github.com/DanysysTeam/PS-SFTA
https://github.com/default-username-was-already-taken/set-fileassoc https://github.com/default-username-was-already-taken/set-fileassoc
https://forum.ru-board.com/profile.cgi?action=show&member=westlife https://forum.ru-board.com/profile.cgi?action=show&member=westlife
.NOTES
Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034763 release
.NOTES .NOTES
Machine-wide Machine-wide
#> #>
@ -7196,18 +7193,9 @@ function Set-Association
$Icon $Icon
) )
# Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034763 release # Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release, so we have to write values with a copy of powershell.exe to bypass a UCPD driver restrictions
if (@(".pdf", "http", "https") -contains $Extension) # UCPD driver tracks all executables to block the access to the registry so all registry records will be made within powershell_temp.exe in this function just in case
{ Copy-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell.exe" -Destination "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.UserChoiceWarning -Verbose
Write-Error -Message $Localization.UserChoiceWarning -ErrorAction SilentlyContinue
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
$ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath) $ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath)
@ -7546,7 +7534,25 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force
}
# Getting a hash based on the time of the section's last modification. After creating and setting the first parameter # Getting a hash based on the time of the section's last modification. After creating and setting the first parameter
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice"
@ -7555,7 +7561,15 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
if (@(".pdf", "http", "https") -contains $Extension)
{
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
}
# Setting a block on changing the UserChoice section # Setting a block on changing the UserChoice section
# Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey() # Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey()
@ -7973,10 +7987,30 @@ public static long MakeLong(uint left, uint right)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force
} }
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice"
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
} }
}
# Setting additional parameters to comply with the requirements before configuring the extension # Setting additional parameters to comply with the requirements before configuring the extension
Write-AdditionalKeys -ProgId $ProgId -Extension $Extension Write-AdditionalKeys -ProgId $ProgId -Extension $Extension
@ -8004,6 +8038,8 @@ public static void Refresh()
} }
[WinAPI.Signature]::Refresh() [WinAPI.Signature]::Refresh()
Remove-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
} }
<# <#
@ -8286,7 +8322,7 @@ function InstallVCRedist
return return
} }
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -8397,7 +8433,7 @@ function InstallDotNetRuntimes
{ {
NET6x64 NET6x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -8444,7 +8480,7 @@ function InstallDotNetRuntimes
} }
NET8x64 NET8x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/de-DE/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Fehler/Warnungen
DialogBoxOpening = Anzeigen des Dialogfensters... DialogBoxOpening = Anzeigen des Dialogfensters...
Disable = Deaktivieren Disable = Deaktivieren
Enable = Aktivieren Enable = Aktivieren
UserChoiceWarning = Microsoft hat den Schreibzugriff auf den UserChoice-Schlüssel für die .pdf-Erweiterung und das http/https-Protokoll mit der Version KB5034765 gesperrt.
AllFilesFilter = Alle Dateien AllFilesFilter = Alle Dateien
FolderSelect = Einen Ordner auswählen FolderSelect = Einen Ordner auswählen
FilesWontBeMoved = Dateien werden nicht verschoben. FilesWontBeMoved = Dateien werden nicht verschoben.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/en-US/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Errors/Warnings
DialogBoxOpening = Displaying the dialog box... DialogBoxOpening = Displaying the dialog box...
Disable = Disable Disable = Disable
Enable = Enable Enable = Enable
UserChoiceWarning = Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release.
AllFilesFilter = All Files AllFilesFilter = All Files
FolderSelect = Select a folder FolderSelect = Select a folder
FilesWontBeMoved = Files will not be moved. FilesWontBeMoved = Files will not be moved.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/es-ES/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Errores/Advertencias
DialogBoxOpening = Viendo el cuadro de diálogo... DialogBoxOpening = Viendo el cuadro de diálogo...
Disable = Desactivar Disable = Desactivar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = Microsoft ha bloqueado el acceso de escritura a la clave UserChoice para la extensión .pdf y el protocolo http/https con el lanzamiento de KB5034765.
AllFilesFilter = Todos los Archivos AllFilesFilter = Todos los Archivos
FolderSelect = Seleccione una carpeta FolderSelect = Seleccione una carpeta
FilesWontBeMoved = Los archivos no se transferirán. FilesWontBeMoved = Los archivos no se transferirán.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/fr-FR/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Erreurs/Avertissements
DialogBoxOpening = Afficher la boîte de dialogue... DialogBoxOpening = Afficher la boîte de dialogue...
Disable = Désactiver Disable = Désactiver
Enable = Activer Enable = Activer
UserChoiceWarning = Microsoft a bloqué l'accès en écriture à la clé UserChoice pour l'extension .pdf et le protocole http/https avec la version KB5034765.
AllFilesFilter = Tous les Fichiers AllFilesFilter = Tous les Fichiers
FolderSelect = Sélectionner un dossier FolderSelect = Sélectionner un dossier
FilesWontBeMoved = Les fichiers ne seront pas déplacés. FilesWontBeMoved = Les fichiers ne seront pas déplacés.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/hu-HU/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Hibák/Figyelmeztetések
DialogBoxOpening = Párbeszédablak megjelenítése... DialogBoxOpening = Párbeszédablak megjelenítése...
Disable = Kikapcsolás Disable = Kikapcsolás
Enable = Engedélyezés Enable = Engedélyezés
UserChoiceWarning = A Microsoft a KB5034765 kiadással blokkolta a UserChoice kulcs írási hozzáférését a .pdf kiterjesztéshez és a http/https protokollhoz.
AllFilesFilter = Minden fájl AllFilesFilter = Minden fájl
FolderSelect = Válasszon ki egy könyvtárat FolderSelect = Válasszon ki egy könyvtárat
FilesWontBeMoved = A fájlok nem lesznek áthelyezve. FilesWontBeMoved = A fájlok nem lesznek áthelyezve.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/it-IT/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Errori/avvisi
DialogBoxOpening = Visualizzazione della finestra di dialogo... DialogBoxOpening = Visualizzazione della finestra di dialogo...
Disable = Disattivare Disable = Disattivare
Enable = Abilitare Enable = Abilitare
UserChoiceWarning = Microsoft ha bloccato l'accesso in scrittura alla chiave UserChoice per l'estensione .pdf e il protocollo http/https con il rilascio della KB5034765.
AllFilesFilter = Tutti i file AllFilesFilter = Tutti i file
FolderSelect = Selezionare una cartella FolderSelect = Selezionare una cartella
FilesWontBeMoved = I file non verranno trasferiti. FilesWontBeMoved = I file non verranno trasferiti.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/pl-PL/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Błędy/Ostrzeżenia
DialogBoxOpening = Wyświetlanie okna dialogowego... DialogBoxOpening = Wyświetlanie okna dialogowego...
Disable = Wyłączyć Disable = Wyłączyć
Enable = Włączać Enable = Włączać
UserChoiceWarning = Microsoft zablokował dostęp do zapisu klucza UserChoice dla rozszerzenia .pdf i protokołu http/https wraz z wydaniem KB5034765.
AllFilesFilter = Wszystkie pliki AllFilesFilter = Wszystkie pliki
FolderSelect = Wybierz folder FolderSelect = Wybierz folder
FilesWontBeMoved = Pliki nie zostaną przeniesione. FilesWontBeMoved = Pliki nie zostaną przeniesione.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/pt-BR/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Erros/Avisos
DialogBoxOpening = Exibindo a caixa de diálogo... DialogBoxOpening = Exibindo a caixa de diálogo...
Disable = Desativar Disable = Desativar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = A Microsoft bloqueou o acesso de gravação à chave UserChoice para extensão .pdf e protocolo http/https com a versão KB5034765.
AllFilesFilter = Todos os arquivos AllFilesFilter = Todos os arquivos
FolderSelect = Escolha uma pasta FolderSelect = Escolha uma pasta
FilesWontBeMoved = Os arquivos não serão transferidos. FilesWontBeMoved = Os arquivos não serão transferidos.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/ru-RU/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Ошибки/предупрежде
DialogBoxOpening = Диалоговое окно открывается... DialogBoxOpening = Диалоговое окно открывается...
Disable = Отключить Disable = Отключить
Enable = Включить Enable = Включить
UserChoiceWarning = Microsoft заблокировала возможность записать в раздел реестра UserChoice для расширения .pdf и протоколов http/https с релизом обновления KB5034765.
AllFilesFilter = Все файлы AllFilesFilter = Все файлы
FolderSelect = Выберите папку FolderSelect = Выберите папку
FilesWontBeMoved = Файлы не будут перенесены. FilesWontBeMoved = Файлы не будут перенесены.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/tr-TR/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Hatalar/Uyarılar
DialogBoxOpening = İletişim kutusu görüntüleniyor... DialogBoxOpening = İletişim kutusu görüntüleniyor...
Disable = Devre dışı bırak Disable = Devre dışı bırak
Enable = Aktif et Enable = Aktif et
UserChoiceWarning = Microsoft, KB5034765 sürümü ile .pdf uzantısı ve http/https protokolü için UserChoice anahtarına yazma erişimini engellemiştir.
AllFilesFilter = Tüm Dosyalar AllFilesFilter = Tüm Dosyalar
FolderSelect = Klasör seç FolderSelect = Klasör seç
FilesWontBeMoved = Dosyalar taşınmayacak. FilesWontBeMoved = Dosyalar taşınmayacak.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/uk-UA/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = Помилки/попереджен
DialogBoxOpening = Діалогове вікно відкривається... DialogBoxOpening = Діалогове вікно відкривається...
Disable = Вимкнути Disable = Вимкнути
Enable = Увімкнути Enable = Увімкнути
UserChoiceWarning = Microsoft заблокувала можливість писати в розділ реєстру UserChoice для розширення .pdf, а також протоколів http/https з релізом оновлення KB5034765.
AllFilesFilter = Усі файли AllFilesFilter = Усі файли
FolderSelect = Виберіть папку FolderSelect = Виберіть папку
FilesWontBeMoved = Файли не будуть перенесені. FilesWontBeMoved = Файли не будуть перенесені.

