diff --git a/CHANGELOG.md b/CHANGELOG.md index 3ecc343e..6925d5f1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,1276 +1,1276 @@ -# Changelog -All notable changes to this project will be documented in this file. -This project adheres to [Semantic Versioning](http://semver.org/). - - - - - - - -## [0.9.8 / 5.53.0] - 2021-10-?? - -### Added -- added debug switch to disable Sbie console redirection "NoSandboxieConsole=y" --- note that this was previously part of "NoSandboxieDesktop=y" -- added Sbie+ version to the log [#1277](https://github.com/sandboxie-plus/Sandboxie/issues/1277) -- added uninstall cleanup of extra files for the Plus installer (by mpheath) [#1235](https://github.com/sandboxie-plus/Sandboxie/pull/1235) -- added set language for Sandman for the Plus installer (by mpheath) [#1241](https://github.com/sandboxie-plus/Sandboxie/issues/1241) -- added EventLog messages with SbieMsg.dll for the Plus installer (by mpheath) - -### Changed -- reworked and extended RPC logging -- reintroduced the "UseRpcMgmtSetComTimeout=some.dll,n" setting to be used when no "RpcPortBinding" entry is specified ---- this allows to enable/disable out of box RPC binding independently from the timeout setting -- the "BoxNameTitle" value can now be set explicitly on a per image name basis [#1190](https://github.com/sandboxie-plus/Sandboxie/issues/1190) - -### Fixed -- fixed inability to delete read-only files from sandboxed explorer [#1237](https://github.com/sandboxie-plus/Sandboxie/issues/1237) -- fixed wrong recovery target in Plus UI [#1274](https://github.com/sandboxie-plus/Sandboxie/issues/1274) -- fixed SBIE2101 issue introduced with 0.9.7a [#1279](https://github.com/sandboxie-plus/Sandboxie/issues/1279) -- fixed sorting in the box picker window [#1269](https://github.com/sandboxie-plus/Sandboxie/issues/1269) -- fixed tray refresh issue [#1250](https://github.com/sandboxie-plus/Sandboxie/issues/1250) -- fixed tray activity display [#1221](https://github.com/sandboxie-plus/Sandboxie/issues/1221) -- fixed recovery window not displaying in taskbar [#1195](https://github.com/sandboxie-plus/Sandboxie/issues/1195) -- fixed dark theme preset not updating in real time [#1270](https://github.com/sandboxie-plus/Sandboxie/issues/1270) -- fixed Microsoft Edge complaining about "FakeAdminRights=y" [#1271](https://github.com/sandboxie-plus/Sandboxie/issues/1271) -- fixed issue with using local template in the global section [#1212](https://github.com/sandboxie-plus/Sandboxie/issues/1212) -- fixed issue with git.exe from MinGW freezing [#1238](https://github.com/sandboxie-plus/Sandboxie/issues/1238) -- fixed issue with search highlighting when using in dark mode - - - -## [0.9.7e / 5.52.5] - 2021-10-09 - -### Changed -- reworked the settings handling once again, now the driver maintains the order when enumerating, --- but for good performance there is a Hash Map held in parallel for quick exact lookups - - -## [0.9.7d / 5.52.4] - 2021-10-06 - -### Fixed -- fixed yet another ini issue with the Sbiectrl - - -## [0.9.7c / 5.52.3] - 2021-10-05 - -### Fixed -- fixed yet another handling bug with SbieApi_EnumBoxesEx - - -## [0.9.7b / 5.52.2] - 2021-10-04 - -### Fixed -- fixed issue about loading not Unicode Sandboxie.ini introduced with the previous build - - - -## [0.9.7 / 5.52.1] - 2021-10-02 - -### Added -- added forced process indicator to process status column [#1174](https://github.com/sandboxie-plus/Sandboxie/issues/1174) -- added "SbieTrace=y" option to trace the interaction between Sandboxie processes and Sandboxie core components -- when initializing an empty sandbox, MSI debug keys are set to generate the debug output of MSI installer service -- added "DisableComProxy=y" allowing to disable COM proxying through the service -- added "ProcessLimit=..." which allows limiting the maximum number of processes in a sandbox [#1230](https://github.com/sandboxie-plus/Sandboxie/issues/1230) -- added missing IPC logging - -### Changed -- reworked SbieSvc ini server to allow settings caching and greatly improve performance --- Now comments in the Sandboxie.ini are being preserved as well as the order of all entries -- enabled configuration section list replacement with a hash map to improve configuration performance -- improved progress and status messages for the Plus installer (by mpheath) [#1168](https://github.com/sandboxie-plus/Sandboxie/pull/1168) -- reworked RpcSs start mechanics, sandboxed RpcSs and DcomLaunch can now be run as system, use "RunRpcssAsSystem=y" --- Note: this is generally not recommended for security reasons but may be needed for compatibility in some scenarios -- reworked WTSQueryUserToken handling to work properly in all scenarios -- reworked configuration value list to use a hash table for better performance - -### Fixed -- fixed Plus upgrade install in Windows 7 (by mpheath) [#1194](https://github.com/sandboxie-plus/Sandboxie/pull/1194) -- fixed custom autoexec commands being executed on each box start instead of only during the initialization -- fixed a design issue limiting the maximum amount of processes per sandbox to 511 -- fixed handle leaks in the lingering process monitor mechanism -- fixed issue with opening device paths like "\\??\\FltMgr" -- fixed build issue with an explicit FileDigestAlgorithm option for driver sign (by isaak654) [#1210](https://github.com/sandboxie-plus/Sandboxie/pull/1210) -- fixed issue with resource access log sometimes getting corrupted -- fixed issue with Microsoft Office Click-to-Run [#428](https://github.com/sandboxie-plus/Sandboxie/issues/428) [#882](https://github.com/sandboxie-plus/Sandboxie/issues/882) - -### Removed -- removed support for Microsoft EMET (Enhanced Mitigation Experience Toolkit), as it was EOL in 2018 -- removed support for Messenger Plus! Live, as MSN Messenger is EOL since 2013 -- disabled Turkish language on Plus UI for inactivity (by isaak654) [#1215](https://github.com/sandboxie-plus/Sandboxie/pull/1215) - - - -## [0.9.6 / 5.51.6] - 2021-09-12 - -### Added -- added ability to rename groups [#1152](https://github.com/sandboxie-plus/Sandboxie/issues/1152) -- added ability to define a custom order for the sandboxes, they can be moved by using the move context menu, or holding Alt + Arrow Key -- added recovery to list to the recovery window: [#988](https://github.com/sandboxie-plus/Sandboxie/issues/988) -- added finder to the recovery window - -### Changed -- updated the BlockPort rule inside Template_BlockPorts to the new NetworkAccess format (by isaak654) [#1162](https://github.com/sandboxie-plus/Sandboxie/pull/1162) -- default for immediate recovery behaviour is now to show the recovery window instead of using the notifications window [#988](https://github.com/sandboxie-plus/Sandboxie/issues/988) -- the new run dialog now requires a double-click [#1171](https://github.com/sandboxie-plus/Sandboxie/issues/1171) -- reworked the recovery window - -### Fixed -- fixed issue with create group menu [#1151](https://github.com/sandboxie-plus/Sandboxie/issues/1151) -- fixed issue that caused a box to lose its group association when renaming -- fixed issue with Thunderbird 91+ [#1156](https://github.com/sandboxie-plus/Sandboxie/issues/1156) -- fixed an issue with file disposition handling [#1161](https://github.com/sandboxie-plus/Sandboxie/issues/1161) -- fixed issue with Windows 11 22449.1000 [#1164](https://github.com/sandboxie-plus/Sandboxie/issues/1164) -- fixed SRWare Iron template (by Dyras) [#1146](https://github.com/sandboxie-plus/Sandboxie/pull/1146) -- fixed label positioning in Classic UI (by isaak654) [#1088](https://github.com/sandboxie-plus/Sandboxie/issues/1088) -- fixed an old issue that occurred when only an asterisk was set as path [#971](https://github.com/sandboxie-plus/Sandboxie/issues/971) - - - -## [0.9.5 / 5.51.5] - 2021-08-30 - -### Added -- added option to run a sandbox in [session 0](https://techcommunity.microsoft.com/t5/ask-the-performance-team/application-compatibility-session-0-isolation/ba-p/372361) --- Note: the processes then have a system token, hence it's recommended to enable "DropAdminRights=y" -- if the UI is run with admin privileges, it can terminate sandboxed processes in other sessions now -- added "StartSystemBox=" option to auto-run a box on Sbie start/system boot in session 0 --- Note: box start is done by issuing Start.exe /box:[name] auto_run -- add Start.exe auto_run command to start all sandboxed auto-start locations -- add Start.exe /keep_alive command line switch which keeps a process running in the box until it gracefully terminates -- added "StartCommand=" which starts a complex command through Start.exe on box startup -- added menu option to start regedit and load the box's registry key -- added system tray option in the Plus UI to show Classic icon [#963](https://github.com/sandboxie-plus/Sandboxie/issues/963#issuecomment-903933535) - -### Changed -- changed command prompt icon and string from "Terminal" to "Command Prompt" [#1135](https://github.com/sandboxie-plus/Sandboxie/issues/1135) -- reworked box menu layout a bit - -### Fixed -- fixed driver compatibility with Windows Server 2022 (build 20348) [#1143](https://github.com/sandboxie-plus/Sandboxie/issues/1143) -- fixed issue with creating shortcuts [#1134](https://github.com/sandboxie-plus/Sandboxie/issues/1134) - -### Installers re-released on 2021-08-31 with the following fix: -- fixed KmdUtil warning 1061 after Plus upgrade (by mpheath) [#968](https://github.com/sandboxie-plus/Sandboxie/issues/968) [#1139](https://github.com/sandboxie-plus/Sandboxie/issues/1139) - - - -## [0.9.4 / 5.51.4] - 2021-08-22 - -### Added -- added clear commands to log submenus [#391](https://github.com/sandboxie-plus/Sandboxie/issues/391) -- added option to disable process termination prompt [#514](https://github.com/sandboxie-plus/Sandboxie/issues/514) -- added "Options/InstantRecovery" setting to sandboxie-plus.ini to use the recovery window instead of the notification pop-up [#988](https://github.com/sandboxie-plus/Sandboxie/issues/988) -- added ability to rename a non-empty sandbox [#1100](https://github.com/sandboxie-plus/Sandboxie/issues/1100) -- added ability to remove a non-empty sandbox -- added file browser window to SandMan UI to cover the file-view functionality of SbieCtrl [#578](https://github.com/sandboxie-plus/Sandboxie/issues/578) - -### Changed -- generic errors in Sbie UI now show the status code as hex and provide a string description when available - -### Fixed -- fixed "del" shortcut to terminate a process not always working -- fixed group display issue [#1094](https://github.com/sandboxie-plus/Sandboxie/issues/1094) -- fixed issue when using "run sandboxed" on a file that is already located in a sandbox [#1099](https://github.com/sandboxie-plus/Sandboxie/issues/1099) - - - -## [0.9.3 / 5.51.3] - 2021-08-08 - -> Read the developer's notes about the new [WFP functionality](https://github.com/sandboxie-plus/Sandboxie/releases/tag/0.9.3). - -### Added -- ability to use the "run unsandboxed" option with Sandboxie links [#614](https://github.com/sandboxie-plus/Sandboxie/issues/614) - -### Fixed -- fixed "run outside sandbox" issue on Classic build [#614](https://github.com/sandboxie-plus/Sandboxie/issues/614#issuecomment-894710466) -- fixed open template does not load the edit tab [#1054](https://github.com/sandboxie-plus/Sandboxie/issues/1054#issuecomment-893001316) -- fixed issue with "explore sandboxed" [#972](https://github.com/sandboxie-plus/Sandboxie/issues/972) -- fixed start directory for sandboxed processes [#1071](https://github.com/sandboxie-plus/Sandboxie/issues/1071) -- fixed issue with language auto-detection [#1018](https://github.com/sandboxie-plus/Sandboxie/issues/1018) -- fixed issue with multiple files with the same name, by always showing the extension [#1041](https://github.com/sandboxie-plus/Sandboxie/issues/1041) -- fixed multiple program grouping issues with the SandMan UI [#1054](https://github.com/sandboxie-plus/Sandboxie/issues/1054) -- fixed "no disk" error [#966](https://github.com/sandboxie-plus/Sandboxie/issues/966) -- fixed issue with 32bit build using qMake, the -O2 option resulted in a crash in the QSbieAPI.dll [#995](https://github.com/sandboxie-plus/Sandboxie/issues/995) -- fixed issue with UserSettings introduced in a recent build [#1054](https://github.com/sandboxie-plus/Sandboxie/issues/1054) - - - -## [0.9.2 / 5.51.2] - 2021-08-07 (pre-release) - -### Added -- added ability to reconfigure the driver, which allows enabling/disabling WFP and other features without a reload/reboot - -### Changed -- reorganized and improved the settings window -- improved the tray icon a bit, the sand is now more yellow - -### Fixed -- fixed issue with process start handling introduced in 5.51.0 [#1063](https://github.com/sandboxie-plus/Sandboxie/issues/1063) -- fixed issue with quick recovery introduced in 5.51.0 -- fixed incompatibility with CET Hardware-enforced Stack Protection on Intel 11th gen and AMD Ryzen 5XXX CPUs [#1067](https://github.com/sandboxie-plus/Sandboxie/issues/1067) [#1012](https://github.com/sandboxie-plus/Sandboxie/issues/1012) - -### Removed -- commented out all Windows XP-specific support code from the driver - - - -## [0.9.1 / 5.51.1] - 2021-07-31 (pre-release) - -### Added -- added tray icon indicating broken connection to the driver if it happens -- added option to customize the tray icon -- added "DllSkipHook=some.dll" option to disable installation of hooks into selected DLLs -- added localization support for Plus installer (by yfdyh000 and mpheath) [#923](https://github.com/sandboxie-plus/Sandboxie/pull/923) - -### Changed -- reworked NtClose handling for better performance and extendibility -- improved tray box menu and list - -### Fixed -- fixed issue with fake admin and some NSIS installers [#1052](https://github.com/sandboxie-plus/Sandboxie/issues/1052) -- fixed more issued with FileDispositionInformation behaviour, which resulted in bogus file deletion handling -- fixed issue with checking WFP status -- fixed issue WFP failing to initialize at boot -- fixed issue with tray sandbox options not being available just after boot -- fixed issue access changed flag not being properly set in box options [#1065](https://github.com/sandboxie-plus/Sandboxie/issues/1065) - - - -## [0.9.0 / 5.51.0] - 2021-07-29 (pre-release) - -### Added -- added support for Windows Filtering Platform (WFP) to be used instead of the device-based network blocking scheme --- to enable this support, add 'NetworkEnableWFP=y' to the global section and reboot or reload the driver --- to use WFP for a specific sandbox, add 'AllowNetworkAccess=n' --- you can allow certain processes by using 'AllowNetworkAccess=program.exe,y' --- you can also enable this policy globally by adding 'AllowNetworkAccess=n' to the global section --- in this case you can exempt entire sandboxes by adding 'AllowNetworkAccess=y' to specific boxes - -- you can block certain processes by using 'AllowNetworkAccess=program.exe,n' - -- Note: WFP is less absolute than the old approach, using WFP will filter only TCP/UDP communication --- restricted boxed processes will still be able to resolve domain names using the system service --- however, they will not be able to send or receive data packets directly --- the advantages of WFP is that filter rules can be implemented by restricting communication only to specified addresses or selected ports using "NetworkAccess=..." -- added fully functional rule-based packet filter in user mode for the case when "NetworkEnableWFP=y" is not set --- the mechanism replaces the old "BlockPort=..." functionality --- Note: this filter applies only to outgoing connections/traffic, for incoming traffic either the WFP mode or a third-party firewall is needed --- like the old user mode based mechanism, malicious applications can bypass it by unhooking certain functions --- hence it's recommended to use the kernel mode WFP-based mechanism when reliable isolation is required -- added new trace option "NetFwTrace=*" to trace the actions of the firewall components --- please note that the driver only trace logs the kernel debug output, use DbgView.exe to log -- API_QUERY_PROCESS_INFO can now be used to get the impersonation token of a sandboxed thread --- Note: this capability is used by TaskExplorer to allow inspecting sandbox-internal tokens --- Note: a process must have administrative privileges to be able to use this API -- added a UI option to switch "MsiInstallerExemptions=y" on and off --- just in case a future Windows build breaks something in the systemless mode -- added sample code for ObRegisterCallbacks to the driver -- added new debug options "DisableFileFilter=y" and "DisableKeyFilter=y" that allow to disable file and registry filtering --- Note: these options are for testing only and disable core parts of the sandbox isolation -- added a few command line options to SandMan.exe - -### Changed -- greatly improved the performance of the trace log, but it's no longer possible to log to both SandMan and SbieCtrl at the same time -- reworked process creation code to use PsSetCreateProcessNotifyRoutineEx and improved process termination - -### Fixed -- added missing hook for ConnectEx function - - - -## [0.8.9 / 5.50.9] - 2021-07-28 HotFix 2 - -### Fixed -Fixed issue with registering session leader - - - -## [0.8.9 / 5.50.9] - 2021-07-28 HotFix 1 - -### Fixed -Fixed issue with Windows 7 - - - -## [0.8.9 / 5.50.9] - 2021-07-27 - -### Changed -- updated a few icons -- updated GitHub build action to use Qt 5.15.2 -- improved the "full" tray icon to be more distinguishable from the "empty" one -- changed code integrity verification policies [#1003](https://github.com/sandboxie-plus/Sandboxie/issues/1003) --- code signature is no longer required to change config, to protect presets use the existing "EditAdminOnly=y" - -### Fixed -- fixed issue with systemless MSI mode introduced in the last build -- fixed MSI installer not being able to create the action server mechanism on Windows 11 -- fixed MSI installer not working in systemless mode on Windows 11 -- fixed Inno Setup script not being able to remove shell integration keys during Sandboxie Plus uninstall (by mpheath) [#1037](https://github.com/sandboxie-plus/Sandboxie/pull/1037) - - - -## [0.8.8 / 5.50.8] - 2021-07-13 - -### Changed -- MSIServer no longer requires being run as system; this completes the move to not use system tokens in a sandbox by default --- the security-enhanced option "MsiInstallerExemptions=n" is now the default behaviour - -### Fixed -- fixed issue with the "Explore Sandboxed" command [#972](https://github.com/sandboxie-plus/Sandboxie/issues/972) -- rolled back the switch from using NtQueryKey to NtQueryObject as it seems to break some older Windows 10 versions like 1803 [#984](https://github.com/sandboxie-plus/Sandboxie/issues/984) --- this change was introduced to fix [#951](https://github.com/sandboxie-plus/Sandboxie/issues/951) --- to use NtQueryObject the option "UseObjectNameForKeys=y" can be added to Sandboxie.ini - - - -## [0.8.7b / 5.50.7] - 2021-07-11 - -### Fixed -- fixed issue with boxes that had auto-delete activated introduced in the previous build [#986](https://github.com/sandboxie-plus/Sandboxie/issues/986) - - - -## [0.8.7 / 5.50.7] - 2021-07-10 - -### Added -- added option to always auto-pick the DefaultBox [#959](https://github.com/sandboxie-plus/Sandboxie/issues/959) --- when this option is enabled, the normal behaviour with a box selection dialog can be brought up by holding down CTRL -- added option to hide a sandbox from the "run in box" dialog --- useful to avoid listing insecure compatibility test boxes for example -- added box options to system tray [#439](https://github.com/sandboxie-plus/Sandboxie/issues/439) [#272](https://github.com/sandboxie-plus/Sandboxie/issues/272) - -### Changed -- changed default "terminate all boxed processes" key from Ctrl+Pause to Ctrl+Alt+Pause [#974](https://github.com/sandboxie-plus/Sandboxie/issues/974) -- Start.exe no longer links in unused MFC code, which reduced its file size from over 2.5 MB to below 250 KB -- updated the main SandMan and tray icon [#963](https://github.com/sandboxie-plus/Sandboxie/issues/963) -- improved the box tree-style view - -### Fixed -- added additional delay and retries to KmdUtil.exe to mitigate issues when unloading the driver [#968](https://github.com/sandboxie-plus/Sandboxie/issues/968) -- fixed issue with SbieCtrl not being properly started after setup [#969](https://github.com/sandboxie-plus/Sandboxie/issues/969) -- fixed issue with "explore sandboxed" shell option [#972](https://github.com/sandboxie-plus/Sandboxie/issues/972) -- fixed issue when running SandMan elevated [#932](https://github.com/sandboxie-plus/Sandboxie/issues/932) -- fixed new box selection dialog showing disabled boxes -- fixed issue updating box active status - -### Removed -- removed Online Armor support as this product is deprecated since 2016 - - - -## [0.8.6 / 5.50.6] - 2021-07-07 - -### Added -- added LibreWolf template (by Dyras) [#929](https://github.com/sandboxie-plus/Sandboxie/pull/929) - -### Fixed -- fixed performance bug introduced in 0.8.5 - - - -## [0.8.5 / 5.50.5] - 2021-07-06 - -### Added -- added global hotkey to terminate all sandboxed processes (default: Ctrl+Pause) -- the Run Sandboxed dialog can now be handled by the SandMan UI -- added "AllowBoxedJobs=y" allowing boxed processes to use nested jobs on Windows 8 and later --- Note: this allows Chrome and other programs to use the job system for additional isolation -- added Librewolf.exe to the list of Firefox derivatives [#927](https://github.com/sandboxie-plus/Sandboxie/issues/927) -- added run regedit sandboxed menu command -- added new support settings tab to SandMan UI for updates and news -- added code integrity verification to Sbie service and UI -- added template for Vivaldi Notes (by isaak654) [#948](https://github.com/sandboxie-plus/Sandboxie/issues/948) - -### Changed -- replaced the Process List used by the driver with a much faster Hash Map implementation --- Note: this change provides an almost static system call speed of 1.2µs regardless of the running process count --- The old list, with 100 programs running required 4.5µs; with 200: 12µs; and with 300: 18µs per syscall --- Note: some of the slowdown was also affecting non-sandboxed applications due to how the driver handles certain callbacks -- replaced the per-process Thread List used by the driver with a much faster Hash Map implementation -- replaced configuration section list with a hash map to improve configuration performance, and increased line limit to 100000 --- not yet enabled in production build -- the presence of the default box is only checked on connect -- the portable directory dialog now shows the directory [#924](https://github.com/sandboxie-plus/Sandboxie/issues/924) -- when terminated, boxed processes now first try doing that by terminating the job object -- the driver now can terminate problematic processes by default without the help of the service -- the box delete routine now retries up to 10 times, see [#954](https://github.com/sandboxie-plus/Sandboxie/issues/954) -- replaced the Process List used by the service with a much faster Hash Map implementation -- replaced the per-process Thread List used by the service with a much faster Hash Map implementation - -### Fixed -- fixed faulty initialization in SetServiceStatus (by flamencist) [#921](https://github.com/sandboxie-plus/Sandboxie/issues/921) -- fixed buttons position in Classic UI settings (by isaak654) [#914](https://github.com/sandboxie-plus/Sandboxie/issues/914) -- fixed missing password length check in the SandMan UI [#925](https://github.com/sandboxie-plus/Sandboxie/issues/925) -- fixed issues opening job objects by name -- fixed missing permission check when reopening job object handles (thanks Diversenok) -- fixed issue with some Chromium 90+ hooks affecting the display of PDFs in derived browsers [#930](https://github.com/sandboxie-plus/Sandboxie/issues/930) [#817](https://github.com/sandboxie-plus/Sandboxie/issues/817) -- fixed issues with reconnecting broken LPC ports used for communication with SbieSvc -- fixed minor setting issue [#957](https://github.com/sandboxie-plus/Sandboxie/issues/957) -- fixed minor UI issue with resource access COM settings [#958](https://github.com/sandboxie-plus/Sandboxie/issues/958) -- fixed an issue with NtQueryKey using NtQueryObject instead [#951](https://github.com/sandboxie-plus/Sandboxie/issues/951) -- fixed crash in key.c when failing to resolve key paths -- added workaround for topmost modality issue [#873](https://github.com/sandboxie-plus/Sandboxie/issues/873) --- the notification window is not only topmost for 5 seconds -- fixed an issue deleting directories introduced in 5.49.5 -- fixed an issue when creating box copies - -### Removed -- removed switch for "BlockPassword=n" as it does not seem to be working [#938](https://github.com/sandboxie-plus/Sandboxie/issues/938) --- it's recommended to use "OpenSamEndpoint=y" to allow password changes in Windows 10 - - - -## [0.8.2 / 5.50.2] - 2021-06-15 - -### Changed -- split anti-phishing rules per browser (by isaak654) [#910](https://github.com/sandboxie-plus/Sandboxie/pull/910) - -### Fixed -- properly fixed an issue with Driver Verifier and user handles [#906](https://github.com/sandboxie-plus/Sandboxie/issues/906) -- fixed an issue with CreateWindow function introduced with 0.8.0 -- fixed issue with outdated BoxDisplayOrder entries being retained [#900](https://github.com/sandboxie-plus/Sandboxie/issues/900) - - - -## [0.8.1 / 5.50.1] - 2021-06-14 - -### Fixed -- fixed an issue with Driver Verifier and user handles -- fixed driver memory leak of FLT_FILE_NAME_INFORMATION objects -- fixed broken clipboard introduced in 5.50.0 [#899](https://github.com/sandboxie-plus/Sandboxie/issues/899) -- fixed DcomLaunch issue on Windows 7 32 bit introduced in 5.50.0 [#898](https://github.com/sandboxie-plus/Sandboxie/issues/898) - - - -## [0.8.0 / 5.50.0] - 2021-06-13 - -### Added -- Normally Sandboxie applies "Close...