eDecisions Posted August 4, 2020 Posted August 4, 2020 This script changes the state of Hidden files, if hidden files are set to show this turns them off, if hidden files are set to hide this shows them. Comments? # This key contains all of the profiles on the machine (including non-user profiles) $profileList = Get-ChildItem -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" # This key contains the path to the folder that contains all the profiles (typically c:\users) $profileFolder = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList').ProfilesDirectory # This key contains the path to the default user profile (e.g. C:\Users\Default). This is **NOT** HKEY_USERS\.DEFAULT! # We don't do anything with it in this sample script, but it can be loaded and modified just like any other profile. $defaultFolder = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList').Default # HKEY_USER key is not loaded into PowerShell by default and we'll need it, so we'll create new PSDrive to reference it. New-PSDrive -Name HKU -PSProvider Registry -Root HKEY_USERS | Out-Null $profileList | % { $profileKeys = Get-ItemProperty $_.PSPath $sid = $profileKeys.PSChildName $profilePath = $profileKeys.ProfileImagePath # This is an easy way to exclude profiles outside of the default USERS profile folder, e.g. LocalSystem. # You may or may not want to do this depending on your requirements. if ($profilePath -like "$($profileFolder)*") { # Check if the profile is already loaded. if (Get-ChildItem "HKU:\$sid" -ErrorAction SilentlyContinue) { $profileLoaded = $true } else { $profileLoaded = $false } Write-Output "$sid `t $profilePath `t $profileLoaded" # Load the key if necessary if ($profileLoaded) { $userKeyPath = "HKU:\$sid" } else { $userKeyPath = "HKLM:\TempHive_$sid" & reg.exe load "HKLM\TempHive_$sid" "$profilePath\ntuser.dat" } # DO SOMETHING WITH $USERKEYPATH HERE. ############################################################################################# $hide = (Get-ItemProperty -path $USERKEYPATH\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced).Hidden If ($hide -eq 0) { Set-ItemProperty -Path $USERKEYPATH\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name Hidden -Value "1" } IF ($hide -eq 1) { Set-ItemProperty -Path $USERKEYPATH\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name Hidden -Value "0" } ############################################################################################## if (!$profileLoaded) { & reg.exe unload "HKLM\TempHive_$sid" } } } Remove-PSDrive -Name HKU ################################################################ $TasknameStop = "ExplorerStop" $TasknameStart = "ExplorerStart" $lastlogon = (New-Object -ComObject WScript.Shell).RegRead("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\LastLoggedOnUser") SCHTASKS /CREATE /sc ONCE /st 00:00 /TN $TasknameStop /RU $lastlogon /TR "taskkill /f /im explorer.exe" SCHTASKS /CREATE /sc ONCE /st 00:00 /TN $TasknameStart /RU $lastlogon /TR "explorer.exe" start-sleep -s 1 schtasks /Run /TN $TasknameStop start-sleep -s 1 schtasks /Run /TN $TasknameStart start-sleep -s 1 schtasks /delete /tn $TasknameStop /f schtasks /delete /tn $TasknameStart /f
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now