Add systemwide patch

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "zydis"]
+	path = zydis
+	url = https://github.com/zyantific/zydis/

FakeDLL/FakeDLL.cpp

@@ -0,0 +1,103 @@
+#include "ntdll.h"
+#include <winternl.h>
+#include <sddl.h>
+
+extern "C" __declspec(dllexport) void APIENTRY BriCreateBrokeredEvent();
+extern "C" __declspec(dllexport) void APIENTRY BriDeleteBrokeredEvent();
+extern "C" __declspec(dllexport) void APIENTRY EaCreateAggregatedEvent();
+extern "C" __declspec(dllexport) void APIENTRY EACreateAggregateEvent();
+extern "C" __declspec(dllexport) void APIENTRY EaQueryAggregatedEventParameters();
+extern "C" __declspec(dllexport) void APIENTRY EAQueryAggregateEventData();
+extern "C" __declspec(dllexport) void APIENTRY EaFreeAggregatedEventParameters();
+extern "C" __declspec(dllexport) void APIENTRY EaDeleteAggregatedEvent();
+extern "C" __declspec(dllexport) void APIENTRY EADeleteAggregateEvent();
+
+BOOL DeleteSection(LPCWSTR path)
+{
+    HANDLE hLink;
+    UNICODE_STRING name;
+
+    RtlInitUnicodeString(&name, path);
+    OBJECT_ATTRIBUTES oa = { sizeof(oa), NULL, &name, OBJ_CASE_INSENSITIVE, NULL, NULL };
+
+    if (NtOpenSection(&hLink, DELETE, &oa))
+        return FALSE;
+
+    BOOL returnValue = NtMakeTemporaryObject(hLink) == 0;
+
+    NtClose(hLink);
+
+    return returnValue;
+}
+
+BOOL DeleteObjectLink(LPCWSTR path)
+{
+    HANDLE hLink;
+    UNICODE_STRING name;
+    SECURITY_DESCRIPTOR sd;
+
+    RtlInitUnicodeString(&name, path);
+    OBJECT_ATTRIBUTES oa = { sizeof(oa), NULL, &name, OBJ_CASE_INSENSITIVE, NULL, NULL };
+
+    if (NtOpenSymbolicLinkObject(&hLink, WRITE_DAC, &oa))
+        return FALSE;
+
+    InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
+#pragma warning( suppress : 6248 ) // Disable warning as setting a NULL DACL is intentional here
+    SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE);
+
+    if (!SetKernelObjectSecurity(hLink, DACL_SECURITY_INFORMATION, &sd) | NtClose(hLink))
+        return FALSE;
+
+    if (NtOpenSymbolicLinkObject(&hLink, DELETE, &oa))
+        return FALSE;
+
+    BOOL returnValue = NtMakeTemporaryObject(hLink) == 0;
+
+    NtClose(hLink);
+
+    return returnValue;
+}
+
+HANDLE ObjectManagerCreateSymlink(LPCWSTR linkname, LPCWSTR targetname)
+{
+    UNICODE_STRING name, target;
+    HANDLE hLink;
+    PSECURITY_DESCRIPTOR sd;
+
+    if (!ConvertStringSecurityDescriptorToSecurityDescriptorW(
+        L"D:(A;;GA;;;BA)(A;;GR;;;RC)(A;;GR;;;WD)(A;;GR;;;AC)(A;;GR;;;S-1-15-2-2)S:(ML;;NW;;;LW)",
+        SDDL_REVISION_1, &sd, 0)) return NULL;
+
+    RtlInitUnicodeString(&name, linkname);
+    RtlInitUnicodeString(&target, targetname);
+    OBJECT_ATTRIBUTES oa = { sizeof(oa), NULL, &name, OBJ_CASE_INSENSITIVE | OBJ_PERMANENT, NULL, NULL };
+
+    if (NtCreateSymbolicLinkObject(&hLink, SYMBOLIC_LINK_ALL_ACCESS, &oa, &target))
+        return NULL;
+
+    SetKernelObjectSecurity(hLink, DACL_SECURITY_INFORMATION | LABEL_SECURITY_INFORMATION, sd);
+
+    return hLink;
+}
+
+BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
+{
+	if (ul_reason_for_call == DLL_PROCESS_ATTACH)
+	{
+        DeleteObjectLink(L"\\KnownDlls\\EventAggregation.dll");
+        if (DeleteSection(L"\\KnownDlls\\shell32.dll"))
+            ObjectManagerCreateSymlink(L"\\KnownDlls\\shell32.dll", L"\\BaseNamedObjects\\shell32.dll");
+	}
+	return TRUE;
+}
+
+void APIENTRY BriCreateBrokeredEvent() { }
+void APIENTRY BriDeleteBrokeredEvent() { }
+void APIENTRY EaCreateAggregatedEvent() { }
+void APIENTRY EACreateAggregateEvent() { }
+void APIENTRY EaQueryAggregatedEventParameters() { }
+void APIENTRY EAQueryAggregateEventData() { }
+void APIENTRY EaFreeAggregatedEventParameters() { }
+void APIENTRY EaDeleteAggregatedEvent() { }
+void APIENTRY EADeleteAggregateEvent() { }