=!,..." directives to non-excluded images if they are located in a sandbox --- added 'AlwaysCloseForBoxed=n' to disable this behaviour as it may not be always desired, and it doesn't provide extra security -- added process image information to SandMan UI -- localized template categories in the Plus UI [#727](https://github.com/sandboxie-plus/Sandboxie/issues/727) -- added "DisableResourceMonitor=y" to disable resource access monitor for selected boxes [#886](https://github.com/sandboxie-plus/Sandboxie/issues/886) -- added option to show trace entries only for the selected sandbox [#886](https://github.com/sandboxie-plus/Sandboxie/issues/886) -- added "UseVolumeSerialNumbers=y" that allows drive letters to be suffixed with the volume SN in the \drive\ sandbox location --- it helps to avoid files mixed together on multiple pendrives using the same letter --- Note: this option is not compatible with the recovery function of the Classic UI, only SandMan UI is fully compatible -- added "ForceRestart=PicoTorrent.exe" to the PicoTorrent template in order to fix a compatibility issue [#720](https://github.com/sandboxie-plus/Sandboxie/issues/720) -- added localization support for RPC templates (by isaak654) [#736](https://github.com/sandboxie-plus/Sandboxie/issues/736) - -### Changed -- portable cleanup message now has yes/no/cancel options [#874](https://github.com/sandboxie-plus/Sandboxie/issues/874) -- consolidated Proc_CreateProcessInternalW and Proc_CreateProcessInternalW_RS5 to remove duplicate code -- the ElevateCreateProcess fix, as sometimes applied by the Program Compatibility Assistant, will no longer be emulated by default [#858](https://github.com/sandboxie-plus/Sandboxie/issues/858) --- use 'ApplyElevateCreateProcessFix=y' or 'ApplyElevateCreateProcessFix=program.exe,y' to enable it -- trace log gets disabled only when it has no entries and the logging is stopped - -### Fixed -- fixed APC issue with the new global hook emulation mechanism and WoW64 processes [#780](https://github.com/sandboxie-plus/Sandboxie/issues/780) [#779](https://github.com/sandboxie-plus/Sandboxie/issues/779) -- fixed IPv6 issues with BlockPort options -- fixed an issue with CheatEngine when "OpenWinClass=*" was specified [#786](https://github.com/sandboxie-plus/Sandboxie/issues/786) -- fixed memory corruption in SbieDrv [#838](https://github.com/sandboxie-plus/Sandboxie/issues/838) -- fixed crash issue with process elevation on CreateProcess calls [#858](https://github.com/sandboxie-plus/Sandboxie/issues/858) -- fixed process elevation when running in the built-in administrator account [#3](https://github.com/sandboxie-plus/Sandboxie/issues/3) -- fixed template preview resetting unsaved entries in box options window [#621](https://github.com/sandboxie-plus/Sandboxie/issues/621) - - - -## [0.7.5 / 5.49.8] - 2021-06-05 - -### Added -- clipboard access for a sandbox can now be disabled with "OpenClipboard=n" [#794](https://github.com/sandboxie-plus/Sandboxie/issues/794) - -### Changed -- now the OpenBluetooth template is enabled by default for compatibility with Unity games [#799](https://github.com/sandboxie-plus/Sandboxie/issues/799) -- "PreferExternalManifest=program.exe,y" can now be set on a per-process basis - -### Fixed -- fixed compiler issues with the most recent VS2019 update -- fixed issue with Vivaldi browser [#821](https://github.com/sandboxie-plus/Sandboxie/issues/821) -- fixed some issues with box options in the Plus UI [#879](https://github.com/sandboxie-plus/Sandboxie/issues/879) -- fixed some issues with hardware acceleration in Chromium based browsers [#795](https://github.com/sandboxie-plus/Sandboxie/issues/795) -- the "Stop All" command now issues "KmdUtil scandll" first to solve issues when the SbieDll.dll is in use -- workaround for Electron apps, by forcing an additional command line argument on the GPU renderer process [#547](https://github.com/sandboxie-plus/Sandboxie/issues/547) [#310](https://github.com/sandboxie-plus/Sandboxie/issues/310) [#215](https://github.com/sandboxie-plus/Sandboxie/issues/215) -- fixed issue with Software Compatibility tab that doesn't always show template names correctly [#774](https://github.com/sandboxie-plus/Sandboxie/issues/774) - - - -## [0.7.4 / 5.49.7] - 2021-04-11 - -### Added -- added option to disable file migration prompt in the Plus UI with PromptForFileMigration=n [#643](https://github.com/sandboxie-plus/Sandboxie/issues/643) -- added UI options for various security isolation features -- added missing functionality to set template values in the Plus UI -- added templates for Popcorn-Time, Clementine Music Player, Strawberry Music Player, 32-bit MPC-HC (by Dyras) [#726](https://github.com/sandboxie-plus/Sandboxie/pull/726) [#737](https://github.com/sandboxie-plus/Sandboxie/pull/737) - -### Changed -- align default settings of AutoRecover and Favourites to the Plus version (thanks isaak654) [#747](https://github.com/sandboxie-plus/Sandboxie/pull/747) -- list of email clients and browsers is now centralized in Dll_GetImageType -- localstore.rdf reference in Templates.ini was replaced with xulstore.json (by isaak654) [#751](https://github.com/sandboxie-plus/Sandboxie/pull/751) - -### Fixed -- fixed minor issue with logging internet blocks -- fixed issue with file recovery when located on a network share [#711](https://github.com/sandboxie-plus/Sandboxie/issues/711) -- fixed UI issue with CallTrace [#769](https://github.com/sandboxie-plus/Sandboxie/issues/769) -- fixed sandbox shortcuts receiving double extension upon creation [#770](https://github.com/sandboxie-plus/Sandboxie/issues/770) -- fixed misplaced labels in the Classic UI (thanks isaak654) [#759](https://github.com/sandboxie-plus/Sandboxie/pull/759) -- fixed separator line in SbieCtrl (thanks isaak654) [#761](https://github.com/sandboxie-plus/Sandboxie/pull/761) -- fixed broken paths in The Bat! template (by isaak654) [#756](https://github.com/sandboxie-plus/Sandboxie/pull/756) -- fixed issue about media players that attempt to write unneeded media files inside the box (by Dyras) [#743](https://github.com/sandboxie-plus/Sandboxie/pull/743) [#536](https://github.com/sandboxie-plus/Sandboxie/issues/536) - - - -## [0.7.3 / 5.49.5] - 2021-03-27 - -### Added -- added "UseSbieWndStation=y" to emulate CreateDesktop for selected processes, not only Firefox and Chrome [#635](https://github.com/sandboxie-plus/Sandboxie/issues/635) -- added option to drop the console host process integrity, now you can use "DropConHostIntegrity=y" [#678](https://github.com/sandboxie-plus/Sandboxie/issues/678) -- added option to easily add local templates -- added new torrent clients and media players templates (by Dyras) [#719](https://github.com/sandboxie-plus/Sandboxie/pull/719) - -### Changed -- reworked window hooking mechanism to improve performance [#697](https://github.com/sandboxie-plus/Sandboxie/issues/697) [#519](https://github.com/sandboxie-plus/Sandboxie/issues/519) [#662](https://github.com/sandboxie-plus/Sandboxie/issues/662) [#69](https://github.com/sandboxie-plus/Sandboxie/issues/69) [#109](https://github.com/sandboxie-plus/Sandboxie/issues/109) [#193](https://github.com/sandboxie-plus/Sandboxie/issues/193) --- resolves issues with file save dialogs taking 30+ seconds to open --- this fix greatly improves the win32 GUI performance of sandboxed processes -- reworked RPC resolver to be ini-configurable --- the following options are now deprecated: ---- "UseRpcMgmtSetComTimeout=some.dll,n", so use "RpcPortBinding=some.dll,*,TimeOut=y" ---- "OpenUPnP=y", "OpenBluetooth=y", "OpenSmartCard=n", so use the new RPC templates instead --- See Templates.ini for usage examples - -### Fixed -- fixed process-specific hooks being applied to all processes in a given sandbox -- fixed issue with messages and templates sometimes not being properly displayed in the SandMan UI -- fixed issue with compatibility settings not being applied properly -- fixed auto delete issue that got introduced with 0.7.1 [#637](https://github.com/sandboxie-plus/Sandboxie/issues/637) -- fixed issue with NtSetInformationFile, FileDispositionInformation resulting in Opera installer failing -- fixed issue with MacType introduced in the 0.7.2 build [#676](https://github.com/sandboxie-plus/Sandboxie/issues/676) -- fixed global sandboxed windows hooks not working when window rename option is disabled -- fixed issue with saving local templates -- fixed issue when using runas to start a process that was created outside of the Sandboxie supervision [#688](https://github.com/sandboxie-plus/Sandboxie/issues/688) --- since the runas facility is not accessible by default, this did not constitute a security issue --- to enable runas functionality, add "OpenIpcPath=\RPC Control\SECLOGON" to your Sandboxie.ini --- please take note that doing so may open other yet unknown issues -- fixed a driver compatibility issue with Windows 10 32 bit Insider Preview Build 21337 -- fixed issues with driver signature for Windows 7 - - - -## [0.7.2 / 5.49.0] - 2021-03-04 - -### Added -- added option to alter reported Windows version "OverrideOsBuild=7601" for Windows 7 SP1 [#605](https://github.com/sandboxie-plus/Sandboxie/issues/605) -- the trace log can now be structured like a tree with processes as root items and threads as branches - -### Changed -- SandboxieCrypto now always migrates the CatRoot2 files in order to prevent locking of real files -- greatly improved trace log performance -- MSI Server can now run with the "FakeAdminRights=y" and "DropAdminRights=y" options [#600](https://github.com/sandboxie-plus/Sandboxie/issues/600) --- special service allowance for the MSI Server can be disabled with "MsiInstallerExemptions=n" -- changed SCM access check behaviour; non elevated users can now start services with a user token --- elevation is now only required to start services with a system token -- reworked the trace log mechanism to be more verbose -- reworked RPC mechanism to be more flexible - -### Fixed -- fixed issues with some installers introduced in 5.48.0 [#595](https://github.com/sandboxie-plus/Sandboxie/issues/595) -- fixed "add user to sandbox" in the Plus UI [#597](https://github.com/sandboxie-plus/Sandboxie/issues/597) -- FIXED SECURITY ISSUE: the HostInjectDll mechanism allowed for local privilege escalation (thanks hg421) -- Classic UI no longer allows to create a sandbox with an invalid or reserved device name [#649](https://github.com/sandboxie-plus/Sandboxie/issues/649) - - - -## [0.7.1 / 5.48.5] - 2021-02-21 - -### Added -- enhanced RpcMgmtSetComTimeout handling with "UseRpcMgmtSetComTimeout=some.dll,n" --- this option allows to specify if RpcMgmtSetComTimeout should be used or not for each individual dll --- this setting takes precedence over hard-coded and per-process presets --- "UseRpcMgmtSetComTimeout=some.dll" and "UseRpcMgmtSetComTimeout=some.dll,y" are equivalent -- added "FakeAdminRights=y" option that makes processes think they have admin permissions in a given box --- this option is recommended to be used in combination with "DropAdminRights=y" to improve security --- with "FakeAdminRights=y" and "DropAdminRights=y" installers should still work -- added RPC support for SSDP API (the Simple Service Discovery Protocol), you can enable it with "OpenUPnP=y" - - -### Changed -- SbieCrypto no longer triggers message 1313 -- changed enum process API; now more than 511 processes per box can be enumerated (no limit) -- reorganized box settings a bit -- made COM tracing more verbose -- "RpcMgmtSetComTimeout=y" is now again the default behaviour, it seems to cause less issues overall - -### Fixed -- fixed issues with webcam access when the DevCMApi filtering is in place -- fixed issue with free download manager for 'AppXDeploymentClient.dll', so RpcMgmtSetComTimeout=y will be used by default for this one [#573](https://github.com/sandboxie-plus/Sandboxie/issues/573) -- fixed not all WinRM files were blocked by the driver, with "BlockWinRM=n" this file block can be disabled -- fixed Sandboxie Classic crash when saving any option in Sandbox Settings -> Appearance (by typpos) [#586](https://github.com/sandboxie-plus/Sandboxie/issues/586) - - - -## [0.7.0 / 5.48.0] - 2021-02-14 - -### Added -- sandboxed indicator for tray icons, the tooltip now contains [#] if enabled -- the trace log buffer can now be adjusted with "TraceBufferPages=2560" --- the value denotes the count of 4K large pages to be used; here for a total of 10 MB -- new functionality for the list finder - -### Changed -- improved RPC debugging -- improved IPC handling around RpcMgmtSetComTimeout; "RpcMgmtSetComTimeout=n" is now the default behaviour --- required exceptions have been hard-coded for specific calling DLLs -- the LogApi dll is now using Sbie's tracing facility to log events instead of its own pipe server - -### Fixed -- FIXED SECURITY ISSUE: elevated sandboxed processes could access volumes/disks for reading (thanks hg421) --- this protection option can be disabled by using "AllowRawDiskRead=y" -- fixed crash issue around SetCurrentProcessExplicitAppUserModelID observed with GoogleUpdate.exe -- fixed issue with Resource Monitor sort by timestamp -- fixed invalid Opera bookmarks path (by isaak654) [#542](https://github.com/sandboxie-plus/Sandboxie/pull/542) -- FIXED SECURITY ISSUE: a race condition in the driver allowed to obtain an elevated rights handle to a process (thanks typpos) [#549](https://github.com/sandboxie-plus/Sandboxie/pull/549) -- FIXED SECURITY ISSUE: "\RPC Control\samss lpc" is now filtered by the driver (thanks hg421) [#553](https://github.com/sandboxie-plus/Sandboxie/issues/553) --- this allowed elevated processes to change passwords, delete users and alike; to disable filtering use "OpenSamEndpoint=y" -- FIXED SECURITY ISSUE: "\Device\DeviceApi\CMApi" is now filtered by the driver (thanks hg421) [#552](https://github.com/sandboxie-plus/Sandboxie/issues/552) --- this allowed elevated processes to change hardware configuration; to disable filtering use "OpenDevCMApi=y" - - - -## [0.6.7 / 5.47.1] - 2021-02-01 - -### Added -- added UI language auto-detection - -### Fixed -- fixed Brave.exe now being properly recognized as Chrome-, not Firefox-based -- fixed issue introduced in 0.6.5 with recent Edge builds --- the 0.6.5 behaviour can be set on a per-process basis using "RpcMgmtSetComTimeout=POPPeeper.exe,n" -- fixed grouping issues [#445](https://github.com/sandboxie-plus/Sandboxie/issues/445) -- fixed main window restore state from tray [#288](https://github.com/sandboxie-plus/Sandboxie/issues/288) - - - -## [0.6.5 / 5.47.0] - 2021-01-31 - -### Added -- added detection for Waterfox.exe, Palemoon.exe and Basilisk.exe Firefox forks as well as Brave.exe [#468](https://github.com/sandboxie-plus/Sandboxie/issues/468) -- added Bluetooth API support, IPC port can be opened with "OpenBluetooth=y" [#319](https://github.com/sandboxie-plus/Sandboxie/issues/319) --- this should resolve issues with many Unity games hanging on startup for a long time -- added enhanced RPC/IPC interface tracing -- when DefaultBox is not found by the SandMan UI, it will be recreated -- "Disable Forced Programs" time is now saved and reloaded - -### Changed -- reduced SandMan CPU usage -- Sandboxie.ini and Templates.ini can now be UTF8 encoded [#461](https://github.com/sandboxie-plus/Sandboxie/issues/461) [#197](https://github.com/sandboxie-plus/Sandboxie/issues/197) --- this feature is experimental, files without a UTF-8 Signature should be recognized also --- "ByteOrderMark=yes" is obsolete, Sandboxie.ini is now always saved with a BOM/Signature -- legacy language files can now be UTF8 encoded -- reworked file migration behaviour, removed hardcoded lists in favour of templates [#441](https://github.com/sandboxie-plus/Sandboxie/issues/441) --- you can now use "CopyAlways=", "DontCopy=" and "CopyEmpty=" that support the same syntax as "OpenFilePath=" --- "CopyBlockDenyWrite=program.exe,y" makes a write open call to a file that won't be copied fail instead of turning it read-only -- removed hardcoded SkipHook list in favour of templates - -### Fixed -- fixed old memory pool leak in the Sbie driver [#444](https://github.com/sandboxie-plus/Sandboxie/issues/444) -- fixed issue with item selection in the access restrictions UI -- fixed updater crash in SbieCtrl.exe [#450](https://github.com/sandboxie-plus/Sandboxie/issues/450) -- fixed issues with RPC calls introduced in Sbie 5.33.1 -- fixed recently broken 'terminate all' command -- fixed a couple minor UI issues with SandMan UI -- fixed IPC issue with Windows 7 and 8 resulting in process termination -- fixed "recover to" functionality - - - -## [0.6.0 / 5.46.5] - 2021-01-25 - -### Added -- added confirmation prompts to terminate all commands -- added window title to boxed process info [#360](https://github.com/sandboxie-plus/Sandboxie/issues/360) -- added WinSpy based sandboxed window finder [#351](https://github.com/sandboxie-plus/Sandboxie/issues/351) -- added option to view disabled boxes and double click on box to enable it - -### Changed -- "Reset Columns" now resizes them to fit the content, and it can now be localized [#426](https://github.com/sandboxie-plus/Sandboxie/issues/426) -- modal windows are now centered to the parent [#417](https://github.com/sandboxie-plus/Sandboxie/issues/417) -- improved new box window [#417](https://github.com/sandboxie-plus/Sandboxie/issues/417) - -### Fixed -- fixed issues with window modality [#409](https://github.com/sandboxie-plus/Sandboxie/issues/409) -- fixed issues when main window was set to be always on top [#417](https://github.com/sandboxie-plus/Sandboxie/issues/417) -- fixed a driver issue with Windows 10 insider build 21286 -- fixed issues with snapshot dialog [#416](https://github.com/sandboxie-plus/Sandboxie/issues/416) -- fixed an issue when writing to a path that already exists in the snapshot but not outside [#415](https://github.com/sandboxie-plus/Sandboxie/issues/415) - - - -## [0.5.5 / 5.46.4] - 2021-01-17 - -### Added -- added "SandboxService=..." to force selected services to be started in the sandbox -- added template clean-up functionality to Plus UI -- added internet prompt to now also allow internet access permanently -- added browse button for box root folder in the SandMan UI [#382](https://github.com/sandboxie-plus/Sandboxie/issues/382) -- added explorer info message [#352](https://github.com/sandboxie-plus/Sandboxie/issues/352) -- added option to keep the SandMan UI always on top -- allow drag and drop file onto SandMan.exe to run it sandboxed [#355](https://github.com/sandboxie-plus/Sandboxie/issues/355) -- added start SandMan UI when a sandboxed application starts [#367](https://github.com/sandboxie-plus/Sandboxie/issues/367) -- recovery window can now list all files -- added file counter to recovery window -- when "NoAddProcessToJob=y" is specified, Chrome and related browsers now can fully use the job system --- Note: "NoAddProcessToJob=y" reduces the box isolation, but the affected functions are mostly covered by UIPI anyway -- added optimized default column widths to Sbie view -- added template support for Yandex and Ungoogled Chromium browsers (by isaak654) - -### Changed -- updated templates with multiple browsers fixes (thanks isaak654) -- when trying to take a snapshot of an empty sandbox a proper error message is displayed [#381](https://github.com/sandboxie-plus/Sandboxie/issues/381) -- new layout for the recovery window -- Sbie view sorting is now case insensitive - -### Fixed -- fixed issue child window closing terminating application when main was hidden [#349](https://github.com/sandboxie-plus/Sandboxie/issues/349) -- fixed issues with non modal windows [#349](https://github.com/sandboxie-plus/Sandboxie/issues/349) -- fixed issues connecting to driver in portable mode -- fixed minor issues with snapshot window -- fixed missing error message when attempting to create an already existing sandbox [#359](https://github.com/sandboxie-plus/Sandboxie/issues/359) -- fixed issue allowing to save setting when a sandbox was already deleted [#359](https://github.com/sandboxie-plus/Sandboxie/issues/359) -- fixed issues with disabled items in dark mode [#359](https://github.com/sandboxie-plus/Sandboxie/issues/359) -- fixed some dialogs not closing when pressing Esc [#359](https://github.com/sandboxie-plus/Sandboxie/issues/359) -- fixed tab stops on many windows - - - -## [0.5.4d / 5.46.3] - 2021-01-11 - -### Changed -- improved access tracing, removed redundant entries -- OpenIpcPath=\BaseNamedObjects\[CoreUI]-* is now hardcoded in the driver no need for the template entry -- WindowsFontCache is now open by default -- refactored some IPC code in the driver - -### Fixed -- FIXED SECURITY ISSUE: the registry isolation could be bypassed, present since Windows 10 Creators Update -- fixed creation time not always being properly updated in the SandMan UI - - - -## [0.5.4c / 5.46.2] - 2021-01-10 - -### Added -- added "CallTrace=*" to log all system calls to the access log - -### Changed -- improved IPC logging code -- improved MSG_2101 logging - -### Fixed -- fixed more issues with IPC tracing -- fixed SBIE2101 issue with Chrome and derivatives - - - -## [0.5.4b / 5.46.1] - 2021-01-08 - -### Added -- added "RunServiceAsSystem=..." allows specific named services to be run as system - -### Changed -- refactored some code around SCM access - -### Fixed -- fixed a crash issue in SbieSvc.exe introduced with the last build -- fixed issue with SandMan UI update check -- FIXED SECURITY ISSUE: a Sandboxed process could start sandboxed as system even with DropAdminRights in place - -### Removed -- removed "ProtectRpcSs=y" due to incompatibility with new isolation defaults - - - -## [0.5.4 / 5.46.0] - 2021-01-06 - -### Added -- FIXED SECURITY ISSUE: Sandboxie now strips particularly problematic privileges from sandboxed system tokens --- with those a process could attempt to bypass the sandbox isolation (thanks Diversenok) --- old legacy behaviour can be enabled with "StripSystemPrivileges=n" (absolutely NOT Recommended) -- added new isolation options "ClosePrintSpooler=y" and "OpenSmartCard=n" --- those resources are open by default, but for a hardened box it is desired to close them -- FIXED SECURITY ISSUE: added print spooler filter to prevent printers from being set up outside the sandbox --- the filter can be disabled with "OpenPrintSpooler=y" -- added overwrite prompt when recovering an already existing file -- added "StartProgram=", "StartService=" and "AutoExec=" options to the SandMan UI -- added more compatibility templates (thanks isaak654) [#294](https://github.com/sandboxie-plus/Sandboxie/pull/294) - -### Changed -- Changed Emulated SCM behaviour, boxed services are no longer by default started as boxed system --- use "RunServicesAsSystem=y" to enable the old legacy behaviour --- Note: sandboxed services with a system token are still sandboxed and restricted --- However not granting them a system token in the first place removes possible exploit vectors --- Note: this option is not compatible with "ProtectRpcSs=y" and takes precedence! -- reworked dynamic IPC port handling -- improved Resource Monitor status strings - -### Fixed -- FIXED SECURITY ISSUE: processes could spawn processes outside the sandbox (thanks Diversenok) -- FIXED SECURITY ISSUE: bug in the dynamic IPC port handling allowed to bypass IPC isolation -- fixed issue with IPC tracing -- FIXED SECURITY ISSUE: CVE-2019-13502 "\RPC Control\LSARPC_ENDPOINT" is now filtered by the driver (thanks Diversenok) --- this allowed some system options to be changed, to disable filtering use "OpenLsaEndpoint=y" -- fixed hooking issues SBIE2303 with Chrome, Edge and possibly others [#68](https://github.com/sandboxie-plus/Sandboxie/issues/68) [#166](https://github.com/sandboxie-plus/Sandboxie/issues/166) -- fixed failed check for running processes when performing snapshot operations -- fixed some box option checkboxes were not properly initialized -- fixed unavailable options are not properly disabled when SandMan is not connected to the driver -- fixed MSI installer issue, not being able to create "C:\Config.msi" folder on Windows 20H2 [#219](https://github.com/sandboxie-plus/Sandboxie/issues/219) -- added missing localization to generic list commands -- fixed issue with "iconcache_*" when running sandboxed explorer -- fixed more issues with groups - - - -## [0.5.3b / 5.45.2] - 2021-01-02 - -### Added -- added settings for the portable boxed root folder option -- added process name to resource log -- added command line column to the process view in the SandMan UI - -### Fixed -- fixed a few issues with group handling [#262](https://github.com/sandboxie-plus/Sandboxie/issues/262) -- fixed issue with GetRawInputDeviceInfo when running a 32 bit program on a 64 bit system -- fixed issue when pressing apply in the "Resource Access" tab; the last edited value was not always applied -- fixed issue merging entries in Resource Access Monitor - - - -## [0.5.3a / 5.45.2] - 2020-12-29 - -### Added -- added prompt to choose if links in the SandMan UI should be opened in a sandboxed or unsandboxed browser [#273](https://github.com/sandboxie-plus/Sandboxie/issues/273) -- added more recovery options -- added "ClosedClsid=" to block COM objects from being used when they cause compatibility issues -- added "ClsidTrace=*" option to trace COM usage -- added "ClosedRT=" option to block access to problematic Windows RT interfaces -- added option to make a link for any selected process to SandMan UI -- added option to reset all hidden messages -- added more process presets "force program" and "allow internet access" -- added "SpecialImage=chrome,some_electron_app.exe" option to Sandboxie.ini, valid image types "chrome", "firefox" --- with this option you can enable special hardcoded workarounds to new obscure forks of those browsers -- added German translation (thanks bastik-1001) to the SandMan UI -- added Russian translation (thanks lufog) to the SandMan UI -- added Portuguese translation (thanks JNylson ) to the SandMan UI - -### Changed -- changed docs and update URLs to the new sandboxie-plus.com domain -- greatly improved the setup script (thanks mpheath) -- "OpenClsid=" and "ClosedClsid=" now support specifying a program or group name -- by default, when started in portable mode, the sandbox folder will be located in the parent directory of the Sandboxie instance - -### Fixed -- grouping menu not fully working in the new SandMan UI [#277](https://github.com/sandboxie-plus/Sandboxie/issues/277) -- fixed not being able to set quick recovery in SandMan UI -- fixed resource leak when loading process icons in SandMan UI -- fixed issue with OpenToken debug options -- fixed Chrome crashing on websites that cause the invocation of "FindAppUriHandlersAsync" [#198](https://github.com/sandboxie-plus/Sandboxie/issues/198) -- fixed issue connecting to the driver when starting in portable mode -- fixed missing template setup when creating new boxes - -### removed -- removed obsolete "OpenDefaultClsid=n" use "ClosedClsid=" with the appropriate values instead -- removed suspend/resume menu entry, pooling that state wastes substantial CPU cycles; use task explorer for that functionality - - - -## [0.5.2a / 5.45.1] - 2020-12-23 - -### Fixed -- fixed translation support in the SandMan UI -- fixed sandboxed explorer issue [#289](https://github.com/sandboxie-plus/Sandboxie/issues/289) -- fixed simplified Chinese localization - - - -## [0.5.2 / 5.45.1] - 2020-12-23 - -### Added -- added advanced new box creation dialog to SandMan UI -- added show/hide tray context menu entry -- added refresh button to file recovery dialog -- added mechanism to load icons from {install-dir}/Icons/{icon}.png for UI customization -- added tray indicator to show disabled forced program status in the SandMan UI -- added program name suggestions to box options in SandMan UI -- added saving of column sizes in the options window - -### Changed -- reorganized the advanced box options a bit -- changed icons (thanks Valinwolf for picking the new ones) [#235](https://github.com/sandboxie-plus/Sandboxie/issues/235) -- updated Templates.ini (thanks isaak654) [#256](https://github.com/sandboxie-plus/Sandboxie/pull/256) [#258](https://github.com/sandboxie-plus/Sandboxie/pull/258) -- increased max value for disable forced process time in SandMan UI - -### Fixed -- fixed BSOD introduced in 5.45.0 when using Windows 10 "core isolation" [#221](https://github.com/sandboxie-plus/Sandboxie/issues/221) -- fixed minor issue with lingering/leader processes -- fixed menu issue in SandMan UI -- fixed issue with stop behaviour page in SandMan UI -- fixed issue with Plus installer not displaying KmdUtil window -- fixed SandMan UI saving UI settings on Windows shutdown -- fixed issue with Plus installer autorun [#247](https://github.com/sandboxie-plus/Sandboxie/issues/247) -- fixed issue with legacy installer not removing all files -- fixed a driver compatibility issue with Windows 20H1 and later [#228](https://github.com/sandboxie-plus/Sandboxie/issues/228) --- this solves "stop pending", LINE messenger hanging and other issues... -- fixed quick recovery issue in SbieCtrl.exe introduced in 5.45.0 [#224](https://github.com/sandboxie-plus/Sandboxie/issues/224) -- fixed issue advanced hide process settings not saving -- fixed some typos in the UI (thanks isaak654) [#252](https://github.com/sandboxie-plus/Sandboxie/pull/252) [#253](https://github.com/sandboxie-plus/Sandboxie/pull/253) [#254](https://github.com/sandboxie-plus/Sandboxie/pull/254) -- fixed issue with GetRawInputDeviceInfo failing when boxed processes are put in a job object [#176](https://github.com/sandboxie-plus/Sandboxie/issues/176) [#233](https://github.com/sandboxie-plus/Sandboxie/issues/233) --- this fix resolves issues with CP2077 and other games not getting keyboard input (thanks Rostok) -- fixed failing ClipCursor won't longer span the message log -- fixed issue with adding recovery folders in SandMan UI -- fixed issue with Office 2019 template when using a non-default Sbie install location -- fixed issue setting last access attribute on sandboxed folders [#218](https://github.com/sandboxie-plus/Sandboxie/issues/218) -- fixed issue