1
src/Sophia_Script_for_Windows_10_LTSC_2021/Localizations/zh-CN/Sophia.psd1

@ -50,7 +50,6 @@ ErrorsMessage = 错误/警告
DialogBoxOpening = 显示对话窗口..... DialogBoxOpening = 显示对话窗口.....
Disable = 禁用 Disable = 禁用
Enable = 启用 Enable = 启用
UserChoiceWarning = 微软在发布 KB5034765 时阻止了对 .pdf 扩展和 http/https 协议的 UserChoice 密钥的写入访问
AllFilesFilter = 所有文件 AllFilesFilter = 所有文件
FolderSelect = 选择一个文件夹 FolderSelect = 选择一个文件夹
FilesWontBeMoved = 文件将不会被移动 FilesWontBeMoved = 文件将不会被移动

80
src/Sophia_Script_for_Windows_10_LTSC_2021/Module/Sophia.psm1

@ -63,7 +63,7 @@ function InitialActions
# Extract strings from %SystemRoot%\System32\shell32.dll using its number # Extract strings from %SystemRoot%\System32\shell32.dll using its number
# https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1 # https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1
# [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\system32\schedsvc.dll,-100") # [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\System32\schedsvc.dll,-100")
# https://github.com/PowerShell/PowerShell/issues/21070 # https://github.com/PowerShell/PowerShell/issues/21070
$Script:CompilerParameters = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll") $Script:CompilerParameters = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll")
@ -7787,16 +7787,13 @@ function ActiveHours
Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0" Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0"
.EXAMPLE .EXAMPLE
Set-Association -ProgramPath MSEdgeMHT -Extension .html Set-Association -ProgramPath MSEdgeHTM -Extension .html
.LINK .LINK
https://github.com/DanysysTeam/PS-SFTA https://github.com/DanysysTeam/PS-SFTA
https://github.com/default-username-was-already-taken/set-fileassoc https://github.com/default-username-was-already-taken/set-fileassoc
https://forum.ru-board.com/profile.cgi?action=show&member=westlife https://forum.ru-board.com/profile.cgi?action=show&member=westlife
.NOTES
Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034763 release
.NOTES .NOTES
Machine-wide Machine-wide
#> #>
@ -7827,18 +7824,9 @@ function Set-Association
$Icon $Icon
) )
# Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034763 release # Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release, so we have to write values with a copy of powershell.exe to bypass a UCPD driver restrictions
if (@(".pdf", "http", "https") -contains $Extension) # UCPD driver tracks all executables to block the access to the registry so all registry records will be made within powershell_temp.exe in this function just in case
{ Copy-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell.exe" -Destination "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.UserChoiceWarning -Verbose
Write-Error -Message $Localization.UserChoiceWarning -ErrorAction SilentlyContinue
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
$ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath) $ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath)
@ -8177,7 +8165,25 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force
}
# Getting a hash based on the time of the section's last modification. After creating and setting the first parameter # Getting a hash based on the time of the section's last modification. After creating and setting the first parameter
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice"
@ -8186,7 +8192,15 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
if (@(".pdf", "http", "https") -contains $Extension)
{
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
}
# Setting a block on changing the UserChoice section # Setting a block on changing the UserChoice section
# Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey() # Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey()
@ -8604,10 +8618,30 @@ public static long MakeLong(uint left, uint right)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force
} }
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice"
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
} }
}
# Setting additional parameters to comply with the requirements before configuring the extension # Setting additional parameters to comply with the requirements before configuring the extension
Write-AdditionalKeys -ProgId $ProgId -Extension $Extension Write-AdditionalKeys -ProgId $ProgId -Extension $Extension
@ -8635,6 +8669,8 @@ public static void Refresh()
} }
[WinAPI.Signature]::Refresh() [WinAPI.Signature]::Refresh()
Remove-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
} }
<# <#
@ -8917,7 +8953,7 @@ function InstallVCRedist
return return
} }
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -9028,7 +9064,7 @@ function InstallDotNetRuntimes
{ {
NET6x64 NET6x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -9075,7 +9111,7 @@ function InstallDotNetRuntimes
} }
NET8x64 NET8x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -10075,14 +10111,14 @@ function GPUScheduling
$WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null) $WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null)
if ($WddmVersion_Min -ge 2700) if ($WddmVersion_Min -ge 2700)
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 2 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 2 -Force
} }
} }
} }
} }
"Disable" "Disable"
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 1 -Force
} }
} }
} }

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/de-DE/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Fehler/Warnungen
DialogBoxOpening = Anzeigen des Dialogfensters... DialogBoxOpening = Anzeigen des Dialogfensters...
Disable = Deaktivieren Disable = Deaktivieren
Enable = Aktivieren Enable = Aktivieren
UserChoiceWarning = Microsoft hat den Schreibzugriff auf den UserChoice-Schlüssel für die .pdf-Erweiterung und das http/https-Protokoll mit der Version KB5034765 gesperrt.
AllFilesFilter = Alle Dateien AllFilesFilter = Alle Dateien
FolderSelect = Einen Ordner auswählen FolderSelect = Einen Ordner auswählen
FilesWontBeMoved = Dateien werden nicht verschoben. FilesWontBeMoved = Dateien werden nicht verschoben.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/en-US/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Errors/Warnings
DialogBoxOpening = Displaying the dialog box... DialogBoxOpening = Displaying the dialog box...
Disable = Disable Disable = Disable
Enable = Enable Enable = Enable
UserChoiceWarning = Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release.
AllFilesFilter = All Files AllFilesFilter = All Files
FolderSelect = Select a folder FolderSelect = Select a folder
FilesWontBeMoved = Files will not be moved. FilesWontBeMoved = Files will not be moved.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/es-ES/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Errores/Advertencias
DialogBoxOpening = Viendo el cuadro de diálogo... DialogBoxOpening = Viendo el cuadro de diálogo...
Disable = Desactivar Disable = Desactivar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = Microsoft ha bloqueado el acceso de escritura a la clave UserChoice para la extensión .pdf y el protocolo http/https con el lanzamiento de KB5034765.
AllFilesFilter = Todos los Archivos AllFilesFilter = Todos los Archivos
FolderSelect = Seleccione una carpeta FolderSelect = Seleccione una carpeta
FilesWontBeMoved = Los archivos no se transferirán. FilesWontBeMoved = Los archivos no se transferirán.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/fr-FR/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Erreurs/Avertissements
DialogBoxOpening = Afficher la boîte de dialogue... DialogBoxOpening = Afficher la boîte de dialogue...
Disable = Désactiver Disable = Désactiver
Enable = Activer Enable = Activer
UserChoiceWarning = Microsoft a bloqué l'accès en écriture à la clé UserChoice pour l'extension .pdf et le protocole http/https avec la version KB5034765.
AllFilesFilter = Tous les Fichiers AllFilesFilter = Tous les Fichiers
FolderSelect = Sélectionner un dossier FolderSelect = Sélectionner un dossier
FilesWontBeMoved = Les fichiers ne seront pas déplacés. FilesWontBeMoved = Les fichiers ne seront pas déplacés.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/hu-HU/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Hibák/Figyelmeztetések
DialogBoxOpening = Párbeszédablak megjelenítése... DialogBoxOpening = Párbeszédablak megjelenítése...
Disable = Kikapcsolás Disable = Kikapcsolás
Enable = Engedélyezés Enable = Engedélyezés
UserChoiceWarning = A Microsoft a KB5034765 kiadással blokkolta a UserChoice kulcs írási hozzáférését a .pdf kiterjesztéshez és a http/https protokollhoz.
AllFilesFilter = Minden fájl AllFilesFilter = Minden fájl
FolderSelect = Válasszon ki egy könyvtárat FolderSelect = Válasszon ki egy könyvtárat
FilesWontBeMoved = A fájlok nem lesznek áthelyezve. FilesWontBeMoved = A fájlok nem lesznek áthelyezve.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/it-IT/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Errori/avvisi
DialogBoxOpening = Visualizzazione della finestra di dialogo... DialogBoxOpening = Visualizzazione della finestra di dialogo...
Disable = Disattivare Disable = Disattivare
Enable = Abilitare Enable = Abilitare
UserChoiceWarning = Microsoft ha bloccato l'accesso in scrittura alla chiave UserChoice per l'estensione .pdf e il protocollo http/https con il rilascio della KB5034765.
AllFilesFilter = Tutti i file AllFilesFilter = Tutti i file
FolderSelect = Selezionare una cartella FolderSelect = Selezionare una cartella
FilesWontBeMoved = I file non verranno trasferiti. FilesWontBeMoved = I file non verranno trasferiti.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pl-PL/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Błędy/Ostrzeżenia
DialogBoxOpening = Wyświetlanie okna dialogowego... DialogBoxOpening = Wyświetlanie okna dialogowego...
Disable = Wyłączyć Disable = Wyłączyć
Enable = Włączać Enable = Włączać
UserChoiceWarning = Microsoft zablokował dostęp do zapisu klucza UserChoice dla rozszerzenia .pdf i protokołu http/https wraz z wydaniem KB5034765.
AllFilesFilter = Wszystkie pliki AllFilesFilter = Wszystkie pliki
FolderSelect = Wybierz folder FolderSelect = Wybierz folder
FilesWontBeMoved = Pliki nie zostaną przeniesione. FilesWontBeMoved = Pliki nie zostaną przeniesione.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pt-BR/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Erros/Avisos
DialogBoxOpening = Exibindo a caixa de diálogo... DialogBoxOpening = Exibindo a caixa de diálogo...
Disable = Desativar Disable = Desativar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = A Microsoft bloqueou o acesso de gravação à chave UserChoice para extensão .pdf e protocolo http/https com a versão KB5034765.
AllFilesFilter = Todos os arquivos AllFilesFilter = Todos os arquivos
FolderSelect = Escolha uma pasta FolderSelect = Escolha uma pasta
FilesWontBeMoved = Os arquivos não serão transferidos. FilesWontBeMoved = Os arquivos não serão transferidos.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/ru-RU/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Ошибки/предупрежде
DialogBoxOpening = Диалоговое окно открывается... DialogBoxOpening = Диалоговое окно открывается...
Disable = Отключить Disable = Отключить
Enable = Включить Enable = Включить
UserChoiceWarning = Microsoft заблокировала возможность записать в раздел реестра UserChoice для расширения .pdf и протоколов http/https с релизом обновления KB5034765.
AllFilesFilter = Все файлы AllFilesFilter = Все файлы
FolderSelect = Выберите папку FolderSelect = Выберите папку
FilesWontBeMoved = Файлы не будут перенесены. FilesWontBeMoved = Файлы не будут перенесены.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/tr-TR/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Hatalar/Uyarılar
DialogBoxOpening = İletişim kutusu görüntüleniyor... DialogBoxOpening = İletişim kutusu görüntüleniyor...
Disable = Devre dışı bırak Disable = Devre dışı bırak
Enable = Aktif et Enable = Aktif et
UserChoiceWarning = Microsoft, KB5034765 sürümü ile .pdf uzantısı ve http/https protokolü için UserChoice anahtarına yazma erişimini engellemiştir.
AllFilesFilter = Tüm Dosyalar AllFilesFilter = Tüm Dosyalar
FolderSelect = Klasör seç FolderSelect = Klasör seç
FilesWontBeMoved = Dosyalar taşınmayacak. FilesWontBeMoved = Dosyalar taşınmayacak.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/uk-UA/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = Помилки/попереджен
DialogBoxOpening = Діалогове вікно відкривається... DialogBoxOpening = Діалогове вікно відкривається...
Disable = Вимкнути Disable = Вимкнути
Enable = Увімкнути Enable = Увімкнути
UserChoiceWarning = Microsoft заблокувала можливість писати в розділ реєстру UserChoice для розширення .pdf, а також протоколів http/https з релізом оновлення KB5034765.
AllFilesFilter = Усі файли AllFilesFilter = Усі файли
FolderSelect = Виберіть папку FolderSelect = Виберіть папку
FilesWontBeMoved = Файли не будуть перенесені. FilesWontBeMoved = Файли не будуть перенесені.

1
src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/zh-CN/Sophia.psd1

@ -57,7 +57,6 @@ ErrorsMessage = 错误/警告
DialogBoxOpening = 显示对话窗口..... DialogBoxOpening = 显示对话窗口.....
Disable = 禁用 Disable = 禁用
Enable = 启用 Enable = 启用
UserChoiceWarning = 微软在发布 KB5034765 时阻止了对 .pdf 扩展和 http/https 协议的 UserChoice 密钥的写入访问
AllFilesFilter = 所有文件 AllFilesFilter = 所有文件
FolderSelect = 选择一个文件夹 FolderSelect = 选择一个文件夹
FilesWontBeMoved = 文件将不会被移动 FilesWontBeMoved = 文件将不会被移动

116
src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1

@ -62,7 +62,7 @@ function InitialActions
# Extract strings from %SystemRoot%\System32\shell32.dll using its number # Extract strings from %SystemRoot%\System32\shell32.dll using its number
# https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1 # https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1
# [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\system32\schedsvc.dll,-100") # [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\System32\schedsvc.dll,-100")
# https://github.com/PowerShell/PowerShell/issues/21070 # https://github.com/PowerShell/PowerShell/issues/21070
$Script:CompilerOptions = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll") $Script:CompilerOptions = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll")
@ -3675,8 +3675,8 @@ public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int ou
Add-Type @Signature Add-Type @Signature
} }
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry # We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to block the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force Copy-Item -Path "$env:SystemRoot\System32\reg.exe" -Destination "$env:SystemRoot\System32\reg_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
@ -3697,7 +3697,7 @@ public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int ou
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%" $EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f & "$env:SystemRoot\System32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
"Enable" "Enable"
{ {
@ -3716,11 +3716,11 @@ public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int ou
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%" $EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f & "$env:SystemRoot\System32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force Remove-Item -Path "$env:SystemRoot\System32\reg_temp.exe" -Force
} }
<# <#
@ -8925,16 +8925,13 @@ function WindowsLatestUpdate
Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0" Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0"
.EXAMPLE .EXAMPLE
Set-Association -ProgramPath MSEdgeMHT -Extension .html Set-Association -ProgramPath MSEdgeHTM -Extension .html
.LINK .LINK
https://github.com/DanysysTeam/PS-SFTA https://github.com/DanysysTeam/PS-SFTA
https://github.com/default-username-was-already-taken/set-fileassoc https://github.com/default-username-was-already-taken/set-fileassoc
https://forum.ru-board.com/profile.cgi?action=show&member=westlife https://forum.ru-board.com/profile.cgi?action=show&member=westlife
.NOTES
Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034763 release
.NOTES .NOTES
Machine-wide Machine-wide
#> #>
@ -8965,18 +8962,9 @@ function Set-Association
$Icon $Icon
) )
# Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034763 release # Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release, so we have to write values with a copy of powershell.exe to bypass a UCPD driver restrictions
if (@(".pdf", "http", "https") -contains $Extension) # UCPD driver tracks all executables to block the access to the registry so all registry records will be made within powershell_temp.exe in this function just in case
{ Copy-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell.exe" -Destination "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.UserChoiceWarning -Verbose
Write-Error -Message $Localization.UserChoiceWarning -ErrorAction SilentlyContinue
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
$ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath) $ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath)
@ -9315,7 +9303,25 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force
}
# Getting a hash based on the time of the section's last modification. After creating and setting the first parameter # Getting a hash based on the time of the section's last modification. After creating and setting the first parameter
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice"
@ -9324,7 +9330,15 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
if (@(".pdf", "http", "https") -contains $Extension)
{
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
}
# Setting a block on changing the UserChoice section # Setting a block on changing the UserChoice section
# Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey() # Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey()
@ -9742,10 +9756,30 @@ public static long MakeLong(uint left, uint right)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force
} }
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice"
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
} }
}
# Setting additional parameters to comply with the requirements before configuring the extension # Setting additional parameters to comply with the requirements before configuring the extension
Write-AdditionalKeys -ProgId $ProgId -Extension $Extension Write-AdditionalKeys -ProgId $ProgId -Extension $Extension
@ -10107,7 +10141,7 @@ function InstallVCRedist
return return
} }
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -10218,7 +10252,7 @@ function InstallDotNetRuntimes
{ {
NET6x64 NET6x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -10265,7 +10299,7 @@ function InstallDotNetRuntimes
} }
NET8x64 NET8x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -11840,11 +11874,17 @@ function CortanaAutostart
$Enable $Enable
) )
if (-not (Get-AppxPackage -Name Microsoft.549981C3F5F10))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{
if (Get-AppxPackage -Name Microsoft.549981C3F5F10)
{ {
if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId")) if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId"))
{ {
@ -11852,10 +11892,7 @@ function CortanaAutostart
} }
New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId" -Name State -PropertyType DWord -Value 1 -Force New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId" -Name State -PropertyType DWord -Value 1 -Force
} }
}
"Enable" "Enable"
{
if (Get-AppxPackage -Name Microsoft.549981C3F5F10)
{ {
if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId")) if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId"))
{ {
@ -11865,7 +11902,6 @@ function CortanaAutostart
} }
} }
} }
}
<# <#
.SYNOPSIS .SYNOPSIS
@ -12038,24 +12074,26 @@ function XboxGameTips
$Enable $Enable
) )
if (-not ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or(Get-AppxPackage -Name Microsoft.GamingApp)))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{
if ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or (Get-AppxPackage -Name Microsoft.GamingApp))
{ {
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force
} }
}
"Enable" "Enable"
{
if ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or (Get-AppxPackage -Name Microsoft.GamingApp))
{ {
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 1 -Force
} }
} }
} }
}
<# <#
.SYNOPSIS .SYNOPSIS
@ -12170,14 +12208,14 @@ function GPUScheduling
$WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null) $WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null)
if ($WddmVersion_Min -ge 2700) if ($WddmVersion_Min -ge 2700)
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 2 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 2 -Force
} }
} }
} }
} }
"Disable" "Disable"
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 1 -Force
} }
} }
} }

1
src/Sophia_Script_for_Windows_11/Localizations/de-DE/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Fehler/Warnungen
DialogBoxOpening = Anzeigen des Dialogfensters... DialogBoxOpening = Anzeigen des Dialogfensters...
Disable = Deaktivieren Disable = Deaktivieren
Enable = Aktivieren Enable = Aktivieren
UserChoiceWarning = Microsoft hat den Schreibzugriff auf den UserChoice-Schlüssel für die .pdf-Erweiterung und das http/https-Protokoll mit der Version KB5034765 gesperrt.
AllFilesFilter = Alle Dateien AllFilesFilter = Alle Dateien
FolderSelect = Einen Ordner auswählen FolderSelect = Einen Ordner auswählen
FilesWontBeMoved = Dateien werden nicht verschoben. FilesWontBeMoved = Dateien werden nicht verschoben.

1
src/Sophia_Script_for_Windows_11/Localizations/en-US/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Errors/Warnings
DialogBoxOpening = Displaying the dialog box... DialogBoxOpening = Displaying the dialog box...
Disable = Disable Disable = Disable
Enable = Enable Enable = Enable
UserChoiceWarning = Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release.
AllFilesFilter = All Files AllFilesFilter = All Files
FolderSelect = Select a folder FolderSelect = Select a folder
FilesWontBeMoved = Files will not be moved. FilesWontBeMoved = Files will not be moved.

1
src/Sophia_Script_for_Windows_11/Localizations/es-ES/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Errores/Advertencias
DialogBoxOpening = Viendo el cuadro de diálogo... DialogBoxOpening = Viendo el cuadro de diálogo...
Disable = Desactivar Disable = Desactivar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = Microsoft ha bloqueado el acceso de escritura a la clave UserChoice para la extensión .pdf y el protocolo http/https con el lanzamiento de KB5034765.
AllFilesFilter = Todos los Archivos AllFilesFilter = Todos los Archivos
FolderSelect = Seleccione una carpeta FolderSelect = Seleccione una carpeta
FilesWontBeMoved = Los archivos no se transferirán. FilesWontBeMoved = Los archivos no se transferirán.

1
src/Sophia_Script_for_Windows_11/Localizations/fr-FR/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Erreurs/Avertissements
DialogBoxOpening = Afficher la boîte de dialogue... DialogBoxOpening = Afficher la boîte de dialogue...
Disable = Désactiver Disable = Désactiver
Enable = Activer Enable = Activer
UserChoiceWarning = Microsoft a bloqué l'accès en écriture à la clé UserChoice pour l'extension .pdf et le protocole http/https avec la version KB5034765.
AllFilesFilter = Tous les Fichiers AllFilesFilter = Tous les Fichiers
FolderSelect = Sélectionner un dossier FolderSelect = Sélectionner un dossier
FilesWontBeMoved = Les fichiers ne seront pas déplacés. FilesWontBeMoved = Les fichiers ne seront pas déplacés.

1
src/Sophia_Script_for_Windows_11/Localizations/hu-HU/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Hibák/Figyelmeztetések
DialogBoxOpening = Párbeszédablak megjelenítése... DialogBoxOpening = Párbeszédablak megjelenítése...
Disable = Kikapcsolás Disable = Kikapcsolás
Enable = Engedélyezés Enable = Engedélyezés
UserChoiceWarning = A Microsoft a KB5034765 kiadással blokkolta a UserChoice kulcs írási hozzáférését a .pdf kiterjesztéshez és a http/https protokollhoz.
AllFilesFilter = Minden fájl AllFilesFilter = Minden fájl
FolderSelect = Válasszon ki egy könyvtárat FolderSelect = Válasszon ki egy könyvtárat
FilesWontBeMoved = A fájlok nem lesznek áthelyezve. FilesWontBeMoved = A fájlok nem lesznek áthelyezve.

1
src/Sophia_Script_for_Windows_11/Localizations/it-IT/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Errori/avvisi
DialogBoxOpening = Visualizzazione della finestra di dialogo... DialogBoxOpening = Visualizzazione della finestra di dialogo...
Disable = Disattivare Disable = Disattivare
Enable = Abilitare Enable = Abilitare
UserChoiceWarning = Microsoft ha bloccato l'accesso in scrittura alla chiave UserChoice per l'estensione .pdf e il protocollo http/https con il rilascio della KB5034765.
AllFilesFilter = Tutti i file AllFilesFilter = Tutti i file
FolderSelect = Selezionare una cartella FolderSelect = Selezionare una cartella
FilesWontBeMoved = I file non verranno trasferiti. FilesWontBeMoved = I file non verranno trasferiti.

1
src/Sophia_Script_for_Windows_11/Localizations/pl-PL/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Błędy/Ostrzeżenia
DialogBoxOpening = Wyświetlanie okna dialogowego... DialogBoxOpening = Wyświetlanie okna dialogowego...
Disable = Wyłączyć Disable = Wyłączyć
Enable = Włączać Enable = Włączać
UserChoiceWarning = Microsoft zablokował dostęp do zapisu klucza UserChoice dla rozszerzenia .pdf i protokołu http/https wraz z wydaniem KB5034765.
AllFilesFilter = Wszystkie pliki AllFilesFilter = Wszystkie pliki
FolderSelect = Wybierz folder FolderSelect = Wybierz folder
FilesWontBeMoved = Pliki nie zostaną przeniesione. FilesWontBeMoved = Pliki nie zostaną przeniesione.

1
src/Sophia_Script_for_Windows_11/Localizations/pt-BR/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Erros/Avisos
DialogBoxOpening = Exibindo a caixa de diálogo... DialogBoxOpening = Exibindo a caixa de diálogo...
Disable = Desativar Disable = Desativar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = A Microsoft bloqueou o acesso de gravação à chave UserChoice para extensão .pdf e protocolo http/https com a versão KB5034765.
AllFilesFilter = Todos os arquivos AllFilesFilter = Todos os arquivos
FolderSelect = Escolha uma pasta FolderSelect = Escolha uma pasta
FilesWontBeMoved = Os arquivos não serão transferidos. FilesWontBeMoved = Os arquivos não serão transferidos.

1
src/Sophia_Script_for_Windows_11/Localizations/ru-RU/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Ошибки/предупрежде
DialogBoxOpening = Диалоговое окно открывается... DialogBoxOpening = Диалоговое окно открывается...
Disable = Отключить Disable = Отключить
Enable = Включить Enable = Включить
UserChoiceWarning = Microsoft заблокировала возможность записать в раздел реестра UserChoice для расширения .pdf и протоколов http/https с релизом обновления KB5034765.
AllFilesFilter = Все файлы AllFilesFilter = Все файлы
FolderSelect = Выберите папку FolderSelect = Выберите папку
FilesWontBeMoved = Файлы не будут перенесены. FilesWontBeMoved = Файлы не будут перенесены.

1
src/Sophia_Script_for_Windows_11/Localizations/tr-TR/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Hatalar/Uyarılar
DialogBoxOpening = İletişim kutusu görüntüleniyor... DialogBoxOpening = İletişim kutusu görüntüleniyor...
Disable = Devre dışı bırak Disable = Devre dışı bırak
Enable = Aktif et Enable = Aktif et
UserChoiceWarning = Microsoft, KB5034765 sürümü ile .pdf uzantısı ve http/https protokolü için UserChoice anahtarına yazma erişimini engellemiştir.
AllFilesFilter = Tüm Dosyalar AllFilesFilter = Tüm Dosyalar
FolderSelect = Klasör seç FolderSelect = Klasör seç
FilesWontBeMoved = Dosyalar taşınmayacak. FilesWontBeMoved = Dosyalar taşınmayacak.

1
src/Sophia_Script_for_Windows_11/Localizations/uk-UA/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Помилки/попереджен
DialogBoxOpening = Діалогове вікно відкривається... DialogBoxOpening = Діалогове вікно відкривається...
Disable = Вимкнути Disable = Вимкнути
Enable = Увімкнути Enable = Увімкнути
UserChoiceWarning = Microsoft заблокувала можливість писати в розділ реєстру UserChoice для розширення .pdf, а також протоколів http/https з релізом оновлення KB5034765.
AllFilesFilter = Усі файли AllFilesFilter = Усі файли
FolderSelect = Виберіть папку FolderSelect = Виберіть папку
FilesWontBeMoved = Файли не будуть перенесені. FilesWontBeMoved = Файли не будуть перенесені.

1
src/Sophia_Script_for_Windows_11/Localizations/zh-CN/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = 错误/警告
DialogBoxOpening = 显示对话窗口..... DialogBoxOpening = 显示对话窗口.....
Disable = 禁用 Disable = 禁用
Enable = 启用 Enable = 启用
UserChoiceWarning = 微软在发布 KB5034765 时阻止了对 .pdf 扩展和 http/https 协议的 UserChoice 密钥的写入访问
AllFilesFilter = 所有文件 AllFilesFilter = 所有文件
FolderSelect = 选择一个文件夹 FolderSelect = 选择一个文件夹
FilesWontBeMoved = 文件将不会被移动 FilesWontBeMoved = 文件将不会被移动

157
src/Sophia_Script_for_Windows_11/Module/Sophia.psm1

@ -62,7 +62,7 @@ function InitialActions
# Extract strings from %SystemRoot%\System32\shell32.dll using its number # Extract strings from %SystemRoot%\System32\shell32.dll using its number
# https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1 # https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1
# [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\system32\schedsvc.dll,-100") # [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\System32\schedsvc.dll,-100")
# https://github.com/PowerShell/PowerShell/issues/21070 # https://github.com/PowerShell/PowerShell/issues/21070
$Script:CompilerParameters = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll") $Script:CompilerParameters = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll")
@ -3191,34 +3191,30 @@ function TaskbarWidgets
$Show $Show
) )
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry if (-not (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience))
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force {
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
# We cannot set a value to TaskbarDa, having called any of APIs, except of copying powershell.exe (or any other tricks) with a different name, due to a UCPD driver tracks all executables to block the access to the registry
Copy-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell.exe" -Destination "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Hide" "Hide"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) & "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command {New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 0 -Force}
{
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 0 /f
}
} }
"Show" "Show"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) & "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command {New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 1 -Force}
{
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 1 /f
}
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force Remove-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
} }
<# <#
@ -8507,16 +8503,13 @@ function NetworkDiscovery
Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0" Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0"
.EXAMPLE .EXAMPLE
Set-Association -ProgramPath MSEdgeMHT -Extension .html Set-Association -ProgramPath MSEdgeHTM -Extension .html
.LINK .LINK
https://github.com/DanysysTeam/PS-SFTA https://github.com/DanysysTeam/PS-SFTA
https://github.com/default-username-was-already-taken/set-fileassoc https://github.com/default-username-was-already-taken/set-fileassoc
https://forum.ru-board.com/profile.cgi?action=show&member=westlife https://forum.ru-board.com/profile.cgi?action=show&member=westlife
.NOTES
Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034765 release
.NOTES .NOTES
Machine-wide Machine-wide
#> #>
@ -8547,18 +8540,9 @@ function Set-Association
$Icon $Icon
) )
# Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034765 release # Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release, so we have to write values with a copy of powershell.exe to bypass a UCPD driver restrictions
if (@(".pdf", "http", "https") -contains $Extension) # UCPD driver tracks all executables to block the access to the registry so all registry records will be made within powershell_temp.exe in this function just in case
{ Copy-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell.exe" -Destination "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.UserChoiceWarning -Verbose
Write-Error -Message $Localization.UserChoiceWarning -ErrorAction SilentlyContinue
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
$ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath) $ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath)
@ -8897,7 +8881,25 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force
}
# Getting a hash based on the time of the section's last modification. After creating and setting the first parameter # Getting a hash based on the time of the section's last modification. After creating and setting the first parameter
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice"
@ -8906,7 +8908,15 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
if (@(".pdf", "http", "https") -contains $Extension)
{
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
}
# Setting a block on changing the UserChoice section # Setting a block on changing the UserChoice section
# Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey() # Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey()
@ -9324,10 +9334,30 @@ public static long MakeLong(uint left, uint right)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force
} }
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice"
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
} }
}
# Setting additional parameters to comply with the requirements before configuring the extension # Setting additional parameters to comply with the requirements before configuring the extension
Write-AdditionalKeys -ProgId $ProgId -Extension $Extension Write-AdditionalKeys -ProgId $ProgId -Extension $Extension
@ -9355,6 +9385,8 @@ public static void Refresh()
} }
[WinAPI.Signature]::Refresh() [WinAPI.Signature]::Refresh()
Remove-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
} }
<# <#
@ -9679,8 +9711,8 @@ function DefaultTerminalApp
} }
"ConsoleHost" "ConsoleHost"
{ {
New-ItemProperty -Path "HKCU:\Console\%%Startup" -Name DelegationConsole -PropertyType String -Value "{00000000-0000-0000-0000-000000000000}" -Force New-ItemProperty -Path "HKCU:\Console\%%Startup" -Name DelegationConsole -PropertyType String -Value "{B23D10C0-E52E-411E-9D5B-C09FDF709C7D}" -Force
New-ItemProperty -Path "HKCU:\Console\%%Startup" -Name DelegationTerminal -PropertyType String -Value "{00000000-0000-0000-0000-000000000000}" -Force New-ItemProperty -Path "HKCU:\Console\%%Startup" -Name DelegationTerminal -PropertyType String -Value "{B23D10C0-E52E-411E-9D5B-C09FDF709C7D}" -Force
} }
} }
} }
@ -9714,7 +9746,7 @@ function InstallVCRedist
return return
} }
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -9825,7 +9857,7 @@ function InstallDotNetRuntimes
{ {
NET6x64 NET6x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -9872,7 +9904,7 @@ function InstallDotNetRuntimes
} }
NET8x64 NET8x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -10457,17 +10489,17 @@ function StartLayout
"Default" "Default"
{ {
# Default # Default
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name Start_Layout -PropertyType DWord -Value 0 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name Start_Layout -PropertyType DWord -Value 0 -Force
} }
"ShowMorePins" "ShowMorePins"
{ {
# Show More Pins # Show More Pins
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name Start_Layout -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name Start_Layout -PropertyType DWord -Value 1 -Force
} }
"ShowMoreRecommendations" "ShowMoreRecommendations"
{ {
# Show More Recommendations # Show More Recommendations
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name Start_Layout -PropertyType DWord -Value 2 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name Start_Layout -PropertyType DWord -Value 2 -Force
} }
} }
} }
@ -11007,11 +11039,17 @@ function CortanaAutostart
$Enable $Enable
) )
if (-not (Get-AppxPackage -Name Microsoft.549981C3F5F10))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{
if (Get-AppxPackage -Name Microsoft.549981C3F5F10)
{ {
if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId")) if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId"))
{ {
@ -11019,10 +11057,7 @@ function CortanaAutostart
} }
New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId" -Name State -PropertyType DWord -Value 1 -Force New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId" -Name State -PropertyType DWord -Value 1 -Force
} }
}
"Enable" "Enable"
{
if (Get-AppxPackage -Name Microsoft.549981C3F5F10)
{ {
if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId")) if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId"))
{ {
@ -11032,7 +11067,6 @@ function CortanaAutostart
} }
} }
} }
}
<# <#
.SYNOPSIS .SYNOPSIS
@ -11072,8 +11106,14 @@ function TeamsAutostart
$Enable $Enable
) )
if (Get-AppxPackage -Name MSTeams) if (-not (Get-AppxPackage -Name MSTeams))
{ {
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
@ -11086,7 +11126,6 @@ function TeamsAutostart
} }
} }
} }
}
#endregion UWP apps #endregion UWP apps
#region Gaming #region Gaming
@ -11184,24 +11223,26 @@ function XboxGameTips
$Enable $Enable
) )
if (-not ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or(Get-AppxPackage -Name Microsoft.GamingApp)))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{
if ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or (Get-AppxPackage -Name Microsoft.GamingApp))
{ {
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force
} }
}
"Enable" "Enable"
{
if ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or (Get-AppxPackage -Name Microsoft.GamingApp))
{ {
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 1 -Force
} }
} }
} }
}
<# <#
.SYNOPSIS .SYNOPSIS
@ -11316,14 +11357,14 @@ function GPUScheduling
$WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null) $WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null)
if ($WddmVersion_Min -ge 2700) if ($WddmVersion_Min -ge 2700)
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 2 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 2 -Force
} }
} }
} }
} }
"Disable" "Disable"
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 1 -Force
} }
} }
} }

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/de-DE/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Fehler/Warnungen
DialogBoxOpening = Anzeigen des Dialogfensters... DialogBoxOpening = Anzeigen des Dialogfensters...
Disable = Deaktivieren Disable = Deaktivieren
Enable = Aktivieren Enable = Aktivieren
UserChoiceWarning = Microsoft hat den Schreibzugriff auf den UserChoice-Schlüssel für die .pdf-Erweiterung und das http/https-Protokoll mit der Version KB5034765 gesperrt.
AllFilesFilter = Alle Dateien AllFilesFilter = Alle Dateien
FolderSelect = Einen Ordner auswählen FolderSelect = Einen Ordner auswählen
FilesWontBeMoved = Dateien werden nicht verschoben. FilesWontBeMoved = Dateien werden nicht verschoben.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/en-US/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Errors/Warnings
DialogBoxOpening = Displaying the dialog box... DialogBoxOpening = Displaying the dialog box...
Disable = Disable Disable = Disable
Enable = Enable Enable = Enable
UserChoiceWarning = Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release.
AllFilesFilter = All Files AllFilesFilter = All Files
FolderSelect = Select a folder FolderSelect = Select a folder
FilesWontBeMoved = Files will not be moved. FilesWontBeMoved = Files will not be moved.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/es-ES/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Errores/Advertencias
DialogBoxOpening = Viendo el cuadro de diálogo... DialogBoxOpening = Viendo el cuadro de diálogo...
Disable = Desactivar Disable = Desactivar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = Microsoft ha bloqueado el acceso de escritura a la clave UserChoice para la extensión .pdf y el protocolo http/https con el lanzamiento de KB5034765.
AllFilesFilter = Todos los Archivos AllFilesFilter = Todos los Archivos
FolderSelect = Seleccione una carpeta FolderSelect = Seleccione una carpeta
FilesWontBeMoved = Los archivos no se transferirán. FilesWontBeMoved = Los archivos no se transferirán.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/fr-FR/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Erreurs/Avertissements
DialogBoxOpening = Afficher la boîte de dialogue... DialogBoxOpening = Afficher la boîte de dialogue...
Disable = Désactiver Disable = Désactiver
Enable = Activer Enable = Activer
UserChoiceWarning = Microsoft a bloqué l'accès en écriture à la clé UserChoice pour l'extension .pdf et le protocole http/https avec la version KB5034765.
AllFilesFilter = Tous les Fichiers AllFilesFilter = Tous les Fichiers
FolderSelect = Sélectionner un dossier FolderSelect = Sélectionner un dossier
FilesWontBeMoved = Les fichiers ne seront pas déplacés. FilesWontBeMoved = Les fichiers ne seront pas déplacés.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/hu-HU/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Hibák/Figyelmeztetések
DialogBoxOpening = Párbeszédablak megjelenítése... DialogBoxOpening = Párbeszédablak megjelenítése...
Disable = Kikapcsolás Disable = Kikapcsolás
Enable = Engedélyezés Enable = Engedélyezés
UserChoiceWarning = A Microsoft a KB5034765 kiadással blokkolta a UserChoice kulcs írási hozzáférését a .pdf kiterjesztéshez és a http/https protokollhoz.
AllFilesFilter = Minden fájl AllFilesFilter = Minden fájl
FolderSelect = Válasszon ki egy könyvtárat FolderSelect = Válasszon ki egy könyvtárat
FilesWontBeMoved = A fájlok nem lesznek áthelyezve. FilesWontBeMoved = A fájlok nem lesznek áthelyezve.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/it-IT/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Errori/avvisi
DialogBoxOpening = Visualizzazione della finestra di dialogo... DialogBoxOpening = Visualizzazione della finestra di dialogo...
Disable = Disattivare Disable = Disattivare
Enable = Abilitare Enable = Abilitare
UserChoiceWarning = Microsoft ha bloccato l'accesso in scrittura alla chiave UserChoice per l'estensione .pdf e il protocollo http/https con il rilascio della KB5034765.
AllFilesFilter = Tutti i file AllFilesFilter = Tutti i file
FolderSelect = Selezionare una cartella FolderSelect = Selezionare una cartella
FilesWontBeMoved = I file non verranno trasferiti. FilesWontBeMoved = I file non verranno trasferiti.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pl-PL/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Błędy/Ostrzeżenia
DialogBoxOpening = Wyświetlanie okna dialogowego... DialogBoxOpening = Wyświetlanie okna dialogowego...
Disable = Wyłączyć Disable = Wyłączyć
Enable = Włączać Enable = Włączać
UserChoiceWarning = Microsoft zablokował dostęp do zapisu klucza UserChoice dla rozszerzenia .pdf i protokołu http/https wraz z wydaniem KB5034765.
AllFilesFilter = Wszystkie pliki AllFilesFilter = Wszystkie pliki
FolderSelect = Wybierz folder FolderSelect = Wybierz folder
FilesWontBeMoved = Pliki nie zostaną przeniesione. FilesWontBeMoved = Pliki nie zostaną przeniesione.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pt-BR/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Erros/Avisos
DialogBoxOpening = Exibindo a caixa de diálogo... DialogBoxOpening = Exibindo a caixa de diálogo...
Disable = Desativar Disable = Desativar
Enable = Habilitar Enable = Habilitar
UserChoiceWarning = A Microsoft bloqueou o acesso de gravação à chave UserChoice para extensão .pdf e protocolo http/https com a versão KB5034765.
AllFilesFilter = Todos os arquivos AllFilesFilter = Todos os arquivos
FolderSelect = Escolha uma pasta FolderSelect = Escolha uma pasta
FilesWontBeMoved = Os arquivos não serão transferidos. FilesWontBeMoved = Os arquivos não serão transferidos.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/ru-RU/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Ошибки/предупрежде
DialogBoxOpening = Диалоговое окно открывается... DialogBoxOpening = Диалоговое окно открывается...
Disable = Отключить Disable = Отключить
Enable = Включить Enable = Включить
UserChoiceWarning = Microsoft заблокировала возможность записать в раздел реестра UserChoice для расширения .pdf и протоколов http/https с релизом обновления KB5034765.
AllFilesFilter = Все файлы AllFilesFilter = Все файлы
FolderSelect = Выберите папку FolderSelect = Выберите папку
FilesWontBeMoved = Файлы не будут перенесены. FilesWontBeMoved = Файлы не будут перенесены.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/tr-TR/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Hatalar/Uyarılar
DialogBoxOpening = İletişim kutusu görüntüleniyor... DialogBoxOpening = İletişim kutusu görüntüleniyor...
Disable = Devre dışı bırak Disable = Devre dışı bırak
Enable = Aktif et Enable = Aktif et
UserChoiceWarning = Microsoft, KB5034765 sürümü ile .pdf uzantısı ve http/https protokolü için UserChoice anahtarına yazma erişimini engellemiştir.
AllFilesFilter = Tüm Dosyalar AllFilesFilter = Tüm Dosyalar
FolderSelect = Klasör seç FolderSelect = Klasör seç
FilesWontBeMoved = Dosyalar taşınmayacak. FilesWontBeMoved = Dosyalar taşınmayacak.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/uk-UA/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = Помилки/попереджен
DialogBoxOpening = Діалогове вікно відкривається... DialogBoxOpening = Діалогове вікно відкривається...
Disable = Вимкнути Disable = Вимкнути
Enable = Увімкнути Enable = Увімкнути
UserChoiceWarning = Microsoft заблокувала можливість писати в розділ реєстру UserChoice для розширення .pdf, а також протоколів http/https з релізом оновлення KB5034765.
AllFilesFilter = Усі файли AllFilesFilter = Усі файли
FolderSelect = Виберіть папку FolderSelect = Виберіть папку
FilesWontBeMoved = Файли не будуть перенесені. FilesWontBeMoved = Файли не будуть перенесені.

1
src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/zh-CN/Sophia.psd1

@ -56,7 +56,6 @@ ErrorsMessage = 错误/警告
DialogBoxOpening = 显示对话窗口..... DialogBoxOpening = 显示对话窗口.....
Disable = 禁用 Disable = 禁用
Enable = 启用 Enable = 启用
UserChoiceWarning = 微软在发布 KB5034765 时阻止了对 .pdf 扩展和 http/https 协议的 UserChoice 密钥的写入访问
AllFilesFilter = 所有文件 AllFilesFilter = 所有文件
FolderSelect = 选择一个文件夹 FolderSelect = 选择一个文件夹
FilesWontBeMoved = 文件将不会被移动 FilesWontBeMoved = 文件将不会被移动

157
src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1

@ -61,7 +61,7 @@ function InitialActions
# Extract strings from %SystemRoot%\System32\shell32.dll using its number # Extract strings from %SystemRoot%\System32\shell32.dll using its number
# https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1 # https://github.com/SamuelArnold/StarKill3r/blob/master/Star%20Killer/Star%20Killer/bin/Debug/Scripts/SANS-SEC505-master/scripts/Day1-PowerShell/Expand-IndirectString.ps1
# [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\system32\schedsvc.dll,-100") # [WinAPI.GetStrings]::GetIndirectString("@%SystemRoot%\System32\schedsvc.dll,-100")
# https://github.com/PowerShell/PowerShell/issues/21070 # https://github.com/PowerShell/PowerShell/issues/21070
$Script:CompilerOptions = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll") $Script:CompilerOptions = [System.CodeDom.Compiler.CompilerParameters]::new("System.dll")
@ -3195,34 +3195,30 @@ function TaskbarWidgets
$Show $Show
) )
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry if (-not (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience))
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force {
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
# We cannot set a value to TaskbarDa, having called any of APIs, except of copying powershell.exe (or any other tricks) with a different name, due to a UCPD driver tracks all executables to block the access to the registry
Copy-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell.exe" -Destination "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Hide" "Hide"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) & "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command {New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 0 -Force}
{
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 0 /f
}
} }
"Show" "Show"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) & "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command {New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 1 -Force}
{
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 1 /f
}
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force Remove-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
} }
<# <#
@ -8513,16 +8509,13 @@ function NetworkDiscovery
Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0" Set-Association -ProgramPath "%ProgramFiles%\Notepad++\notepad++.exe" -Extension .txt -Icon "%ProgramFiles%\Notepad++\notepad++.exe,0"
.EXAMPLE .EXAMPLE
Set-Association -ProgramPath MSEdgeMHT -Extension .html Set-Association -ProgramPath MSEdgeHTM -Extension .html
.LINK .LINK
https://github.com/DanysysTeam/PS-SFTA https://github.com/DanysysTeam/PS-SFTA
https://github.com/default-username-was-already-taken/set-fileassoc https://github.com/default-username-was-already-taken/set-fileassoc
https://forum.ru-board.com/profile.cgi?action=show&member=westlife https://forum.ru-board.com/profile.cgi?action=show&member=westlife
.NOTES
Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034765 release
.NOTES .NOTES
Machine-wide Machine-wide
#> #>
@ -8553,18 +8546,9 @@ function Set-Association
$Icon $Icon
) )
# Microsoft blocked ability to write to UserChoice key for .pdf extention and http and https protocols with KB5034765 release # Microsoft has blocked write access to UserChoice key for .pdf extention and http/https protocols with KB5034765 release, so we have to write values with a copy of powershell.exe to bypass a UCPD driver restrictions
if (@(".pdf", "http", "https") -contains $Extension) # UCPD driver tracks all executables to block the access to the registry so all registry records will be made within powershell_temp.exe in this function just in case
{ Copy-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell.exe" -Destination "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.UserChoiceWarning -Verbose
Write-Error -Message $Localization.UserChoiceWarning -ErrorAction SilentlyContinue
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
$ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath) $ProgramPath = [System.Environment]::ExpandEnvironmentVariables($ProgramPath)
@ -8903,7 +8887,25 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgID -Force
}
# Getting a hash based on the time of the section's last modification. After creating and setting the first parameter # Getting a hash based on the time of the section's last modification. After creating and setting the first parameter
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice"
@ -8912,7 +8914,15 @@ public static int UnloadHive(RegistryHives hive, string subKey)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Force
} }
if (@(".pdf", "http", "https") -contains $Extension)
{
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
}
# Setting a block on changing the UserChoice section # Setting a block on changing the UserChoice section
# Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey() # Due to "Set-StrictMode -Version Latest" we have to use OpenSubKey()
@ -9330,10 +9340,30 @@ public static long MakeLong(uint left, uint right)
{ {
New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force New-Item -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Force
} }
$ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" $ProgHash = Get-Hash -ProgId $ProgId -Extension $Extension -SubKey "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice"
# We need to remove DENY permission set for user before setting a value
if (@(".pdf", "http", "https") -contains $Extension)
{
# https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/
$Key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$ACL = $key.GetAccessControl()
$Principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemrights
$Rule = New-Object -TypeName System.Security.AccessControl.RegistryAccessRule -ArgumentList ($Principal,"FullControl","Deny")
$ACL.RemoveAccessRule($Rule)
$Key.SetAccessControl($ACL)
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name ProgId -PropertyType String -Value $ProgID -Force}"
& "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Command "& {New-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice' -Name Hash -PropertyType String -Value $ProgHash -Force}"
}
else
{
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name ProgId -PropertyType String -Value $ProgId -Force
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force
} }
}
# Setting additional parameters to comply with the requirements before configuring the extension # Setting additional parameters to comply with the requirements before configuring the extension
Write-AdditionalKeys -ProgId $ProgId -Extension $Extension Write-AdditionalKeys -ProgId $ProgId -Extension $Extension
@ -9361,6 +9391,8 @@ public static void Refresh()
} }
[WinAPI.Signature]::Refresh() [WinAPI.Signature]::Refresh()
Remove-Item -Path "$env:SystemRoot\System32\WindowsPowerShell\v1.0\powershell_temp.exe" -Force
} }
<# <#
@ -9685,8 +9717,8 @@ function DefaultTerminalApp
} }
"ConsoleHost" "ConsoleHost"
{ {
New-ItemProperty -Path "HKCU:\Console\%%Startup" -Name DelegationConsole -PropertyType String -Value "{00000000-0000-0000-0000-000000000000}" -Force New-ItemProperty -Path "HKCU:\Console\%%Startup" -Name DelegationConsole -PropertyType String -Value "{B23D10C0-E52E-411E-9D5B-C09FDF709C7D}" -Force
New-ItemProperty -Path "HKCU:\Console\%%Startup" -Name DelegationTerminal -PropertyType String -Value "{00000000-0000-0000-0000-000000000000}" -Force New-ItemProperty -Path "HKCU:\Console\%%Startup" -Name DelegationTerminal -PropertyType String -Value "{B23D10C0-E52E-411E-9D5B-C09FDF709C7D}" -Force
} }
} }
} }
@ -9720,7 +9752,7 @@ function InstallVCRedist
return return
} }
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -9831,7 +9863,7 @@ function InstallDotNetRuntimes
{ {
NET6x64 NET6x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -9878,7 +9910,7 @@ function InstallDotNetRuntimes
} }
NET8x64 NET8x64
{ {
if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller -ErrorAction Ignore) if (Get-AppxPackage -Name Microsoft.DesktopAppInstaller)
{ {
if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17") if ([System.Version](Get-AppxPackage -Name Microsoft.DesktopAppInstaller).Version -ge [System.Version]"1.17")
{ {
@ -10463,17 +10495,17 @@ function StartLayout
"Default" "Default"
{ {
# Default # Default
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name Start_Layout -PropertyType DWord -Value 0 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name Start_Layout -PropertyType DWord -Value 0 -Force
} }
"ShowMorePins" "ShowMorePins"
{ {
# Show More Pins # Show More Pins
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name Start_Layout -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name Start_Layout -PropertyType DWord -Value 1 -Force
} }
"ShowMoreRecommendations" "ShowMoreRecommendations"
{ {
# Show More Recommendations # Show More Recommendations
New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name Start_Layout -PropertyType DWord -Value 2 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name Start_Layout -PropertyType DWord -Value 2 -Force
} }
} }
} }
@ -11023,11 +11055,17 @@ function CortanaAutostart
$Enable $Enable
) )
if (-not (Get-AppxPackage -Name Microsoft.549981C3F5F10))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{
if (Get-AppxPackage -Name Microsoft.549981C3F5F10)
{ {
if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId")) if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId"))
{ {
@ -11035,10 +11073,7 @@ function CortanaAutostart
} }
New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId" -Name State -PropertyType DWord -Value 1 -Force New-ItemProperty -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId" -Name State -PropertyType DWord -Value 1 -Force
} }
}
"Enable" "Enable"
{
if (Get-AppxPackage -Name Microsoft.549981C3F5F10)
{ {
if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId")) if (-not (Test-Path -Path "Registry::HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.549981C3F5F10_8wekyb3d8bbwe\CortanaStartupId"))
{ {
@ -11048,7 +11083,6 @@ function CortanaAutostart
} }
} }
} }
}
<# <#
.SYNOPSIS .SYNOPSIS
@ -11088,8 +11122,14 @@ function TeamsAutostart
$Enable $Enable
) )
if (Get-AppxPackage -Name MSTeams) if (-not (Get-AppxPackage -Name MSTeams))
{ {
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
@ -11102,7 +11142,6 @@ function TeamsAutostart
} }
} }
} }
}
#endregion UWP apps #endregion UWP apps
#region Gaming #region Gaming
@ -11200,24 +11239,26 @@ function XboxGameTips
$Enable $Enable
) )
if (-not ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or(Get-AppxPackage -Name Microsoft.GamingApp)))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{
if ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or (Get-AppxPackage -Name Microsoft.GamingApp))
{ {
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force
} }
}
"Enable" "Enable"
{
if ((Get-AppxPackage -Name Microsoft.XboxGamingOverlay) -or (Get-AppxPackage -Name Microsoft.GamingApp))
{ {
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 1 -Force
} }
} }
} }
}
<# <#
.SYNOPSIS .SYNOPSIS
@ -11332,14 +11373,14 @@ function GPUScheduling
$WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null) $WddmVersion_Min = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\FeatureSetUsage", "WddmVersion_Min", $null)
if ($WddmVersion_Min -ge 2700) if ($WddmVersion_Min -ge 2700)
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 2 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 2 -Force
} }
} }
} }
} }
"Disable" "Disable"
{ {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers" -Name HwSchMode -PropertyType DWord -Value 1 -Force New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\GraphicsDrivers -Name HwSchMode -PropertyType DWord -Value 1 -Force
} }
} }
} }

Loading…
Cancel
Save