The portions of Results.txt that are written by Get-BlocksFromBin using Out-File are encoded as UTF16 as that's the default encoding of the cmdlet, whereas the other text written by Add-Content is the encoding of the source file which is UTF8.

This can be fixed by adding an -Encoding UTF8 argument to all uses of Out-File.

Hi, i read in a blog about this small tool / script. Wanted to try it, but getting a small error:

Python Version:

Per comment from DK2000.
https://www.deskmodder.de/blog/2020/07/27/warum-wird-das-windows-10-funktionsupdate-blockiert-eine-tiefe-analyse-von-adam-gross/#comments

Hi, i'm encountering an error on my machine:

The value "{fa1d81f1-57b7-4907-970a-a37d80d41304}" of Type "System.String" can not convert into type of "System.Collections.ArrayList"
In C:\Program Files\WindowsPowerShell\Modules\FU.WhyAmIBlocked\1.0.0.2\Public\Get-Blocks.ps1:101 Zeichen:9

•     $Script:BlockList = Get-BlocksFromXML -FileList $HumanReadabl ...
  

•     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  

  • CategoryInfo : MetadataError: (:) [], ParentContainsErrorRecordException
  • FullyQualifiedErrorId : RuntimeException

Running the script with Admin privileques on Win 10 1909, german language enabled.

Running Import-Module FU.WhyAmIBlocked displays:

Python 2.7.16
Import-Module : Python is not installed. Install Pyton before proceeding.
At line:1 char:1
+ Import-Module FU.WhyAmIBlocked
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (Python is not i...ore proceeding.:String) [Import-Module], RuntimeException
    + FullyQualifiedErrorId : Python is not installed. Install Pyton before proceeding.,Microsoft.PowerShell.Commands.ImportModuleCommand

I believe this is because (some?) Python 2 versions output python --version to err instead of out.

Using this as the check should work for this version:
$PythonVersion = "$(python --version 2>&1)"

wrote report.txt
what to do ????

mydearcomputer - 10/06/2022 15:51:00
Found 2 .bin file(s).

Directory: C:\FeatureUpdateBlocks\KAVIOLINA_20221006_035100\Bin

Mode LastWriteTime Length Name

-a---- 3.8.2022. 5:23 2451616 AppCompatAppraiser_APPRAISER_TelemetryBaseline_NI22H2.bin
-a---- 6.10.2022. 9:17 2067173 AppCompatAppraiser_APPRAISER_TelemetryBaseline_UNV.bin

C:\FeatureUpdateBlocks\KAVIOLINA_20221006_035100\XML\AppCompatAppraiser_APPRAISER_TelemetryBaseline_NI22H2.bin_HUMANREADABLE.XML

Matching GatedBlock....NONE FOUND.
Matching BlockUpgrade....FOUND!
BlockUpgrade:

Name Value Ordinal

SdbAppName VMware Workstation Pro 2
SdbEntryGuid {4b9bb66d-2725-4274-b331-54a1950c6b8a} 2
SdbBlockType BlockUpgrade 2
SdbAppGuid {7ebb75d7-6f34-42fb-8468-162a6c4f70c3} 2

All SDB Entries For: C:\FeatureUpdateBlocks
For: C:\FeatureUpdateBlocks
Entry 0 :

Name Value Ordinal

SdbAppName BattlEye Anticheat 2
SdbEntryGuid {3f6b2bc0-2675-4416-82e8-89943adc24b6} 2
SdbBlockType ApphelpHardBlock 2
SdbAppGuid {24260bae-f74b-4ce0-b2b4-3335da5c63d4} 2

Entry 1 :

Name Value Ordinal

SdbAppName Microsoft Office 2
SdbEntryGuid {fe2a6f06-be2c-4ece-a9a6-b6a4f635b129} 2
SdbAppGuid {38feba87-6d1f-496a-bf6b-ad0b622807cd} 2

Entry 2 :

Name Value Ordinal

SdbAppName Microsoft Office 2
SdbEntryGuid {6d94f994-e6ae-4f1c-b286-61d63872c3db} 2
SdbAppGuid {38feba87-6d1f-496a-bf6b-ad0b622807cd} 2

Entry 3 :

Name Value Ordinal

SdbAppName Microsoft Office 2
SdbEntryGuid {27398951-0ddc-413f-8ca5-aa8bb300c1a4} 2
SdbAppGuid {38feba87-6d1f-496a-bf6b-ad0b622807cd} 2

Entry 4 :

Name Value Ordinal

SdbAppName Microsoft Office 2
SdbEntryGuid {3ee1a465-60ad-43f2-b1bb-be6e5cf99cd3} 2
SdbAppGuid {38feba87-6d1f-496a-bf6b-ad0b622807cd} 2

Entry 5 :

Name Value Ordinal

SdbAppName Microsoft Office 2
SdbAppName Microsoft Office 3
SdbEntryGuid {44beb94e-be85-4e88-b9fa-c328358e860b} 2
SdbEntryGuid {00ae5524-e38d-42b5-818c-ee370ecd3484} 3
SdbAppGuid {38feba87-6d1f-496a-bf6b-ad0b622807cd} 2
SdbAppGuid {38feba87-6d1f-496a-bf6b-ad0b622807cd} 3

Entry 6 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 3
SdbAppName VMware Workstation Pro 2
SdbAppName VMware Workstation Pro 4
SdbAppName P0 VMware Workstation Pro (No-Op) 3
SdbEntryGuid {4b9bb66d-2725-4274-b331-54a1950c6b8a} 2
SdbEntryGuid {47d17d36-ec23-4f12-813a-7257ce075443} 3
SdbEntryGuid {66f21bbc-149a-411b-8e11-880af7c1266c} 4
SdbBlockType BlockUpgrade 2
SdbBlockType ApphelpSoftBlock 4
SdbAppGuid {7ebb75d7-6f34-42fb-8468-162a6c4f70c3} 2
SdbAppGuid {257bb53b-2403-49c0-adb8-27c5d512de01} 3
SdbAppGuid {7ebb75d7-6f34-42fb-8468-162a6c4f70c3} 4

Entry 7 :

Name Value Ordinal

SdbAppName Microsoft Office 2
SdbEntryGuid {8023de0f-0909-4d2a-b36a-8d2fc7de7465} 2
SdbAppGuid {38feba87-6d1f-496a-bf6b-ad0b622807cd} 2

Entry 8 :

Name Value Ordinal

SdbAppName VC Runtime 1
SdbEntryGuid {00b0c9b2-3f04-4795-a8ac-5b7bd5ea2ea8} 1
SdbAppGuid {03760bce-35d7-47a3-b83b-de673fdb6ab4} 1

Entry 9 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 2
SdbAppName P0 No-Op Market Share 2
SdbEntryGuid {414c4ccb-8364-4037-9b10-3570049ca91b} 2
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 2

Entry 10 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 3
SdbAppName P0 No-Op Market Share 3
SdbEntryGuid {69997fb5-bfc0-4c4c-bb42-18aae2f79d49} 3
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 3

Entry 11 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 4
SdbAppName P0 No-Op Market Share 4
SdbEntryGuid {1be0c418-68f8-4ed9-9020-41bac0ab27b1} 4
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 4

Entry 12 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 5
SdbAppName P0 No-Op Market Share 5
SdbEntryGuid {4dac7c1a-1692-46d5-9e01-bcc3405aea42} 5
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 5

Entry 13 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 6
SdbAppName P0 No-Op Market Share 6
SdbEntryGuid {80976924-e397-4385-865c-20b51fbb4d85} 6
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 6

Entry 14 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 7
SdbAppName P0 No-Op Market Share 7
SdbEntryGuid {5a5ca179-84f7-4c60-8d20-b7e4a98ccde2} 7
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 7

Entry 15 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 8
SdbAppName P0 No-Op Market Share 8
SdbEntryGuid {ec0a42c4-6d39-40c3-8190-296f37d269c5} 8
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 8

Entry 16 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 9
SdbAppName P0 No-Op Market Share 9
SdbEntryGuid {6cf87ca8-d96e-4b68-95ba-aa20229d51aa} 9
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 9

Entry 17 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 10
SdbAppName P0 No-Op Market Share 10
SdbEntryGuid {d8bfb02a-340a-4f5b-97f5-31624cf9adae} 10
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 10

Entry 18 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 11
SdbAppName P0 No-Op Market Share 11
SdbEntryGuid {eacdca70-886f-4e01-9331-92b9609b7b83} 11
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 11

Entry 19 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 12
SdbAppName P0 No-Op Market Share 12
SdbEntryGuid {c3323135-d1bd-4c6c-8498-29d452fd0b5a} 12
SdbAppGuid {e90e4301-4eed-4786-b0a7-a46d21ce0fce} 12

Entry 20 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 13
SdbAppName P0 [AV Health] Avast Antivirus 13
SdbEntryGuid {623fed2f-7af2-489d-afdf-1337381a306d} 13
SdbAppGuid {9d9be83e-7d7a-421b-9b12-928f7194812f} 13

Entry 21 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 14
SdbAppName P0 [AV Health] Avast Antivirus 14
SdbEntryGuid {efa677e8-2f2d-4833-a5b1-0d8bd7e1da04} 14
SdbAppGuid {9d9be83e-7d7a-421b-9b12-928f7194812f} 14

Entry 22 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 15
SdbAppName P0 [AV Health] Trend Micro Security Agent 15
SdbEntryGuid {467735e2-f95a-4c9a-9a13-f303bdfd4e14} 15
SdbAppGuid {f030eda4-77cd-498a-9d1b-8307e5741185} 15

Entry 23 :

Name Value Ordinal

SdbAppraiserData TelemetryOnly 16
SdbAppName P0 [AV Health] Trend Micro Security Agent 16
SdbEntryGuid {218177cc-b09b-4e34-ba11-1943f8573cd5} 16
SdbAppGuid {f030eda4-77cd-498a-9d1b-8307e5741185} 16

Entry 24 :

Name Value Ordinal

SdbAppName Migrate Appraiser Markers 17
SdbEntryGuid {3b262b50-25ce-4ad9-8aad-0cf9e3d134c6} 17
SdbAppGuid {3cd1024d-65c0-4c5f-96c9-80bbcf1e9d8b} 17

C:\FeatureUpdateBlocks\KAVIOLINA_20221006_035100\XML\AppCompatAppraiser_APPRAISER_TelemetryBaseline_UNV.bin_HUMANREADABLE.XML

Matching GatedBlock....NONE FOUND.
Matching Block Upgrade....NONE FOUND.
All SDB Entries For: C:\FeatureUpdateBlocks
For: C:\FeatureUpdateBlocks
AppCompat Registry Flags

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Appraiser
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Appraiser\SEC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Appraiser\GWX

Update Help/Docs after changes in #6 are validated.

Hi,

After I run Get-FUBlocks on a local device (and it finds a block) and I try Export-BypassBlock, I get the error "The term 'Export-BypassBlock' is not recognized as the name of a cmdlet"

Am I doing something wrong?

(I am testing on a 1903 machine that has a upgrade block from Trend AV. My aim is to figure out the registry bypass so that the 20 x 1903 machines for this client will upgrade)

After running Get-FUBlocks (version 1.0.0.3) it states "Appraiser Database matches can be found: C:\FeatureUpdateBlocks\LOVELACE\Match.txt"

Unfortunately, this file does not exist. If I inspect Results.txt, I can see it's being blocked by "Windows Searchbox":

Matching GatedBlock....FOUND!
GatedBlock:
==========

Name             Value                                  Ordinal
----             -----                                  -------
SdbAppraiserData GatedBlock                             3      
SdbAppName       Windows Searchbox                      3      
SdbEntryGuid     {5e757e51-cc84-4a4a-ae70-d69a6a2b37f1} 3      
SdbAppGuid       {1b07f560-9ebf-461e-a71b-f3b2c7af46af} 3      

Not sure if it matters, but the tmp\AllMatches.json file is basically empty:

{

}

While waiting for #2 to be solved, I tried manually looking up this entry in the SDB manually as suggested by your comment here and found no matching entry. At the time I assumed I was doing something wrong, but now I'm wondering if this block is just weird.

Testing on a Surface Pro X fails when attempting to convert the BIN files to XML.

The files are output incorrectly if there are multiple bypass block keys.

When executing Get-FUBlocks i am getting the following error message:

WARNING: Access to the path 'C:\Windows\appcompat\appraiser\Appraiser_AlternateData.cab' is denied.
Copy-Item : Access to the path 'C:\Windows\appcompat\appraiser\Appraiser_AlternateData.cab' is denied.
At C:\Users\Daniel\Documents\WindowsPowerShell\Modules\FU.WhyAmIBlocked\1.0.0.5\Public\Get-Blocks.ps1:146 char:25
+ ...     $File | Copy-Item -Destination "$($DestPath)\$($Key)_$($File.Name ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Copy-Item], UnauthorizedAccessException
    + FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.CopyItemCommand

How would I get the script working?

You have to run Initialize-FUModule after importing. If you fail to, it should prompt but doesn't.

Here is my PowerShell output
PowerShell 7.2.6 Copyright (c) Microsoft Corporation.
https://aka.ms/powershell
Type 'help' to get help.
PS C:\Users\richs> Install-Module FU.WhyAmIBlocked -Scope CurrentUser PS C:\Users\richs> Import-Module FU.WhyAmIBlocked
Write-Error: Failed to import function C:\Users\richs\OneDrive\Documents\PowerShell\Modules\FU.WhyAmIBlocked\1.0.0.8\Public\ConvertFrom-BinToXML.ps1: At C:\Users\richs\OneDrive\Documents\PowerShell\Modules\FU.WhyAmIBlocked\1.0.0.8\Public\ConvertFrom-BinToXML.ps1:1 char:1 + <#
+ ~~ This script contains malicious content and has been blocked by your antivirus software.
Write-Error: Failed to import function C:\Users\richs\OneDrive\Documents\PowerShell\Modules\FU.WhyAmIBlocked\1.0.0.8\Public\Expand-SDB.ps1: At C:\Users\richs\OneDrive\Documents\PowerShell\Modules\FU.WhyAmIBlocked\1.0.0.8\Public\Expand-SDB.ps1:1 char:1 +
This script contains malicious content and has been blocked by your antivirus software. PS C:\Users\richs>`

Here is the report from my AntiVirus software:
`PowerShell tried to load a malicious resource detected as Heur.BZC.ZFV.Linx.51.36DA30A5 and was blocked. Your device is safe.

Not sure how to proceed. Please advise

The latest SDB file is somehow incompatible and it errors out. This includes Windows 10/11.

PS C:\Windows\system32> Get-FUBlocks
 + Creating Output Folders .. √
 + Getting .source files..
 ++ copying C:\Windows\appcompat\appraiser\Appraiser_AlternateData.cab to C:\FeatureUpdateBlocks\COMPUTERA\CABs√
 ++ copying C:\Windows\appcompat\appraiser\APPRAISER_TelemetryBaseline_NI23H2.bin to C:\FeatureUpdateBlocks\COMPUTERA\Bin√
 ++ copying C:\Windows\appcompat\appraiser\APPRAISER_TelemetryBaseline_UNV.bin to C:\FeatureUpdateBlocks\COMPUTERA\Bin√
 ++ copying C:\Windows\System32\appraiser\appraiser.sdb to C:\FeatureUpdateBlocks\COMPUTERA\AppraiserData\System32Appraiser√
 ++ copying C:\Windows\System32\appraiser\backup.sdb to C:\FeatureUpdateBlocks\COMPUTERA\AppraiserData\System32Appraiser√
 ++ copying C:\Windows\System32\appraiser\restore.sdb to C:\FeatureUpdateBlocks\COMPUTERA\AppraiserData\System32Appraiser√
 ++ copying C:\Windows\System32\appraiser\Appraiser_Data.ini to C:\FeatureUpdateBlocks\COMPUTERA\AppraiserData\System32Appraiser√
 + Converting C:\FeatureUpdateBlocks\COMPUTERA\Bin\AppCompatAppraiser_APPRAISER_TelemetryBaseline_NI23H2.bin to .xml .. √
 + Converting C:\FeatureUpdateBlocks\COMPUTERA\Bin\AppCompatAppraiser_APPRAISER_TelemetryBaseline_UNV.bin to .xml .. √
 + Finding block entries in C:\FeatureUpdateBlocks\COMPUTERA\XML\AppCompatAppraiser_APPRAISER_TelemetryBaseline_NI23H2.bin_HUMANREADABLE.XML files.. √
 + Finding block entries in C:\FeatureUpdateBlocks\COMPUTERA\XML\AppCompatAppraiser_APPRAISER_TelemetryBaseline_UNV.bin_HUMANREADABLE.XML files.. √
 + Results output to  C:\FeatureUpdateBlocks\COMPUTERA\Results.txt.. √
 + Extracting C:\FeatureUpdateBlocks\COMPUTERA\CABs\AppCompatAppraiser_Appraiser_AlternateData.cab.. √
 + Finding .sdb files.. √
 + Expanding C:\FeatureUpdateBlocks\COMPUTERA\AppraiserData\AppCompatAppraiser_Appraiser_AlternateData\appraiser.sdb to C:\FeatureUpdateBlocks\COMPUTERA\AppraiserData\AppCompatAppraiser_Appraiser_AlternateData\appraiser.sdb_Expanded_ver_2674.sdb.. √
 + Converting sdb to xml.. √
√
 + Expanding C:\FeatureUpdateBlocks\COMPUTERA\AppraiserData\AppCompatAppraiser_Appraiser_AlternateData\backup.sdb to C:\FeatureUpdateBlocks\COMPUTERA\AppraiserData\AppCompatAppraiser_Appraiser_AlternateData\backup.sdb_Expanded_ver_2674.sdb.. WARNING: Invalid SDB File speficied.
 + Converting sdb to xml.. Error: Could not load file or assembly 'C:\FeatureUpdateBlocks\COMPUTERA\AppraiserData\AppCompatAppraiser_Appraiser_AlternateData\backup.sdb_Expanded_ver_2674.sdb' or one of its dependencies. The system cannot find the file specified.
Copy-Item : Cannot find path 'C:\FeatureUpdateBlocks\COMPUTERA\AppCompatAppraiser_Appraiser_AlternateData_backup.sdb_ver_2674.XML' because it does not exist.
At C:\Program Files\WindowsPowerShell\Modules\FU.WhyAmIBlocked\1.0.0.9\Public\Export-FUXMLFromSDB.ps1:119 char:40
+ ... LFileName | Copy-Item -Destination $XMLFileName.Replace(".XML","_ORIG ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (C:\FeatureUpdat...db_ver_2674.XML:String) [Copy-Item], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.CopyItemCommand

Get-Content : Cannot find path 'C:\FeatureUpdateBlocks\COMPUTERA\AppCompatAppraiser_Appraiser_AlternateData_backup.sdb_ver_2674.XML' because it does not exist.
At C:\Program Files\WindowsPowerShell\Modules\FU.WhyAmIBlocked\1.0.0.9\Public\Export-FUXMLFromSDB.ps1:120 char:41
+ ...                   [xml]$Content = Get-Content -Path $XMLFileName -Raw
+                                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (C:\FeatureUpdat...db_ver_2674.XML:String) [Get-Content], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetContentCommand

WARNING: You cannot call a method on a null-valued expression.
 + No blocks Found. Congratulations!!.. √
Appraiser Results can be found: C:\FeatureUpdateBlocks\COMPUTERA\Results.txt

This is incorrect:

 + Converting sdb to xml.. √
 + No blocks Found. Congratulations!!.. √
Appraiser Results can be found: C:\FeatureUpdateBlocks\THEBEAST_20200731_122125\Results.txt
Appraiser Database matches can be found: C:\FeatureUpdateBlocks\THEBEAST_20200731_122125\Match.txt

solved

In cases where no bypass registry key exists, the bypass block files get the wrong values.

`New-Item -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS" -Force | Out-Null

#Bypass Block for UCI64A audio driver - Lenovo - {53fb042f-b2cf-4c1e-9931-929b3c7907b4}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer SystemProductName" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for UCI64A audio driver - Toshiba - {7797c164-22ff-4c60-837e-0b92f8051920}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer SystemProductName" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for Synaptics Block Removals - Toshiba - {3b9bb7f3-6e81-4f69-8eba-84cad1b9284e}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for Synaptics Block Removals - Toshiba - {ef42540e-3475-4dc8-a345-fc39f9f19e84}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for UCI64A audio driver - Toshiba - {b695b9e5-60dc-4827-9a59-1ee9ec837ecd}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer SystemProductName" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for UCI64A audio driver - Asus - {2ffe2850-3452-461c-bc5e-98db33db8e42}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer SystemProductName" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for UCI64A audio driver - DELL - {de87448d-8a9d-4cf2-8ceb-3035dc3fd999}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for UCI64A audio driver - HP - {691d652a-ea4b-4573-8c60-661049a36185}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer SystemProductName" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for Synaptics Block Removals - Toshiba - {3a92ffef-d0e2-40fa-a68e-253b73dd9cd2}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemProductName SystemProductName SystemProductName SystemProductName SystemProductName" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for UCI64A audio driver - LG - {d7fbc618-fee7-4f1c-8122-a1dc1f5b6f4d}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer SystemProductName" -Value "" -PropertyType DWord -Force | Out-Null

#Bypass Block for UCI64A audio driver - Diverse OEMs - {6a902cd3-e5d7-4ca6-b2e2-bc2b73c5513a}
New-ItemProperty -Path "HKLM:\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS" -Name "SystemManufacturer SystemManufacturer SystemManufacturer SystemManufacturer SystemManufacturer SystemManufacturer SystemManufacturer" -Value "" -PropertyType DWord -Force | Out-Null
`

`
Windows Registry Editor Version 5.00

; Bypass Block for UCI64A audio driver - Lenovo - {53fb042f-b2cf-4c1e-9931-929b3c7907b4}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer SystemProductName"=dword:00000001

; Bypass Block for UCI64A audio driver - Toshiba - {7797c164-22ff-4c60-837e-0b92f8051920}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer SystemProductName"=dword:00000001

; Bypass Block for Synaptics Block Removals - Toshiba - {3b9bb7f3-6e81-4f69-8eba-84cad1b9284e}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer"=dword:00000001

; Bypass Block for Synaptics Block Removals - Toshiba - {ef42540e-3475-4dc8-a345-fc39f9f19e84}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer"=dword:00000001

; Bypass Block for UCI64A audio driver - Toshiba - {b695b9e5-60dc-4827-9a59-1ee9ec837ecd}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer SystemProductName"=dword:00000001

; Bypass Block for UCI64A audio driver - Asus - {2ffe2850-3452-461c-bc5e-98db33db8e42}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer SystemProductName"=dword:00000001

; Bypass Block for UCI64A audio driver - DELL - {de87448d-8a9d-4cf2-8ceb-3035dc3fd999}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer"=dword:00000001

; Bypass Block for UCI64A audio driver - HP - {691d652a-ea4b-4573-8c60-661049a36185}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer SystemProductName"=dword:00000001

; Bypass Block for Synaptics Block Removals - Toshiba - {3a92ffef-d0e2-40fa-a68e-253b73dd9cd2}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS]
"SystemProductName SystemProductName SystemProductName SystemProductName SystemProductName"=dword:00000001

; Bypass Block for UCI64A audio driver - LG - {d7fbc618-fee7-4f1c-8122-a1dc1f5b6f4d}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer SystemProductName"=dword:00000001

; Bypass Block for UCI64A audio driver - Diverse OEMs - {6a902cd3-e5d7-4ca6-b2e2-bc2b73c5513a}
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS HARDWARE\DESCRIPTION\System\BIOS]
"SystemManufacturer SystemManufacturer SystemManufacturer SystemManufacturer SystemManufacturer SystemManufacturer SystemManufacturer"=dword:00000001

`

Thanks @tabs-not-spaces for reporting this.
AppCompatAppraiser_Appraiser_AlternateData_appraiser.sdb_ver_2383_Matches_BypassFUBlock.ps1.txt
AppCompatAppraiser_Appraiser_AlternateData_appraiser.sdb_ver_2383_Matches_BypassFUBlock.reg.txt

where/what format do bypass files come out?

The script output is below, but I can't seem to generate/find the bypassblocker remediation files.

++ Finding block entries in C:\FeatureUpdateBlocks\MJ-MJD82PRJSISQ_20211004_094943\AppCompatAppraiser_Appraiser_AlternateData_appraiser.sdb_ver_2507.XML..
++No Matches Found in C:\FeatureUpdateBlocks\MJ-MJD82PRJSISQ_20211004_094943\AppCompatAppraiser_Appraiser_AlternateData_appraiser.sdb_ver_2507.XML.
++ Finding block entries in C:\FeatureUpdateBlocks\MJ-MJD82PRJSISQ_20211004_094943\System32Appraiser_System32Appraiser_appraiser.sdb_ver_2450.XML..
++No Matches Found in C:\FeatureUpdateBlocks\MJ-MJD82PRJSISQ_20211004_094943\System32Appraiser_System32Appraiser_appraiser.sdb_ver_2450.XML.

• Finding and exporting block bypass.. √
  Appraiser Results can be found: C:\FeatureUpdateBlocks\MJ-MJD82PRJSISQ_20211004_094943\Results.txt
  PS C:\Windows\system32> Export-FUBypassBlock -path "c:\temp"
• Finding and exporting block bypass.. √

This is the upgrade block I am trying to fix (from results.txt):
BlockUpgrade:
Name Value Ordinal

SdbAppName Trend Micro Worry-Free Business Security Services 2
SdbEntryGuid {de250f35-1cdf-46ba-8882-24d66a5eb66c} 2
SdbBlockType BlockUpgrade 2
SdbAppGuid {5f0a8e35-214a-408a-a260-4b61f6fb5089} 2

When I run Get-FUBlocks, I get the following error:

PS C:\Users\tag> Get-FUBlocks
 + Creating Output Folders .. √
 + Getting .source files..
 ++ copying C:\Windows\appcompat\appraiser\APPRAISER_TelemetryBaseline_UNV.bin to C:\FeatureUpdateBlocks\PC_20221025_024930\Bin√
 ++ copying C:\Windows\System32\appraiser\appraiser.sdb to C:\FeatureUpdateBlocks\PC_20221025_024930\AppraiserData\System32Appraiser√
 ++ copying C:\Windows\System32\appraiser\Appraiser_Data.ini to C:\FeatureUpdateBlocks\PC_20221025_024930\AppraiserData\System32Appraiser√
WARNING: The term 'ConvertFrom-FUBinToXML' is not recognized as the name of a cmdlet, function, script file, or operable
program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
ConvertFrom-FUBinToXML : The term 'ConvertFrom-FUBinToXML' is not recognized as the name of a cmdlet, function, script file,
or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At C:\Users\tag\Google Drive\WindowsPowerShell\Modules\FU.WhyAmIBlocked\1.0.0.9\Public\Get-FUBlocks.ps1:166 char:13
+             ConvertFrom-FUBinToXML -FileList $BinFiles -OutputPath $X ...
+             ~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (ConvertFrom-FUBinToXML:String) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : CommandNotFoundException

OS: Windows 11 Pro 21H2 build 22000.1098

Hi Adam,

As per our discussion on Discord, could you please add native support for multiple devices?

Thanks.
Adrian O.