with process start signal - - - -## [0.5.1 / 5.45.0] - 2020-12-12 - -### Added -- added simple view mode - -### Changed -- updated SandMan UI to use Qt5.15.1 - -### Fixed -- fixed crash issue with progress dialog -- fixed progress dialog cancel button not working for update checker -- fixed issue around NtQueryDirectoryFile when deleting sandbox content -- fixed dark theme in the notification window -- fixed issue with disable force programs tray menu - - - -## [0.5.0 / 5.45.0] - 2020-12-06 - -### Added -- added new notification window -- added user interactive control mechanism when using the new SandMan UI --- when a file exceeds the copy limit instead of failing, the user is prompted if the file should be copied or not --- when internet access is blocked it now can be exempted in real time by the user -- added missing file recovery and auto/quick recovery functionality [#188](https://github.com/sandboxie-plus/Sandboxie/issues/188) [#178](https://github.com/sandboxie-plus/Sandboxie/issues/178) -- added silent MSG_1399 boxed process start notification to keep track of short lived boxed processes -- added ability to prevent system wide process starts, Sandboxie can now instead of just alerting also block processed on the alert list --- set "StartRunAlertDenied=y" to enable process blocking -- the process start alert/block mechanism can now also handle folders use "AlertFolder=..." -- added ability to merge snapshots [#151](https://github.com/sandboxie-plus/Sandboxie/issues/151) -- added icons to the sandbox context menu in the new UI -- added more advanced options to the sandbox options window -- added file migration progress indicator -- added more run commands and custom run commands per sandbox --- the box settings users can now specify programs to be available from the box run menu --- also processes can be pinned to that list from the presets menu -- added more Windows 10 specific template presets -- added ability to create desktop shortcuts to sandboxed items -- added icons to box option tabs -- added box grouping -- added new debug option "DebugTrace=y" to log debug output to the trace log -- added check for updates to the new SandMan UI -- added check for updates to the legacy SbieCtrl UI - -### Changed -- File migration limit can now be disabled by specifying "CopyLimitKb=-1" [#526](https://github.com/sandboxie-plus/Sandboxie/issues/526) -- improved and refactored message logging mechanism, reducing memory usage by factor of 2 -- terminated boxed processes are now kept listed for a couple of seconds -- reworked sandbox deletion mechanism of the new UI -- restructured sandbox options window -- SbieDLL.dll can now be compiled with an up to date ntdll.lib (Thanks to TechLord from Team-IRA for help) -- improved automated driver self repair - -### Fixed -- fixed issues migrating files > 4GB -- fixed an issue that would allow a malicious application to bypass the internet blockade -- fixed issue when logging messages from a non-sandboxed process, added process_id parameter to API_LOG_MESSAGE_ARGS -- fixed issues with localization -- fixed issue using file recovery in legacy UI SbieCtrl.exe when "SeparateUserFolders=n" is set -- when a program is blocked from starting due to restrictions no redundant messages are issues anymore -- fixed UI not properly displaying async errors -- fixed issues when a snapshot operation failed -- fixed some special cases of IpcPath and WinClass in the new UI -- fixed driver issues with WHQL passing compatibility testing -- fixed issues with Classic installer - - - -## [0.4.5 / 5.44.1] - 2020-11-16 - -### Added -- added "Terminate all processes" and "disable forced programs" commands to tray menu in SandMan UI -- program start restrictions settings now can be switched between a white list and a black list --- programs can be terminated and blacklisted from the context menu -- added additional process context menu options, lingering and leader process can be now set from menu -- added option to view template presets for any given box -- added text filter to template view -- added new compatibility templates: --- Windows 10 core UI component: OpenIpcPath=\BaseNamedObjects\[CoreUI]-* solving issues with Chinese Input and Emojis [#120](https://github.com/sandboxie-plus/Sandboxie/issues/120) [#88](https://github.com/sandboxie-plus/Sandboxie/issues/88) --- Firefox Quantum, access to Windows’ FontCachePort for compatibility with Windows 7 -- added experimental debug option "OriginalToken=y" which lets sandboxed processes retain their original unrestricted token --- This option is comparable with "OpenToken=y" and is intended only for testing and debugging, it BREAKS most SECURITY guarantees (!) -- added debug option "NoSandboxieDesktop=y" it disables the desktop proxy mechanism --- Note: without an unrestricted token with this option applications won't be able to start -- added debug option "NoSysCallHooks=y" it disables the sys call processing by the driver --- Note: without an unrestricted token with this option applications won't be able to start -- added ability to record verbose access traces to the Resource Monitor --- use ini options "FileTrace=*", "PipeTrace=*", "KeyTrace=*", "IpcTrace=*", "GuiTrace=*" to record all events --- replace "*" to log only: "A" - allowed, "D" - denied, or "I" - ignore events -- added ability to record debug output strings to the Resource Monitor --- use ini option DebugTrace=y to enable - -### Changed -- AppUserModelID sting no longer contains Sandboxie version string -- now by default Sbie's application manifest hack is disabled, as it causes problems with version checking on Windows 10 --- to enable old behaviour add "PreferExternalManifest=y" to the global or the box specific ini section -- the resource log mechanism can now handle multiple strings to reduce on string copy operations - -### Fixed -- fixed issue with disabling some restriction settings failed -- fixed disabling of internet block from the presets menu sometimes failed -- the software compatibility list in the SandMan UI now shows the proper template names -- fixed use of freed memory in the driver -- replaced swprintf with snwprintf to prevent potential buffer overflow in SbieDll.dll -- fixed bad list performance with resource log and API log in SandMan UI - - - -## [0.4.4 / 5.44.0] - 2020-11-03 - -### Added -- added SbieLdr (experimental) - -### Changed -- moved code injection mechanism from SbieSvc to SbieDll -- moved function hooking mechanism from SbieDrv to SbieDll -- introduced a new driverless method to resolve wow64 ntdll base address - -### removed -- removed support for Windows Vista x64 - - - -## [0.4.3 / 5.43.7] - 2020-11-03 - -### Added -- added disable forced programs menu command to the SandMan UI - -### Fixed -- fixed file rename bug introduced with an earlier Driver Verifier fix [#174](https://github.com/sandboxie-plus/Sandboxie/issues/174) [#153](https://github.com/sandboxie-plus/Sandboxie/issues/153) -- fixed issue saving access lists -- fixed issue with program groups parsing in the SandMan UI -- fixed issue with internet access restriction options [#177](https://github.com/sandboxie-plus/Sandboxie/issues/177) [#185](https://github.com/sandboxie-plus/Sandboxie/issues/185) -- fixed issue deleting sandbox when located on a drive directly [#139](https://github.com/sandboxie-plus/Sandboxie/issues/139) - - - -## [0.4.2 / 5.43.6] - 2020-10-10 - -### Added -- added explore box content menu option - -### Fixed -- fixed thread handle leak in SbieSvc and other components [#144](https://github.com/sandboxie-plus/Sandboxie/issues/144) -- msedge.exe is now categorized as a Chromium derivate -- fixed Chrome 86+ compatibility bug with Chrome's own sandbox [#149](https://github.com/sandboxie-plus/Sandboxie/issues/149) - - - -## [0.4.1 / 5.43.5] - 2020-09-12 - -### Added -- added core version compatibility check to SandMan UI -- added shell integration options to SbiePlus - -### Changed -- SbieCtrl does not longer auto show the tutorial on first start -- when hooking to the trampoline, the migrated section of the original function is no longer noped out --- it caused issues with unity games, will be investigated and re-enabled later - -### Fixed -- fixed colour issue with vertical tabs in dark mode -- fixed wrong path separators when adding new forced folders -- fixed directory listing bug introduced in 5.43 -- fixed issues with settings window when not being connected to driver -- fixed issue when starting SandMan UI as admin -- fixed auto content delete not working with SandMan UI - - - -## [0.4.0 / 5.43] - 2020-09-05 - -### Added -- added a proper custom installer to the Plus release -- added sandbox snapshot functionality to Sbie core --- filesystem is saved incrementally, the snapshots built upon each other --- each snapshot gets a full copy of the box registry for now --- each snapshot can have multiple children snapshots -- added access status to Resource Monitor -- added setting to change border width [#113](https://github.com/sandboxie-plus/Sandboxie/issues/113) -- added snapshot manager UI to SandMan -- added template to enable authentication with an Yubikey or comparable 2FA device -- added UI for program alert -- added software compatibility options to the UI - -### Changed -- SandMan UI now handles deletion of sandbox content on its own -- no longer adding redundant resource accesses as new events - -### Fixed -- fixed issues when hooking functions from delay loaded libraries -- fixed issues when hooking an already hooked function -- fixed issues with the new box settings editor - -### Removed -- removes deprecated workaround in the hooking mechanism for an obsolete anti-malware product - - - -## [0.3.5 / 5.42.1] - 2020-07-19 - -### Added -- added settings window -- added translation support -- added dark theme -- added auto start option -- added sandbox options -- added debug option "NoAddProcessToJob=y" - -### Changed -- improved empty sandbox tray icon -- improved message parsing -- updated homepage links - -### Fixed -- fixed ini issue with SandMan.exe when renaming sandboxes -- fixed ini auto reload bug introduced in the last build -- fixed issue when hooking delayed loaded libraries - - - -## [0.3 / 5.42] - 2020-07-04 - -### Added -- API_QUERY_PROCESS_INFO can be now used to get the original process token of sandboxed processes --- Note: this capability is used by TaskExplorer to allow inspecting sandbox internal tokens -- added option "KeepTokenIntegrity=y" to make the Sbie token keep its initial integrity level (debug option) --- Note: Do NOT USE Debug Options if you don't know their security implications (!) -- added process id to log messages very useful for debugging -- added finder to resource log -- added option to hide host processes "HideHostProcess=[name]" --- Note: Sbie hides by default processes from other boxes, this behaviour can now be controlled with "HideOtherBoxes=n" -- Sandboxed RpcSs and DcomLaunch can now be run as system with the option "ProtectRpcSs=y" however this breaks sandboxed explorer and other -- Built In Clsid whitelist can now be disabled with "OpenDefaultClsid=n" -- Processes can be now terminated with the del key, and require a confirmation -- added sandboxed window border display to SandMan.exe -- added notification for Sbie log messages -- added Sandbox Presets sub menu allowing to quickly change some settings --- Enable/Disable API logging, logapi_dll's are now distributed with SbiePlus --- And other: Drop admin rights; Block/Allow internet access; Block/Allow access to files on the network -- added more info to the sandbox status column -- added path column to SbieModel -- added info tooltips in SbieView - -### Changed -- reworked ApiLog, added PID and PID filter -- auto config reload on in change is now delayed by 500ms to not reload multiple times on incremental changes -- Sandbox names now replace "_" with " " for display allowing to use names that are made of separated words - -### Fixed -- added missing PreferExternalManifest initialization to portable mode -- FIXED SECURITY ISSUE: fixed permission issues with sandboxed system processes --- Note: you can use "ExposeBoxedSystem=y" for the old behaviour (debug option) -- FIXED SECURITY ISSUE: fixed missing SCM access check for sandboxed services (thanks Diversenok) --- Note: to disable the access check use "UnrestrictedSCM=y" (debug option) -- fixed missing initialization in service server that caused sandboxed programs to crash when querying service status -- fixed many bugs that caused the SbieDrv.sys to BSOD when running with Driver Verifier enabled [#57](https://github.com/sandboxie-plus/Sandboxie/issues/57) --- 0xF6 in GetThreadTokenOwnerPid and File_Api_Rename --- missing non optional parameter for FltGetFileNameInformation in File_PreOperation --- 0xE3 in Key_StoreValue and Key_PreDataInject - - - -## [0.2.2 / 5.41.2] - 2020-06-19 - -### Added -- added option SeparateUserFolders=n to no longer have the user profile files stored separately in the sandbox -- added SandboxieLogon=y it makes processes run under the SID of the "Sandboxie" user instead of the Anonymous user --- Note: the global option AllowSandboxieLogon=y must be enabled, the "Sandboxie" user account must be manually created first and the driver reloaded, else process start will fail -- improved debugging around process creation errors in the driver - -### Fixed -- fixed some log messages going lost after driver reload -- found a workable fix for the MSI installer issue, see Proc_CreateProcessInternalW_RS5 - - - -## [0.2.1 / 5.41.1] - 2020-06-18 - -### Added -- added different sandbox icons for different types --- Red LogAPI/BSA enabled --- more to come :D -- added progress window for async operations that take time -- added DPI awareness [#56](https://github.com/sandboxie-plus/Sandboxie/issues/56) -- the driver file is now obfuscated to avoid false positives -- additional debug options to Sandboxie.ini OpenToken=y that combines UnrestrictedToken=y and UnfilteredToken=y --- Note: using these options weakens the sandboxing, they are intended for debugging and may be used for better application virtualization later - -### Changed -- SbieDll.dll when processing InjectDll now looks in the SbieHome folder for the DLLs if the entered path starts with a backslash --- i.e. "InjectDll=\LogAPI\i386\logapi32v.dll" or "InjectDll64=\LogAPI\amd64\logapi64v.dll" - -### Fixed -- IniWatcher did not work in portable mode -- service path fix broke other services, now properly fixed, maybe -- found workaround for the MSI installer issue - - - -## [0.2 / 5.41.0] - 2020-06-08 - -### Added -- IniWatcher, no more clicking reload, the ini is now reloaded automatically every time it changes -- added Maintenance menu to the Sandbox menu, allowing to install/uninstall and start/stop Sandboxie driver, service -- SandMan.exe now is packed with Sbie files and when no Sbie is installed acts as a portable installation -- added option to clean up logs - -### Changed -- Sbie driver now first checks the home path for the Sbie ini before checking SystemRoot - -### Fixed -- FIXED SECURITY ISSUE: sandboxed processes could obtain a write handle on non sandboxed processes (thanks Diversenok) --- this allowed to inject code in non sandboxed processes -- fixed issue boxed services not starting when the path contained a space -- NtQueryInformationProcess now returns the proper sandboxed path for sandboxed processes - - - -## [0.1 / 5.40.2] - 2020-06-01 - -### Added -- created a new Qt based UI names SandMan (Sandboxie Manager) -- Resource Monitor now shows the PID -- added basic API call log using updated BSA LogApiDll - - -### Changed -- reworked Resource Monitor to work with multiple event consumers -- reworked log to work with multiple event consumers - - - -## [5.40.1] - 2020-04-10 - -### Added -- "Other" type for the Resource Access Monitor --- added call to StartService to the logged Resources - -### Fixed -- fixed "Windows Installer Service could not be accessed" that got introduced with Windows 1903 - +# Changelog +All notable changes to this project will be documented in this file. +This project adheres to [Semantic Versioning](http://semver.org/). + + + + + + + +## [0.9.8 / 5.53.0] - 2021-10-?? + +### Added +- added debug switch to disable Sbie console redirection "NoSandboxieConsole=y" +-- note that this was previously part of "NoSandboxieDesktop=y" +- added Sbie+ version to the log [#1277](https://github.com/sandboxie-plus/Sandboxie/issues/1277) +- added uninstall cleanup of extra files for the Plus installer (by mpheath) [#1235](https://github.com/sandboxie-plus/Sandboxie/pull/1235) +- added set language for Sandman for the Plus installer (by mpheath) [#1241](https://github.com/sandboxie-plus/Sandboxie/issues/1241) +- added EventLog messages with SbieMsg.dll for the Plus installer (by mpheath) + +### Changed +- reworked and extended RPC logging +- reintroduced the "UseRpcMgmtSetComTimeout=some.dll,n" setting to be used when no "RpcPortBinding" entry is specified +--- this allows to enable/disable out of box RPC binding independently from the timeout setting +- the "BoxNameTitle" value can now be set explicitly on a per image name basis [#1190](https://github.com/sandboxie-plus/Sandboxie/issues/1190) + +### Fixed +- fixed inability to delete read-only files from sandboxed explorer [#1237](https://github.com/sandboxie-plus/Sandboxie/issues/1237) +- fixed wrong recovery target in Plus UI [#1274](https://github.com/sandboxie-plus/Sandboxie/issues/1274) +- fixed SBIE2101 issue introduced with 0.9.7a [#1279](https://github.com/sandboxie-plus/Sandboxie/issues/1279) +- fixed sorting in the box picker window [#1269](https://github.com/sandboxie-plus/Sandboxie/issues/1269) +- fixed tray refresh issue [#1250](https://github.com/sandboxie-plus/Sandboxie/issues/1250) +- fixed tray activity display [#1221](https://github.com/sandboxie-plus/Sandboxie/issues/1221) +- fixed recovery window not displaying in taskbar [#1195](https://github.com/sandboxie-plus/Sandboxie/issues/1195) +- fixed dark theme preset not updating in real time [#1270](https://github.com/sandboxie-plus/Sandboxie/issues/1270) +- fixed Microsoft Edge complaining about "FakeAdminRights=y" [#1271](https://github.com/sandboxie-plus/Sandboxie/issues/1271) +- fixed issue with using local template in the global section [#1212](https://github.com/sandboxie-plus/Sandboxie/issues/1212) +- fixed issue with git.exe from MinGW freezing [#1238](https://github.com/sandboxie-plus/Sandboxie/issues/1238) +- fixed issue with search highlighting when using in dark mode + + + +## [0.9.7e / 5.52.5] - 2021-10-09 + +### Changed +- reworked the settings handling once again, now the driver maintains the order when enumerating, +-- but for good performance there is a Hash Map held in parallel for quick exact lookups + + +## [0.9.7d / 5.52.4] - 2021-10-06 + +### Fixed +- fixed yet another ini issue with the Sbiectrl + + +## [0.9.7c / 5.52.3] - 2021-10-05 + +### Fixed +- fixed yet another handling bug with SbieApi_EnumBoxesEx + + +## [0.9.7b / 5.52.2] - 2021-10-04 + +### Fixed +- fixed issue about loading not Unicode Sandboxie.ini introduced with the previous build + + + +## [0.9.7 / 5.52.1] - 2021-10-02 + +### Added +- added forced process indicator to process status column [#1174](https://github.com/sandboxie-plus/Sandboxie/issues/1174) +- added "SbieTrace=y" option to trace the interaction between Sandboxie processes and Sandboxie core components +- when initializing an empty sandbox, MSI debug keys are set to generate the debug output of MSI installer service +- added "DisableComProxy=y" allowing to disable COM proxying through the service +- added "ProcessLimit=..." which allows limiting the maximum number of processes in a sandbox [#1230](https://github.com/sandboxie-plus/Sandboxie/issues/1230) +- added missing IPC logging + +### Changed +- reworked SbieSvc ini server to allow settings caching and greatly improve performance +-- Now comments in the Sandboxie.ini are being preserved as well as the order of all entries +- enabled configuration section list replacement with a hash map to improve configuration performance +- improved progress and status messages for the Plus installer (by mpheath) [#1168](https://github.com/sandboxie-plus/Sandboxie/pull/1168) +- reworked RpcSs start mechanics, sandboxed RpcSs and DcomLaunch can now be run as system, use "RunRpcssAsSystem=y" +-- Note: this is generally not recommended for security reasons but may be needed for compatibility in some scenarios +- reworked WTSQueryUserToken handling to work properly in all scenarios +- reworked configuration value list to use a hash table for better performance + +### Fixed +- fixed Plus upgrade install in Windows 7 (by mpheath) [#1194](https://github.com/sandboxie-plus/Sandboxie/pull/1194) +- fixed custom autoexec commands being executed on each box start instead of only during the initialization +- fixed a design issue limiting the maximum amount of processes per sandbox to 511 +- fixed handle leaks in the lingering process monitor mechanism +- fixed issue with opening device paths like "\\??\\FltMgr" +- fixed build issue with an explicit FileDigestAlgorithm option for driver sign (by isaak654) [#1210](https://github.com/sandboxie-plus/Sandboxie/pull/1210) +- fixed issue with resource access log sometimes getting corrupted +- fixed issue with Microsoft Office Click-to-Run [#428](https://github.com/sandboxie-plus/Sandboxie/issues/428) [#882](https://github.com/sandboxie-plus/Sandboxie/issues/882) + +### Removed +- removed support for Microsoft EMET (Enhanced Mitigation Experience Toolkit), as it was EOL in 2018 +- removed support for Messenger Plus! Live, as MSN Messenger is EOL since 2013 +- disabled Turkish language on Plus UI for inactivity (by isaak654) [#1215](https://github.com/sandboxie-plus/Sandboxie/pull/1215) + + + +## [0.9.6 / 5.51.6] - 2021-09-12 + +### Added +- added ability to rename groups [#1152](https://github.com/sandboxie-plus/Sandboxie/issues/1152) +- added ability to define a custom order for the sandboxes, they can be moved by using the move context menu, or holding Alt + Arrow Key +- added recovery to list to the recovery window: [#988](https://github.com/sandboxie-plus/Sandboxie/issues/988) +- added finder to the recovery window + +### Changed +- updated the BlockPort rule inside Template_BlockPorts to the new NetworkAccess format (by isaak654) [#1162](https://github.com/sandboxie-plus/Sandboxie/pull/1162) +- default for immediate recovery behaviour is now to show the recovery window instead of using the notifications window [#988](https://github.com/sandboxie-plus/Sandboxie/issues/988) +- the new run dialog now requires a double-click [#1171](https://github.com/sandboxie-plus/Sandboxie/issues/1171) +- reworked the recovery window + +### Fixed +- fixed issue with create group menu [#1151](https://github.com/sandboxie-plus/Sandboxie/issues/1151) +- fixed issue that caused a box to lose its group association when renaming +- fixed issue with Thunderbird 91+ [#1156](https://github.com/sandboxie-plus/Sandboxie/issues/1156) +- fixed an issue with file disposition handling [#1161](https://github.com/sandboxie-plus/Sandboxie/issues/1161) +- fixed issue with Windows 11 22449.1000 [#1164](https://github.com/sandboxie-plus/Sandboxie/issues/1164) +- fixed SRWare Iron template (by Dyras) [#1146](https://github.com/sandboxie-plus/Sandboxie/pull/1146) +- fixed label positioning in Classic UI (by isaak654) [#1088](https://github.com/sandboxie-plus/Sandboxie/issues/1088) +- fixed an old issue that occurred when only an asterisk was set as path [#971](https://github.com/sandboxie-plus/Sandboxie/issues/971) + + + +## [0.9.5 / 5.51.5] - 2021-08-30 + +### Added +- added option to run a sandbox in [session 0](https://techcommunity.microsoft.com/t5/ask-the-performance-team/application-compatibility-session-0-isolation/ba-p/372361) +-- Note: the processes then have a system token, hence it's recommended to enable "DropAdminRights=y" +- if the UI is run with admin privileges, it can terminate sandboxed processes in other sessions now +- added "StartSystemBox=" option to auto-run a box on Sbie start/system boot in session 0 +-- Note: box start is done by issuing Start.exe /box:[name] auto_run +- add Start.exe auto_run command to start all sandboxed auto-start locations +- add Start.exe /keep_alive command line switch which keeps a process running in the box until it gracefully terminates +- added "StartCommand=" which starts a complex command through Start.exe on box startup +- added menu option to start regedit and load the box's registry key +- added system tray option in the Plus UI to show Classic icon [#963](https://github.com/sandboxie-plus/Sandboxie/issues/963#issuecomment-903933535) + +### Changed +- changed command prompt icon and string from "Terminal" to "Command Prompt" [#1135](https://github.com/sandboxie-plus/Sandboxie/issues/1135) +- reworked box menu layout a bit + +### Fixed +- fixed driver compatibility with Windows Server 2022 (build 20348) [#1143](https://github.com/sandboxie-plus/Sandboxie/issues/1143) +- fixed issue with creating shortcuts [#1134](https://github.com/sandboxie-plus/Sandboxie/issues/1134) + +### Installers re-released on 2021-08-31 with the following fix: +- fixed KmdUtil warning 1061 after Plus upgrade (by mpheath) [#968](https://github.com/sandboxie-plus/Sandboxie/issues/968) [#1139](https://github.com/sandboxie-plus/Sandboxie/issues/1139) + + + +## [0.9.4 / 5.51.4] - 2021-08-22 + +### Added +- added clear commands to log submenus [#391](https://github.com/sandboxie-plus/Sandboxie/issues/391) +- added option to disable process termination prompt [#514](https://github.com/sandboxie-plus/Sandboxie/issues/514) +- added "Options/InstantRecovery" setting to sandboxie-plus.ini to use the recovery window instead of the notification pop-up [#988](https://github.com/sandboxie-plus/Sandboxie/issues/988) +- added ability to rename a non-empty sandbox [#1100](https://github.com/sandboxie-plus/Sandboxie/issues/1100) +- added ability to remove a non-empty sandbox +- added file browser window to SandMan UI to cover the file-view functionality of SbieCtrl [#578](https://github.com/sandboxie-plus/Sandboxie/issues/578) + +### Changed +- generic errors in Sbie UI now show the status code as hex and provide a string description when available + +### Fixed +- fixed "del" shortcut to terminate a process not always working +- fixed group display issue [#1094](https://github.com/sandboxie-plus/Sandboxie/issues/1094) +- fixed issue when using "run sandboxed" on a file that is already located in a sandbox [#1099](https://github.com/sandboxie-plus/Sandboxie/issues/1099) + + + +## [0.9.3 / 5.51.3] - 2021-08-08 + +> Read the developer's notes about the new [WFP functionality](https://github.com/sandboxie-plus/Sandboxie/releases/tag/0.9.3). + +### Added +- ability to use the "run unsandboxed" option with Sandboxie links [#614](https://github.com/sandboxie-plus/Sandboxie/issues/614) + +### Fixed +- fixed "run outside sandbox" issue on Classic build [#614](https://github.com/sandboxie-plus/Sandboxie/issues/614#issuecomment-894710466) +- fixed open template does not load the edit tab [#1054](https://github.com/sandboxie-plus/Sandboxie/issues/1054#issuecomment-893001316) +- fixed issue with "explore sandboxed" [#972](https://github.com/sandboxie-plus/Sandboxie/issues/972) +- fixed start directory for sandboxed processes [#1071](https://github.com/sandboxie-plus/Sandboxie/issues/1071) +- fixed issue with language auto-detection [#1018](https://github.com/sandboxie-plus/Sandboxie/issues/1018) +- fixed issue with multiple files with the same name, by always showing the extension [#1041](https://github.com/sandboxie-plus/Sandboxie/issues/1041) +- fixed multiple program grouping issues with the SandMan UI [#1054](https://github.com/sandboxie-plus/Sandboxie/issues/1054) +- fixed "no disk" error [#966](https://github.com/sandboxie-plus/Sandboxie/issues/966) +- fixed issue with 32bit build using qMake, the -O2 option resulted in a crash in the QSbieAPI.dll [#995](https://github.com/sandboxie-plus/Sandboxie/issues/995) +- fixed issue with UserSettings introduced in a recent build [#1054](https://github.com/sandboxie-plus/Sandboxie/issues/1054) + + + +## [0.9.2 / 5.51.2] - 2021-08-07 (pre-release) + +### Added +- added ability to reconfigure the driver, which allows enabling/disabling WFP and other features without a reload/reboot + +### Changed +- reorganized and improved the settings window +- improved the tray icon a bit, the sand is now more yellow + +### Fixed +- fixed issue with process start handling introduced in 5.51.0 [#1063](https://github.com/sandboxie-plus/Sandboxie/issues/1063) +- fixed issue with quick recovery introduced in 5.51.0 +- fixed incompatibility with CET Hardware-enforced Stack Protection on Intel 11th gen and AMD Ryzen 5XXX CPUs [#1067](https://github.com/sandboxie-plus/Sandboxie/issues/1067) [#1012](https://github.com/sandboxie-plus/Sandboxie/issues/1012) + +### Removed +- commented out all Windows XP-specific support code from the driver + + + +## [0.9.1 / 5.51.1] - 2021-07-31 (pre-release) + +### Added +- added tray icon indicating broken connection to the driver if it happens +- added option to customize the tray icon +- added "DllSkipHook=some.dll" option to disable installation of hooks into selected DLLs +- added localization support for Plus installer (by yfdyh000 and mpheath) [#923](https://github.com/sandboxie-plus/Sandboxie/pull/923) + +### Changed +- reworked NtClose handling for better performance and extendibility +- improved tray box menu and list + +### Fixed +- fixed issue with fake admin and some NSIS installers [#1052](https://github.com/sandboxie-plus/Sandboxie/issues/1052) +- fixed more issued with FileDispositionInformation behaviour, which resulted in bogus file deletion handling +- fixed issue with checking WFP status +- fixed issue WFP failing to initialize at boot +- fixed issue with tray sandbox options not being available just after boot +- fixed issue access changed flag not being properly set in box options [#1065](https://github.com/sandboxie-plus/Sandboxie/issues/1065) + + + +## [0.9.0 / 5.51.0] - 2021-07-29 (pre-release) + +### Added +- added support for Windows Filtering Platform (WFP) to be used instead of the device-based network blocking scheme +-- to enable this support, add 'NetworkEnableWFP=y' to the global section and reboot or reload the driver +-- to use WFP for a specific sandbox, add 'AllowNetworkAccess=n' +-- you can allow certain processes by using 'AllowNetworkAccess=program.exe,y' +-- you can also enable this policy globally by adding 'AllowNetworkAccess=n' to the global section +-- in this case you can exempt entire sandboxes by adding 'AllowNetworkAccess=y' to specific boxes + -- you can block certain processes by using 'AllowNetworkAccess=program.exe,n' + -- Note: WFP is less absolute than the old approach, using WFP will filter only TCP/UDP communication +-- restricted boxed processes will still be able to resolve domain names using the system service +-- however, they will not be able to send or receive data packets directly +-- the advantages of WFP is that filter rules can be implemented by restricting communication only to specified addresses or selected ports using "NetworkAccess=..." +- added fully functional rule-based packet filter in user mode for the case when "NetworkEnableWFP=y" is not set +-- the mechanism replaces the old "BlockPort=..." functionality +-- Note: this filter applies only to outgoing connections/traffic, for incoming traffic either the WFP mode or a third-party firewall is needed +-- like the old user mode based mechanism, malicious applications can bypass it by unhooking certain functions +-- hence it's recommended to use the kernel mode WFP-based mechanism when reliable isolation is required +- added new trace option "NetFwTrace=*" to trace the actions of the firewall components +-- please note that the driver only trace logs the kernel debug output, use DbgView.exe to log +- API_QUERY_PROCESS_INFO can now be used to get the impersonation token of a sandboxed thread +-- Note: this capability is used by TaskExplorer to allow inspecting sandbox-internal tokens +-- Note: a process must have administrative privileges to be able to use this API +- added a UI option to switch "MsiInstallerExemptions=y" on and off +-- just in case a future Windows build breaks something in the systemless mode +- added sample code for ObRegisterCallbacks to the driver +- added new debug options "DisableFileFilter=y" and "DisableKeyFilter=y" that allow to disable file and registry filtering +-- Note: these options are for testing only and disable core parts of the sandbox isolation +- added a few command line options to SandMan.exe + +### Changed +- greatly improved the performance of the trace log, but it's no longer possible to log to both SandMan and SbieCtrl at the same time +- reworked process creation code to use PsSetCreateProcessNotifyRoutineEx and improved process termination + +### Fixed +- added missing hook for ConnectEx function + + + +## [0.8.9 / 5.50.9] - 2021-07-28 HotFix 2 + +### Fixed +Fixed issue with registering session leader + + + +## [0.8.9 / 5.50.9] - 2021-07-28 HotFix 1 + +### Fixed +Fixed issue with Windows 7 + + + +## [0.8.9 / 5.50.9] - 2021-07-27 + +### Changed +- updated a few icons +- updated GitHub build action to use Qt 5.15.2 +- improved the "full" tray icon to be more distinguishable from the "empty" one +- changed code integrity verification policies [#1003](https://github.com/sandboxie-plus/Sandboxie/issues/1003) +-- code signature is no longer required to change config, to protect presets use the existing "EditAdminOnly=y" + +### Fixed +- fixed issue with systemless MSI mode introduced in the last build +- fixed MSI installer not being able to create the action server mechanism on Windows 11 +- fixed MSI installer not working in systemless mode on Windows 11 +- fixed Inno Setup script not being able to remove shell integration keys during Sandboxie Plus uninstall (by mpheath) [#1037](https://github.com/sandboxie-plus/Sandboxie/pull/1037) + + + +## [0.8.8 / 5.50.8] - 2021-07-13 + +### Changed +- MSIServer no longer requires being run as system; this completes the move to not use system tokens in a sandbox by default +-- the security-enhanced option "MsiInstallerExemptions=n" is now the default behaviour + +### Fixed +- fixed issue with the "Explore Sandboxed" command [#972](https://github.com/sandboxie-plus/Sandboxie/issues/972) +- rolled back the switch from using NtQueryKey to NtQueryObject as it seems to break some older Windows 10 versions like 1803 [#984](https://github.com/sandboxie-plus/Sandboxie/issues/984) +-- this change was introduced to fix [#951](https://github.com/sandboxie-plus/Sandboxie/issues/951) +-- to use NtQueryObject the option "UseObjectNameForKeys=y" can be added to Sandboxie.ini + + + +## [0.8.7b / 5.50.7] - 2021-07-11 + +### Fixed +- fixed issue with boxes that had auto-delete activated introduced in the previous build [#986](https://github.com/sandboxie-plus/Sandboxie/issues/986) + + + +## [0.8.7 / 5.50.7] - 2021-07-10 + +### Added +- added option to always auto-pick the DefaultBox [#959](https://github.com/sandboxie-plus/Sandboxie/issues/959) +-- when this option is enabled, the normal behaviour with a box selection dialog can be brought up by holding down CTRL +- added option to hide a sandbox from the "run in box" dialog +-- useful to avoid listing insecure compatibility test boxes for example +- added box options to system tray [#439](https://github.com/sandboxie-plus/Sandboxie/issues/439) [#272](https://github.com/sandboxie-plus/Sandboxie/issues/272) + +### Changed +- changed default "terminate all boxed processes" key from Ctrl+Pause to Ctrl+Alt+Pause [#974](https://github.com/sandboxie-plus/Sandboxie/issues/974) +- Start.exe no longer links in unused MFC code, which reduced its file size from over 2.5 MB to below 250 KB +- updated the main SandMan and tray icon [#963](https://github.com/sandboxie-plus/Sandboxie/issues/963) +- improved the box tree-style view + +### Fixed +- added additional delay and retries to KmdUtil.exe to mitigate issues when unloading the driver [#968](https://github.com/sandboxie-plus/Sandboxie/issues/968) +- fixed issue with SbieCtrl not being properly started after setup [#969](https://github.com/sandboxie-plus/Sandboxie/issues/969) +- fixed issue with "explore sandboxed" shell option [#972](https://github.com/sandboxie-plus/Sandboxie/issues/972) +- fixed issue when running SandMan elevated [#932](https://github.com/sandboxie-plus/Sandboxie/issues/932) +- fixed new box selection dialog showing disabled boxes +- fixed issue updating box active status + +### Removed +- removed Online Armor support as this product is deprecated since 2016 + + + +## [0.8.6 / 5.50.6] - 2021-07-07 + +### Added +- added LibreWolf template (by Dyras) [#929](https://github.com/sandboxie-plus/Sandboxie/pull/929) + +### Fixed +- fixed performance bug introduced in 0.8.5 + + + +## [0.8.5 / 5.50.5] - 2021-07-06 + +### Added +- added global hotkey to terminate all sandboxed processes (default: Ctrl+Pause) +- the Run Sandboxed dialog can now be handled by the SandMan UI +- added "AllowBoxedJobs=y" allowing boxed processes to use nested jobs on Windows 8 and later +-- Note: this allows Chrome and other programs to use the job system for additional isolation +- added Librewolf.exe to the list of Firefox derivatives [#927](https://github.com/sandboxie-plus/Sandboxie/issues/927) +- added run regedit sandboxed menu command +- added new support settings tab to SandMan UI for updates and news +- added code integrity verification to Sbie service and UI +- added template for Vivaldi Notes (by isaak654) [#948](https://github.com/sandboxie-plus/Sandboxie/issues/948) + +### Changed +- replaced the Process List used by the driver with a much faster Hash Map implementation +-- Note: this change provides an almost static system call speed of 1.2µs regardless of the running process count +-- The old list, with 100 programs running required 4.5µs; with 200: 12µs; and with 300: 18µs per syscall +-- Note: some of the slowdown was also affecting non-sandboxed applications due to how the driver handles certain callbacks +- replaced the per-process Thread List used by the driver with a much faster Hash Map implementation +- replaced configuration section list with a hash map to improve configuration performance, and increased line limit to 100000 +-- not yet enabled in production build +- the presence of the default box is only checked on connect +- the portable directory dialog now shows the directory [#924](https://github.com/sandboxie-plus/Sandboxie/issues/924) +- when terminated, boxed processes now first try doing that by terminating the job object +- the driver now can terminate problematic processes by default without the help of the service +- the box delete routine now retries up to 10 times, see [#954](https://github.com/sandboxie-plus/Sandboxie/issues/954) +- replaced the Process List used by the service with a much faster Hash Map implementation +- replaced the per-process Thread List used by the service with a much faster Hash Map implementation + +### Fixed +- fixed faulty initialization in SetServiceStatus (by flamencist) [#921](https://github.com/sandboxie-plus/Sandboxie/issues/921) +- fixed buttons position in Classic UI settings (by isaak654) [#914](https://github.com/sandboxie-plus/Sandboxie/issues/914) +- fixed missing password length check in the SandMan UI [#925](https://github.com/sandboxie-plus/Sandboxie/issues/925) +- fixed issues opening job objects by name +- fixed missing permission check when reopening job object handles (thanks Diversenok) +- fixed issue with some Chromium 90+ hooks affecting the display of PDFs in derived browsers [#930](https://github.com/sandboxie-plus/Sandboxie/issues/930) [#817](https://github.com/sandboxie-plus/Sandboxie/issues/817) +- fixed issues with reconnecting broken LPC ports used for communication with SbieSvc +- fixed minor setting issue [#957](https://github.com/sandboxie-plus/Sandboxie/issues/957) +- fixed minor UI issue with resource access COM settings [#958](https://github.com/sandboxie-plus/Sandboxie/issues/958) +- fixed an issue with NtQueryKey using NtQueryObject instead [#951](https://github.com/sandboxie-plus/Sandboxie/issues/951) +- fixed crash in key.c when failing to resolve key paths +- added workaround for topmost modality issue [#873](https://github.com/sandboxie-plus/Sandboxie/issues/873) +-- the notification window is not only topmost for 5 seconds +- fixed an issue deleting directories introduced in 5.49.5 +- fixed an issue when creating box copies + +### Removed +- removed switch for "BlockPassword=n" as it does not seem to be working [#938](https://github.com/sandboxie-plus/Sandboxie/issues/938) +-- it's recommended to use "OpenSamEndpoint=y" to allow password changes in Windows 10 + + + +## [0.8.2 / 5.50.2] - 2021-06-15 + +### Changed +- split anti-phishing rules per browser (by isaak654) [#910](https://github.com/sandboxie-plus/Sandboxie/pull/910) + +### Fixed +- properly fixed an issue with Driver Verifier and user handles [#906](https://github.com/sandboxie-plus/Sandboxie/issues/906) +- fixed an issue with CreateWindow function introduced with 0.8.0 +- fixed issue with outdated BoxDisplayOrder entries being retained [#900](https://github.com/sandboxie-plus/Sandboxie/issues/900) + + + +## [0.8.1 / 5.50.1] - 2021-06-14 + +### Fixed +- fixed an issue with Driver Verifier and user handles +- fixed driver memory leak of FLT_FILE_NAME_INFORMATION objects +- fixed broken clipboard introduced in 5.50.0 [#899](https://github.com/sandboxie-plus/Sandboxie/issues/899) +- fixed DcomLaunch issue on Windows 7 32 bit introduced in 5.50.0 [#898](https://github.com/sandboxie-plus/Sandboxie/issues/898) + + + +## [0.8.0 / 5.50.0] - 2021-06-13 + +### Added +- Normally Sandboxie applies "Close...=!,..." directives to non-excluded images if they are located in a sandbox +-- added 'AlwaysCloseForBoxed=n' to disable this behaviour as it may not be always desired, and it doesn't provide extra security +- added process image information to SandMan UI +- localized template categories in the Plus UI [#727](https://github.com/sandboxie-plus/Sandboxie/issues/727) +- added "DisableResourceMonitor=y" to disable resource access monitor for selected boxes [#886](https://github.com/sandboxie-plus/Sandboxie/issues/886) +- added option to show trace entries only for the selected sandbox [#886](https://github.com/sandboxie-plus/Sandboxie/issues/886) +- added "UseVolumeSerialNumbers=y" that allows drive letters to be suffixed with the volume SN in the \drive\ sandbox location +-- it helps to avoid files mixed together on multiple pendrives using the same letter +-- Note: this option is not compatible with the recovery function of the Classic UI, only SandMan UI is fully compatible +- added "ForceRestart=PicoTorrent.exe" to the PicoTorrent template in order to fix a compatibility issue [#720](https://github.com/sandboxie-plus/Sandboxie/issues/720) +- added localization support for RPC templates (by isaak654) [#736](https://github.com/sandboxie-plus/Sandboxie/issues/736) + +### Changed +- portable cleanup message now has yes/no/cancel options [#874](https://github.com/sandboxie-plus/Sandboxie/issues/874) +- consolidated Proc_CreateProcessInternalW and Proc_CreateProcessInternalW_RS5 to remove duplicate code +- the ElevateCreateProcess fix, as sometimes applied by the Program Compatibility Assistant, will no longer be emulated by default [#858](https://github.com/sandboxie-plus/Sandboxie/issues/858) +-- use 'ApplyElevateCreateProcessFix=y' or 'ApplyElevateCreateProcessFix=program.exe,y' to enable it +- trace log gets disabled only when it has no entries and the logging is stopped + +### Fixed +- fixed APC issue with the new global hook emulation mechanism and WoW64 processes [#780](https://github.com/sandboxie-plus/Sandboxie/issues/780) [#779](https://github.com/sandboxie-plus/Sandboxie/issues/779) +- fixed IPv6 issues with BlockPort options +- fixed an issue with CheatEngine when "OpenWinClass=*" was specified [#786](https://github.com/sandboxie-plus/Sandboxie/issues/786) +- fixed memory corruption in SbieDrv [#838](https://github.com/sandboxie-plus/Sandboxie/issues/838) +- fixed crash issue with process elevation on CreateProcess calls [#858](https://github.com/sandboxie-plus/Sandboxie/issues/858) +- fixed process elevation when running in the built-in administrator account [#3](https://github.com/sandboxie-plus/Sandboxie/issues/3) +- fixed template preview resetting unsaved entries in box options window [#621](https://github.com/sandboxie-plus/Sandboxie/issues/621) + + + +## [0.7.5 / 5.49.8] - 2021-06-05 + +### Added +- clipboard access for a sandbox can now be disabled with "OpenClipboard=n" [#794](https://github.com/sandboxie-plus/Sandboxie/issues/794) + +### Changed +- now the OpenBluetooth template is enabled by default for compatibility with Unity games [#799](https://github.com/sandboxie-plus/Sandboxie/issues/799) +- "PreferExternalManifest=program.exe,y" can now be set on a per-process basis + +### Fixed +- fixed compiler issues with the most recent VS2019 update +- fixed issue with Vivaldi browser [#821](https://github.com/sandboxie-plus/Sandboxie/issues/821) +- fixed some issues with box options in the Plus UI [#879](https://github.com/sandboxie-plus/Sandboxie/issues/879) +- fixed some issues with hardware acceleration in Chromium based browsers [#795](https://github.com/sandboxie-plus/Sandboxie/issues/795) +- the "Stop All" command now issues "KmdUtil scandll" first to solve issues when the SbieDll.dll is in use +- workaround for Electron apps, by forcing an additional command line argument on the GPU renderer process [#547](https://github.com/sandboxie-plus/Sandboxie/issues/547) [#310](https://github.com/sandboxie-plus/Sandboxie/issues/310) [#215](https://github.com/sandboxie-plus/Sandboxie/issues/215) +- fixed issue with Software Compatibility tab that doesn't always show template names correctly [#774](https://github.com/sandboxie-plus/Sandboxie/issues/774) + + + +## [0.7.4 / 5.49.7] - 2021-04-11 + +### Added +- added option to disable file migration prompt in the Plus UI with PromptForFileMigration=n [#643](https://github.com/sandboxie-plus/Sandboxie/issues/643) +- added UI options for various security isolation features +- added missing functionality to set template values in the Plus UI +- added templates for Popcorn-Time, Clementine Music Player, Strawberry Music Player, 32-bit MPC-HC (by Dyras) [#726](https://github.com/sandboxie-plus/Sandboxie/pull/726) [#737](https://github.com/sandboxie-plus/Sandboxie/pull/737) + +### Changed +- align default settings of AutoRecover and Favourites to the Plus version (thanks isaak654) [#747](https://github.com/sandboxie-plus/Sandboxie/pull/747) +- list of email clients and browsers is now centralized in Dll_GetImageType +- localstore.rdf reference in Templates.ini was replaced with xulstore.json (by isaak654) [#751](https://github.com/sandboxie-plus/Sandboxie/pull/751) + +### Fixed +- fixed minor issue with logging internet blocks +- fixed issue with file recovery when located on a network share [#711](https://github.com/sandboxie-plus/Sandboxie/issues/711) +- fixed UI issue with CallTrace [#769](https://github.com/sandboxie-plus/Sandboxie/issues/769) +- fixed sandbox shortcuts receiving double extension upon creation [#770](https://github.com/sandboxie-plus/Sandboxie/issues/770) +- fixed misplaced labels in the Classic UI (thanks isaak654) [#759](https://github.com/sandboxie-plus/Sandboxie/pull/759) +- fixed separator line in SbieCtrl (thanks isaak654) [#761](https://github.com/sandboxie-plus/Sandboxie/pull/761) +- fixed broken paths in The Bat! template (by isaak654) [#756](https://github.com/sandboxie-plus/Sandboxie/pull/756) +- fixed issue about media players that attempt to write unneeded media files inside the box (by Dyras) [#743](https://github.com/sandboxie-plus/Sandboxie/pull/743) [#536](https://github.com/sandboxie-plus/Sandboxie/issues/536) + + + +## [0.7.3 / 5.49.5] - 2021-03-27 + +### Added +- added "UseSbieWndStation=y" to emulate CreateDesktop for selected processes, not only Firefox and Chrome [#635](https://github.com/sandboxie-plus/Sandboxie/issues/635) +- added option to drop the console host process integrity, now you can use "DropConHostIntegrity=y" [#678](https://github.com/sandboxie-plus/Sandboxie/issues/678) +- added option to easily add local templates +- added new torrent clients and media players templates (by Dyras) [#719](https://github.com/sandboxie-plus/Sandboxie/pull/719) + +### Changed +- reworked window hooking mechanism to improve performance [#697](https://github.com/sandboxie-plus/Sandboxie/issues/697) [#519](https://github.com/sandboxie-plus/Sandboxie/issues/519) [#662](https://github.com/sandboxie-plus/Sandboxie/issues/662) [#69](https://github.com/sandboxie-plus/Sandboxie/issues/69) [#109](https://github.com/sandboxie-plus/Sandboxie/issues/109) [#193](https://github.com/sandboxie-plus/Sandboxie/issues/193) +-- resolves issues with file save dialogs taking 30+ seconds to open +-- this fix greatly improves the win32 GUI performance of sandboxed processes +- reworked RPC resolver to be ini-configurable +-- the following options are now deprecated: +--- "UseRpcMgmtSetComTimeout=some.dll,n", so use "RpcPortBinding=some.dll,*,TimeOut=y" +--- "OpenUPnP=y", "OpenBluetooth=y", "OpenSmartCard=n", so use the new RPC templates instead +-- See Templates.ini for usage examples + +### Fixed +- fixed process-specific hooks being applied to all processes in a given sandbox +- fixed issue with messages and templates sometimes not being properly displayed in the SandMan UI +- fixed issue with compatibility settings not being applied properly +- fixed auto delete issue that got introduced with 0.7.1 [#637](https://github.com/sandboxie-plus/Sandboxie/issues/637) +- fixed issue with NtSetInformationFile, FileDispositionInformation resulting in Opera installer failing +- fixed issue with MacType introduced in the 0.7.2 build [#676](https://github.com/sandboxie-plus/Sandboxie/issues/676) +- fixed global sandboxed windows hooks not working when window rename option is disabled +- fixed issue with saving local templates +- fixed issue when using runas to start a process that was created outside of the Sandboxie supervision [#688](https://github.com/sandboxie-plus/Sandboxie/issues/688) +-- since the runas facility is not accessible by default, this did not constitute a security issue +-- to enable runas functionality, add "OpenIpcPath=\RPC Control\SECLOGON" to your Sandboxie.ini +-- please take note that doing so may open other yet unknown issues +- fixed a driver compatibility issue with Windows 10 32 bit Insider Preview Build 21337 +- fixed issues with driver signature for Windows 7 + + + +## [0.7.2 / 5.49.0] - 2021-03-04 + +### Added +- added option to alter reported Windows version "OverrideOsBuild=7601" for Windows 7 SP1 [#605](https://github.com/sandboxie-plus/Sandboxie/issues/605) +- the trace log can now be structured like a tree with processes as root items and threads as branches + +### Changed +- SandboxieCrypto now always migrates the CatRoot2 files in order to prevent locking of real files +- greatly improved trace log performance +- MSI Server can now run with the "FakeAdminRights=y" and "DropAdminRights=y" options [#600](https://github.com/sandboxie-plus/Sandboxie/issues/600) +-- special service allowance for the MSI Server can be disabled with "MsiInstallerExemptions=n" +- changed SCM access check behaviour; non elevated users can now start services with a user token +-- elevation is now only required to start services with a system token +- reworked the trace log mechanism to be more verbose +- reworked RPC mechanism to be more flexible + +### Fixed +- fixed issues with some installers introduced in 5.48.0 [#595](https://github.com/sandboxie-plus/Sandboxie/issues/595) +- fixed "add user to sandbox" in the Plus UI [#597](https://github.com/sandboxie-plus/Sandboxie/issues/597) +- FIXED SECURITY ISSUE: the HostInjectDll mechanism allowed for local privilege escalation (thanks hg421) +- Classic UI no longer allows to create a sandbox with an invalid or reserved device name [#649](https://github.com/sandboxie-plus/Sandboxie/issues/649) + + + +## [0.7.1 / 5.48.5] - 2021-02-21 + +### Added +- enhanced RpcMgmtSetComTimeout handling with "UseRpcMgmtSetComTimeout=some.dll,n" +-- this option allows to specify if RpcMgmtSetComTimeout should be used or not for each individual dll +-- this setting takes precedence over hard-coded and per-process presets +-- "UseRpcMgmtSetComTimeout=some.dll" and "UseRpcMgmtSetComTimeout=some.dll,y" are equivalent +- added "FakeAdminRights=y" option that makes processes think they have admin permissions in a given box +-- this option is recommended to be used in combination with "DropAdminRights=y" to improve security +-- with "FakeAdminRights=y" and "DropAdminRights=y" installers should still work +- added RPC support for SSDP API (the Simple Service Discovery Protocol), you can enable it with "OpenUPnP=y" + + +### Changed +- SbieCrypto no longer triggers message 1313 +- changed enum process API; now more than 511 processes per box can be enumerated (no limit) +- reorganized box settings a bit +- made COM tracing more verbose +- "RpcMgmtSetComTimeout=y" is now again the default behaviour, it seems to cause less issues overall + +### Fixed +- fixed issues with webcam access when the DevCMApi filtering is in place +- fixed issue with free download manager for 'AppXDeploymentClient.dll', so RpcMgmtSetComTimeout=y will be used by default for this one [#573](https://github.com/sandboxie-plus/Sandboxie/issues/573) +- fixed not all WinRM files were blocked by the driver, with "BlockWinRM=n" this file block can be disabled +- fixed Sandboxie Classic crash when saving any option in Sandbox Settings -> Appearance (by typpos) [#586](https://github.com/sandboxie-plus/Sandboxie/issues/586) + + + +## [0.7.0 / 5.48.0] - 2021-02-14 + +### Added +- sandboxed indicator for tray icons, the tooltip now contains [#] if enabled +- the trace log buffer can now be adjusted with "TraceBufferPages=2560" +-- the value denotes the count of 4K large pages to be used; here for a total of 10 MB +- new functionality for the list finder + +### Changed +- improved RPC debugging +- improved IPC handling around RpcMgmtSetComTimeout; "RpcMgmtSetComTimeout=n" is now the default behaviour +-- required exceptions have been hard-coded for specific calling DLLs +- the LogApi dll is now using Sbie's tracing facility to log events instead of its own pipe server + +### Fixed +- FIXED SECURITY ISSUE: elevated sandboxed processes could access volumes/disks for reading (thanks hg421) +-- this protection option can be disabled by using "AllowRawDiskRead=y" +- fixed crash issue around SetCurrentProcessExplicitAppUserModelID observed with GoogleUpdate.exe +- fixed issue with Resource Monitor sort by timestamp +- fixed invalid Opera bookmarks path (by isaak654) [#542](https://github.com/sandboxie-plus/Sandboxie/pull/542) +- FIXED SECURITY ISSUE: a race condition in the driver allowed to obtain an elevated rights handle to a process (thanks typpos) [#549](https://github.com/sandboxie-plus/Sandboxie/pull/549) +- FIXED SECURITY ISSUE: "\RPC Control\samss lpc" is now filtered by the driver (thanks hg421) [#553](https://github.com/sandboxie-plus/Sandboxie/issues/553) +-- this allowed elevated processes to change passwords, delete users and alike; to disable filtering use "OpenSamEndpoint=y" +- FIXED SECURITY ISSUE: "\Device\DeviceApi\CMApi" is now filtered by the driver (thanks hg421) [#552](https://github.com/sandboxie-plus/Sandboxie/issues/552) +-- this allowed elevated processes to change hardware configuration; to disable filtering use "OpenDevCMApi=y" + + + +## [0.6.7 / 5.47.1] - 2021-02-01 + +### Added +- added UI language auto-detection + +### Fixed +- fixed Brave.exe now being properly recognized as Chrome-, not Firefox-based +- fixed issue introduced in 0.6.5 with recent Edge builds +-- the 0.6.5 behaviour can be set on a per-process basis using "RpcMgmtSetComTimeout=POPPeeper.exe,n" +- fixed grouping issues [#445](https://github.com/sandboxie-plus/Sandboxie/issues/445) +- fixed main window restore state from tray [#288](https://github.com/sandboxie-plus/Sandboxie/issues/288) + + + +## [0.6.5 / 5.47.0] - 2021-01-31 + +### Added +- added detection for Waterfox.exe, Palemoon.exe and Basilisk.exe Firefox forks as well as Brave.exe [#468](https://github.com/sandboxie-plus/Sandboxie/issues/468) +- added Bluetooth API support, IPC port can be opened with "OpenBluetooth=y" [#319](https://github.com/sandboxie-plus/Sandboxie/issues/319) +-- this should resolve issues with many Unity games hanging on startup for a long time +- added enhanced RPC/IPC interface tracing +- when DefaultBox is not found by the SandMan UI, it will be recreated +- "Disable Forced Programs" time is now saved and reloaded + +### Changed +- reduced SandMan CPU usage +- Sandboxie.ini and Templates.ini can now be UTF8 encoded [#461](https://github.com/sandboxie-plus/Sandboxie/issues/461) [#197](https://github.com/sandboxie-plus/Sandboxie/issues/197) +-- this feature is experimental, files without a UTF-8 Signature should be recognized also +-- "ByteOrderMark=yes" is obsolete, Sandboxie.ini is now always saved with a BOM/Signature +- legacy language files can now be UTF8 encoded +- reworked file migration behaviour, removed hardcoded lists in favour of templates [#441](https://github.com/sandboxie-plus/Sandboxie/issues/441) +-- you can now use "CopyAlways=", "DontCopy=" and "CopyEmpty=" that support the same syntax as "OpenFilePath=" +-- "CopyBlockDenyWrite=program.exe,y" makes a write open call to a file that won't be copied fail instead of turning it read-only +- removed hardcoded SkipHook list in favour of templates + +### Fixed +- fixed old memory pool leak in the Sbie driver [#444](https://github.com/sandboxie-plus/Sandboxie/issues/444) +- fixed issue with item selection in the access restrictions UI +- fixed updater crash in SbieCtrl.exe [#450](https://github.com/sandboxie-plus/Sandboxie/issues/450) +- fixed issues with RPC calls introduced in Sbie 5.33.1 +- fixed recently broken 'terminate all' command +- fixed a couple minor UI issues with SandMan UI +- fixed IPC issue with Windows 7 and 8 resulting in process termination +- fixed "recover to" functionality + + + +## [0.6.0 / 5.46.5] - 2021-01-25 + +### Added +- added confirmation prompts to terminate all commands +- added window title to boxed process info [#360](https://github.com/sandboxie-plus/Sandboxie/issues/360) +- added WinSpy based sandboxed window finder [#351](https://github.com/sandboxie-plus/Sandboxie/issues/351) +- added option to view disabled boxes and double click on box to enable it + +### Changed +- "Reset Columns" now resizes them to fit the content, and it can now be localized [#426](https://github.com/sandboxie-plus/Sandboxie/issues/426) +- modal windows are now centered to the parent [#417](https://github.com/sandboxie-plus/Sandboxie/issues/417) +- improved new box window [#417](https://github.com/sandboxie-plus/Sandboxie/issues/417) + +### Fixed +- fixed issues with window modality [#409](https://github.com/sandboxie-plus/Sandboxie/issues/409) +- fixed issues when main window was set to be always on top [#417](https://github.com/sandboxie-plus/Sandboxie/issues/417) +- fixed a driver issue with Windows 10 insider build 21286 +- fixed issues with snapshot dialog [#416](https://github.com/sandboxie-plus/Sandboxie/issues/416) +- fixed an issue when writing to a path that already exists in the snapshot but not outside [#415](https://github.com/sandboxie-plus/Sandboxie/issues/415) + + + +## [0.5.5 / 5.46.4] - 2021-01-17 + +### Added +- added "SandboxService=..." to force selected services to be started in the sandbox +- added template clean-up functionality to Plus UI +- added internet prompt to now also allow internet access permanently +- added browse button for box root folder in the SandMan UI [#382](https://github.com/sandboxie-plus/Sandboxie/issues/382) +- added explorer info message [#352](https://github.com/sandboxie-plus/Sandboxie/issues/352) +- added option to keep the SandMan UI always on top +- allow drag and drop file onto SandMan.exe to run it sandboxed [#355](https://github.com/sandboxie-plus/Sandboxie/issues/355) +- added start SandMan UI when a sandboxed application starts [#367](https://github.com/sandboxie-plus/Sandboxie/issues/367) +- recovery window can now list all files +- added file counter to recovery window +- when "NoAddProcessToJob=y" is specified, Chrome and related browsers now can fully use the job system +-- Note: "NoAddProcessToJob=y" reduces the box isolation, but the affected functions are mostly covered by UIPI anyway +- added optimized default column widths to Sbie view +- added template support for Yandex and Ungoogled Chromium browsers (by isaak654) + +### Changed +- updated templates with multiple browsers fixes (thanks isaak654) +- when trying to take a snapshot of an empty sandbox a proper error message is displayed [#381](https://github.com/sandboxie-plus/Sandboxie/issues/381) +- new layout for the recovery window +- Sbie view sorting is now case insensitive + +### Fixed +- fixed issue child window closing terminating application when main was hidden [#349](https://github.com/sandboxie-plus/Sandboxie/issues/349) +- fixed issues with non modal windows [#349](https://github.com/sandboxie-plus/Sandboxie/issues/349) +- fixed issues connecting to driver in portable mode +- fixed minor issues with snapshot window +- fixed missing error message when attempting to create an already existing sandbox [#359](https://github.com/sandboxie-plus/Sandboxie/issues/359) +- fixed issue allowing to save setting when a sandbox was already deleted [#359](https://github.com/sandboxie-plus/Sandboxie/issues/359) +- fixed issues with disabled items in dark mode [#359](https://github.com/sandboxie-plus/Sandboxie/issues/359) +- fixed some dialogs not closing when pressing Esc [#359](https://github.com/sandboxie-plus/Sandboxie/issues/359) +- fixed tab stops on many windows + + + +## [0.5.4d / 5.46.3] - 2021-01-11 + +### Changed +- improved access tracing, removed redundant entries +- OpenIpcPath=\BaseNamedObjects\[CoreUI]-* is now hardcoded in the driver no need for the template entry +- WindowsFontCache is now open by default +- refactored some IPC code in the driver + +### Fixed +- FIXED SECURITY ISSUE: the registry isolation could be bypassed, present since Windows 10 Creators Update +- fixed creation time not always being properly updated in the SandMan UI + + + +## [0.5.4c / 5.46.2] - 2021-01-10 + +### Added +- added "CallTrace=*" to log all system calls to the access log + +### Changed +- improved IPC logging code +- improved MSG_2101 logging + +### Fixed +- fixed more issues with IPC tracing +- fixed SBIE2101 issue with Chrome and derivatives + + + +## [0.5.4b / 5.46.1] - 2021-01-08 + +### Added +- added "RunServiceAsSystem=..." allows specific named services to be run as system + +### Changed +- refactored some code around SCM access + +### Fixed +- fixed a crash issue in SbieSvc.exe introduced with the last build +- fixed issue with SandMan UI update check +- FIXED SECURITY ISSUE: a Sandboxed process could start sandboxed as system even with DropAdminRights in place + +### Removed +- removed "ProtectRpcSs=y" due to incompatibility with new isolation defaults + + + +## [0.5.4 / 5.46.0] - 2021-01-06 + +### Added +- FIXED SECURITY ISSUE: Sandboxie now strips particularly problematic privileges from sandboxed system tokens +-- with those a process could attempt to bypass the sandbox isolation (thanks Diversenok) +-- old legacy behaviour can be enabled with "StripSystemPrivileges=n" (absolutely NOT Recommended) +- added new isolation options "ClosePrintSpooler=y" and "OpenSmartCard=n" +-- those resources are open by default, but for a hardened box it is desired to close them +- FIXED SECURITY ISSUE: added print spooler filter to prevent printers from being set up outside the sandbox +-- the filter can be disabled with "OpenPrintSpooler=y" +- added overwrite prompt when recovering an already existing file +- added "StartProgram=", "StartService=" and "AutoExec=" options to the SandMan UI +- added more compatibility templates (thanks isaak654) [#294](https://github.com/sandboxie-plus/Sandboxie/pull/294) + +### Changed +- Changed Emulated SCM behaviour, boxed services are no longer by default started as boxed system +-- use "RunServicesAsSystem=y" to enable the old legacy behaviour +-- Note: sandboxed services with a system token are still sandboxed and restricted +-- However not granting them a system token in the first place removes possible exploit vectors +-- Note: this option is not compatible with "ProtectRpcSs=y" and takes precedence! +- reworked dynamic IPC port handling +- improved Resource Monitor status strings + +### Fixed +- FIXED SECURITY ISSUE: processes could spawn processes outside the sandbox (thanks Diversenok) +- FIXED SECURITY ISSUE: bug in the dynamic IPC port handling allowed to bypass IPC isolation +- fixed issue with IPC tracing +- FIXED SECURITY ISSUE: CVE-2019-13502 "\RPC Control\LSARPC_ENDPOINT" is now filtered by the driver (thanks Diversenok) +-- this allowed some system options to be changed, to disable filtering use "OpenLsaEndpoint=y" +- fixed hooking issues SBIE2303 with Chrome, Edge and possibly others [#68](https://github.com/sandboxie-plus/Sandboxie/issues/68) [#166](https://github.com/sandboxie-plus/Sandboxie/issues/166) +- fixed failed check for running processes when performing snapshot operations +- fixed some box option checkboxes were not properly initialized +- fixed unavailable options are not properly disabled when SandMan is not connected to the driver +- fixed MSI installer issue, not being able to create "C:\Config.msi" folder on Windows 20H2 [#219](https://github.com/sandboxie-plus/Sandboxie/issues/219) +- added missing localization to generic list commands +- fixed issue with "iconcache_*" when running sandboxed explorer +- fixed more issues with groups + + + +## [0.5.3b / 5.45.2] - 2021-01-02 + +### Added +- added settings for the portable boxed root folder option +- added process name to resource log +- added command line column to the process view in the SandMan UI + +### Fixed +- fixed a few issues with group handling [#262](https://github.com/sandboxie-plus/Sandboxie/issues/262) +- fixed issue with GetRawInputDeviceInfo when running a 32 bit program on a 64 bit system +- fixed issue when pressing apply in the "Resource Access" tab; the last edited value was not always applied +- fixed issue merging entries in Resource Access Monitor + + + +## [0.5.3a / 5.45.2] - 2020-12-29 + +### Added +- added prompt to choose if links in the SandMan UI should be opened in a sandboxed or unsandboxed browser [#273](https://github.com/sandboxie-plus/Sandboxie/issues/273) +- added more recovery options +- added "ClosedClsid=" to block COM objects from being used when they cause compatibility issues +- added "ClsidTrace=*" option to trace COM usage +- added "ClosedRT=" option to block access to problematic Windows RT interfaces +- added option to make a link for any selected process to SandMan UI +- added option to reset all hidden messages +- added more process presets "force program" and "allow internet access" +- added "SpecialImage=chrome,some_electron_app.exe" option to Sandboxie.ini, valid image types "chrome", "firefox" +-- with this option you can enable special hardcoded workarounds to new obscure forks of those browsers +- added German translation (thanks bastik-1001) to the SandMan UI +- added Russian translation (thanks lufog) to the SandMan UI +- added Portuguese translation (thanks JNylson ) to the SandMan UI + +### Changed +- changed docs and update URLs to the new sandboxie-plus.com domain +- greatly improved the setup script (thanks mpheath) +- "OpenClsid=" and "ClosedClsid=" now support specifying a program or group name +- by default, when started in portable mode, the sandbox folder will be located in the parent directory of the Sandboxie instance + +### Fixed +- grouping menu not fully working in the new SandMan UI [#277](https://github.com/sandboxie-plus/Sandboxie/issues/277) +- fixed not being able to set quick recovery in SandMan UI +- fixed resource leak when loading process icons in SandMan UI +- fixed issue with OpenToken debug options +- fixed Chrome crashing on websites that cause the invocation of "FindAppUriHandlersAsync" [#198](https://github.com/sandboxie-plus/Sandboxie/issues/198) +- fixed issue connecting to the driver when starting in portable mode +- fixed missing template setup when creating new boxes + +### removed +- removed obsolete "OpenDefaultClsid=n" use "ClosedClsid=" with the appropriate values instead +- removed suspend/resume menu entry, pooling that state wastes substantial CPU cycles; use task explorer for that functionality + + + +## [0.5.2a / 5.45.1] - 2020-12-23 + +### Fixed +- fixed translation support in the SandMan UI +- fixed sandboxed explorer issue [#289](https://github.com/sandboxie-plus/Sandboxie/issues/289) +- fixed simplified Chinese localization + + + +## [0.5.2 / 5.45.1] - 2020-12-23 + +### Added +- added advanced new box creation dialog to SandMan UI +- added show/hide tray context menu entry +- added refresh button to file recovery dialog +- added mechanism to load icons from {install-dir}/Icons/{icon}.png for UI customization +- added tray indicator to show disabled forced program status in the SandMan UI +- added program name suggestions to box options in SandMan UI +- added saving of column sizes in the options window + +### Changed +- reorganized the advanced box options a bit +- changed icons (thanks Valinwolf for picking the new ones) [#235](https://github.com/sandboxie-plus/Sandboxie/issues/235) +- updated Templates.ini (thanks isaak654) [#256](https://github.com/sandboxie-plus/Sandboxie/pull/256) [#258](https://github.com/sandboxie-plus/Sandboxie/pull/258) +- increased max value for disable forced process time in SandMan UI + +### Fixed +- fixed BSOD introduced in 5.45.0 when using Windows 10 "core isolation" [#221](https://github.com/sandboxie-plus/Sandboxie/issues/221) +- fixed minor issue with lingering/leader processes +- fixed menu issue in SandMan UI +- fixed issue with stop behaviour page in SandMan UI +- fixed issue with Plus installer not displaying KmdUtil window +- fixed SandMan UI saving UI settings on Windows shutdown +- fixed issue with Plus installer autorun [#247](https://github.com/sandboxie-plus/Sandboxie/issues/247) +- fixed issue with legacy installer not removing all files +- fixed a driver compatibility issue with Windows 20H1 and later [#228](https://github.com/sandboxie-plus/Sandboxie/issues/228) +-- this solves "stop pending", LINE messenger hanging and other issues... +- fixed quick recovery issue in SbieCtrl.exe introduced in 5.45.0 [#224](https://github.com/sandboxie-plus/Sandboxie/issues/224) +- fixed issue advanced hide process settings not saving +- fixed some typos in the UI (thanks isaak654) [#252](https://github.com/sandboxie-plus/Sandboxie/pull/252) [#253](https://github.com/sandboxie-plus/Sandboxie/pull/253) [#254](https://github.com/sandboxie-plus/Sandboxie/pull/254) +- fixed issue with GetRawInputDeviceInfo failing when boxed processes are put in a job object [#176](https://github.com/sandboxie-plus/Sandboxie/issues/176) [#233](https://github.com/sandboxie-plus/Sandboxie/issues/233) +-- this fix resolves issues with CP2077 and other games not getting keyboard input (thanks Rostok) +- fixed failing ClipCursor won't longer span the message log +- fixed issue with adding recovery folders in SandMan UI +- fixed issue with Office 2019 template when using a non-default Sbie install location +- fixed issue setting last access attribute on sandboxed folders [#218](https://github.com/sandboxie-plus/Sandboxie/issues/218) +- fixed issue with process start signal + + + +## [0.5.1 / 5.45.0] - 2020-12-12 + +### Added +- added simple view mode + +### Changed +- updated SandMan UI to use Qt5.15.1 + +### Fixed +- fixed crash issue with progress dialog +- fixed progress dialog cancel button not working for update checker +- fixed issue around NtQueryDirectoryFile when deleting sandbox content +- fixed dark theme in the notification window +- fixed issue with disable force programs tray menu + + + +## [0.5.0 / 5.45.0] - 2020-12-06 + +### Added +- added new notification window +- added user interactive control mechanism when using the new SandMan UI +-- when a file exceeds the copy limit instead of failing, the user is prompted if the file should be copied or not +-- when internet access is blocked it now can be exempted in real time by the user +- added missing file recovery and auto/quick recovery functionality [#188](https://github.com/sandboxie-plus/Sandboxie/issues/188) [#178](https://github.com/sandboxie-plus/Sandboxie/issues/178) +- added silent MSG_1399 boxed process start notification to keep track of short lived boxed processes +- added ability to prevent system wide process starts, Sandboxie can now instead of just alerting also block processed on the alert list +-- set "StartRunAlertDenied=y" to enable process blocking +- the process start alert/block mechanism can now also handle folders use "AlertFolder=..." +- added ability to merge snapshots [#151](https://github.com/sandboxie-plus/Sandboxie/issues/151) +- added icons to the sandbox context menu in the new UI +- added more advanced options to the sandbox options window +- added file migration progress indicator +- added more run commands and custom run commands per sandbox +-- the box settings users can now specify programs to be available from the box run menu +-- also processes can be pinned to that list from the presets menu +- added more Windows 10 specific template presets +- added ability to create desktop shortcuts to sandboxed items +- added icons to box option tabs +- added box grouping +- added new debug option "DebugTrace=y" to log debug output to the trace log +- added check for updates to the new SandMan UI +- added check for updates to the legacy SbieCtrl UI + +### Changed +- File migration limit can now be disabled by specifying "CopyLimitKb=-1" [#526](https://github.com/sandboxie-plus/Sandboxie/issues/526) +- improved and refactored message logging mechanism, reducing memory usage by factor of 2 +- terminated boxed processes are now kept listed for a couple of seconds +- reworked sandbox deletion mechanism of the new UI +- restructured sandbox options window +- SbieDLL.dll can now be compiled with an up to date ntdll.lib (Thanks to TechLord from Team-IRA for help) +- improved automated driver self repair + +### Fixed +- fixed issues migrating files > 4GB +- fixed an issue that would allow a malicious application to bypass the internet blockade +- fixed issue when logging messages from a non-sandboxed process, added process_id parameter to API_LOG_MESSAGE_ARGS +- fixed issues with localization +- fixed issue using file recovery in legacy UI SbieCtrl.exe when "SeparateUserFolders=n" is set +- when a program is blocked from starting due to restrictions no redundant messages are issues anymore +- fixed UI not properly displaying async errors +- fixed issues when a snapshot operation failed +- fixed some special cases of IpcPath and WinClass in the new UI +- fixed driver issues with WHQL passing compatibility testing +- fixed issues with Classic installer + + + +## [0.4.5 / 5.44.1] - 2020-11-16 + +### Added +- added "Terminate all processes" and "disable forced programs" commands to tray menu in SandMan UI +- program start restrictions settings now can be switched between a white list and a black list +-- programs can be terminated and blacklisted from the context menu +- added additional process context menu options, lingering and leader process can be now set from menu +- added option to view template presets for any given box +- added text filter to template view +- added new compatibility templates: +-- Windows 10 core UI component: OpenIpcPath=\BaseNamedObjects\[CoreUI]-* solving issues with Chinese Input and Emojis [#120](https://github.com/sandboxie-plus/Sandboxie/issues/120) [#88](https://github.com/sandboxie-plus/Sandboxie/issues/88) +-- Firefox Quantum, access to Windows’ FontCachePort for compatibility with Windows 7 +- added experimental debug option "OriginalToken=y" which lets sandboxed processes retain their original unrestricted token +-- This option is comparable with "OpenToken=y" and is intended only for testing and debugging, it BREAKS most SECURITY guarantees (!) +- added debug option "NoSandboxieDesktop=y" it disables the desktop proxy mechanism +-- Note: without an unrestricted token with this option applications won't be able to start +- added debug option "NoSysCallHooks=y" it disables the sys call processing by the driver +-- Note: without an unrestricted token with this option applications won't be able to start +- added ability to record verbose access traces to the Resource Monitor +-- use ini options "FileTrace=*", "PipeTrace=*", "KeyTrace=*", "IpcTrace=*", "GuiTrace=*" to record all events +-- replace "*" to log only: "A" - allowed, "D" - denied, or "I" - ignore events +- added ability to record debug output strings to the Resource Monitor +-- use ini option DebugTrace=y to enable + +### Changed +- AppUserModelID sting no longer contains Sandboxie version string +- now by default Sbie's application manifest hack is disabled, as it causes problems with version checking on Windows 10 +-- to enable old behaviour add "PreferExternalManifest=y" to the global or the box specific ini section +- the resource log mechanism can now handle multiple strings to reduce on string copy operations + +### Fixed +- fixed issue with disabling some restriction settings failed +- fixed disabling of internet block from the presets menu sometimes failed +- the software compatibility list in the SandMan UI now shows the proper template names +- fixed use of freed memory in the driver +- replaced swprintf with snwprintf to prevent potential buffer overflow in SbieDll.dll +- fixed bad list performance with resource log and API log in SandMan UI + + + +## [0.4.4 / 5.44.0] - 2020-11-03 + +### Added +- added SbieLdr (experimental) + +### Changed +- moved code injection mechanism from SbieSvc to SbieDll +- moved function hooking mechanism from SbieDrv to SbieDll +- introduced a new driverless method to resolve wow64 ntdll base address + +### removed +- removed support for Windows Vista x64 + + + +## [0.4.3 / 5.43.7] - 2020-11-03 + +### Added +- added disable forced programs menu command to the SandMan UI + +### Fixed +- fixed file rename bug introduced with an earlier Driver Verifier fix [#174](https://github.com/sandboxie-plus/Sandboxie/issues/174) [#153](https://github.com/sandboxie-plus/Sandboxie/issues/153) +- fixed issue saving access lists +- fixed issue with program groups parsing in the SandMan UI +- fixed issue with internet access restriction options [#177](https://github.com/sandboxie-plus/Sandboxie/issues/177) [#185](https://github.com/sandboxie-plus/Sandboxie/issues/185) +- fixed issue deleting sandbox when located on a drive directly [#139](https://github.com/sandboxie-plus/Sandboxie/issues/139) + + + +## [0.4.2 / 5.43.6] - 2020-10-10 + +### Added +- added explore box content menu option + +### Fixed +- fixed thread handle leak in SbieSvc and other components [#144](https://github.com/sandboxie-plus/Sandboxie/issues/144) +- msedge.exe is now categorized as a Chromium derivate +- fixed Chrome 86+ compatibility bug with Chrome's own sandbox [#149](https://github.com/sandboxie-plus/Sandboxie/issues/149) + + + +## [0.4.1 / 5.43.5] - 2020-09-12 + +### Added +- added core version compatibility check to SandMan UI +- added shell integration options to SbiePlus + +### Changed +- SbieCtrl does not longer auto show the tutorial on first start +- when hooking to the trampoline, the migrated section of the original function is no longer noped out +-- it caused issues with unity games, will be investigated and re-enabled later + +### Fixed +- fixed colour issue with vertical tabs in dark mode +- fixed wrong path separators when adding new forced folders +- fixed directory listing bug introduced in 5.43 +- fixed issues with settings window when not being connected to driver +- fixed issue when starting SandMan UI as admin +- fixed auto content delete not working with SandMan UI + + + +## [0.4.0 / 5.43] - 2020-09-05 + +### Added +- added a proper custom installer to the Plus release +- added sandbox snapshot functionality to Sbie core +-- filesystem is saved incrementally, the snapshots built upon each other +-- each snapshot gets a full copy of the box registry for now +-- each snapshot can have multiple children snapshots +- added access status to Resource Monitor +- added setting to change border width [#113](https://github.com/sandboxie-plus/Sandboxie/issues/113) +- added snapshot manager UI to SandMan +- added template to enable authentication with an Yubikey or comparable 2FA device +- added UI for program alert +- added software compatibility options to the UI + +### Changed +- SandMan UI now handles deletion of sandbox content on its own +- no longer adding redundant resource accesses as new events + +### Fixed +- fixed issues when hooking functions from delay loaded libraries +- fixed issues when hooking an already hooked function +- fixed issues with the new box settings editor + +### Removed +- removes deprecated workaround in the hooking mechanism for an obsolete anti-malware product + + + +## [0.3.5 / 5.42.1] - 2020-07-19 + +### Added +- added settings window +- added translation support +- added dark theme +- added auto start option +- added sandbox options +- added debug option "NoAddProcessToJob=y" + +### Changed +- improved empty sandbox tray icon +- improved message parsing +- updated homepage links + +### Fixed +- fixed ini issue with SandMan.exe when renaming sandboxes +- fixed ini auto reload bug introduced in the last build +- fixed issue when hooking delayed loaded libraries + + + +## [0.3 / 5.42] - 2020-07-04 + +### Added +- API_QUERY_PROCESS_INFO can be now used to get the original process token of sandboxed processes +-- Note: this capability is used by TaskExplorer to allow inspecting sandbox internal tokens +- added option "KeepTokenIntegrity=y" to make the Sbie token keep its initial integrity level (debug option) +-- Note: Do NOT USE Debug Options if you don't know their security implications (!) +- added process id to log messages very useful for debugging +- added finder to resource log +- added option to hide host processes "HideHostProcess=[name]" +-- Note: Sbie hides by default processes from other boxes, this behaviour can now be controlled with "HideOtherBoxes=n" +- Sandboxed RpcSs and DcomLaunch can now be run as system with the option "ProtectRpcSs=y" however this breaks sandboxed explorer and other +- Built In Clsid whitelist can now be disabled with "OpenDefaultClsid=n" +- Processes can be now terminated with the del key, and require a confirmation +- added sandboxed window border display to SandMan.exe +- added notification for Sbie log messages +- added Sandbox Presets sub menu allowing to quickly change some settings +-- Enable/Disable API logging, logapi_dll's are now distributed with SbiePlus +-- And other: Drop admin rights; Block/Allow internet access; Block/Allow access to files on the network +- added more info to the sandbox status column +- added path column to SbieModel +- added info tooltips in SbieView + +### Changed +- reworked ApiLog, added PID and PID filter +- auto config reload on in change is now delayed by 500ms to not reload multiple times on incremental changes +- Sandbox names now replace "_" with " " for display allowing to use names that are made of separated words + +### Fixed +- added missing PreferExternalManifest initialization to portable mode +- FIXED SECURITY ISSUE: fixed permission issues with sandboxed system processes +-- Note: you can use "ExposeBoxedSystem=y" for the old behaviour (debug option) +- FIXED SECURITY ISSUE: fixed missing SCM access check for sandboxed services (thanks Diversenok) +-- Note: to disable the access check use "UnrestrictedSCM=y" (debug option) +- fixed missing initialization in service server that caused sandboxed programs to crash when querying service status +- fixed many bugs that caused the SbieDrv.sys to BSOD when running with Driver Verifier enabled [#57](https://github.com/sandboxie-plus/Sandboxie/issues/57) +-- 0xF6 in GetThreadTokenOwnerPid and File_Api_Rename +-- missing non optional parameter for FltGetFileNameInformation in File_PreOperation +-- 0xE3 in Key_StoreValue and Key_PreDataInject + + + +## [0.2.2 / 5.41.2] - 2020-06-19 + +### Added +- added option SeparateUserFolders=n to no longer have the user profile files stored separately in the sandbox +- added SandboxieLogon=y it makes processes run under the SID of the "Sandboxie" user instead of the Anonymous user +-- Note: the global option AllowSandboxieLogon=y must be enabled, the "Sandboxie" user account must be manually created first and the driver reloaded, else process start will fail +- improved debugging around process creation errors in the driver + +### Fixed +- fixed some log messages going lost after driver reload +- found a workable fix for the MSI installer issue, see Proc_CreateProcessInternalW_RS5 + + + +## [0.2.1 / 5.41.1] - 2020-06-18 + +### Added +- added different sandbox icons for different types +-- Red LogAPI/BSA enabled +-- more to come :D +- added progress window for async operations that take time +- added DPI awareness [#56](https://github.com/sandboxie-plus/Sandboxie/issues/56) +- the driver file is now obfuscated to avoid false positives +- additional debug options to Sandboxie.ini OpenToken=y that combines UnrestrictedToken=y and UnfilteredToken=y +-- Note: using these options weakens the sandboxing, they are intended for debugging and may be used for better application virtualization later + +### Changed +- SbieDll.dll when processing InjectDll now looks in the SbieHome folder for the DLLs if the entered path starts with a backslash +-- i.e. "InjectDll=\LogAPI\i386\logapi32v.dll" or "InjectDll64=\LogAPI\amd64\logapi64v.dll" + +### Fixed +- IniWatcher did not work in portable mode +- service path fix broke other services, now properly fixed, maybe +- found workaround for the MSI installer issue + + + +## [0.2 / 5.41.0] - 2020-06-08 + +### Added +- IniWatcher, no more clicking reload, the ini is now reloaded automatically every time it changes +- added Maintenance menu to the Sandbox menu, allowing to install/uninstall and start/stop Sandboxie driver, service +- SandMan.exe now is packed with Sbie files and when no Sbie is installed acts as a portable installation +- added option to clean up logs + +### Changed +- Sbie driver now first checks the home path for the Sbie ini before checking SystemRoot + +### Fixed +- FIXED SECURITY ISSUE: sandboxed processes could obtain a write handle on non sandboxed processes (thanks Diversenok) +-- this allowed to inject code in non sandboxed processes +- fixed issue boxed services not starting when the path contained a space +- NtQueryInformationProcess now returns the proper sandboxed path for sandboxed processes + + + +## [0.1 / 5.40.2] - 2020-06-01 + +### Added +- created a new Qt based UI names SandMan (Sandboxie Manager) +- Resource Monitor now shows the PID +- added basic API call log using updated BSA LogApiDll + + +### Changed +- reworked Resource Monitor to work with multiple event consumers +- reworked log to work with multiple event consumers + + + +## [5.40.1] - 2020-04-10 + +### Added +- "Other" type for the Resource Access Monitor +-- added call to StartService to the logged Resources + +### Fixed +- fixed "Windows Installer Service could not be accessed" that got introduced with Windows 1903 + diff --git a/Sandboxie/core/dll/dllmain.c b/Sandboxie/core/dll/dllmain.c index ac4e5e85..3f4ff1c0 100644 --- a/Sandboxie/core/dll/dllmain.c +++ b/Sandboxie/core/dll/dllmain.c @@ -1,811 +1,811 @@ -/* - * Copyright 2004-2020 Sandboxie Holdings, LLC - * Copyright 2020-2021 David Xanatos, xanasoft.com - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -//--------------------------------------------------------------------------- -// Sandboxie DLL -//--------------------------------------------------------------------------- - - -#include "dll.h" -#include "obj.h" -#include "trace.h" -#include "debug.h" -#include "core/low/lowdata.h" -#include "common/my_version.h" - - -//--------------------------------------------------------------------------- -// Functions -//--------------------------------------------------------------------------- - -static void Dll_InitGeneric(HINSTANCE hInstance); - -static void Dll_InitInjected(void); - -static void Dll_SelectImageType(void); - -void Ldr_Inject_Init(BOOLEAN bHostInject); - -//--------------------------------------------------------------------------- -// Variables -//--------------------------------------------------------------------------- - - -const ULONG tzuk = 'xobs'; - -HINSTANCE Dll_Instance = NULL; -HMODULE Dll_Ntdll = NULL; -HMODULE Dll_Kernel32 = NULL; -HMODULE Dll_KernelBase = NULL; -HMODULE Dll_DigitalGuardian = NULL; - -const WCHAR *Dll_BoxName = NULL; -const WCHAR *Dll_ImageName = NULL; -const WCHAR *Dll_SidString = NULL; - -const WCHAR *Dll_BoxFilePath = NULL; -const WCHAR *Dll_BoxKeyPath = NULL; -const WCHAR *Dll_BoxIpcPath = NULL; - -ULONG Dll_BoxFilePathLen = 0; -ULONG Dll_BoxKeyPathLen = 0; -ULONG Dll_BoxIpcPathLen = 0; -ULONG Dll_SidStringLen = 0; - -ULONG Dll_ProcessId = 0; -ULONG Dll_SessionId = 0; - -ULONG64 Dll_ProcessFlags = 0; - -BOOLEAN Dll_IsWow64 = FALSE; -BOOLEAN Dll_IsSystemSid = FALSE; -BOOLEAN Dll_InitComplete = FALSE; -BOOLEAN Dll_RestrictedToken = FALSE; -BOOLEAN Dll_ChromeSandbox = FALSE; -BOOLEAN Dll_FirstProcessInBox = FALSE; - -ULONG Dll_ImageType = DLL_IMAGE_UNSPECIFIED; - -ULONG Dll_OsBuild = 0; // initialized by Key module -ULONG Dll_Windows = 0; - -#ifdef _WIN64 -CRITICAL_SECTION VT_CriticalSection; -#endif - -const UCHAR *SbieDll_Version = MY_VERSION_COMPAT; - -BOOLEAN Dll_SbieTrace = FALSE; - -//extern ULONG64 __security_cookie = 0; - - -//--------------------------------------------------------------------------- - - -static WCHAR *Dll_BoxNameSpace; -static WCHAR *Dll_ImageNameSpace; -static WCHAR *Dll_SidStringSpace; - - -//--------------------------------------------------------------------------- - - -const WCHAR *DllName_advapi32 = L"advapi32.dll"; -const WCHAR *DllName_combase = L"combase.dll"; -const WCHAR *DllName_kernel32 = L"kernel32.dll"; -const WCHAR *DllName_kernelbase = L"kernelbase.dll"; -const WCHAR *DllName_ole32 = L"ole32.dll"; -const WCHAR *DllName_oleaut32 = L"oleaut32.dll"; -const WCHAR *DllName_user32 = L"user32.dll"; -const WCHAR *DllName_rpcrt4 = L"rpcrt4.dll"; -const WCHAR *DllName_winnsi = L"winnsi.dll"; -const WCHAR *DllName_shell32 = L"shell32.dll"; -const WCHAR *DllName_sechost = L"sechost.dll"; -const WCHAR *DllName_gdi32 = L"gdi32.dll"; -const WCHAR *DllName_secur32 = L"secur32.dll"; -const WCHAR *DllName_sspicli = L"sspicli.dll"; -const WCHAR *DllName_mscoree = L"mscoree.dll"; -const WCHAR *DllName_ntmarta = L"ntmarta.dll"; - - -//--------------------------------------------------------------------------- -// DllMain -//--------------------------------------------------------------------------- - - -_FX BOOL WINAPI DllMain( - HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved) -{ - if (dwReason == DLL_THREAD_ATTACH) { - - if (Dll_BoxName) { - Dll_FixWow64Syscall(); - Gui_ConnectToWindowStationAndDesktop(NULL); - } - - } else if (dwReason == DLL_THREAD_DETACH) { - - Dll_FreeTlsData(); - - } else if (dwReason == DLL_PROCESS_ATTACH) { -#ifdef _WIN64 - InitializeCriticalSection(&VT_CriticalSection); - Dll_DigitalGuardian = GetModuleHandleA("DgApi64.dll"); -#else - Dll_DigitalGuardian = GetModuleHandleA("DgApi.dll"); -#endif - if (GetProcAddress(GetModuleHandleA("ntdll.dll"), "LdrFastFailInLoaderCallout")) { - Dll_Windows = 10; - } - else { - Dll_Windows = 8; - } - Dll_InitGeneric(hInstance); - - } else if (dwReason == DLL_PROCESS_DETACH) { - - if (Dll_InitComplete && Dll_BoxName) { - - File_DoAutoRecover(TRUE); - Gui_ResetClipCursor(); - } - } - - return TRUE; -} - - -//--------------------------------------------------------------------------- -// Dll_InitGeneric -//--------------------------------------------------------------------------- - - -_FX void Dll_InitGeneric(HINSTANCE hInstance) -{ - // - // Dll_InitGeneric initializes SbieDll in a general way, suitable - // for a program which may or may not be in the sandbox - // - - Dll_Instance = hInstance; - - Dll_Ntdll = GetModuleHandle(L"ntdll.dll"); - Dll_Kernel32 = GetModuleHandle(DllName_kernel32); - Dll_KernelBase = GetModuleHandle(DllName_kernelbase); - - extern void InitMyNtDll(HMODULE Ntdll); - InitMyNtDll(Dll_Ntdll); - - extern FARPROC __sys_GetModuleInformation; - __sys_GetModuleInformation = GetProcAddress(LoadLibraryW(L"psapi.dll"), "GetModuleInformation"); - - if (! Dll_InitMem()) { - SbieApi_Log(2305, NULL); - ExitProcess(-1); - } -} - - -//--------------------------------------------------------------------------- -// Dll_InitInjected -//--------------------------------------------------------------------------- - - -_FX void Dll_InitInjected(void) -{ - // - // Dll_InitInjected is executed by Dll_Ordinal1 in the context - // of a program that is running in the sandbox - // - - LONG status; - BOOLEAN ok; - ULONG BoxFilePathLen; - ULONG BoxKeyPathLen; - ULONG BoxIpcPathLen; - - Dll_SbieTrace = SbieApi_QueryConfBool(NULL, L"SbieTrace", FALSE); - - if (SbieApi_QueryConfBool(NULL, L"DebugTrace", FALSE)) { - - Trace_Init(); - - OutputDebugString(L"SbieDll injected..."); - } - - // - // confirm the process is sandboxed before going further - // - - Dll_BoxNameSpace = Dll_Alloc( 64 * sizeof(WCHAR)); - memzero(Dll_BoxNameSpace, 64 * sizeof(WCHAR)); - - Dll_ImageNameSpace = Dll_Alloc(256 * sizeof(WCHAR)); - memzero(Dll_ImageNameSpace, 256 * sizeof(WCHAR)); - - Dll_SidStringSpace = Dll_Alloc( 96 * sizeof(WCHAR)); - memzero(Dll_SidStringSpace, 96 * sizeof(WCHAR)); - - Dll_ProcessId = (ULONG)(ULONG_PTR)GetCurrentProcessId(); - - status = SbieApi_QueryProcessEx2( // sets proc->sbiedll_loaded = TRUE; in the driver - (HANDLE)(ULONG_PTR)Dll_ProcessId, 255, - Dll_BoxNameSpace, Dll_ImageNameSpace, Dll_SidStringSpace, - &Dll_SessionId, NULL); - - if (status != 0) { - SbieApi_Log(2304, Dll_ImageName); - ExitProcess(-1); - } - - Dll_BoxName = (const WCHAR *)Dll_BoxNameSpace; - Dll_ImageName = (const WCHAR *)Dll_ImageNameSpace; - Dll_SidString = (const WCHAR *)Dll_SidStringSpace; - - Dll_SidStringLen = wcslen(Dll_SidString); - - // - // get process type and flags - // - - Dll_ProcessFlags = SbieApi_QueryProcessInfo(0, 0); - - Dll_SelectImageType(); - - // - // query the box paths - // - - BoxFilePathLen = 0; - BoxKeyPathLen = 0; - BoxIpcPathLen = 0; - - status = SbieApi_QueryBoxPath( - NULL, NULL, NULL, NULL, - &BoxFilePathLen, &BoxKeyPathLen, &BoxIpcPathLen); - if (status != 0) { - SbieApi_Log(2304, Dll_ImageName); - ExitProcess(-1); - } - - Dll_BoxFilePath = Dll_Alloc(BoxFilePathLen); - Dll_BoxKeyPath = Dll_Alloc(BoxKeyPathLen); - Dll_BoxIpcPath = Dll_Alloc(BoxIpcPathLen); - - status = SbieApi_QueryBoxPath( - NULL, - (WCHAR *)Dll_BoxFilePath, - (WCHAR *)Dll_BoxKeyPath, - (WCHAR *)Dll_BoxIpcPath, - &BoxFilePathLen, &BoxKeyPathLen, &BoxIpcPathLen); - if (status != 0) { - SbieApi_Log(2304, Dll_ImageName); - ExitProcess(-1); - } - - Dll_BoxFilePathLen = wcslen(Dll_BoxFilePath); - Dll_BoxKeyPathLen = wcslen(Dll_BoxKeyPath); - Dll_BoxIpcPathLen = wcslen(Dll_BoxIpcPath); - - // - // check if process SID is LocalSystem - // - - Dll_IsSystemSid = Secure_IsLocalSystemToken(FALSE); - - // - // create a security descriptor granting access to everyone - // - - Secure_InitSecurityDescriptors(); - - // - // initialize sandboxed process, first the basic NTDLL hooks - // - - ok = Dll_InitPathList(); - - if (ok) - Dll_FixWow64Syscall(); - - if (ok) - ok = File_InitHandles(); - - if (ok) - ok = Obj_Init(); - - if (ok) { - - // - // check if we are the first process in the sandbox - // (for AutoExec function in custom module) - // - - ULONG pid_count = 0; - if (NT_SUCCESS(SbieApi_EnumProcessEx(NULL,FALSE,-1,NULL,&pid_count)) && pid_count == 1) - Dll_FirstProcessInBox = TRUE; - - WCHAR str[32]; - if (NT_SUCCESS(SbieApi_QueryConfAsIs(NULL, L"ProcessLimit", 0, str, sizeof(str) - sizeof(WCHAR)))) { - ULONG num = _wtoi(str); - if (num > 0) { - if (num < pid_count) - ExitProcess(-1); - if ((num * 8 / 10) < pid_count) - Sleep(3000); - } - } - } - - if (ok) { - - // - // Key should be initialized first, to prevent key requests - // with MAXIMUM_ALLOWED access from failing - // - - ok = Key_Init(); - - // - // on Windows 8.1, we may get some crashes errors while Chrome - // is shutting down, so just quit any WerFault.exe process - // - - //if (ok && Dll_OsBuild >= 9600 && - // _wcsicmp(Dll_ImageName, L"WerFault.exe") == 0) { - - // ExitProcess(0); - //} - } - - if (ok) - ok = File_Init(); - - if (ok) - ok = Ipc_Init(); - - if (ok) - ok = Secure_Init(); - - if (ok) - ok = SysInfo_Init(); - - if (ok) - ok = Sxs_InitKernel32(); - - if (ok) - ok = Proc_Init(); - - if (ok) - ok = Gui_InitConsole1(); - - if (ok) - ok = Ldr_Init(); // last to initialize - - // - // finish - // - -#ifdef WITH_DEBUG - if (ok && (! Debug_Init())) ok = FALSE; -#endif WITH_DEBUG - - if (! ok) { - SbieApi_Log(2304, Dll_ImageName); - ExitProcess(-1); - } - - Dll_InitComplete = TRUE; - - if (! Dll_RestrictedToken) - CustomizeSandbox(); - - /*while (! IsDebuggerPresent()) { - OutputDebugString(L"BREAK\n"); - Sleep(500); - } - __debugbreak();*/ - - /*if (_wcsicmp(Dll_ImageName, L"iexplore.exe") == 0) { - WCHAR *cmd = GetCommandLine(); - if (wcsstr(cmd, L"SCODEF")) { - - while (! IsDebuggerPresent()) { - OutputDebugString(L"BREAK\n"); - Sleep(500); - } - __debugbreak(); - } - }*/ - - /*if (_wcsicmp(Dll_ImageName, L"dllhost.exe") == 0) { - while (! IsDebuggerPresent()) { - OutputDebugString(L"BREAK\n"); - Sleep(500); - } - __debugbreak(); - }*/ -} - - -//--------------------------------------------------------------------------- -// Dll_InitExeEntry -//--------------------------------------------------------------------------- - - -_FX void Dll_InitExeEntry(void) -{ - // - // Dll_InitInjected is executed by Ldr_Inject_Entry after NTDLL has - // finished initializing the process (loading static import DLLs, etc) - // - - // - // on Windows 8, we can't load advapi32.dll during Scm_SecHostDll - // - // - - Scm_SecHostDll_W8(); - - // - // hook DefWindowProc on Windows 7, after USER32 has been initialized - // - - Gui_InitWindows7(); - - // - // hook the console window, if applicable - // - - Gui_InitConsole2(); - - // - // if we are SplWow64, register our pid with SbieSvc GUI Proxy - // - - Gdi_SplWow64(TRUE); - - // - // check if running as a forced COM server process - // note: it does not return if this is the case - // - - Custom_ComServer(); - - // - // force load of UxTheme in a Google Chrome sandbox process - // - - // Note: this does not seem to be needed anymore for modern Chrome builds, also it breaks Vivaldi browser - - //Custom_Load_UxTheme(); - - UserEnv_InitVer(Dll_OsBuild >= 7600 ? Dll_KernelBase : Dll_Kernel32); // in KernelBase since Win 7 - - // - // Windows 8.1: hook UserEnv-related entrypoint in KernelBase - // - - if (Dll_OsBuild >= 9600) - UserEnv_Init(Dll_KernelBase); - - // - // start SandboxieRpcSs - // - - SbieDll_StartCOM(TRUE); -} - - -//--------------------------------------------------------------------------- -// Dll_GetImageType -//--------------------------------------------------------------------------- - - -_FX ULONG Dll_GetImageType(const WCHAR *ImageName) -{ - ULONG ImageType = DLL_IMAGE_UNSPECIFIED; - - // - // check for custom configured special images - // - - ULONG index; - NTSTATUS status; - WCHAR wbuf[96]; - WCHAR* buf = wbuf; - - for (index = 0; ; ++index) { - status = SbieApi_QueryConfAsIs( - NULL, L"SpecialImage", index, buf, 90 * sizeof(WCHAR)); - if (!NT_SUCCESS(status)) - break; - - WCHAR* ptr = wcschr(buf, L','); - if (!ptr) continue; - - *ptr++ = L'\0'; - - if (_wcsicmp(ImageName, ptr) == 0) { - - if (_wcsicmp(L"chrome", buf) == 0) - ImageType = DLL_IMAGE_GOOGLE_CHROME; - else if (_wcsicmp(L"firefox", buf) == 0) - ImageType = DLL_IMAGE_MOZILLA_FIREFOX; - else if (_wcsicmp(L"thunderbird", buf) == 0) - ImageType = DLL_IMAGE_MOZILLA_THUNDERBIRD; - else if (_wcsicmp(L"browser", buf) == 0) - ImageType = DLL_IMAGE_OTHER_WEB_BROWSER; - else if (_wcsicmp(L"mail", buf) == 0) - ImageType = DLL_IMAGE_OTHER_MAIL_CLIENT; - else - ImageType = DLL_IMAGE_LAST; // invalid type set place holder such that we keep this image uncustomized - - break; - } - } - - // - // keep image names in sync with enum at top of dll.h - // - - static const WCHAR *_ImageNames[] = { - - SANDBOXIE L"RpcSs.exe", (WCHAR *)DLL_IMAGE_SANDBOXIE_RPCSS, - SANDBOXIE L"DcomLaunch.exe",(WCHAR *)DLL_IMAGE_SANDBOXIE_DCOMLAUNCH, - SANDBOXIE L"Crypto.exe", (WCHAR *)DLL_IMAGE_SANDBOXIE_CRYPTO, - SANDBOXIE L"WUAU.exe", (WCHAR *)DLL_IMAGE_SANDBOXIE_WUAU, - SANDBOXIE L"BITS.exe", (WCHAR *)DLL_IMAGE_SANDBOXIE_BITS, - SBIESVC_EXE, (WCHAR *)DLL_IMAGE_SANDBOXIE_SBIESVC, - - L"msiexec.exe", (WCHAR *)DLL_IMAGE_MSI_INSTALLER, - L"TrustedInstaller.exe", (WCHAR *)DLL_IMAGE_TRUSTED_INSTALLER, - L"TiWorker.exe", (WCHAR *)DLL_IMAGE_TRUSTED_INSTALLER, - L"wuauclt.exe", (WCHAR *)DLL_IMAGE_WUAUCLT, - L"explorer.exe", (WCHAR *)DLL_IMAGE_SHELL_EXPLORER, - L"rundll32.exe", (WCHAR *)DLL_IMAGE_RUNDLL32, - L"dllhost.exe", (WCHAR *)DLL_IMAGE_DLLHOST, - L"ServiceModelReg.exe", (WCHAR *)DLL_IMAGE_SERVICE_MODEL_REG, - - L"iexplore.exe", (WCHAR *)DLL_IMAGE_INTERNET_EXPLORER, - - L"wmplayer.exe", (WCHAR *)DLL_IMAGE_WINDOWS_MEDIA_PLAYER, - L"winamp.exe", (WCHAR *)DLL_IMAGE_NULLSOFT_WINAMP, - L"kmplayer.exe", (WCHAR *)DLL_IMAGE_PANDORA_KMPLAYER, - L"wlmail.exe", (WCHAR *)DLL_IMAGE_WINDOWS_LIVE_MAIL, - L"wisptis.exe", (WCHAR *)DLL_IMAGE_WISPTIS, - - L"GoogleUpdate.exe", (WCHAR *)DLL_IMAGE_GOOGLE_UPDATE, - - L"AcroRd32.exe", (WCHAR *)DLL_IMAGE_ACROBAT_READER, - L"Acrobat.exe", (WCHAR *)DLL_IMAGE_ACROBAT_READER, - L"plugin-container.exe", (WCHAR *)DLL_IMAGE_PLUGIN_CONTAINER, - L"Outlook.exe", (WCHAR *)DLL_IMAGE_OFFICE_OUTLOOK, - L"Excel.exe", (WCHAR *)DLL_IMAGE_OFFICE_EXCEL, - - NULL, NULL - }; - - if (ImageType == DLL_IMAGE_UNSPECIFIED) { - - for (int i = 0; _ImageNames[i]; i += 2) { - if (_wcsicmp(ImageName, _ImageNames[i]) == 0) { - ImageType = (ULONG)(ULONG_PTR)_ImageNames[i + 1]; - break; - } - } - } - - return ImageType; -} - -//--------------------------------------------------------------------------- -// Dll_SelectImageType -//--------------------------------------------------------------------------- - - -_FX void Dll_SelectImageType(void) -{ - Dll_ImageType = Dll_GetImageType(Dll_ImageName); - - if (Dll_ImageType == DLL_IMAGE_UNSPECIFIED && - _wcsnicmp(Dll_ImageName, L"FlashPlayerPlugin_", 18) == 0) - Dll_ImageType = DLL_IMAGE_FLASH_PLAYER_SANDBOX; - - if (Dll_ImageType == DLL_IMAGE_DLLHOST) { - - const WCHAR *CmdLine = GetCommandLine(); - if (CmdLine) { - if (wcsstr(CmdLine, L"{3EB3C877-1F16-487C-9050-104DBCD66683}")) - Dll_ImageType = DLL_IMAGE_DLLHOST_WININET_CACHE; - } - } - - // - // issue a warning for some known programs - // - - if (Dll_ImageType == DLL_IMAGE_UNSPECIFIED && ( - _wcsicmp(Dll_ImageName, L"SchTasks.exe") == 0 - || _wcsicmp(Dll_ImageName, L"cvh.exe") == 0 // Office 2010 virt - || 0)) { - - SbieApi_Log(2205, Dll_ImageName); - } - - if (Dll_ImageType == DLL_IMAGE_LAST) - Dll_ImageType = DLL_IMAGE_UNSPECIFIED; - - SbieApi_QueryProcessInfoEx(0, 'spit', Dll_ImageType); - - // - // we have some special cases for programs running under a restricted - // token, such as a Chromium sandbox processes, or Microsoft Office 2010 - // programs running as embedded previewers within Outlook - // - - Dll_RestrictedToken = Secure_IsRestrictedToken(FALSE); - - if (Dll_RestrictedToken) { - - if (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME || - Dll_ImageType == DLL_IMAGE_ACROBAT_READER || - Dll_ImageType == DLL_IMAGE_FLASH_PLAYER_SANDBOX) { - - Dll_ChromeSandbox = TRUE; - } - } - - Dll_SkipHook(NULL); -} - - -//--------------------------------------------------------------------------- -// Dll_Ordinal1 -//--------------------------------------------------------------------------- - - -_FX ULONG_PTR Dll_Ordinal1( - ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3, - ULONG_PTR arg4, ULONG_PTR arg5) -{ - struct _INJECT_DATA { // keep in sync with core/low/inject.c - - ULONG64 sbielow_data; // syscall_data_len & extra_data_offset; - ULONG64 RtlFindActCtx_SavedArg1; // LdrLoadDll - - ULONG64 LdrGetProcAddr; - ULONG64 NtRaiseHardError; - ULONG64 RtlFindActCtx; - ULONG RtlFindActCtx_Protect; - - UCHAR Reserved[188]; // the rest of _INJECT_DATA - - } *inject; // total size 232 - - typedef ULONG_PTR (*P_RtlFindActivationContextSectionString)( - ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3, - ULONG_PTR arg4, ULONG_PTR arg5); - P_RtlFindActivationContextSectionString RtlFindActCtx; - - SBIELOW_DATA *data; - ULONG dummy_prot; - BOOLEAN bHostInject = FALSE; - - extern HANDLE SbieApi_DeviceHandle; - - // - // this code is invoked from our RtlFindActivationContextSectionString - // hook in core/low/entry.asm, with a parameter that points to the - // syscall/inject data area. the first ULONG64 in this data area - // includes a pointer to the SbieLow data area - // - - inject = (struct _INJECT_DATA *)arg1; - - data = (SBIELOW_DATA *)inject->sbielow_data; - - bHostInject = data->flags.bHostInject == 1; - - // - // the SbieLow data area includes values that are useful to us - // - - Dll_IsWow64 = data->flags.is_wow64 == 1; - - SbieApi_DeviceHandle = (HANDLE)data->api_device_handle; - - // - // our RtlFindActivationContextSectionString hook already restored - // the original bytes, but we should still restore the page protection - // - - VirtualProtect((void *)(ULONG_PTR)inject->RtlFindActCtx, 5, - inject->RtlFindActCtx_Protect, &dummy_prot); - - arg1 = (ULONG_PTR)inject->RtlFindActCtx_SavedArg1; - - RtlFindActCtx = (P_RtlFindActivationContextSectionString) - inject->RtlFindActCtx; - - // - // free the syscall/inject data area which is no longer needed - // - - VirtualFree(inject, 0, MEM_RELEASE); - - if (!bHostInject) - { - // - // SbieDll was already partially initialized in Dll_InitGeneric, - // complete the initialization for a sandboxed process - // - HANDLE heventProcessStart = 0; - - Dll_InitInjected(); - - if (Dll_ImageType != DLL_IMAGE_SANDBOXIE_RPCSS) { - heventProcessStart = CreateEvent(0, FALSE, FALSE, SESSION_PROCESS); - if (heventProcessStart) { - SetEvent(heventProcessStart); - CloseHandle(heventProcessStart); - } - } - - // - // workaround for Program Compatibility Assistant (PCA), we have - // to start a second instance of this process outside the PCA job, - // see also Proc_RestartProcessOutOfPcaJob - // - - int MustRestartProcess = 0; - if(Dll_ProcessFlags & SBIE_FLAG_PROCESS_IN_PCA_JOB) - MustRestartProcess = 1; - - else if (Dll_ProcessFlags & SBIE_FLAG_FORCED_PROCESS) { - if (SbieApi_QueryConfBool(NULL, L"ForceRestartAll", FALSE) - || SbieDll_CheckStringInList(Dll_ImageName, NULL, L"ForceRestart")) - MustRestartProcess = 2; - } - - if (MustRestartProcess) { - - WCHAR text[128]; - Sbie_snwprintf(text, 128, L"Cleanly restarting forced process, reason %d", MustRestartProcess); - SbieApi_MonitorPut(MONITOR_OTHER, text); - - extern void Proc_RestartProcessOutOfPcaJob(void); - Proc_RestartProcessOutOfPcaJob(); - // does not return - } - } - else - { - Ldr_Inject_Init(bHostInject); - } - - // - // conclude the detour by passing control back to the original - // RtlFindActivationContextSectionString. the detour code used - // jump rather than call to invoke this function (see entry.asm) - // so RtlFindActivationContextSectionString returns to its caller - // - - return RtlFindActCtx(arg1, arg2, arg3, arg4, arg5); -} +/* + * Copyright 2004-2020 Sandboxie Holdings, LLC + * Copyright 2020-2021 David Xanatos, xanasoft.com + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +//--------------------------------------------------------------------------- +// Sandboxie DLL +//--------------------------------------------------------------------------- + + +#include "dll.h" +#include "obj.h" +#include "trace.h" +#include "debug.h" +#include "core/low/lowdata.h" +#include "common/my_version.h" + + +//--------------------------------------------------------------------------- +// Functions +//--------------------------------------------------------------------------- + +static void Dll_InitGeneric(HINSTANCE hInstance); + +static void Dll_InitInjected(void); + +static void Dll_SelectImageType(void); + +void Ldr_Inject_Init(BOOLEAN bHostInject); + +//--------------------------------------------------------------------------- +// Variables +//--------------------------------------------------------------------------- + + +const ULONG tzuk = 'xobs'; + +HINSTANCE Dll_Instance = NULL; +HMODULE Dll_Ntdll = NULL; +HMODULE Dll_Kernel32 = NULL; +HMODULE Dll_KernelBase = NULL; +HMODULE Dll_DigitalGuardian = NULL; + +const WCHAR *Dll_BoxName = NULL; +const WCHAR *Dll_ImageName = NULL; +const WCHAR *Dll_SidString = NULL; + +const WCHAR *Dll_BoxFilePath = NULL; +const WCHAR *Dll_BoxKeyPath = NULL; +const WCHAR *Dll_BoxIpcPath = NULL; + +ULONG Dll_BoxFilePathLen = 0; +ULONG Dll_BoxKeyPathLen = 0; +ULONG Dll_BoxIpcPathLen = 0; +ULONG Dll_SidStringLen = 0; + +ULONG Dll_ProcessId = 0; +ULONG Dll_SessionId = 0; + +ULONG64 Dll_ProcessFlags = 0; + +BOOLEAN Dll_IsWow64 = FALSE; +BOOLEAN Dll_IsSystemSid = FALSE; +BOOLEAN Dll_InitComplete = FALSE; +BOOLEAN Dll_RestrictedToken = FALSE; +BOOLEAN Dll_ChromeSandbox = FALSE; +BOOLEAN Dll_FirstProcessInBox = FALSE; + +ULONG Dll_ImageType = DLL_IMAGE_UNSPECIFIED; + +ULONG Dll_OsBuild = 0; // initialized by Key module +ULONG Dll_Windows = 0; + +#ifdef _WIN64 +CRITICAL_SECTION VT_CriticalSection; +#endif + +const UCHAR *SbieDll_Version = MY_VERSION_COMPAT; + +BOOLEAN Dll_SbieTrace = FALSE; + +//extern ULONG64 __security_cookie = 0; + + +//--------------------------------------------------------------------------- + + +static WCHAR *Dll_BoxNameSpace; +static WCHAR *Dll_ImageNameSpace; +static WCHAR *Dll_SidStringSpace; + + +//--------------------------------------------------------------------------- + + +const WCHAR *DllName_advapi32 = L"advapi32.dll"; +const WCHAR *DllName_combase = L"combase.dll"; +const WCHAR *DllName_kernel32 = L"kernel32.dll"; +const WCHAR *DllName_kernelbase = L"kernelbase.dll"; +const WCHAR *DllName_ole32 = L"ole32.dll"; +const WCHAR *DllName_oleaut32 = L"oleaut32.dll"; +const WCHAR *DllName_user32 = L"user32.dll"; +const WCHAR *DllName_rpcrt4 = L"rpcrt4.dll"; +const WCHAR *DllName_winnsi = L"winnsi.dll"; +const WCHAR *DllName_shell32 = L"shell32.dll"; +const WCHAR *DllName_sechost = L"sechost.dll"; +const WCHAR *DllName_gdi32 = L"gdi32.dll"; +const WCHAR *DllName_secur32 = L"secur32.dll"; +const WCHAR *DllName_sspicli = L"sspicli.dll"; +const WCHAR *DllName_mscoree = L"mscoree.dll"; +const WCHAR *DllName_ntmarta = L"ntmarta.dll"; + + +//--------------------------------------------------------------------------- +// DllMain +//--------------------------------------------------------------------------- + + +_FX BOOL WINAPI DllMain( + HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved) +{ + if (dwReason == DLL_THREAD_ATTACH) { + + if (Dll_BoxName) { + Dll_FixWow64Syscall(); + Gui_ConnectToWindowStationAndDesktop(NULL); + } + + } else if (dwReason == DLL_THREAD_DETACH) { + + Dll_FreeTlsData(); + + } else if (dwReason == DLL_PROCESS_ATTACH) { +#ifdef _WIN64 + InitializeCriticalSection(&VT_CriticalSection); + Dll_DigitalGuardian = GetModuleHandleA("DgApi64.dll"); +#else + Dll_DigitalGuardian = GetModuleHandleA("DgApi.dll"); +#endif + if (GetProcAddress(GetModuleHandleA("ntdll.dll"), "LdrFastFailInLoaderCallout")) { + Dll_Windows = 10; + } + else { + Dll_Windows = 8; + } + Dll_InitGeneric(hInstance); + + } else if (dwReason == DLL_PROCESS_DETACH) { + + if (Dll_InitComplete && Dll_BoxName) { + + File_DoAutoRecover(TRUE); + Gui_ResetClipCursor(); + } + } + + return