Powershell: Classobj-Remediation.ps1

PowerShell Script for Registry Hive Creation

This blog post will delve into the world of PowerShell scripting and explore a script designed to create registry hives. The script in question is Classobj-Remediation.ps1, which can be found on GitHub at https://github.com/your-username/Classobj-Remediation.ps1.

Prerequisites

The Script

This script is designed to create a new registry hive in the HKEY_CLASSES_ROOT directory. It does this by first checking if the hive already exists, and if not, creating it using the `New-PSDrive` cmdlet.

if (!(test-path "HKCR:\")) {
    New-PSDrive -PSProvider registry -Root HKEY_CLASSES_ROOT -Name HKCR
}

How It Works

Creating the Class Protocol

If the class protocol does not exist, the script creates it by creating a new directory and setting its default value. It also sets the edit flags and URL protocol values.

$classpath = "Registry::HKCR:\"
$keyname = "MSPWDToastNotification"
$keyDefault = "url:MSPWDToastNotification"
$keyeditflags = "2162688"
$valcontent = '"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --app=https://aka.ms/sspr'

set-location -path HKCR:\

$classcheck = Get-ChildItem -Path "HKCR:\$($keyname)\" -Recurse -ErrorAction SilentlyContinue
if (!($classcheck)) {
    #create class protocol
    new-item -Path "HKCR:\" -Name $keyname -ItemType directory -Verbose 
        new-itemproperty -Path "HKCR:\\$keyname" -name "(Default)" -PropertyType "string" -Value $keydefault -Verbose
        new-itemproperty -Path "HKCR:\\$keyname" -name "EditFlags" -PropertyType "DWORD" -Value $keyeditflags -Verbose
        new-itemproperty -Path "HKCR:\\$keyname" -name "URL Protocol" -PropertyType "string" -Value "" -Verbose
}

Setting Up the Shell

The script then creates a shell directory and sets its default value. It also creates an open directory and sets its default value to the specified URL.

    new-item -Path "HKCR:\\$keyname" -Name "Shell" -ItemType directory -Verbose
    new-item -Path "HKCR:\\$keyname\Shell" -Name "Open" -ItemType directory -Verbose
    new-item -Path "HKCR:\\$keyname\Shell\Open" -Name "command" -ItemType directory -Verbose
        new-itemproperty -Path "HKCR:\\$keyname\Shell\Open\command" -name "(Default)" -PropertyType "string" -Value $valcontent -Verbose
}

Key Code Snippets

write-output "Registry Hives Created, Complaint"
exit 0         

Usage Examples

This script is designed to be run in PowerShell and can be used to create registry hives for various purposes. The exact usage will depend on the specific requirements of your use case.

Conclusion

In conclusion, this PowerShell script provides a comprehensive solution for creating registry hives. By following the steps outlined in this blog post, you should now have a solid understanding of how to create and manage registry hives using PowerShell.

View Script on GitHub