# Copyright © 2012, Microsoft Corporation. All rights reserved. #*================================================================================ # REQUIRES PS 1.0 Environment #*================================================================================ . ./utils_SetupEnv.ps1 trap [Exception] { pop-msg ($_); continue; } ##line 13 $IERepairType = import-cs ` -classname Microsoft.Windows.Diagnosis.IERepair ` -sourcefile Security.cs ` -sourcetext @" namespace Microsoft.Windows.Diagnosis { using Environment = System.Environment; using Guid = System.Guid; using GC = System.GC; using IntPtr = System.IntPtr; using UInt32 = System.UInt32; using File = System.IO.File; using FileNotFoundException = System.IO.FileNotFoundException; using Path = System.IO.Path; using System; using System.Collections.Generic; using System.Runtime.InteropServices; using System.Collections; using System.Reflection; using System.Diagnostics; using IDisposable = System.IDisposable; [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] struct ZONEATTRIBUTES { public UInt32 cbSize; [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 260)] public string szDisplayName; [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 200)] public string szDescription; [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 260)] public string szIconPath; public UInt32 dwTemplateMinLevel; public UInt32 dwTemplateRecommended; public UInt32 dwTemplateCurrentLevel; public UInt32 dwFlags; // ZAFLAGS. }; enum URLZONEREG { URLZONEREG_DEFAULT = 0, URLZONEREG_HKLM, URLZONEREG_HKCU }; enum URLZONE { URLZONE_INVALID = -1, // Invalid Zone. Should only be used if no appropriate zone available. URLZONE_PREDEFINED_MIN = 0, URLZONE_LOCAL_MACHINE = 0, // local machine zone is not exposed in UI URLZONE_INTRANET, // My Intranet zone URLZONE_TRUSTED, // Trusted Web sites zone URLZONE_INTERNET, // The Internet zone URLZONE_UNTRUSTED, // Untrusted sites zone URLZONE_PREDEFINED_MAX = 999, URLZONE_USER_MIN = 1000, URLZONE_USER_MAX = 10000, }; enum tagURLTEMPLATE { // This value is just used to indicate the current set // of policies are not based on any template. URLTEMPLATE_CUSTOM = 0x000000, URLTEMPLATE_PREDEFINED_MIN = 0x10000, URLTEMPLATE_LOW = 0x10000, URLTEMPLATE_MEDLOW = 0x10500, URLTEMPLATE_MEDIUM = 0x11000, URLTEMPLATE_MEDHIGH = 0x11500, URLTEMPLATE_HIGH = 0x12000, URLTEMPLATE_PREDEFINED_MAX = 0x20000 } enum ZAFLAGS { ZAFLAGS_CUSTOM_EDIT = 0x00000001, ZAFLAGS_ADD_SITES = 0x00000002, ZAFLAGS_REQUIRE_VERIFICATION = 0x00000004, ZAFLAGS_INCLUDE_PROXY_OVERRIDE = 0x00000008, // Intranet only. ZAFLAGS_INCLUDE_INTRANET_SITES = 0x00000010, // Intranet only. ZAFLAGS_NO_UI = 0x00000020, // Don't display UI (used for local machine) ZAFLAGS_SUPPORTS_VERIFICATION = 0x00000040, // Supports server verification. ZAFLAGS_UNC_AS_INTRANET = 0x00000080, ZAFLAGS_DETECT_INTRANET = 0x00000100, // Intranet only. // Locked/Unlocked state specific flags. ZAFLAGS_USE_LOCKED_ZONES = 0x00010000, // Used ONLY in GetZoneAttributes to specify that Template Matching should be done to verify // that zone's Current Level is correct. ZAFLAGS_VERIFY_TEMPLATE_SETTINGS = 0x00020000, // Bypass the zonemgr cache for this setting ZAFLAGS_NO_CACHE = 0x00040000, }; [ ComImport, Guid("EDC17559-DD5D-4846-8EEF-8BECBA5A4ABF"), InterfaceType(ComInterfaceType.InterfaceIsIUnknown) ] interface IInternetZoneManagerEx2 { void GetZoneAttributes ( [In] uint dwZone, ref ZONEATTRIBUTES pZoneAttributes ); int SetZoneAttributes ( [In] uint dwZone, ref ZONEATTRIBUTES pZoneAttributes ); void GetZoneCustomPolicy ( [In] uint dwZone, // zone index ref Guid guidKey, // key to lookup value [Out] IntPtr // allocation via IMemAlloc; caller frees ppPolicy, // pointer to output buffer pointer [Out] IntPtr pcbPolicy, // pointer to output buffer size [In] URLZONEREG urlZoneReg // effective, HKCU, or HKLM ); void SetZoneCustomPolicy ( [In] uint dwZone, // zone index ref Guid guidKey, // key to lookup value [In] IntPtr pPolicy, // input buffer pointer [In] uint cbPolicy, // input data size [In] URLZONEREG urlZoneReg // default, HKCU, or HKLM ); int GetZoneActionPolicy ( uint dwZone, // zone index uint dwAction, // index number of action ref uint pPolicy, // output buffer pointer uint cbPolicy, // output buffer size URLZONEREG urlZoneReg // effective, HKCU, or HKLM ); int SetZoneActionPolicy ( uint dwZone, // zone index uint dwAction, // index number of action ref uint pPolicy, // input buffer pointer uint cbPolicy, // input data size URLZONEREG urlZoneReg // HKCU, or HKLM ); // UI, logging, and wrapper for both // This function is not implemented yet. void PromptAction ( [In] uint dwAction, // action type [In] uint hwndParent, // parent window handle [In] string pwszUrl, // URL to display [In] string pwszText, // dialog text [In] uint dwPromptFlags // reserved, pass 0 ); // This method presents UI to ask user about specified action // This function is not implemented. void LogAction ( [In] uint dwAction, // action type [In] string pwszUrl, // URL to log [In] string pwszText, // associated text [In] uint dwLogFlags // reserved, pass 0 ); // zone enumeration int CreateZoneEnumerator ( ref uint pdwEnum, // enum handle ref uint pdwCount, // # of elements in the list. [In] uint dwFlags // reserved, pass 0 ); // Returns enumerator handle needed to enumerate defined zones. // The zone enumeration corresponds to a snap-shot of the zones when // the Create call is made. int GetZoneAt ( [In] uint dwEnum, // returned by CreateZoneEnumerator [In] uint dwIndex, // 0-based ref uint pdwZone // absolute zone index. ); void DestroyZoneEnumerator ( [In] uint dwEnum // enum handle ); // Destroys resources associated with an enumerator void CopyTemplatePoliciesToZone ( [In] uint dwTemplate, // High, medium or low [In] uint dwZone, // Zone to copy policies to. [In] uint dwReserved ); void GetZoneActionPolicyEx ( [In] uint dwZone, // zone index [In] uint dwAction, // index number of action [Out] IntPtr pPolicy, // output buffer pointer [In] uint cbPolicy, // output buffer size [In] URLZONEREG urlZoneReg, // effective, HKCU, or HKLM [In] uint dwFlags //Lockdown Zones or Normal Zones via ZAFLAGS ); void SetZoneActionPolicyEx ( [In] uint dwZone, // zone index [In] uint dwAction, // index number of action [In] IntPtr pPolicy, // input buffer pointer [In] uint cbPolicy, // input data size [In] URLZONEREG urlZoneReg, // HKCU, or HKLM [In] uint dwFlags //Lockdown Zones or Normal Zones via ZAFLAGS ); int GetZoneAttributesEx ( [In] uint dwZone, ref ZONEATTRIBUTES pZoneAttributes, [In] uint dwFlags // can only be ZAFLAGS_VERIFY_TEMPLATE_SETTINGS ); void GetZoneSecurityState ( [In] uint dwZoneIndex, [In] bool fRespectPolicy, ref IntPtr pdwState, ref bool pfPolicyEncountered ); void GetIESecurityState ( [In] bool fRespectPolicy, ref IntPtr pdwState, ref bool pfPolicyEncountered, [In] bool fNoCache ); void FixUnsecureSettings(); } [ComImport, Guid("7b8a2d95-0ac9-11d1-896c-00c04fb6bfc4")] class InternetZoneManagerEx2 { } public class IERepair { private IInternetZoneManagerEx2 coClass = null; uint