FakeDLL/FakeDLL.vcxproj

@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>16.0</VCProjectVersion>
+    <Keyword>Win32Proj</Keyword>
+    <ProjectGuid>{16eef1dc-bbff-4b4a-93ea-9f9162ac4902}</ProjectGuid>
+    <RootNamespace>FakeDLL</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="Shared">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+    <GenerateManifest>false</GenerateManifest>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>false</SDLCheck>
+      <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <DebugInformationFormat>None</DebugInformationFormat>
+      <ExceptionHandling>false</ExceptionHandling>
+      <BufferSecurityCheck>false</BufferSecurityCheck>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <AdditionalIncludeDirectories>$(SolutionDir)Shell32Patcher</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>false</GenerateDebugInformation>
+      <AdditionalDependencies>ntdll.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClCompile Include="FakeDLL.cpp" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>

FakeDLL/FakeDLL.vcxproj.filters

@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="FakeDLL.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>

FakeDLL/FakeDLL.vcxproj.user

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup />
+</Project>

README.md

@@ -4,8 +4,18 @@ Shell32Patcher allows you to use classic context menu in Windows 11 file explore
 
 ## Usage
 
+### Non-persist patch
+
 Uncheck 'Launch folder windows in a separate process'
 
-Run program. The patch will take effect immediately
+Run program. The patch will take effect immediately and apply to your current session only
+
+Newly started explorer.exe remains unpatched. To revert, simply restart explorer.exe
+
+### Systemwide patch
+
+To perform systemwide patch, you need to run program using an administrative account (but **not** `NT AUTHORITY\SYSTEM`) with commandline option `-p`
+
+The patch will apply to all users and all newly started processes
 
-To revert, simply restart explorer.exe
+To revert systemwide patch, you must restart your computer

Shell32Patcher.sln

@@ -5,6 +5,8 @@ VisualStudioVersion = 16.0.31424.327
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Shell32Patcher", "Shell32Patcher\Shell32Patcher.vcxproj", "{72A07A64-5D50-4561-A3A1-0BF42710A1BB}"
 EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "FakeDLL", "FakeDLL\FakeDLL.vcxproj", "{16EEF1DC-BBFF-4B4A-93EA-9F9162AC4902}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|x64 = Debug|x64
@@ -18,6 +20,11 @@ Global
 		{72A07A64-5D50-4561-A3A1-0BF42710A1BB}.Release|x64.Build.0 = Release|x64
 		{72A07A64-5D50-4561-A3A1-0BF42710A1BB}.ReleaseW|x64.ActiveCfg = ReleaseW|x64
 		{72A07A64-5D50-4561-A3A1-0BF42710A1BB}.ReleaseW|x64.Build.0 = ReleaseW|x64
+		{16EEF1DC-BBFF-4B4A-93EA-9F9162AC4902}.Debug|x64.ActiveCfg = Release|x64
+		{16EEF1DC-BBFF-4B4A-93EA-9F9162AC4902}.Release|x64.ActiveCfg = Release|x64
+		{16EEF1DC-BBFF-4B4A-93EA-9F9162AC4902}.Release|x64.Build.0 = Release|x64
+		{16EEF1DC-BBFF-4B4A-93EA-9F9162AC4902}.ReleaseW|x64.ActiveCfg = Release|x64
+		{16EEF1DC-BBFF-4B4A-93EA-9F9162AC4902}.ReleaseW|x64.Build.0 = Release|x64
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE