Browse Source

`TaskbarWidgets` & `NewsInterests` re-written to bypass UCPD driver restrictions

master
Dmitry Nefedov 3 months ago
parent
commit
50e1192c74
  1. 90
      src/Sophia_Script_for_Windows_10/Module/Sophia.psm1
  2. 90
      src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1
  3. 33
      src/Sophia_Script_for_Windows_11/Module/Sophia.psm1
  4. 33
      src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1

90
src/Sophia_Script_for_Windows_10/Module/Sophia.psm1

@ -3608,6 +3608,9 @@ function TaskViewButton
.EXAMPLE .EXAMPLE
NewsInterests -Enable NewsInterests -Enable
.NOTES
https://forums.mydigitallife.net/threads/taskbarda-widgets-registry-change-is-now-blocked.88547/#post-1848877
.NOTES .NOTES
Current user Current user
#> #>
@ -3630,27 +3633,90 @@ function NewsInterests
$Enable $Enable
) )
# Remove all policies in order to make changes visible in UI only if it's possible
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -Force -ErrorAction Ignore
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests" -Name value -Force -ErrorAction Ignore
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
$MachineId = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient", "MachineId", $null)
if (-not $MachineId)
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
if (-not (Get-Package -Name "Microsoft Edge Update" -ProviderName Programs -ErrorAction Ignore))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
# https://forums.mydigitallife.net/threads/taskbarda-widgets-registry-change-is-now-blocked.88547/#post-1849006
$Signature = @{
Namespace = "WinAPI"
Name = "Signature"
Language = "CSharp"
CompilerParameters = $CompilerParameters
MemberDefinition = @"
[DllImport("Shlwapi.dll", CharSet = CharSet.Unicode, ExactSpelling = true, SetLastError = false)]
public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int outputLen);
"@
}
if (-not ("WinAPI.GetStrings" -as [type]))
{
Add-Type @Signature
}
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{ {
if (-not (Test-Path -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds")) # Combine variables into a string
{ $Combined = $MachineId + '_' + 2
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Force # Reverse the whole string
} $CharArray = $Combined.ToCharArray()
New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -PropertyType DWord -Value 0 -Force [array]::Reverse($CharArray)
$Reverse = -join $CharArray
if (-not (Test-Path -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests)) $bytesIn = [System.Text.Encoding]::Unicode.GetBytes($Reverse)
{ $bytesOut = [byte[]]::new(4)
New-Item -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests -Force [WinAPI.Signature]::HashData($bytesIn, 0x53, $bytesOut, $bytesOut.Count)
} # Get value to save in EnShellFeedsTaskbarViewMode key
New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests -Name value -PropertyType DWord -Value 0 -Force $DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
"Enable" "Enable"
{ {
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -Force -ErrorAction Ignore # Combine variables into a string
$Combined = $MachineId + '_' + 0
# Reverse the whole string
$CharArray = $Combined.ToCharArray()
[array]::Reverse($CharArray)
$Reverse = -join $CharArray
$bytesIn = [System.Text.Encoding]::Unicode.GetBytes($Reverse)
$bytesOut = [byte[]]::new(4)
[WinAPI.Signature]::HashData($bytesIn, 0x53, $bytesOut, $bytesOut.Count)
# Get value to save in EnShellFeedsTaskbarViewMode key
$DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force
} }
<# <#