uZoneEnum; uint uZoneCount; uint URLACTION_LOWRIGHTS = 0x00002500; uint uCurrentPolicy = 0; //current policy for protect mode uint uDefaultPolicy = 0; //default policy for protect mode public IERepair() { coClass = (IInternetZoneManagerEx2)new InternetZoneManagerEx2(); } // This is the "big hammer" function to repair any settings that are not secure. // We will need to define more granular functions that tell us which zones settings were not secure, // and what the unsecure settings were... public Hashtable RepairIESettings() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); if (res == 0) { res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { if (zoneatt.dwTemplateCurrentLevel != zoneatt.dwTemplateRecommended) { zoneatt.dwTemplateCurrentLevel = zoneatt.dwTemplateRecommended; res = coClass.SetZoneAttributes(uZone, ref zoneatt); if (res == 0) { ZoneHash.Add(zoneatt.szDisplayName, zoneatt); } } } } } } } return ZoneHash; } public Hashtable CheckIESettings() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); if (res == 0) { res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { if (zoneatt.dwTemplateCurrentLevel != zoneatt.dwTemplateRecommended) { ZoneHash.Add(zoneatt.szDisplayName, zoneatt); } } } } } } return ZoneHash; } public Hashtable GetIEZones() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); if (res == 0) { res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { ZoneHash.Add(zoneatt.szDisplayName, zoneatt); } } } } } return ZoneHash; } public Hashtable CheckIEProtectMode() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); if (res == 0) { // check the IE protect mode for each zone res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { coClass.GetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uCurrentPolicy, sizeof(uint), URLZONEREG.URLZONEREG_DEFAULT); coClass.GetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uDefaultPolicy, sizeof(uint), URLZONEREG.URLZONEREG_HKLM); if (uCurrentPolicy != uDefaultPolicy) { ZoneHash.Add(zoneatt.szDisplayName, uCurrentPolicy); } } } } } } return ZoneHash; } public Hashtable RepairIEProtectMode() { Hashtable ZoneHash = new Hashtable(); if (coClass != null) { int res = coClass.CreateZoneEnumerator(ref uZoneEnum, ref uZoneCount, 0); if (res == 0) { for (uint i = 0; i < uZoneCount; i++) { uint uZone = 0; res = coClass.GetZoneAt(uZoneEnum, i, ref uZone); ZONEATTRIBUTES zoneatt = new ZONEATTRIBUTES(); if (res == 0) { // Repair the IE protect mode for each zone res = coClass.GetZoneAttributesEx(uZone, ref zoneatt, (uint)ZAFLAGS.ZAFLAGS_VERIFY_TEMPLATE_SETTINGS); if (res == 0) { coClass.GetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uCurrentPolicy, sizeof(uint), URLZONEREG.URLZONEREG_DEFAULT); coClass.GetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uDefaultPolicy, sizeof(uint), URLZONEREG.URLZONEREG_HKLM); if (uCurrentPolicy != uDefaultPolicy) { res = coClass.SetZoneActionPolicy(uZone, URLACTION_LOWRIGHTS, ref uDefaultPolicy, sizeof(uint), URLZONEREG.URLZONEREG_DEFAULT); ZoneHash.Add(zoneatt.szDisplayName, uDefaultPolicy); } } } } } } return ZoneHash; } } public static class WDManager { [DllImport("Kernel32.dll", SetLastError = true)] private static extern bool SetDllDirectory(string pathName); [DllImport("MpClient.dll", CharSet = CharSet.Unicode)] private static extern uint WDStatus(out bool enabled); [DllImport("MpClient.dll", CharSet = CharSet.Unicode)] private static extern uint WDEnable(bool enable); public static bool IsInstalled() { bool installed = false; try { // #168704 by removing hard coded path name in CL_Security.ps1 string path = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles), "windows defender"); installed = SetDllDirectory(path); } catch (Exception) { } return installed; } public static bool IsEnabled() { bool isEnabled = true; uint result = 0; try { result = WDStatus(out isEnabled); } catch (Exception) //DllNotFoundException { isEnabled = false; } if (result != 0) { isEnabled = false; } return isEnabled; } public static uint SetEnable(bool enable) { uint result = 0; try { //If MSE and Forefront are installed, Windows Defender will be forced to //turn off and this call will take a while to return and it won't succeed. result = WDEnable(enable); } catch (Exception) //DllNotFoundException { } return result; } } public class WDManagerNew : IDisposable { #region static properties private static string _dllPath; public static string DllPath { get { return WDManagerNew._dllPath; } set { WDManagerNew._dllPath = value; } } #endregion #region private private IntPtr _handle; private const int LOAD_WITH_ALTERED_SEARCH_PATH = 0x00000008; [DllImport("kernel32")] private static extern bool FreeLibrary(IntPtr dllPointer); [DllImport("kernel32")] private static extern IntPtr LoadLibraryEx(string dllFilePath, IntPtr hFile, uint dwFlags); [DllImport("kernel32", CharSet = CharSet.Unicode, EntryPoint = "GetProcAddress", SetLastError = true)] public extern static IntPtr GetProcAddress(IntPtr dllPointer, string functionName); private delegate uint WDEnableDelegate(bool pfEnable); private delegate uint WDStatusDelegate(out bool pfEnabled); private WDEnableDelegate _WDEnable; private WDStatusDelegate _WDStatus; #endregion public WDManagerNew() { if (string.IsNullOrEmpty(_dllPath)) { _dllPath = FindLibrary(); } _handle = LoadLibraryEx(_dllPath, IntPtr.Zero, LOAD_WITH_ALTERED_SEARCH_PATH); if (_handle == IntPtr.Zero) { int errno = Marshal.GetLastWin32Error(); string msg = string.Format( "Windows Defender client library gave load error {0} in {1} ", errno, _dllPath); throw new System.IO.FileNotFoundException(msg); } IntPtr proc; proc = GetProcAddress(_handle, "WDEnable"); if (proc == IntPtr.Zero) { int errno = Marshal.GetLastWin32Error(); // string s = Marshal.FormatMessage(); string msg = string.Format( "Proc WDEnable in Windows Defender client library, find returned {0} in {1} ", errno, _dllPath); throw new System.IO.FileNotFoundException(msg); } _WDEnable = (WDEnableDelegate)Marshal.GetDelegateForFunctionPointer(proc, typeof(WDEnableDelegate)); proc = GetProcAddress(_handle, "WDStatus"); if (proc == IntPtr.Zero) { int errno = Marshal.GetLastWin32Error(); // string s = Marshal.FormatMessage(); string msg = string.Format( "Proc WDStatus in Windows Defender client library, find returned {0} in {1} ", errno, _dllPath); throw new System.IO.FileNotFoundException(msg); } _WDStatus = (WDStatusDelegate)Marshal.GetDelegateForFunctionPointer(proc, typeof(WDStatusDelegate)); } // ctor public static string FindLibrary() { string basename = "Windows Defender\\MpClient.dll"; string programdir = Environment.GetEnvironmentVariable("ProgramFiles"); string programdir6432 = Environment.GetEnvironmentVariable("ProgramW6432"); string path; path = string.IsNullOrEmpty(programdir) ? Path.Combine(programdir6432, basename) : Path.Combine(programdir, basename); if (!File.Exists(path)) { throw new FileNotFoundException(); } return path; } // FindLibrary ~WDManagerNew() { Dispose(false); } // dtor #region dispose pattern protected virtual void Dispose(bool disposing) { if (disposing) { // dispose managed resources // Nothing to do! } if (_handle != IntPtr.Zero) { FreeLibrary(_handle); _handle = IntPtr.Zero; } _WDEnable = null; _WDStatus = null; } public void Dispose() { Dispose(true); GC.SuppressFinalize(this); } #endregion public static bool IsEnabled() { bool pfEnabled; WDManagerNew wdm = new WDManagerNew(); uint result = wdm._WDStatus(out pfEnabled); return pfEnabled; } public static void SetEnabled(bool pfEnable) { WDManagerNew wdm = new WDManagerNew(); uint result = wdm._WDEnable(pfEnable); } } // WDManager public static class IEPrivacyMgr { public enum PrivacyType { PRIVACY_TYPE_FIRST_PARTY = 0, // Refers to privacy settings for first party cookies. PRIVACY_TYPE_THIRD_PARTY = 1, // Refers to privacy settings for third party cookies. }; public enum URLZONE { INVALID = -1, // Invalid Zone. Should only be used if no appropriate zone available. PREDEFINED_MIN = 0, // Minimum value for a predefined zone. LOCAL_MACHINE = 0, // local machine zone is not exposed in UI INTRANET, // My Intranet zone TRUSTED, // Trusted Web sites zone INTERNET, // The Internet zone UNTRUSTED, // Untrusted sites zone PREDEFINED_MAX = 999, // Maximum value for a predefined zone USER_MIN = 1000, // Minimum value allowed for a user-defined zone USER_MAX = 10000, // Maximum value allowed for a user-defined zone }; public enum PrivacyTemplate { PRIVACY_TEMPLATE_NO_COOKIES = 0, // Block All Cookies on the Privacy Preferences slider bar PRIVACY_TEMPLATE_HIGH = 1, // High on the Privacy Preferences slider bar PRIVACY_TEMPLATE_MEDIUM_HIGH = 2, // Medium_High on the Privacy Preferences slider bar PRIVACY_TEMPLATE_MEDIUM = 3, // Medium on the Privacy Preferences slider bar PRIVACY_TEMPLATE_MEDIUM_LOW = 4, // Low on the Privacy Preferences slider bar PRIVACY_TEMPLATE_LOW = 5, // Accept All Cookies on the Privacy Preferences slider bar PRIVACY_TEMPLATE_CUSTOM = 100, // User-defined PRIVACY_TEMPLATE_ADVANCED = 101, // User-defined PRIVACY_TEMPLATE_MAX = 5, // Same as PRIVACY_TEMPLATE_LOW }; public enum InternetCookieState { COOKIE_STATE_UNKNOWN = 0x0, COOKIE_STATE_ACCEPT = 0x1, COOKIE_STATE_PROMPT = 0x2, COOKIE_STATE_LEASH = 0x3, COOKIE_STATE_DOWNGRADE = 0x4, COOKIE_STATE_REJECT = 0x5, COOKIE_STATE_MAX = COOKIE_STATE_REJECT, }; [DllImport("wininet.dll", CharSet = CharSet.Unicode)] private static extern uint PrivacyGetZonePreference(URLZONE dwZone, PrivacyType dType, out PrivacyTemplate pwdTemplate, IntPtr szBuffer, out uint pszBufferLength); [DllImport("wininet.dll", CharSet = CharSet.Unicode)] private static extern uint PrivacySetZonePreference(URLZONE dwZone, PrivacyType dType, PrivacyTemplate pwdTemplate, IntPtr szBuffer, uint pszBufferLength); [DllImport("wininet.dll", CharSet = CharSet.Unicode)] private static extern bool InternetEnumPerSiteCookieDecision(string pszSiteName, ref IntPtr pszSiteNameSize, out IntPtr pdwDecision, int dwIndex); [DllImport("wininet.dll", CharSet = CharSet.Unicode)] private static extern bool InternetClearAllPerSiteCookieDecisions(); public static ArrayList GetPrivacySites() { ArrayList privsites = new ArrayList(); bool PerSiteDefined = false; string pszSiteName; int pszSiteNameSize; IntPtr pSNs; IntPtr pdwDecision = new IntPtr(); int i = 0; // Determine if any sites are in the list do { pszSiteName = ""; for (int c = 0; c < 64; c++) { pszSiteName += "\0"; } pszSiteNameSize = (sizeof(char) * pszSiteName.Length); pSNs = new IntPtr(pszSiteNameSize); PerSiteDefined = InternetEnumPerSiteCookieDecision(pszSiteName, ref pSNs, out