Desktop.INI Delete Invisible

First,  Choose between the two.
1

Code: [Select]

; Desktop.INI Delete Invisible. Make the hidden file visible after that.
; Win10XPE\Projects\Win10XPE\Features\Explorer_RegDefault.txt
[HKEY_LOCAL_MACHINE\Tmp_Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000000
"ShowSuperHidden"=dword:00000000

or
2

Code: [Select]

_SUB OSInit
// Desktop.INI Delete Invisible
REGI #HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden=0
REGI #HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden=0
_END

Second, This part.
(It is recommended to execute before running the pintool.)

Code: [Select]

_SUB PostShell
// Remove desktop.ini
IFEX %Desktop%\desktop.ini,FILE %Desktop%\desktop.ini
IFEX X:\Users\Default\Desktop\desktop.ini,FILE X:\Users\Default\Desktop\desktop.ini
IFEX X:\Users\Public\Desktop\desktop.ini,FILE X:\Users\Public\Desktop\desktop.ini
IFEX X:\Users\Administrator\Desktop\desktop.ini,FILE X:\Users\Administrator\Desktop\desktop.ini

// Show Hidden files
REGI #HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden=1
REGI #HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden=1
ENVI @@DeskTopFresh=1

// PinTool must be Launched after Explorer
EXEC %WinDir%\System32\PinTool.exe -debug %Windir%\System32\Pecmd.ini
_END

// To refresh the desktop: ENVI @@DeskTopFresh=[clearicon][;][1/2/4/8/16][;[-/+]PATH]
//1:to refresh the desktop and the window of My Computer.
//4:for change
//2:to refresh the desktop professionally only.clearicon:to clear the icon cache(first).
//8:to refresh ICO and file associations.
//16[:func]:to refresh path(Desktop), -to remove,+to add,or refresh.

Well seen powerpc 
Hide hidden files before deleting desktop.ini and make hidden files visible again
It allows not to see desktop.ini at All, on the desktop at startup, Good 
On the other hand, it complicates a little pecmd.ini, I don't know if I take it in the base

I'm going to add TaskbarJumpList=1 from your other post 

Hi ChrisR!
Also check the pintool. It works well.
Pintool v2.4.0.7.
http://theoven.org/index.php?topic=1338.msg33901#msg33901

Hi powerpc!
I didn't see your pintool update, I'm going to look at it

I just tested an x64 build, pintool works well

Great find for Masquerade-PEB, to give it the appearance of explorer process. If I have understood correctly!
Thanks to you and to JFX for the au3 function
Can be useful, I'd like to have the same procedure in PB

I added to the package, the upload is in progress...

Great find for Masquerade-PEB, to give it the appearance of explorer process. If I have understood correctly!
Thanks to you and to JFX for the au3 function
Can be useful, I'd like to have the same procedure in PB

Yes it gives the appearance of explorer.exe and so the the "pin to taskbar" item
will show up in context menu, bypassing MS simple trick to hide it.

Code: [Select]

EnableExplicit

Structure _UNICODE_STRING Align #PB_Structure_AlignC
  usLength.w
  usMaximumLength.w
  usBuffer.i
EndStructure

Structure LIST_ENTRY
  *Flink.LIST_ENTRY
  *Blink.LIST_ENTRY
EndStructure
 
Structure PEB_LDR_DATA Align #PB_Structure_AlignC
  Reserved0.b[8]
  Reserved1.i[3]
  InMemoryOrderModuleList.LIST_ENTRY
EndStructure

Structure LDR_DATA_TABLE_ENTRY Align #PB_Structure_AlignC
  InLoadOrderLinks.LIST_ENTRY
  InMemoryOrderLinks.LIST_ENTRY
  InInitializationOrderLinks.LIST_ENTRY
  DllBase.i
  EntryPoint.i
  SizeOfImage.l
  FullDllName._UNICODE_STRING
  BaseDllName._UNICODE_STRING
EndStructure

Structure PEB Align #PB_Structure_AlignC
  InheritedAddressSpace.b
  ReadImageFileExecOptions.b
  BeingDebugged.b
  BitField.b
  Mutant.i
  ImageBaseAddress.i
  *Ldr.PEB_LDR_DATA
  ProcessParameters.i
EndStructure


Procedure MasqueradePEB(sName.s = "%Windir%\explorer.exe")
 
  Protected *PEB.PEB, *CurrentEntry.LIST_ENTRY, *Current.LDR_DATA_TABLE_ENTRY
  Protected US1._UNICODE_STRING, US2._UNICODE_STRING
  Protected iProtect, hDLL, sNewName.s{261}
 
  CompilerIf #PB_Compiler_Processor = #PB_Processor_x64
    !mov rax,[gs: qword 60h]
    !mov [p.p_PEB], rax
  CompilerElse
    !mov eax,[fs: dword 30h]
    !mov [p.p_PEB], eax
  CompilerEndIf
 
  hDLL = GetModuleHandle_(0)
  *CurrentEntry = *PEB\Ldr\InMemoryOrderModuleList\Flink
  ExpandEnvironmentStrings_(@sName, @sNewName, 255) 
  RtlCreateUnicodeString_(@US1, @sNewName)
  RtlCreateUnicodeString_(@US2, PathFindFileName_(@sNewName))

  While *CurrentEntry And Not *PEB\Ldr\InMemoryOrderModuleList = *CurrentEntry   
    *Current = *CurrentEntry - SizeOf(LIST_ENTRY)     
    If hDll = *Current\DllBase
      If VirtualProtect_(@*Current\FullDllName, SizeOf(_UNICODE_STRING) * 2, #PAGE_EXECUTE_READWRITE, @iProtect)
        CopyMemory_(@*Current\FullDllName, @US1, SizeOf(_UNICODE_STRING) * 2)
        VirtualProtect_(@*Current\FullDllName, SizeOf(_UNICODE_STRING) * 2, iProtect, @iProtect)
      EndIf
      Break
    EndIf
    *CurrentEntry = *CurrentEntry\Flink
  Wend
   
EndProcedure



#CMF_NORMAL = 0
#idCmdFirst = 1
#idCmdLast  = $6FFF
#CMIC_MASK_UNICODE = $00004000
#CMIC_MASK_PTINVOKE = $20000000

Structure CMINVOKECOMMANDINFOEX
  cbSize.l
  fMask.l
  hwnd.i
  lpVerb.i
  lpParameters.i
  lpDirectory.i
  nShow.l
  dwHotKey.l
  hIcon.i
  lpTitle.i
  lpVerbW.i
  lpParametersW.i
  lpDirectoryW.i
  lpTitleW.i
  ptInvoke.POINT
EndStructure

DataSection
  IID_IShellFolder:
  Data.l $000214E6
  Data.w $0000, $0000
  Data.b $C0, $00, $00, $00, $00, $00, $00, $46
 
  IID_IContextMenu:
  Data.l $000214E4
  Data.w $0000, $0000
  Data.b $C0, $00, $00, $00, $00, $00, $00, $46
 
EndDataSection

Interface _IShellFolder Extends IUnknown
  ParseDisplayName(a, b, c, d, e, f)
  EnumObjects(a, b, c)
  BindToObject(a, b, c, d)
  BindToStorage(a, b, c, d)
  CompareIDs(a, b, c)
  CreateViewObject(a, b, c)
  GetAttributesOf(a, b, c)
  GetUIObjectOf(a, b, c, d, e, f)
  GetDisplayNameOf(a, b, c)
  SetNameOf(a, b, c, d, e)
EndInterface



Procedure.s LoadDllString(sDll.s, id)
  Protected hInstance, sReturn.s{261}, sExpand.s{261}
  ExpandEnvironmentStrings_(@sDll, @sExpand, 255)
  hInstance = LoadLibraryEx_(@sExpand, 0, #LOAD_LIBRARY_AS_DATAFILE)
  If hInstance
    LoadString_(hInstance, id, @sReturn, 256)
    FreeLibrary_(hInstance)
    ProcedureReturn sReturn
  EndIf
  ProcedureReturn ""
EndProcedure



Procedure InvokeContextMenu(sFile.s, sVerb.s)
 
  Protected iCount, hPopupMenu, sName.s{261}, i, iReturn, iFileName, hr.l
  Protected *c.character, *DesktopFolder._IShellFolder, *ParentFolder._IShellFolder
  Protected *CM.IContextMenu, CI.CMINVOKECOMMANDINFOEX, lpmii.MENUITEMINFO
  Protected ParentPidl, Pidl, sExpand.s{261}
 
  ExpandEnvironmentStrings_(@sFile, @sExpand, 255)
 
  iFileName = PathFindFileName_(@sExpand)
  If Not iFileName
    ProcedureReturn 0
  EndIf
 
  *c.character = iFileName - SizeOf(Character)
  *c\c = 0
       
  If SHGetDesktopFolder_(@*DesktopFolder) = #ERROR_SUCCESS
    If *DesktopFolder\ParseDisplayName(0, 0, @sExpand, 0, @ParentPidl, 0) = #ERROR_SUCCESS
      If *DesktopFolder\BindToObject(ParentPidl, 0, ?IID_IShellFolder, @*ParentFolder) = #ERROR_SUCCESS
        *DesktopFolder\Release()
        If *ParentFolder\ParseDisplayName(0, 0, iFileName, 0, @Pidl, 0) = #ERROR_SUCCESS
          If *ParentFolder\GetUIObjectOf(0, 1, @Pidl, ?IID_IContextMenu, 0, @*CM) = #ERROR_SUCCESS
            *ParentFolder\Release()
          EndIf
          CoTaskMemFree_(Pidl)
        EndIf
      EndIf
      CoTaskMemFree_(ParentPidl)
    EndIf
  EndIf
 
  *c\c = '\'
 
  If *CM   
    CI\cbSize = SizeOf(CMINVOKECOMMANDINFOEX)
    CI\fMask = #CMIC_MASK_UNICODE | #CMIC_MASK_PTINVOKE
    CI\nShow = #SW_NORMAL   
    lpmii\cbSize = SizeOf(MENUITEMINFO)
    lpmii\dwTypeData = @sName
    lpmii\fMask = #MIIM_STRING | #MIIM_FTYPE
    hPopupMenu = CreatePopupMenu_()
    If hPopupMenu     
      hr = *CM\QueryContextMenu(hPopupMenu, 0, #idCmdFirst, #idCmdLast, #CMF_NORMAL)
      If hr > 0
        iCount = GetMenuItemCount_(hPopupMenu)
        For i = 0 To iCount         
          CI\lpVerb = GetMenuItemID_(hPopupMenu, i)
          lpmii\cch = 255         
          If GetMenuItemInfo_(hPopupMenu, CI\lpVerb, 0, @lpmii)
            If CompareMemoryString(@sName, @sVerb, #PB_String_NoCase) = #PB_String_Equal
            CI\lpVerb - #idCmdFirst
              If *CM\InvokeCommand(@CI) = 0
                iReturn = 1
              EndIf
              Break
            EndIf
          EndIf         
        Next       
      EndIf
      DestroyMenu_(hPopupMenu)
    EndIf   
    *CM\Release()
    ProcedureReturn iReturn   
  EndIf
 
  ProcedureReturn 0
 
EndProcedure



CompilerIf #PB_Compiler_IsMainFile
 
  MasqueradePEB()
  CoInitialize_(0)
  Define sTaskbar.s = LoadDllString("shell32", 5386)
  Define sStartMenu.s = LoadDllString("%LOCALAPPDATA%\StartIsBack\StartIsBack64.dll", 5381)
 
  InvokeContextMenu("%windir%\System32\notepad.exe", sTaskbar)
  If sStartMenu <> ""
    InvokeContextMenu("%windir%\System32\notepad.exe", sStartMenu)
  EndIf
 
CompilerEndIf

Wow, that's really great, with in addition IContextMenu implemented 
I'm going to run out of time to play with it before the holidays but I'll try to make good use of it after.
Thanks a lot, good holiday to you