90
src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1

@ -3612,6 +3612,9 @@ function TaskViewButton
.EXAMPLE .EXAMPLE
NewsInterests -Enable NewsInterests -Enable
.NOTES
https://forums.mydigitallife.net/threads/taskbarda-widgets-registry-change-is-now-blocked.88547/#post-1848877
.NOTES .NOTES
Current user Current user
#> #>
@ -3634,27 +3637,90 @@ function NewsInterests
$Enable $Enable
) )
# Remove all policies in order to make changes visible in UI only if it's possible
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -Force -ErrorAction Ignore
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests" -Name value -Force -ErrorAction Ignore
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
$MachineId = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient", "MachineId", $null)
if (-not $MachineId)
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
if (-not (Get-Package -Name "Microsoft Edge Update" -ProviderName Programs -ErrorAction Ignore))
{
Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
# https://forums.mydigitallife.net/threads/taskbarda-widgets-registry-change-is-now-blocked.88547/#post-1849006
$Signature = @{
Namespace = "WinAPI"
Name = "Signature"
Language = "CSharp"
CompilerParameters = $CompilerOptions
MemberDefinition = @"
[DllImport("Shlwapi.dll", CharSet = CharSet.Unicode, ExactSpelling = true, SetLastError = false)]
public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int outputLen);
"@
}
if (-not ("WinAPI.GetStrings" -as [type]))
{
Add-Type @Signature
}
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Disable" "Disable"
{ {
if (-not (Test-Path -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds")) # Combine variables into a string
{ $Combined = $MachineId + '_' + 2
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Force # Reverse the whole string
} $CharArray = $Combined.ToCharArray()
New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -PropertyType DWord -Value 0 -Force [array]::Reverse($CharArray)
$Reverse = -join $CharArray
if (-not (Test-Path -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests)) $bytesIn = [System.Text.Encoding]::Unicode.GetBytes($Reverse)
{ $bytesOut = [byte[]]::new(4)
New-Item -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests -Force [WinAPI.Signature]::HashData($bytesIn, 0x53, $bytesOut, $bytesOut.Count)
} # Get value to save in EnShellFeedsTaskbarViewMode key
New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests -Name value -PropertyType DWord -Value 0 -Force $DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
"Enable" "Enable"
{ {
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -Force -ErrorAction Ignore # Combine variables into a string
$Combined = $MachineId + '_' + 0
# Reverse the whole string
$CharArray = $Combined.ToCharArray()
[array]::Reverse($CharArray)
$Reverse = -join $CharArray
$bytesIn = [System.Text.Encoding]::Unicode.GetBytes($Reverse)
$bytesOut = [byte[]]::new(4)
[WinAPI.Signature]::HashData($bytesIn, 0x53, $bytesOut, $bytesOut.Count)
# Get value to save in EnShellFeedsTaskbarViewMode key
$DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force
} }
<# <#

33
src/Sophia_Script_for_Windows_11/Module/Sophia.psm1

@ -3191,41 +3191,34 @@ function TaskbarWidgets
$Show $Show
) )
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Hide" "Hide"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience)
{ {
# Microsoft blocked access for editing TaskbarDa key in KB5041585 # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
try # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
{ $EscapeParser = "--%"
New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 0 -Force -ErrorAction Stop & "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 0 /f
}
catch [System.UnauthorizedAccessException]
{
Write-Warning -Message ($Global:Error.Exception.Message | Select-Object -First 1)
Write-Error -Message ($Global:Error.Exception.Message | Select-Object -First 1) -ErrorAction SilentlyContinue
}
} }
} }
"Show" "Show"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience)
{ {
# Microsoft blocked access for editing TaskbarDa key in KB5041585 # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
try # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
{ $EscapeParser = "--%"
New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 1 -Force -ErrorAction Stop & "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 1 /f
}
catch [System.UnauthorizedAccessException]
{
Write-Warning -Message ($Global:Error.Exception.Message | Select-Object -First 1)
Write-Error -Message ($Global:Error.Exception.Message | Select-Object -First 1) -ErrorAction SilentlyContinue
}
} }
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force
} }
<# <#

33
src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1

@ -3195,41 +3195,34 @@ function TaskbarWidgets
$Show $Show
) )
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Hide" "Hide"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience)
{ {
# Microsoft blocked access for editing TaskbarDa key in KB5041585 # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
try # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
{ $EscapeParser = "--%"
New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 0 -Force -ErrorAction Stop & "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 0 /f
}
catch [System.UnauthorizedAccessException]
{
Write-Warning -Message ($Global:Error.Exception.Message | Select-Object -First 1)
Write-Error -Message ($Global:Error.Exception.Message | Select-Object -First 1) -ErrorAction SilentlyContinue
}
} }
} }
"Show" "Show"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience)
{ {
# Microsoft blocked access for editing TaskbarDa key in KB5041585 # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
try # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
{ $EscapeParser = "--%"
New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 1 -Force -ErrorAction Stop & "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 1 /f
}
catch [System.UnauthorizedAccessException]
{
Write-Warning -Message ($Global:Error.Exception.Message | Select-Object -First 1)
Write-Error -Message ($Global:Error.Exception.Message | Select-Object -First 1) -ErrorAction SilentlyContinue
}
} }
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force
} }
<# <#

Loading…
Cancel
Save