pdwDecision, i); if (PerSiteDefined == true) { privsites.Add(pszSiteName); } i++; } while (PerSiteDefined == true); return privsites; } public static bool CheckDefault() { bool isDefault = true; bool PerSiteDefined = false; string pszSiteName; int pszSiteNameSize; IntPtr pSNs; IntPtr pdwDecision = new IntPtr(); int i = 0; // Determine if any sites are in the list do { pszSiteName = ""; for (int c = 0; c < 64; c++) { pszSiteName += "\0"; } pszSiteNameSize = (sizeof(char) * pszSiteName.Length); pSNs = new IntPtr(pszSiteNameSize); PerSiteDefined = InternetEnumPerSiteCookieDecision(pszSiteName, ref pSNs, out pdwDecision, i); if (PerSiteDefined == true) { isDefault = false; } i++; } while (PerSiteDefined == true); // Check Slider values uint ReturnValue; uint OutBuffer = 0; PrivacyTemplate pwdTemplate; URLZONE Zonetype; PrivacyType PrivType; PrivType = PrivacyType.PRIVACY_TYPE_FIRST_PARTY; Zonetype = URLZONE.INTERNET; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_MEDIUM) { isDefault = false; } Zonetype = URLZONE.INTRANET; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM) { isDefault = false; } Zonetype = URLZONE.TRUSTED; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM) { isDefault = false; } Zonetype = URLZONE.UNTRUSTED; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_NO_COOKIES) { isDefault = false; } PrivType = PrivacyType.PRIVACY_TYPE_THIRD_PARTY; Zonetype = URLZONE.INTERNET; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_MEDIUM) { isDefault = false; } Zonetype = URLZONE.INTRANET; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM) { isDefault = false; } Zonetype = URLZONE.TRUSTED; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM) { isDefault = false; } Zonetype = URLZONE.UNTRUSTED; ReturnValue = PrivacyGetZonePreference(Zonetype, PrivType, out pwdTemplate, IntPtr.Zero, out OutBuffer); if (pwdTemplate != PrivacyTemplate.PRIVACY_TEMPLATE_NO_COOKIES) { isDefault = false; } return isDefault; } public static void SetDefault() { uint ReturnValue; PrivacyType PrivType; PrivType = PrivacyType.PRIVACY_TYPE_FIRST_PARTY; ReturnValue = PrivacySetZonePreference(URLZONE.INTERNET, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_MEDIUM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.INTRANET, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.TRUSTED, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.UNTRUSTED, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_NO_COOKIES, IntPtr.Zero, 0); PrivType = PrivacyType.PRIVACY_TYPE_THIRD_PARTY; ReturnValue = PrivacySetZonePreference(URLZONE.INTERNET, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_MEDIUM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.INTRANET, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.TRUSTED, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_CUSTOM, IntPtr.Zero, 0); ReturnValue = PrivacySetZonePreference(URLZONE.UNTRUSTED, PrivType, PrivacyTemplate.PRIVACY_TEMPLATE_NO_COOKIES, IntPtr.Zero, 0); ClearCookieDecisions(); } public static bool ClearCookieDecisions() { bool ReturnValue = InternetClearAllPerSiteCookieDecisions(); return ReturnValue; } } } "@ ##line 17 $WDManagerType = 'Microsoft.Windows.Diagnosis.WDManager' -as [type] # WDManger is a static class, so object cannot be created # $WDManager = new-object $WDManagerType $result = $WDManagerType::IsInstalled() if (-not $result) { throw "Windows Defender is not installed (missing DLL path)" } $IERepair = new-object $IERepairType $WDManagerNewType = 'Microsoft.Windows.Diagnosis.WDManagerNew' -as [type] $PrivacyMgrType = 'Microsoft.Windows.Diagnosis.IEPrivacyMgr' -as [type] #*================================================================================ #PrivacyMgr #*================================================================================ function PrivacyMgr() { if($?) { return $true } else { return $false } } #*================================================================================ # Get-PrivacySiteList #*================================================================================ function Get-PrivacySiteList() { $SitesList = $PrivacyMgrType::GetPrivacySites() | ForEach-Object {$_.TrimEnd($null)} return $SitesList } #*================================================================================ #Check-PrivacyDefault #*================================================================================ function Check-PrivacyDefault() { return $PrivacyMgrType::CheckDefault() } #*================================================================================ #get item property value from registry property #*================================================================================ function GetItemPropertyValue([string]$reg_path = $(throw "No registry path is specified"), [string]$propertyname = $(throw "no registry path is specified")) { return (Get-ItemProperty $reg_path $propertyname -ErrorAction silentlycontinue) } #*================================================================================ #UnderPolicySetting #*================================================================================ function UnderPolicySetting([string]$name = $(throw "No name is specified"), [string]$registrykey = $(throw "No registrykey is specified")) { $result = $false $userID = ([Security.Principal.WindowsIdentity]::GetCurrent()).user.value.Replace('-', '_') $policysetting = Get-WmiObject -Namespace "root\rsop\user\$userID" -query "select name, registrykey from RSOP_RegistryPolicySetting" | foreach ($_) {if ($_.registryKey -like "*Internet*") {$_}} | Select-Object name, registrykey if($PolicySetting -ne $null) { foreach($policyitem in $policysetting) { if(($policyitem.name -eq $name) -and ($policyitem.registrykey -eq $registrykey)) { return $true } } } $key = get-item "Registry::HKEY_LOCAL_MACHINE\$registrykey" -ErrorAction SilentlyContinue if(@($key.Property) -contains $name) { return $true } return $result } #*================================================================================ #Get-RecursiveACLs #*================================================================================ Function Get-RecursiveACLs($Path) { # Build a collection that will hold the ACLs for each key $Result = @() if(test-path $path){ # Get the ACLs for the supplied key and add them to the result $ACL = Get-Acl $Path $Result += $ACL # Get subkeys of the supplied key foreach ($ChildKeyName in (Get-Item $Path).GetSubKeyNames()) { $Result += Get-RecursiveACLs("$Path\$ChildKeyName") } } # Return the resulting list of ACLs Return $Result } #*================================================================================ #Get-IdentityAccess #*================================================================================ Function Get-IdentityAccess($ACL, $IdentityReference, $RegistryRights) { Foreach ($AccessItem in $ACL.Access) { if($AccessItem -ne $null) { if ($AccessItem.IdentityReference.Tostring().Tolower() -eq $IdentityReference.Tolower()) { if ($AccessItem.RegistryRights.Tostring().tolower() -eq $RegistryRights.Tolower()) { return $true } } } } return $false }