Browse Source

`TaskbarWidgets` & `NewsInterests` re-written to bypass UCPD driver restrictions

master
Dmitry Nefedov 3 months ago
parent
commit
50e1192c74
  1. 86
      src/Sophia_Script_for_Windows_10/Module/Sophia.psm1
  2. 86
      src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1
  3. 33
      src/Sophia_Script_for_Windows_11/Module/Sophia.psm1
  4. 33
      src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1

86
src/Sophia_Script_for_Windows_10/Module/Sophia.psm1

@ -3608,6 +3608,9 @@ function TaskViewButton
.EXAMPLE .EXAMPLE
NewsInterests -Enable NewsInterests -Enable
.NOTES
https://forums.mydigitallife.net/threads/taskbarda-widgets-registry-change-is-now-blocked.88547/#post-1848877
.NOTES .NOTES
Current user Current user
#> #>
@ -3630,27 +3633,90 @@ function NewsInterests
$Enable $Enable
) )
switch ($PSCmdlet.ParameterSetName) # Remove all policies in order to make changes visible in UI only if it's possible
{ Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -Force -ErrorAction Ignore
"Disable" Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests" -Name value -Force -ErrorAction Ignore
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
$MachineId = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient", "MachineId", $null)
if (-not $MachineId)
{ {
if (-not (Test-Path -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds")) Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
if (-not (Get-Package -Name "Microsoft Edge Update" -ProviderName Programs -ErrorAction Ignore))
{ {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Force Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
} }
New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -PropertyType DWord -Value 0 -Force
if (-not (Test-Path -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests)) # https://forums.mydigitallife.net/threads/taskbarda-widgets-registry-change-is-now-blocked.88547/#post-1849006
$Signature = @{
Namespace = "WinAPI"
Name = "Signature"
Language = "CSharp"
CompilerParameters = $CompilerParameters
MemberDefinition = @"
[DllImport("Shlwapi.dll", CharSet = CharSet.Unicode, ExactSpelling = true, SetLastError = false)]
public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int outputLen);
"@
}
if (-not ("WinAPI.GetStrings" -as [type]))
{ {
New-Item -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests -Force Add-Type @Signature
} }
New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests -Name value -PropertyType DWord -Value 0 -Force
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName)
{
"Disable"
{
# Combine variables into a string
$Combined = $MachineId + '_' + 2
# Reverse the whole string
$CharArray = $Combined.ToCharArray()
[array]::Reverse($CharArray)
$Reverse = -join $CharArray
$bytesIn = [System.Text.Encoding]::Unicode.GetBytes($Reverse)
$bytesOut = [byte[]]::new(4)
[WinAPI.Signature]::HashData($bytesIn, 0x53, $bytesOut, $bytesOut.Count)
# Get value to save in EnShellFeedsTaskbarViewMode key
$DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
"Enable" "Enable"
{ {
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -Force -ErrorAction Ignore # Combine variables into a string
$Combined = $MachineId + '_' + 0
# Reverse the whole string
$CharArray = $Combined.ToCharArray()
[array]::Reverse($CharArray)
$Reverse = -join $CharArray
$bytesIn = [System.Text.Encoding]::Unicode.GetBytes($Reverse)
$bytesOut = [byte[]]::new(4)
[WinAPI.Signature]::HashData($bytesIn, 0x53, $bytesOut, $bytesOut.Count)
# Get value to save in EnShellFeedsTaskbarViewMode key
$DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force
} }
<# <#

86
src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1

@ -3612,6 +3612,9 @@ function TaskViewButton
.EXAMPLE .EXAMPLE
NewsInterests -Enable NewsInterests -Enable
.NOTES
https://forums.mydigitallife.net/threads/taskbarda-widgets-registry-change-is-now-blocked.88547/#post-1848877
.NOTES .NOTES
Current user Current user
#> #>
@ -3634,27 +3637,90 @@ function NewsInterests
$Enable $Enable
) )
switch ($PSCmdlet.ParameterSetName) # Remove all policies in order to make changes visible in UI only if it's possible
{ Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -Force -ErrorAction Ignore
"Disable" Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests" -Name value -Force -ErrorAction Ignore
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
$MachineId = [Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient", "MachineId", $null)
if (-not $MachineId)
{ {
if (-not (Test-Path -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds")) Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
}
if (-not (Get-Package -Name "Microsoft Edge Update" -ProviderName Programs -ErrorAction Ignore))
{ {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Force Write-Information -MessageData "" -InformationAction Continue
Write-Verbose -Message $Localization.Skipped -Verbose
return
} }
New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -PropertyType DWord -Value 0 -Force
if (-not (Test-Path -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests)) # https://forums.mydigitallife.net/threads/taskbarda-widgets-registry-change-is-now-blocked.88547/#post-1849006
$Signature = @{
Namespace = "WinAPI"
Name = "Signature"
Language = "CSharp"
CompilerParameters = $CompilerOptions
MemberDefinition = @"
[DllImport("Shlwapi.dll", CharSet = CharSet.Unicode, ExactSpelling = true, SetLastError = false)]
public static extern int HashData(byte[] pbData, int cbData, byte[] piet, int outputLen);
"@
}
if (-not ("WinAPI.GetStrings" -as [type]))
{ {
New-Item -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests -Force Add-Type @Signature
} }
New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests -Name value -PropertyType DWord -Value 0 -Force
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName)
{
"Disable"
{
# Combine variables into a string
$Combined = $MachineId + '_' + 2
# Reverse the whole string
$CharArray = $Combined.ToCharArray()
[array]::Reverse($CharArray)
$Reverse = -join $CharArray
$bytesIn = [System.Text.Encoding]::Unicode.GetBytes($Reverse)
$bytesOut = [byte[]]::new(4)
[WinAPI.Signature]::HashData($bytesIn, 0x53, $bytesOut, $bytesOut.Count)
# Get value to save in EnShellFeedsTaskbarViewMode key
$DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
"Enable" "Enable"
{ {
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" -Name EnableFeeds -Force -ErrorAction Ignore # Combine variables into a string
$Combined = $MachineId + '_' + 0
# Reverse the whole string
$CharArray = $Combined.ToCharArray()
[array]::Reverse($CharArray)
$Reverse = -join $CharArray
$bytesIn = [System.Text.Encoding]::Unicode.GetBytes($Reverse)
$bytesOut = [byte[]]::new(4)
[WinAPI.Signature]::HashData($bytesIn, 0x53, $bytesOut, $bytesOut.Count)
# Get value to save in EnShellFeedsTaskbarViewMode key
$DWordData = [System.BitConverter]::ToUInt32($bytesOut,0)
# https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
# We cannot put --% inside the command below as it breaks parsing of $DWordData variable
$EscapeParser = "--%"
& "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds /v EnShellFeedsTaskbarViewMode /t REG_DWORD /d $DWordData /f
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force
} }
<# <#

33
src/Sophia_Script_for_Windows_11/Module/Sophia.psm1

@ -3191,41 +3191,34 @@ function TaskbarWidgets
$Show $Show
) )
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Hide" "Hide"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience)
{ {
# Microsoft blocked access for editing TaskbarDa key in KB5041585 # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
try # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
{ $EscapeParser = "--%"
New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 0 -Force -ErrorAction Stop & "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 0 /f
}
catch [System.UnauthorizedAccessException]
{
Write-Warning -Message ($Global:Error.Exception.Message | Select-Object -First 1)
Write-Error -Message ($Global:Error.Exception.Message | Select-Object -First 1) -ErrorAction SilentlyContinue
}
} }
} }
"Show" "Show"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience)
{ {
# Microsoft blocked access for editing TaskbarDa key in KB5041585 # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
try # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
{ $EscapeParser = "--%"
New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 1 -Force -ErrorAction Stop & "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 1 /f
}
catch [System.UnauthorizedAccessException]
{
Write-Warning -Message ($Global:Error.Exception.Message | Select-Object -First 1)
Write-Error -Message ($Global:Error.Exception.Message | Select-Object -First 1) -ErrorAction SilentlyContinue
}
} }
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force
} }
<# <#

33
src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1

@ -3195,41 +3195,34 @@ function TaskbarWidgets
$Show $Show
) )
# We cannot call any of APIs except copying reg.exe with a different name due to a UCPD driver tracks all executables to blocke the access to the registry
Copy-Item -Path "$env:SystemRoot\system32\reg.exe" -Destination "$env:SystemRoot\system32\reg_temp.exe" -Force
switch ($PSCmdlet.ParameterSetName) switch ($PSCmdlet.ParameterSetName)
{ {
"Hide" "Hide"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience)
{ {
# Microsoft blocked access for editing TaskbarDa key in KB5041585 # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
try # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
{ $EscapeParser = "--%"
New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 0 -Force -ErrorAction Stop & "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 0 /f
}
catch [System.UnauthorizedAccessException]
{
Write-Warning -Message ($Global:Error.Exception.Message | Select-Object -First 1)
Write-Error -Message ($Global:Error.Exception.Message | Select-Object -First 1) -ErrorAction SilentlyContinue
}
} }
} }
"Show" "Show"
{ {
if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience) if (Get-AppxPackage -Name MicrosoftWindows.Client.WebExperience)
{ {
# Microsoft blocked access for editing TaskbarDa key in KB5041585 # https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.4#the-stop-parsing-token
try # We cannot put --% inside the command below as it breaks parsing of $DWordData variable
{ $EscapeParser = "--%"
New-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarDa -PropertyType DWord -Value 1 -Force -ErrorAction Stop & "$env:SystemRoot\system32\reg_temp.exe" $EscapeParser ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 1 /f
}
catch [System.UnauthorizedAccessException]
{
Write-Warning -Message ($Global:Error.Exception.Message | Select-Object -First 1)
Write-Error -Message ($Global:Error.Exception.Message | Select-Object -First 1) -ErrorAction SilentlyContinue
}
} }
} }
} }
Remove-Item -Path "$env:SystemRoot\system32\reg_temp.exe" -Force
} }
<# <#

Loading…
Cancel
Save