TRUE; +} + + +//--------------------------------------------------------------------------- +// Dll_InitGeneric +//--------------------------------------------------------------------------- + + +_FX void Dll_InitGeneric(HINSTANCE hInstance) +{ + // + // Dll_InitGeneric initializes SbieDll in a general way, suitable + // for a program which may or may not be in the sandbox + // + + Dll_Instance = hInstance; + + Dll_Ntdll = GetModuleHandle(L"ntdll.dll"); + Dll_Kernel32 = GetModuleHandle(DllName_kernel32); + Dll_KernelBase = GetModuleHandle(DllName_kernelbase); + + extern void InitMyNtDll(HMODULE Ntdll); + InitMyNtDll(Dll_Ntdll); + + extern FARPROC __sys_GetModuleInformation; + __sys_GetModuleInformation = GetProcAddress(LoadLibraryW(L"psapi.dll"), "GetModuleInformation"); + + if (! Dll_InitMem()) { + SbieApi_Log(2305, NULL); + ExitProcess(-1); + } +} + + +//--------------------------------------------------------------------------- +// Dll_InitInjected +//--------------------------------------------------------------------------- + + +_FX void Dll_InitInjected(void) +{ + // + // Dll_InitInjected is executed by Dll_Ordinal1 in the context + // of a program that is running in the sandbox + // + + LONG status; + BOOLEAN ok; + ULONG BoxFilePathLen; + ULONG BoxKeyPathLen; + ULONG BoxIpcPathLen; + + Dll_SbieTrace = SbieApi_QueryConfBool(NULL, L"SbieTrace", FALSE); + + if (SbieApi_QueryConfBool(NULL, L"DebugTrace", FALSE)) { + + Trace_Init(); + + OutputDebugString(L"SbieDll injected..."); + } + + // + // confirm the process is sandboxed before going further + // + + Dll_BoxNameSpace = Dll_Alloc( 64 * sizeof(WCHAR)); + memzero(Dll_BoxNameSpace, 64 * sizeof(WCHAR)); + + Dll_ImageNameSpace = Dll_Alloc(256 * sizeof(WCHAR)); + memzero(Dll_ImageNameSpace, 256 * sizeof(WCHAR)); + + Dll_SidStringSpace = Dll_Alloc( 96 * sizeof(WCHAR)); + memzero(Dll_SidStringSpace, 96 * sizeof(WCHAR)); + + Dll_ProcessId = (ULONG)(ULONG_PTR)GetCurrentProcessId(); + + status = SbieApi_QueryProcessEx2( // sets proc->sbiedll_loaded = TRUE; in the driver + (HANDLE)(ULONG_PTR)Dll_ProcessId, 255, + Dll_BoxNameSpace, Dll_ImageNameSpace, Dll_SidStringSpace, + &Dll_SessionId, NULL); + + if (status != 0) { + SbieApi_Log(2304, Dll_ImageName); + ExitProcess(-1); + } + + Dll_BoxName = (const WCHAR *)Dll_BoxNameSpace; + Dll_ImageName = (const WCHAR *)Dll_ImageNameSpace; + Dll_SidString = (const WCHAR *)Dll_SidStringSpace; + + Dll_SidStringLen = wcslen(Dll_SidString); + + // + // get process type and flags + // + + Dll_ProcessFlags = SbieApi_QueryProcessInfo(0, 0); + + Dll_SelectImageType(); + + // + // query the box paths + // + + BoxFilePathLen = 0; + BoxKeyPathLen = 0; + BoxIpcPathLen = 0; + + status = SbieApi_QueryBoxPath( + NULL, NULL, NULL, NULL, + &BoxFilePathLen, &BoxKeyPathLen, &BoxIpcPathLen); + if (status != 0) { + SbieApi_Log(2304, Dll_ImageName); + ExitProcess(-1); + } + + Dll_BoxFilePath = Dll_Alloc(BoxFilePathLen); + Dll_BoxKeyPath = Dll_Alloc(BoxKeyPathLen); + Dll_BoxIpcPath = Dll_Alloc(BoxIpcPathLen); + + status = SbieApi_QueryBoxPath( + NULL, + (WCHAR *)Dll_BoxFilePath, + (WCHAR *)Dll_BoxKeyPath, + (WCHAR *)Dll_BoxIpcPath, + &BoxFilePathLen, &BoxKeyPathLen, &BoxIpcPathLen); + if (status != 0) { + SbieApi_Log(2304, Dll_ImageName); + ExitProcess(-1); + } + + Dll_BoxFilePathLen = wcslen(Dll_BoxFilePath); + Dll_BoxKeyPathLen = wcslen(Dll_BoxKeyPath); + Dll_BoxIpcPathLen = wcslen(Dll_BoxIpcPath); + + // + // check if process SID is LocalSystem + // + + Dll_IsSystemSid = Secure_IsLocalSystemToken(FALSE); + + // + // create a security descriptor granting access to everyone + // + + Secure_InitSecurityDescriptors(); + + // + // initialize sandboxed process, first the basic NTDLL hooks + // + + ok = Dll_InitPathList(); + + if (ok) + Dll_FixWow64Syscall(); + + if (ok) + ok = File_InitHandles(); + + if (ok) + ok = Obj_Init(); + + if (ok) { + + // + // check if we are the first process in the sandbox + // (for AutoExec function in custom module) + // + + ULONG pid_count = 0; + if (NT_SUCCESS(SbieApi_EnumProcessEx(NULL,FALSE,-1,NULL,&pid_count)) && pid_count == 1) + Dll_FirstProcessInBox = TRUE; + + WCHAR str[32]; + if (NT_SUCCESS(SbieApi_QueryConfAsIs(NULL, L"ProcessLimit", 0, str, sizeof(str) - sizeof(WCHAR)))) { + ULONG num = _wtoi(str); + if (num > 0) { + if (num < pid_count) + ExitProcess(-1); + if ((num * 8 / 10) < pid_count) + Sleep(3000); + } + } + } + + if (ok) { + + // + // Key should be initialized first, to prevent key requests + // with MAXIMUM_ALLOWED access from failing + // + + ok = Key_Init(); + + // + // on Windows 8.1, we may get some crashes errors while Chrome + // is shutting down, so just quit any WerFault.exe process + // + + //if (ok && Dll_OsBuild >= 9600 && + // _wcsicmp(Dll_ImageName, L"WerFault.exe") == 0) { + + // ExitProcess(0); + //} + } + + if (ok) + ok = File_Init(); + + if (ok) + ok = Ipc_Init(); + + if (ok) + ok = Secure_Init(); + + if (ok) + ok = SysInfo_Init(); + + if (ok) + ok = Sxs_InitKernel32(); + + if (ok) + ok = Proc_Init(); + + if (ok) + ok = Gui_InitConsole1(); + + if (ok) + ok = Ldr_Init(); // last to initialize + + // + // finish + // + +#ifdef WITH_DEBUG + if (ok && (! Debug_Init())) ok = FALSE; +#endif WITH_DEBUG + + if (! ok) { + SbieApi_Log(2304, Dll_ImageName); + ExitProcess(-1); + } + + Dll_InitComplete = TRUE; + + if (! Dll_RestrictedToken) + CustomizeSandbox(); + + /*while (! IsDebuggerPresent()) { + OutputDebugString(L"BREAK\n"); + Sleep(500); + } + __debugbreak();*/ + + /*if (_wcsicmp(Dll_ImageName, L"iexplore.exe") == 0) { + WCHAR *cmd = GetCommandLine(); + if (wcsstr(cmd, L"SCODEF")) { + + while (! IsDebuggerPresent()) { + OutputDebugString(L"BREAK\n"); + Sleep(500); + } + __debugbreak(); + } + }*/ + + /*if (_wcsicmp(Dll_ImageName, L"dllhost.exe") == 0) { + while (! IsDebuggerPresent()) { + OutputDebugString(L"BREAK\n"); + Sleep(500); + } + __debugbreak(); + }*/ +} + + +//--------------------------------------------------------------------------- +// Dll_InitExeEntry +//--------------------------------------------------------------------------- + + +_FX void Dll_InitExeEntry(void) +{ + // + // Dll_InitInjected is executed by Ldr_Inject_Entry after NTDLL has + // finished initializing the process (loading static import DLLs, etc) + // + + // + // on Windows 8, we can't load advapi32.dll during Scm_SecHostDll + // + // + + Scm_SecHostDll_W8(); + + // + // hook DefWindowProc on Windows 7, after USER32 has been initialized + // + + Gui_InitWindows7(); + + // + // hook the console window, if applicable + // + + Gui_InitConsole2(); + + // + // if we are SplWow64, register our pid with SbieSvc GUI Proxy + // + + Gdi_SplWow64(TRUE); + + // + // check if running as a forced COM server process + // note: it does not return if this is the case + // + + Custom_ComServer(); + + // + // force load of UxTheme in a Google Chrome sandbox process + // + + // Note: this does not seem to be needed anymore for modern Chrome builds, also it breaks Vivaldi browser + + //Custom_Load_UxTheme(); + + UserEnv_InitVer(Dll_OsBuild >= 7600 ? Dll_KernelBase : Dll_Kernel32); // in KernelBase since Win 7 + + // + // Windows 8.1: hook UserEnv-related entrypoint in KernelBase + // + + if (Dll_OsBuild >= 9600) + UserEnv_Init(Dll_KernelBase); + + // + // start SandboxieRpcSs + // + + SbieDll_StartCOM(TRUE); +} + + +//--------------------------------------------------------------------------- +// Dll_GetImageType +//--------------------------------------------------------------------------- + + +_FX ULONG Dll_GetImageType(const WCHAR *ImageName) +{ + ULONG ImageType = DLL_IMAGE_UNSPECIFIED; + + // + // check for custom configured special images + // + + ULONG index; + NTSTATUS status; + WCHAR wbuf[96]; + WCHAR* buf = wbuf; + + for (index = 0; ; ++index) { + status = SbieApi_QueryConfAsIs( + NULL, L"SpecialImage", index, buf, 90 * sizeof(WCHAR)); + if (!NT_SUCCESS(status)) + break; + + WCHAR* ptr = wcschr(buf, L','); + if (!ptr) continue; + + *ptr++ = L'\0'; + + if (_wcsicmp(ImageName, ptr) == 0) { + + if (_wcsicmp(L"chrome", buf) == 0) + ImageType = DLL_IMAGE_GOOGLE_CHROME; + else if (_wcsicmp(L"firefox", buf) == 0) + ImageType = DLL_IMAGE_MOZILLA_FIREFOX; + else if (_wcsicmp(L"thunderbird", buf) == 0) + ImageType = DLL_IMAGE_MOZILLA_THUNDERBIRD; + else if (_wcsicmp(L"browser", buf) == 0) + ImageType = DLL_IMAGE_OTHER_WEB_BROWSER; + else if (_wcsicmp(L"mail", buf) == 0) + ImageType = DLL_IMAGE_OTHER_MAIL_CLIENT; + else + ImageType = DLL_IMAGE_LAST; // invalid type set place holder such that we keep this image uncustomized + + break; + } + } + + // + // keep image names in sync with enum at top of dll.h + // + + static const WCHAR *_ImageNames[] = { + + SANDBOXIE L"RpcSs.exe", (WCHAR *)DLL_IMAGE_SANDBOXIE_RPCSS, + SANDBOXIE L"DcomLaunch.exe",(WCHAR *)DLL_IMAGE_SANDBOXIE_DCOMLAUNCH, + SANDBOXIE L"Crypto.exe", (WCHAR *)DLL_IMAGE_SANDBOXIE_CRYPTO, + SANDBOXIE L"WUAU.exe", (WCHAR *)DLL_IMAGE_SANDBOXIE_WUAU, + SANDBOXIE L"BITS.exe", (WCHAR *)DLL_IMAGE_SANDBOXIE_BITS, + SBIESVC_EXE, (WCHAR *)DLL_IMAGE_SANDBOXIE_SBIESVC, + + L"msiexec.exe", (WCHAR *)DLL_IMAGE_MSI_INSTALLER, + L"TrustedInstaller.exe", (WCHAR *)DLL_IMAGE_TRUSTED_INSTALLER, + L"TiWorker.exe", (WCHAR *)DLL_IMAGE_TRUSTED_INSTALLER, + L"wuauclt.exe", (WCHAR *)DLL_IMAGE_WUAUCLT, + L"explorer.exe", (WCHAR *)DLL_IMAGE_SHELL_EXPLORER, + L"rundll32.exe", (WCHAR *)DLL_IMAGE_RUNDLL32, + L"dllhost.exe", (WCHAR *)DLL_IMAGE_DLLHOST, + L"ServiceModelReg.exe", (WCHAR *)DLL_IMAGE_SERVICE_MODEL_REG, + + L"iexplore.exe", (WCHAR *)DLL_IMAGE_INTERNET_EXPLORER, + + L"wmplayer.exe", (WCHAR *)DLL_IMAGE_WINDOWS_MEDIA_PLAYER, + L"winamp.exe", (WCHAR *)DLL_IMAGE_NULLSOFT_WINAMP, + L"kmplayer.exe", (WCHAR *)DLL_IMAGE_PANDORA_KMPLAYER, + L"wlmail.exe", (WCHAR *)DLL_IMAGE_WINDOWS_LIVE_MAIL, + L"wisptis.exe", (WCHAR *)DLL_IMAGE_WISPTIS, + + L"GoogleUpdate.exe", (WCHAR *)DLL_IMAGE_GOOGLE_UPDATE, + + L"AcroRd32.exe", (WCHAR *)DLL_IMAGE_ACROBAT_READER, + L"Acrobat.exe", (WCHAR *)DLL_IMAGE_ACROBAT_READER, + L"plugin-container.exe", (WCHAR *)DLL_IMAGE_PLUGIN_CONTAINER, + L"Outlook.exe", (WCHAR *)DLL_IMAGE_OFFICE_OUTLOOK, + L"Excel.exe", (WCHAR *)DLL_IMAGE_OFFICE_EXCEL, + + NULL, NULL + }; + + if (ImageType == DLL_IMAGE_UNSPECIFIED) { + + for (int i = 0; _ImageNames[i]; i += 2) { + if (_wcsicmp(ImageName, _ImageNames[i]) == 0) { + ImageType = (ULONG)(ULONG_PTR)_ImageNames[i + 1]; + break; + } + } + } + + return ImageType; +} + +//--------------------------------------------------------------------------- +// Dll_SelectImageType +//--------------------------------------------------------------------------- + + +_FX void Dll_SelectImageType(void) +{ + Dll_ImageType = Dll_GetImageType(Dll_ImageName); + + if (Dll_ImageType == DLL_IMAGE_UNSPECIFIED && + _wcsnicmp(Dll_ImageName, L"FlashPlayerPlugin_", 18) == 0) + Dll_ImageType = DLL_IMAGE_FLASH_PLAYER_SANDBOX; + + if (Dll_ImageType == DLL_IMAGE_DLLHOST) { + + const WCHAR *CmdLine = GetCommandLine(); + if (CmdLine) { + if (wcsstr(CmdLine, L"{3EB3C877-1F16-487C-9050-104DBCD66683}")) + Dll_ImageType = DLL_IMAGE_DLLHOST_WININET_CACHE; + } + } + + // + // issue a warning for some known programs + // + + if (Dll_ImageType == DLL_IMAGE_UNSPECIFIED && ( + _wcsicmp(Dll_ImageName, L"SchTasks.exe") == 0 + || _wcsicmp(Dll_ImageName, L"cvh.exe") == 0 // Office 2010 virt + || 0)) { + + SbieApi_Log(2205, Dll_ImageName); + } + + if (Dll_ImageType == DLL_IMAGE_LAST) + Dll_ImageType = DLL_IMAGE_UNSPECIFIED; + + SbieApi_QueryProcessInfoEx(0, 'spit', Dll_ImageType); + + // + // we have some special cases for programs running under a restricted + // token, such as a Chromium sandbox processes, or Microsoft Office 2010 + // programs running as embedded previewers within Outlook + // + + Dll_RestrictedToken = Secure_IsRestrictedToken(FALSE); + + if (Dll_RestrictedToken) { + + if (Dll_ImageType == DLL_IMAGE_GOOGLE_CHROME || + Dll_ImageType == DLL_IMAGE_ACROBAT_READER || + Dll_ImageType == DLL_IMAGE_FLASH_PLAYER_SANDBOX) { + + Dll_ChromeSandbox = TRUE; + } + } + + Dll_SkipHook(NULL); +} + + +//--------------------------------------------------------------------------- +// Dll_Ordinal1 +//--------------------------------------------------------------------------- + + +_FX ULONG_PTR Dll_Ordinal1( + ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3, + ULONG_PTR arg4, ULONG_PTR arg5) +{ + struct _INJECT_DATA { // keep in sync with core/low/inject.c + + ULONG64 sbielow_data; // syscall_data_len & extra_data_offset; + ULONG64 RtlFindActCtx_SavedArg1; // LdrLoadDll + + ULONG64 LdrGetProcAddr; + ULONG64 NtRaiseHardError; + ULONG64 RtlFindActCtx; + ULONG RtlFindActCtx_Protect; + + UCHAR Reserved[188]; // the rest of _INJECT_DATA + + } *inject; // total size 232 + + typedef ULONG_PTR (*P_RtlFindActivationContextSectionString)( + ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3, + ULONG_PTR arg4, ULONG_PTR arg5); + P_RtlFindActivationContextSectionString RtlFindActCtx; + + SBIELOW_DATA *data; + ULONG dummy_prot; + BOOLEAN bHostInject = FALSE; + + extern HANDLE SbieApi_DeviceHandle; + + // + // this code is invoked from our RtlFindActivationContextSectionString + // hook in core/low/entry.asm, with a parameter that points to the + // syscall/inject data area. the first ULONG64 in this data area + // includes a pointer to the SbieLow data area + // + + inject = (struct _INJECT_DATA *)arg1; + + data = (SBIELOW_DATA *)inject->sbielow_data; + + bHostInject = data->flags.bHostInject == 1; + + // + // the SbieLow data area includes values that are useful to us + // + + Dll_IsWow64 = data->flags.is_wow64 == 1; + + SbieApi_DeviceHandle = (HANDLE)data->api_device_handle; + + // + // our RtlFindActivationContextSectionString hook already restored + // the original bytes, but we should still restore the page protection + // + + VirtualProtect((void *)(ULONG_PTR)inject->RtlFindActCtx, 5, + inject->RtlFindActCtx_Protect, &dummy_prot); + + arg1 = (ULONG_PTR)inject->RtlFindActCtx_SavedArg1; + + RtlFindActCtx = (P_RtlFindActivationContextSectionString) + inject->RtlFindActCtx; + + // + // free the syscall/inject data area which is no longer needed + // + + VirtualFree(inject, 0, MEM_RELEASE); + + if (!bHostInject) + { + // + // SbieDll was already partially initialized in Dll_InitGeneric, + // complete the initialization for a sandboxed process + // + HANDLE heventProcessStart = 0; + + Dll_InitInjected(); + + if (Dll_ImageType != DLL_IMAGE_SANDBOXIE_RPCSS) { + heventProcessStart = CreateEvent(0, FALSE, FALSE, SESSION_PROCESS); + if (heventProcessStart) { + SetEvent(heventProcessStart); + CloseHandle(heventProcessStart); + } + } + + // + // workaround for Program Compatibility Assistant (PCA), we have + // to start a second instance of this process outside the PCA job, + // see also Proc_RestartProcessOutOfPcaJob + // + + int MustRestartProcess = 0; + if(Dll_ProcessFlags & SBIE_FLAG_PROCESS_IN_PCA_JOB) + MustRestartProcess = 1; + + else if (Dll_ProcessFlags & SBIE_FLAG_FORCED_PROCESS) { + if (SbieApi_QueryConfBool(NULL, L"ForceRestartAll", FALSE) + || SbieDll_CheckStringInList(Dll_ImageName, NULL, L"ForceRestart")) + MustRestartProcess = 2; + } + + if (MustRestartProcess) { + + WCHAR text[128]; + Sbie_snwprintf(text, 128, L"Cleanly restarting forced process, reason %d", MustRestartProcess); + SbieApi_MonitorPut(MONITOR_OTHER, text); + + extern void Proc_RestartProcessOutOfPcaJob(void); + Proc_RestartProcessOutOfPcaJob(); + // does not return + } + } + else + { + Ldr_Inject_Init(bHostInject); + } + + // + // conclude the detour by passing control back to the original + // RtlFindActivationContextSectionString. the detour code used + // jump rather than call to invoke this function (see entry.asm) + // so RtlFindActivationContextSectionString returns to its caller + // + + return RtlFindActCtx(arg1, arg2, arg3, arg4, arg5); +} diff --git a/Sandboxie/core/drv/conf.c b/Sandboxie/core/drv/conf.c index 7e2be644..6f34729e 100644 --- a/Sandboxie/core/drv/conf.c +++ b/Sandboxie/core/drv/conf.c @@ -1,1682 +1,1682 @@ -/* - * Copyright 2004-2020 Sandboxie Holdings, LLC - * Copyright 2020-2021 David Xanatos, xanasoft.com - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -//--------------------------------------------------------------------------- -// Configuration -//--------------------------------------------------------------------------- - - -#include "conf.h" -#include "process.h" -#include "api.h" -#include "api_flags.h" -#include "obj.h" -#include "util.h" - -#define KERNEL_MODE -#include "common/stream.h" - -#include "common/my_version.h" - - -//--------------------------------------------------------------------------- -// Defines -//--------------------------------------------------------------------------- - -#define USE_CONF_MAP - -#define CONF_LINE_LEN 2000 // keep in sync with sbieiniwire.h -#define CONF_MAX_LINES 100000 // keep in sync with sbieiniwire.h - -#define CONF_TMPL_LINE_BASE 0x01000000 - - -//--------------------------------------------------------------------------- -// Structures -//--------------------------------------------------------------------------- - -// -// Note: we want to preserver the order of the settings when enumerating -// hence we can not replace the list with a hash map entierly -// instead we use booth, here the hash map ise used only for lookups -// the keys in the map are only pointers to the name fileds in the list entries -// - -typedef struct _CONF_DATA { - - POOL *pool; - LIST sections; // CONF_SECTION -#ifdef USE_CONF_MAP - HASH_MAP sections_map; -#endif - BOOLEAN home; // TRUE if configuration read from Driver_Home_Path - ULONG encoding; // 0 - unicode, 1 - utf8, 2 - unicode (byte swaped) - volatile ULONG use_count; - -} CONF_DATA; - - -typedef struct _CONF_SECTION { - - LIST_ELEM list_elem; - WCHAR *name; - LIST settings; // CONF_SETTING -#ifdef USE_CONF_MAP - HASH_MAP settings_map; -#endif - BOOLEAN from_template; - -} CONF_SECTION; - - -typedef struct _CONF_SETTING { - - LIST_ELEM list_elem; - WCHAR *name; - WCHAR *value; - BOOLEAN from_template; - BOOLEAN template_handled; - -} CONF_SETTING; - - -//--------------------------------------------------------------------------- -// Functions -//--------------------------------------------------------------------------- - - -static NTSTATUS Conf_Read(ULONG session_id); - -static NTSTATUS Conf_Read_Sections( - STREAM *stream, CONF_DATA *data, int *linenum); - -static NTSTATUS Conf_Read_Settings( - STREAM *stream, CONF_DATA *data, CONF_SECTION *section, - WCHAR *line, int *linenum); - -NTSTATUS Conf_Read_Line(STREAM *stream, WCHAR *line, int *linenum); - -static NTSTATUS Conf_Merge_Templates(CONF_DATA *data, ULONG session_id); - -static NTSTATUS Conf_Merge_Global( - CONF_DATA *data, ULONG session_id, - CONF_SECTION *global); - -static NTSTATUS Conf_Merge_Template( - CONF_DATA *data, ULONG session_id, - const WCHAR *tmpl_name, CONF_SECTION *section); - -static const WCHAR *Conf_Get_Helper( - const WCHAR *section_name, const WCHAR *setting_name, - ULONG *index, BOOLEAN skip_tmpl); - -static const WCHAR *Conf_Get_Section_Name(ULONG index, BOOLEAN skip_tmpl); - -static const WCHAR *Conf_Get_Setting_Name( - const WCHAR *section_name, ULONG index, BOOLEAN skip_tmpl); - - -//--------------------------------------------------------------------------- - - -static BOOLEAN str_map_match(const void* key1, const void* key2) { - const wchar_t** str1 = (const wchar_t**)key1; - const wchar_t** str2 = (const wchar_t**)key2; - return _wcsicmp(*str1, *str2) == 0; -} - -static unsigned int str_map_hash(const void* key, size_t size) { - const wchar_t** str = (const wchar_t**)key; - unsigned int hash = 5381; - for (unsigned short* ptr = (unsigned short*)*str; *ptr != 0; ptr++) - hash = ((hash << 5) + hash) ^ *ptr; - return hash; -} - - -//--------------------------------------------------------------------------- - -#ifdef ALLOC_PRAGMA -#pragma alloc_text (INIT, Conf_Init) -#endif // ALLOC_PRAGMA - - -//--------------------------------------------------------------------------- -// Variables -//--------------------------------------------------------------------------- - - -static CONF_DATA Conf_Data; -static PERESOURCE Conf_Lock = NULL; - -static const WCHAR *Conf_GlobalSettings = L"GlobalSettings"; -static const WCHAR *Conf_UserSettings_ = L"UserSettings_"; -static const WCHAR *Conf_Template_ = L"Template_"; -static const WCHAR *Conf_DefaultTemplates = L"DefaultTemplates"; - const WCHAR *Conf_TemplateSettings = L"TemplateSettings"; - -static const WCHAR *Conf_Template = L"Template"; - const WCHAR *Conf_Tmpl = L"Tmpl."; - -static const WCHAR *Conf_H = L"H"; -static const WCHAR *Conf_W = L"W"; - -static const WCHAR* Conf_Unicode = L"U"; -static const WCHAR* Conf_UTF8 = L"8"; - - -//--------------------------------------------------------------------------- -// Conf_AdjustUseCount -//--------------------------------------------------------------------------- - - -_FX void Conf_AdjustUseCount(BOOLEAN increase) -{ - KIRQL irql; - KeRaiseIrql(APC_LEVEL, &irql); - ExAcquireResourceExclusiveLite(Conf_Lock, TRUE); - - if (increase) - InterlockedIncrement(&Conf_Data.use_count); - else - InterlockedDecrement(&Conf_Data.use_count); - - ExReleaseResourceLite(Conf_Lock); - KeLowerIrql(irql); -} - - -//--------------------------------------------------------------------------- -// Conf_Read -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_Read(ULONG session_id) -{ - static const WCHAR *path_sandboxie = L"%s\\" SANDBOXIE_INI; - static const WCHAR *path_templates = L"%s\\Templates.ini"; - static const WCHAR *SystemRoot = L"\\SystemRoot"; - NTSTATUS status; - CONF_DATA data; - int linenum; - WCHAR linenum_str[32]; - ULONG path_len; - WCHAR *path = NULL; - BOOLEAN path_home; - STREAM *stream; - POOL *pool; - - // - // allocate a buffer large enough for \SystemRoot\Sandboxie.ini - // or (Home Path)\Sandboxie.ini - // - - path_len = 32; // room for \SystemRoot - if (path_len < wcslen(Driver_HomePathDos) * sizeof(WCHAR)) - path_len = wcslen(Driver_HomePathDos) * sizeof(WCHAR); - path_len += 64; // room for \Sandboxie.ini - - path = ExAllocatePoolWithTag(PagedPool, path_len, tzuk); - if (! path) - return STATUS_INSUFFICIENT_RESOURCES; - - // - // open the configuration file, try both places, home first - // - - path_home = TRUE; // = FALSE; - RtlStringCbPrintfW(path, path_len, path_sandboxie, Driver_HomePathDos); // , SystemRoot); - - status = Stream_Open( - &stream, path, FILE_GENERIC_READ, 0, FILE_SHARE_READ, FILE_OPEN, 0); - - if (status == STATUS_OBJECT_NAME_NOT_FOUND) { - - path_home = FALSE; // = TRUE; - RtlStringCbPrintfW(path, path_len, path_sandboxie, SystemRoot); // , Driver_HomePathDos); - - status = Stream_Open( - &stream, path, - FILE_GENERIC_READ, 0, FILE_SHARE_READ, FILE_OPEN, 0); - } - - if (! NT_SUCCESS(status)) { - - if (status == STATUS_OBJECT_NAME_NOT_FOUND || - status == STATUS_OBJECT_PATH_NOT_FOUND) - { - Log_Msg_Session(MSG_CONF_NO_FILE, NULL, NULL, session_id); - } else { - wcscpy(linenum_str, L"(none)"); - Log_Status_Ex_Session( - MSG_CONF_READ, 0, status, linenum_str, session_id); - } - } - - if (! NT_SUCCESS(status)) { - ExFreePoolWithTag(path, tzuk); - return status; - } - - // - // read data from the file - // - - pool = Pool_Create(); - if (! pool) - status = STATUS_INSUFFICIENT_RESOURCES; - - else { - - data.pool = pool; - List_Init(&data.sections); -#ifdef USE_CONF_MAP - map_init(&data.sections_map, data.pool); - data.sections_map.func_key_size = NULL; - data.sections_map.func_match_key = &str_map_match; - data.sections_map.func_hash_key = &str_map_hash; - map_resize(&data.sections_map, 16); // prepare some buckets for better performance -#endif - data.home = path_home; - data.use_count = 0; - - status = Stream_Read_BOM(stream, &data.encoding); - - linenum = 1; - while (NT_SUCCESS(status)) - status = Conf_Read_Sections(stream, &data, &linenum); - if (status == STATUS_END_OF_FILE) - status = STATUS_SUCCESS; - } - - Stream_Close(stream); - - // - // read (Home Path)\Templates.ini - // - - if (NT_SUCCESS(status)) { - - RtlStringCbPrintfW(path, path_len, path_templates, Driver_HomePathDos); - - status = Stream_Open( - &stream, path, - FILE_GENERIC_READ, 0, FILE_SHARE_READ, FILE_OPEN, 0); - - if (! NT_SUCCESS(status)) { - - Log_Status_Ex_Session( - MSG_CONF_NO_TMPL_FILE, 0, status, NULL, session_id); - - } else { - - status = Stream_Read_BOM(stream, NULL); - - linenum = 1 + CONF_TMPL_LINE_BASE; - - while (NT_SUCCESS(status)) - status = Conf_Read_Sections(stream, &data, &linenum); - if (status == STATUS_END_OF_FILE) - status = STATUS_SUCCESS; - - Stream_Close(stream); - - linenum -= CONF_TMPL_LINE_BASE; - if (! NT_SUCCESS(status)) - Log_Msg_Session(MSG_CONF_BAD_TMPL_FILE, 0, NULL, session_id); - } - } - - // - // merge templates - // - - if (NT_SUCCESS(status)) { - status = Conf_Merge_Templates(&data, session_id); - linenum = 0; - } - - // - // if read successfully, replace existing configuration - // - - if (NT_SUCCESS(status)) { - - BOOLEAN done = FALSE; - while (! done) { - - KIRQL irql; - KeRaiseIrql(APC_LEVEL, &irql); - ExAcquireResourceExclusiveLite(Conf_Lock, TRUE); - - if (Conf_Data.use_count == 0) { - - pool = Conf_Data.pool; - memcpy(&Conf_Data, &data, sizeof(CONF_DATA)); - - done = TRUE; - } - - ExReleaseResourceLite(Conf_Lock); - KeLowerIrql(irql); - - if (! done) - ZwYieldExecution(); - } - } - - if (pool) - Pool_Delete(pool); // may be either data.pool or old Conf_Data.pool - - // - // Possible error values through Conf_Read_* functions: - // - // STATUS_BUFFER_OVERFLOW (80000005) line too long - // STATUS_TOO_MANY_COMMANDS (C00000C1) too many lines in file - // STATUS_INVALID_PARAMETER (C000000D) syntax error - // - - if (! NT_SUCCESS(status)) { - RtlStringCbPrintfW(linenum_str, sizeof(linenum_str), L"%d", linenum); - //DbgPrint("Conf error %X at line %d (%S)\n", status, linenum, linenum_str); - if (status == STATUS_BUFFER_OVERFLOW) { - Log_Msg_Session( - MSG_CONF_LINE_TOO_LONG, linenum_str, NULL, session_id); - } else if (status == STATUS_TOO_MANY_COMMANDS) { - Log_Msg_Session( - MSG_CONF_FILE_TOO_LONG, linenum_str, NULL, session_id); - } else if (status == STATUS_INVALID_PARAMETER) { - Log_Msg_Session( - MSG_CONF_SYNTAX_ERROR, linenum_str, NULL, session_id); - } else { - Log_Status_Ex_Session( - MSG_CONF_READ, 0, status, linenum_str, session_id); - } - } - - ExFreePoolWithTag(path, tzuk); - return status; -} - - -//--------------------------------------------------------------------------- -// Conf_Read_Sections -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_Read_Sections( - STREAM *stream, CONF_DATA *data, int *linenum) -{ - const int line_len = (CONF_LINE_LEN + 2) * sizeof(WCHAR); - NTSTATUS status; - WCHAR *line; - WCHAR *ptr; - CONF_SECTION *section; - - line = Mem_Alloc(data->pool, line_len); - if (! line) - return STATUS_INSUFFICIENT_RESOURCES; - - status = Conf_Read_Line(stream, line, linenum); - //DbgPrint("Conf_Read_Line (%d/%X) --> %S\n", *linenum, status, line); - while (NT_SUCCESS(status)) { - - // - // extract the section name from the section name - // - - if (line[0] != L'[') { - status = STATUS_INVALID_PARAMETER; - break; - } - ptr = &line[1]; - while (*ptr && *ptr != L']') - ++ptr; - if (*ptr != L']') { - status = STATUS_INVALID_PARAMETER; - break; - } - *ptr = L'\0'; - - if (_wcsnicmp(&line[1], Conf_UserSettings_, 13) == 0) { - if (! line[14]) { - status = STATUS_INVALID_PARAMETER; - break; - } - } else if (_wcsnicmp(&line[1], Conf_Template_, 9) == 0) { - if (! line[10]) { - status = STATUS_INVALID_PARAMETER; - break; - } - } else if (! Box_IsValidName(&line[1])) { - status = STATUS_INVALID_PARAMETER; - break; - } - - // - // find an existing section by that name or create a new one - // -#ifdef USE_CONF_MAP - section = map_get(&data->sections_map, &line[1]); -#else - section = List_Head(&data->sections); - while (section) { - if (_wcsicmp(section->name, &line[1]) == 0) - break; - section = List_Next(section); - } -#endif - - if (! section) { - - section = Mem_Alloc(data->pool, sizeof(CONF_SECTION)); - if (! section) { - status = STATUS_INSUFFICIENT_RESOURCES; - break; - } - - if ((*linenum) >= CONF_TMPL_LINE_BASE) - section->from_template = TRUE; - else - section->from_template = FALSE; - - section->name = Mem_AllocString(data->pool, &line[1]); - if (! section->name) { - status = STATUS_INSUFFICIENT_RESOURCES; - break; - } - - List_Init(§ion->settings); -#ifdef USE_CONF_MAP - map_init(§ion->settings_map, data->pool); - section->settings_map.func_key_size = NULL; - section->settings_map.func_match_key = &str_map_match; - section->settings_map.func_hash_key = &str_map_hash; - map_resize(§ion->settings_map, 16); // prepare some buckets for better performance -#endif - - List_Insert_After(&data->sections, NULL, section); -#ifdef USE_CONF_MAP - if(map_insert(&data->sections_map, section->name, section, 0) == NULL) { - status = STATUS_INSUFFICIENT_RESOURCES; - break; - } -#endif - } - - // read settings for this section - - status = Conf_Read_Settings(stream, data, section, line, linenum); - } - - Mem_Free(line, line_len); - - return status; -} - - -//--------------------------------------------------------------------------- -// Conf_Read_Settings -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_Read_Settings( - STREAM *stream, CONF_DATA *data, CONF_SECTION *section, - WCHAR *line, int *linenum) -{ - NTSTATUS status; - WCHAR *ptr; - WCHAR *value; - CONF_SETTING *setting; - - while (1) { - - status = Conf_Read_Line(stream, line, linenum); - if (! NT_SUCCESS(status)) - break; - - if (line[0] == L'[' || line[0] == L']') - break; - - // parse setting name=value - - ptr = wcschr(line, L'='); - if ((! ptr) || ptr == line) { - status = STATUS_INVALID_PARAMETER; - break; - } - value = &ptr[1]; - - // eliminate trailing whitespace in the setting name - - while (ptr > line) { - --ptr; - if (*ptr > 32) { - ++ptr; - break; - } - } - *ptr = L'\0'; - - // eliminate leading and trailing whitespace in value - - while (*value <= 32) { - if (! (*value)) - break; - ++value; - } - - if (*value == L'\0') { - status = STATUS_INVALID_PARAMETER; - break; - } - - ptr = value + wcslen(value); - while (ptr > value) { - --ptr; - if (*ptr > 32) { - ++ptr; - break; - } - } - *ptr = L'\0'; - - // - // add the new setting - // - - setting = Mem_Alloc(data->pool, sizeof(CONF_SETTING)); - if (! setting) { - status = STATUS_INSUFFICIENT_RESOURCES; - break; - } - - if ((*linenum) >= CONF_TMPL_LINE_BASE) - setting->from_template = TRUE; - else - setting->from_template = FALSE; - - setting->template_handled = FALSE; - - setting->name = Mem_AllocString(data->pool, line); - if (! setting->name) { - status = STATUS_INSUFFICIENT_RESOURCES; - break; - } - - setting->value = Mem_AllocString(data->pool, value); - if (! setting->value) { - status = STATUS_INSUFFICIENT_RESOURCES; - break; - } - - List_Insert_After(§ion->settings, NULL, setting); -#ifdef USE_CONF_MAP - if(map_append(§ion->settings_map, setting->name, setting, 0) == NULL) { - status = STATUS_INSUFFICIENT_RESOURCES; - break; - } -#endif - } - - return status; -} - - -//--------------------------------------------------------------------------- -// Conf_Read_Line -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_Read_Line(STREAM *stream, WCHAR *line, int *linenum) -{ - NTSTATUS status; - WCHAR *ptr; - USHORT ch; - - while (1) { - - // skip leading control and whitespace characters - while (1) { - status = Stream_Read_Wchar(stream, &ch); - if ((! NT_SUCCESS(status)) || (ch > 32 && ch < 0xFE00)) - break; - if (ch == L'\r') - continue; - if (ch == L'\n') { - ULONG numlines = (++(*linenum)); - if (numlines >= CONF_TMPL_LINE_BASE) - numlines -= CONF_TMPL_LINE_BASE; - if (numlines > CONF_MAX_LINES) { - status = STATUS_TOO_MANY_COMMANDS; - break; - } - } - } - if (! NT_SUCCESS(status)) { - *line = L'\0'; - break; - } - - // read characters until hitting the newline mark - ptr = line; - while (1) { - *ptr = ch; - ++ptr; - if (ptr - line == CONF_LINE_LEN) - status = STATUS_BUFFER_OVERFLOW; - else - status = Stream_Read_Wchar(stream, &ch); - if ((! NT_SUCCESS(status)) || ch == L'\n' || ch == L'\r') - break; - } - - // remove all trailing control and whitespace characters - while (ptr > line) { - --ptr; - if (*ptr > 32) { - ++ptr; - break; - } - } - *ptr = L'\0'; - - // don't report end-of-file if we have data to return - if (ptr > line && status == STATUS_END_OF_FILE) - status = STATUS_SUCCESS; - - // if we are about to successfully return a comment line, - // then discard the line and restart from the top - if (status == STATUS_SUCCESS && *line == L'#') - continue; - - break; - } - - return status; -} - - -//--------------------------------------------------------------------------- -// Conf_Get_Section -//--------------------------------------------------------------------------- - - -_FX CONF_SECTION* Conf_Get_Section( - CONF_DATA* data, const WCHAR* section_name) -{ -#ifdef USE_CONF_MAP - // - // lookup the template section in the hash map - // - - return map_get(&data->sections_map, section_name); -#else - // - // scan for a matching template section - // - - CONF_SECTION* section = List_Head(&data->sections); - while (section) { - - if (_wcsicmp(section->name, section_name) == 0) { - - break; - } - - section = List_Next(section); - } - return section; -#endif -} - - -//--------------------------------------------------------------------------- -// Conf_Merge_Templates -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_Merge_Templates(CONF_DATA *data, ULONG session_id) -{ - NTSTATUS status; - CONF_SECTION *sandbox; - CONF_SETTING *setting; - - // - // first handle the global section - // - - CONF_SECTION* global = Conf_Get_Section(data, Conf_GlobalSettings); - if (global) { - status = Conf_Merge_Global(data, session_id, global); - if (!NT_SUCCESS(status)) - return status; - } - - // - // second handle the default templates - // - - global = Conf_Get_Section(data, Conf_DefaultTemplates); - if (global) { - status = Conf_Merge_Global(data, session_id, global); - if (!NT_SUCCESS(status)) - return status; - } - - // - // scan sections to find a sandbox section - // - - sandbox = List_Head(&data->sections); - while (sandbox) { - - CONF_SECTION *next_sandbox = List_Next(sandbox); - - // - // break once the template section starts - // - - if (sandbox->from_template) { - // we can break because template sections come after - // all non-template sections - break; - } - - // - // skip the global section, skip any local template sections and user settings sections - // - - if (_wcsicmp(sandbox->name, Conf_GlobalSettings) == 0 || - _wcsnicmp(sandbox->name, Conf_Template_, 9) == 0 || // Template_ or Template_Local_ - _wcsnicmp(sandbox->name, Conf_UserSettings_, 13) == 0) { - - sandbox = next_sandbox; - continue; - } - -#ifdef USE_CONF_MAP - - // - // use a keyed itterator to quickly go through all Template=Xxx settings - // - - map_iter_t iter2 = map_key_iter(&sandbox->settings_map, Conf_Template); - while (map_next(&sandbox->settings_map, &iter2)) { - setting = iter2.value; -#else - - // - // scan the section for a Template=Xxx setting - // - - setting = List_Head(&sandbox->settings); - while (setting) { - - if (_wcsicmp(setting->name, Conf_Template) != 0) { - - setting = List_Next(setting); - continue; - } -#endif - - if (setting->template_handled) { - -#ifndef USE_CONF_MAP - setting = List_Next(setting); -#endif - continue; - } - - // - // merge the template into the sandbox section - // - - status = Conf_Merge_Template( - data, session_id, setting->value, sandbox); - - if (! NT_SUCCESS(status)) - return status; - - setting->template_handled = TRUE; - -#ifndef USE_CONF_MAP - // - // advance to next setting - // - - setting = List_Head(&sandbox->settings); -#endif - } - - // - // advance to next section - // - - sandbox = next_sandbox; - } - - return STATUS_SUCCESS; -} - - -//--------------------------------------------------------------------------- -// Conf_Merge_Global -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_Merge_Global( - CONF_DATA *data, ULONG session_id, - CONF_SECTION *global) -{ - NTSTATUS status; - CONF_SECTION *sandbox; - CONF_SETTING *setting; - - // - // scan the section for a Template=Xxx setting - // - - setting = List_Head(&global->settings); - while (setting) { - - if (_wcsicmp(setting->name, Conf_Template) != 0) { - - setting = List_Next(setting); - continue; - } - - // - // scan sections to find a sandbox section - // - - sandbox = List_Head(&data->sections); - while (sandbox) { - - CONF_SECTION *next_sandbox = List_Next(sandbox); - - // - // break once the template section starts - // - - if (sandbox->from_template) { - // we can break because template sections come after - // all non-template sections - break; - } - - // - // skip the global section, any template sections and user settings sections - // - - if (_wcsicmp(sandbox->name, Conf_GlobalSettings) == 0 || - _wcsnicmp(sandbox->name, Conf_Template_, 9) == 0 || - _wcsnicmp(sandbox->name, Conf_UserSettings_, 13) == 0) { - - sandbox = next_sandbox; - continue; - } - - // - // merge the template into the sandbox section - // - - status = Conf_Merge_Template( - data, session_id, setting->value, sandbox); - - if (! NT_SUCCESS(status)) - return status; - - // - // advance to next section - // - - sandbox = next_sandbox; - } - - // - // advance to next setting - // - - setting = List_Next(setting); - } - - return STATUS_SUCCESS; -} - - -//--------------------------------------------------------------------------- -// Conf_Merge_Template -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_Merge_Template( - CONF_DATA *data, ULONG session_id, - const WCHAR *tmpl_name, CONF_SECTION *section) -{ - CONF_SECTION *tmpl = NULL; - - WCHAR section_name[130]; // 128 + 2 // max regular section length is 64 - if (wcslen(tmpl_name) < 119) { // 128 - wcslen(Conf_Template_) - wcscpy(section_name, Conf_Template_); - wcscat(section_name, tmpl_name); - tmpl = Conf_Get_Section(data, section_name); - } - - // - // copy settings from template section into sandbox section - // - - if (tmpl) { - - CONF_SETTING *oset, *nset; - - oset = List_Head(&tmpl->settings); - while (oset) { - - if (_wcsnicmp(oset->name, Conf_Tmpl, 5) == 0) { - oset = List_Next(oset); - continue; - } - - nset = Mem_Alloc(data->pool, sizeof(CONF_SETTING)); - nset->from_template = TRUE; - nset->template_handled = FALSE; - if (! nset) - return STATUS_INSUFFICIENT_RESOURCES; - nset->name = Mem_AllocString(data->pool, oset->name); - if (! nset->name) - return STATUS_INSUFFICIENT_RESOURCES; - nset->value = Mem_AllocString(data->pool, oset->value); - if (! nset->value) - return STATUS_INSUFFICIENT_RESOURCES; - - List_Insert_After(§ion->settings, NULL, nset); -#ifdef USE_CONF_MAP - if(map_append(§ion->settings_map, nset->name, nset, 0) == NULL) - return STATUS_INSUFFICIENT_RESOURCES; -#endif - - oset = List_Next(oset); - } - - } else { - - Log_Msg_Session(MSG_CONF_MISSING_TMPL, - section->name, tmpl_name, session_id); - } - - return STATUS_SUCCESS; -} - - -//--------------------------------------------------------------------------- -// Conf_Get_Helper -//--------------------------------------------------------------------------- - - -_FX const WCHAR *Conf_Get_Helper( - const WCHAR *section_name, const WCHAR *setting_name, - ULONG *index, BOOLEAN skip_tmpl) -{ - WCHAR *value; - CONF_SECTION *section; - CONF_SETTING *setting; - - value = NULL; - -#ifdef USE_CONF_MAP - // - // lookup the section in the hash map - // - - section = map_get(&Conf_Data.sections_map, section_name); -#else - section = List_Head(&Conf_Data.sections); - while (section) { - //DbgPrint(" Examining section at %X name %S (looking for %S)\n", section, section->name, section_name); - if (_wcsicmp(section->name, section_name) == 0) - break; - section = List_Next(section); - } -#endif - if (skip_tmpl && section && section->from_template) - section = NULL; - - if (section) { -#ifdef USE_CONF_MAP - // - // use a keyed itterator to quickly go through all matching settings - // - - map_iter_t iter2 = map_key_iter(§ion->settings_map, setting_name); - while (map_next(§ion->settings_map, &iter2)) { - setting = iter2.value; -#else - setting = List_Head(§ion->settings); - while (setting) { - //DbgPrint(" Examining setting at %X name %S (looking for %S)\n", setting, setting->name, setting_name); -#endif - if (skip_tmpl && setting->from_template) { - // we can break because template settings come after - // all non-template settings - break; - } -#ifndef USE_CONF_MAP - if (_wcsicmp(setting->name, setting_name) == 0) { -#endif - if (*index == 0) { - value = setting->value; - break; - } - --(*index); -#ifndef USE_CONF_MAP - } - setting = List_Next(setting); -#endif - } - } - - return value; -} - - -//--------------------------------------------------------------------------- -// Conf_Get_Section_Name -//--------------------------------------------------------------------------- - - -_FX const WCHAR *Conf_Get_Section_Name(ULONG index, BOOLEAN skip_tmpl) -{ - WCHAR *value; - CONF_SECTION *section; - - value = NULL; - - section = List_Head(&Conf_Data.sections); - while (section) { - CONF_SECTION *next_section = List_Next(section); - - if (_wcsicmp(section->name, Conf_GlobalSettings) == 0) { - section = next_section; - continue; - } - if (skip_tmpl && section->from_template) { - // we can break because template sections come after - // all non-template sections - break; - } - if (index == 0) { - value = section->name; - break; - } - - --index; - section = next_section; - } - - return value; -} - - -//--------------------------------------------------------------------------- -// Conf_Get_Setting_Name -//--------------------------------------------------------------------------- - - -_FX const WCHAR *Conf_Get_Setting_Name( - const WCHAR *section_name, ULONG index, BOOLEAN skip_tmpl) -{ - WCHAR *value; - CONF_SECTION *section; - CONF_SETTING *setting, *setting2; - BOOLEAN dup; - - value = NULL; - -#ifdef USE_CONF_MAP - // - // lookup the section in the hash map - // - - section = map_get(&Conf_Data.sections_map, section_name); -#else - section = List_Head(&Conf_Data.sections); - while (section) { - if (_wcsicmp(section->name, section_name) == 0) - break; - section = List_Next(section); - } -#endif - if (skip_tmpl && section && section->from_template) - section = NULL; - - if (section) { - setting = List_Head(§ion->settings); - while (setting) { - - if (skip_tmpl && setting->from_template) { - // we can break because template settings come after - // all non-template settings - break; - } - - // - // check if we already processed this name - // - - dup = FALSE; - setting2 = List_Head(§ion->settings); - while (setting2 && setting2 != setting) { - if (_wcsicmp(setting2->name, setting->name) == 0) { - dup = TRUE; - break; - } else - setting2 = List_Next(setting2); - } - - if (! dup) { - if (index == 0) { - value = setting->name; - break; - } else - --index; - } - - setting = List_Next(setting); - } - } - - return value; -} - - -//--------------------------------------------------------------------------- -// Conf_Get -//--------------------------------------------------------------------------- - - -_FX const WCHAR *Conf_Get( - const WCHAR *section, const WCHAR *setting, ULONG index) -{ - const WCHAR *value; - BOOLEAN have_section; - BOOLEAN have_setting; - BOOLEAN check_global; - BOOLEAN skip_tmpl; - KIRQL irql; - - value = NULL; - have_section = (section && section[0]); - have_setting = (setting && setting[0]); - skip_tmpl = ((index & CONF_GET_NO_TEMPLS) != 0); - - KeRaiseIrql(APC_LEVEL, &irql); - ExAcquireResourceSharedLite(Conf_Lock, TRUE); - - if ((! have_section) && have_setting && - _wcsicmp(setting, L"IniLocation") == 0) { - - // return "H" if configuration file was found in the Sandboxie - // home directory, or "W" if it was found in Windows directory - - value = (Conf_Data.home) ? Conf_H : Conf_W; - - } else if ((!have_section) && have_setting && - _wcsicmp(setting, L"IniEncoding") == 0) { - - // return "U" if configuration file was Unicode encoded, - // or "8" if it was UTF-8 encoded - - value = (Conf_Data.encoding == 1) ? Conf_UTF8 : Conf_Unicode; - - } - else if (have_setting) { - - check_global = ((index & CONF_GET_NO_GLOBAL) == 0); - index &= 0xFFFF; - - if (section) - value = Conf_Get_Helper(section, setting, &index, skip_tmpl); - - // - // when no value has been found for the given section - // try getting it from the global section - // - - if ((! value) && check_global) { - value = Conf_Get_Helper( - Conf_GlobalSettings, setting, &index, skip_tmpl); - } - - } else if (have_section && (! have_setting)) { - - value = Conf_Get_Setting_Name(section, index & 0xFFFF, skip_tmpl); - - } else if ((! have_section) && (! have_setting)) { - - value = Conf_Get_Section_Name(index & 0xFFFF, skip_tmpl); - } - - ExReleaseResourceLite(Conf_Lock); - KeLowerIrql(irql); - - return value; -} - - -//--------------------------------------------------------------------------- -// Conf_Get_Boolean -//--------------------------------------------------------------------------- - - -_FX BOOLEAN Conf_Get_Boolean( - const WCHAR *section, const WCHAR *setting, ULONG index, BOOLEAN def) -{ - const WCHAR *value; - BOOLEAN retval; - - Conf_AdjustUseCount(TRUE); - - value = Conf_Get(section, setting, index); - - retval = def; - if (value) { - if (*value == 'y' || *value == 'Y') - retval = TRUE; - else if (*value == 'n' || *value == 'N') - retval = FALSE; - } - - Conf_AdjustUseCount(FALSE); - - return retval; -} - - -//--------------------------------------------------------------------------- -// Conf_Get_Number -//--------------------------------------------------------------------------- - - -_FX ULONG Conf_Get_Number( - const WCHAR *section, const WCHAR *setting, ULONG index, ULONG def) -{ - const WCHAR *value; - ULONG retval; - - Conf_AdjustUseCount(TRUE); - - value = Conf_Get(section, setting, index); - - retval = def; - if (value) { - - NTSTATUS status; - UNICODE_STRING uni; - RtlInitUnicodeString(&uni, value); - status = RtlUnicodeStringToInteger(&uni, 10, &retval); - if (! NT_SUCCESS(status)) - retval = def; - } - - Conf_AdjustUseCount(FALSE); - - return retval; -} - - -//--------------------------------------------------------------------------- -// Conf_IsValidBox -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_IsValidBox(const WCHAR *section_name) -{ - CONF_SECTION *section; - NTSTATUS status; - KIRQL irql; - - if ( _wcsicmp(section_name, Conf_GlobalSettings) == 0 - || _wcsicmp(section_name, Conf_TemplateSettings) == 0 - || _wcsnicmp(section_name, Conf_Template_, 9) == 0 - || _wcsnicmp(section_name, Conf_UserSettings_, 13) == 0) { - - status = STATUS_OBJECT_TYPE_MISMATCH; - - } else { - - KeRaiseIrql(APC_LEVEL, &irql); - ExAcquireResourceSharedLite(Conf_Lock, TRUE); - - section = List_Head(&Conf_Data.sections); - while (section) { - if (_wcsicmp(section->name, section_name) == 0) - break; - section = List_Next(section); - } - - if (! section) - status = STATUS_OBJECT_NAME_NOT_FOUND; - - else if (section->from_template) - status = STATUS_OBJECT_TYPE_MISMATCH; - - else - status = STATUS_SUCCESS; - - ExReleaseResourceLite(Conf_Lock); - KeLowerIrql(irql); - } - - return status; -} - - -//--------------------------------------------------------------------------- -// Conf_Api_Reload -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_Api_Reload(PROCESS *proc, ULONG64 *parms) -{ - NTSTATUS status; - ULONG flags; - - if (proc) - return STATUS_NOT_IMPLEMENTED; - - flags = (ULONG)parms[2]; - - if (flags & SBIE_CONF_FLAG_RELOAD_CERT) { - status = MyValidateCertificate(); - goto finish; - } - - status = Conf_Read((ULONG)parms[1]); - - if (status == STATUS_OBJECT_NAME_NOT_FOUND || - status == STATUS_OBJECT_PATH_NOT_FOUND) { - - // - // if configuration file was removed, reset configuration - // - - POOL *pool; - - KIRQL irql; - KeRaiseIrql(APC_LEVEL, &irql); - ExAcquireResourceExclusiveLite(Conf_Lock, TRUE); - - pool = Conf_Data.pool; - - Conf_Data.pool = NULL; - List_Init(&Conf_Data.sections); -#ifdef USE_CONF_MAP - map_init(&Conf_Data.sections_map, NULL); - Conf_Data.sections_map.func_key_size = NULL; - Conf_Data.sections_map.func_match_key = &str_map_match; - Conf_Data.sections_map.func_hash_key = &str_map_hash; - map_resize(&Conf_Data.sections_map, 16); // prepare some buckets for better performance -#endif - - Conf_Data.home = FALSE; - Conf_Data.encoding = 0; - - ExReleaseResourceLite(Conf_Lock); - KeLowerIrql(irql); - - if (pool) - Pool_Delete(pool); - - status = STATUS_SUCCESS; - } - - // - // Check the reconfigure drier flag and if its set, load/unload the components accordingly - // - - if (flags & SBIE_CONF_FLAG_RECONFIGURE) { - - static volatile ULONG reconf_lock = 0; - if (InterlockedCompareExchange(&reconf_lock, 1, 0) != 0) { - status = STATUS_OPERATION_IN_PROGRESS; - goto finish; // don't do anything is a reconfiguration is already in progress - } - - BOOLEAN wpf_enabled = Conf_Get_Boolean(NULL, L"NetworkEnableWFP", 0, FALSE); - extern BOOLEAN WFP_Enabled; - if (WFP_Enabled != wpf_enabled) { - if (wpf_enabled) { - extern BOOLEAN WFP_Load(void); - WFP_Load(); - } - else { - extern void WFP_Unload(void); - WFP_Unload(); - } - } - - extern UCHAR SandboxieLogonSid[SECURITY_MAX_SID_SIZE]; - if (Conf_Get_Boolean(NULL, L"AllowSandboxieLogon", 0, FALSE) && SandboxieLogonSid[0] == 0) { - extern BOOLEAN Token_Init_SbieLogin(void); - Token_Init_SbieLogin(); - } - - InterlockedExchange(&reconf_lock, 0); - } - - Api_SendServiceMessage(SVC_CONFIG_UPDATED, 0, NULL); - -finish: - return status; -} - - -//--------------------------------------------------------------------------- -// Conf_Api_Query -//--------------------------------------------------------------------------- - - -_FX NTSTATUS Conf_Api_Query(PROCESS *proc, ULONG64 *parms) -{ - NTSTATUS status; - WCHAR *parm; - ULONG *parm2; - WCHAR boxname[70]; - WCHAR setting[70]; - ULONG index; - const WCHAR *value1; - WCHAR *value2; - - // parms[1] --> WCHAR [66] SectionName - - memzero(boxname, sizeof(boxname)); - if (proc) - wcscpy(boxname, proc->box->name); - else { - parm = (WCHAR *)parms[1]; - if (parm) { - ProbeForRead(parm, sizeof(WCHAR) * 64, sizeof(WCHAR)); - if (parm[0]) - wcsncpy(boxname, parm, 64); - } - } - - // parms[2] --> WCHAR [66] SettingName - - memzero(setting, sizeof(setting)); - parm = (WCHAR *)parms[2]; - if (parm) { - ProbeForRead(parm, sizeof(WCHAR) * 64, sizeof(WCHAR)); - if (parm[0]) - wcsncpy(setting, parm, 64); - } - - // parms[3] --> ULONG SettingIndex - - index = 0; - parm2 = (ULONG *)parms[3]; - if (parm2) { - ProbeForRead(parm2, sizeof(ULONG), sizeof(ULONG)); - index = *parm2; - if ((index & 0xFFFF) > 1000) - return STATUS_INVALID_PARAMETER; - } else - return STATUS_INVALID_PARAMETER; - - // - // get value - // - - Conf_AdjustUseCount(TRUE); - - if (setting && setting[0] == L'%') - value1 = setting; // shortcut to expand a avariable - else - value1 = Conf_Get(boxname, setting, index); - if (! value1) { - status = STATUS_RESOURCE_NAME_NOT_FOUND; - goto release_and_return; - } - - if (index & CONF_GET_NO_EXPAND) - value2 = (WCHAR *)value1; - else { - - // expand value. if caller is sandboxed, use its BOX (with its - // expand_args) for that. otherwise, create a temporary BOX - - if (proc) - value2 = Conf_Expand(proc->box->expand_args, value1, setting); - else { - - CONF_EXPAND_ARGS *expand_args = Mem_Alloc(Driver_Pool, sizeof(CONF_EXPAND_ARGS)); - if (! expand_args) { - status = STATUS_UNSUCCESSFUL; - goto release_and_return; - } - - expand_args->pool = Driver_Pool; - expand_args->sandbox = boxname; - - UNICODE_STRING SidString; - ULONG SessionId; - status = Process_GetSidStringAndSessionId(NtCurrentProcess(), NULL, &SidString, &SessionId); - if (!NT_SUCCESS(status)) { - Mem_Free(expand_args, sizeof(CONF_EXPAND_ARGS)); - status = STATUS_UNSUCCESSFUL; - goto release_and_return; - } - - expand_args->sid = SidString.Buffer; - expand_args->session = &SessionId; - - value2 = Conf_Expand(expand_args, value1, setting); - - RtlFreeUnicodeString(&SidString); - - Mem_Free(expand_args, sizeof(CONF_EXPAND_ARGS)); - } - - if (! value2) { - status = STATUS_INSUFFICIENT_RESOURCES; - goto release_and_return; - } - } - - // write value into user buffer Output - // parms[4] --> user buffer Output - - __try { - - UNICODE_STRING64 *user_uni = (UNICODE_STRING64 *)parms[4]; - ULONG len = (wcslen(value2) + 1) * sizeof(WCHAR); - Api_CopyStringToUser(user_uni, value2, len); - - status = STATUS_SUCCESS; - - } __except (EXCEPTION_EXECUTE_HANDLER) { - status = GetExceptionCode(); - } - - if (value2 != value1) - Mem_FreeString(value2); - -release_and_return: - - Conf_AdjustUseCount(FALSE); - - return status; -} - - -//--------------------------------------------------------------------------- -// Conf_Init -//--------------------------------------------------------------------------- - - -_FX BOOLEAN Conf_Init(void) -{ - Conf_Data.pool = NULL; - List_Init(&Conf_Data.sections); -#ifdef USE_CONF_MAP - map_init(&Conf_Data.sections_map, NULL); - Conf_Data.sections_map.func_key_size = NULL; - Conf_Data.sections_map.func_match_key = &str_map_match; - Conf_Data.sections_map.func_hash_key = &str_map_hash; -#endif - - Conf_Data.home = FALSE; - Conf_Data.encoding = 0; - - if (! Mem_GetLockResource(&Conf_Lock, TRUE)) - return FALSE; - - if (! Conf_Init_User()) - return FALSE; - - Conf_Read(-1); - - // - // set API functions - // - - Api_SetFunction(API_RELOAD_CONF, Conf_Api_Reload); - Api_SetFunction(API_QUERY_CONF, Conf_Api_Query); - - return TRUE; -} - - -//--------------------------------------------------------------------------- -// Conf_Unload -//--------------------------------------------------------------------------- - - -_FX void Conf_Unload(void) -{ - Conf_Unload_User(); - - if (Conf_Data.pool) { - Pool_Delete(Conf_Data.pool); - Conf_Data.pool = NULL; - } - - Mem_FreeLockResource(&Conf_Lock); -} +/* + * Copyright 2004-2020 Sandboxie Holdings, LLC + * Copyright 2020-2021 David Xanatos, xanasoft.com + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +//--------------------------------------------------------------------------- +// Configuration +//--------------------------------------------------------------------------- + + +#include "conf.h" +#include "process.h" +#include "api.h" +#include "api_flags.h" +#include "obj.h" +#include "util.h" + +#define KERNEL_MODE +#include "common/stream.h" + +#include "common/my_version.h" + + +//--------------------------------------------------------------------------- +// Defines +//--------------------------------------------------------------------------- + +#define USE_CONF_MAP + +#define CONF_LINE_LEN 2000 // keep in sync with sbieiniwire.h +#define CONF_MAX_LINES 100000 // keep in sync with sbieiniwire.h + +#define CONF_TMPL_LINE_BASE 0x01000000 + + +//--------------------------------------------------------------------------- +// Structures +//--------------------------------------------------------------------------- + +// +// Note: we want to preserver the order of the settings when enumerating +// hence we can not replace the list with a hash map entierly +// instead we use booth, here the hash map ise used only for lookups +// the keys in the map are only pointers to the name fileds in the list entries +// + +typedef struct _CONF_DATA { + + POOL *pool; + LIST sections; // CONF_SECTION +#ifdef USE_CONF_MAP + HASH_MAP sections_map; +#endif + BOOLEAN home; // TRUE if configuration read from Driver_Home_Path + ULONG encoding; // 0 - unicode, 1 - utf8, 2 - unicode (byte swaped) + volatile ULONG use_count; + +} CONF_DATA; + + +typedef struct _CONF_SECTION { + + LIST_ELEM list_elem; + WCHAR *name; + LIST settings; // CONF_SETTING +#ifdef USE_CONF_MAP + HASH_MAP settings_map; +#endif + BOOLEAN from_template; + +} CONF_SECTION; + + +typedef struct _CONF_SETTING { + + LIST_ELEM list_elem; + WCHAR *name; + WCHAR *value; + BOOLEAN from_template; + BOOLEAN template_handled; + +} CONF_SETTING; + + +//--------------------------------------------------------------------------- +// Functions +//--------------------------------------------------------------------------- + + +static NTSTATUS Conf_Read(ULONG session_id); + +static NTSTATUS Conf_Read_Sections( + STREAM *stream, CONF_DATA *data, int *linenum); + +static NTSTATUS Conf_Read_Settings( + STREAM *stream, CONF_DATA *data, CONF_SECTION *section, + WCHAR *line, int *linenum); + +NTSTATUS Conf_Read_Line(STREAM *stream, WCHAR *line, int *linenum); + +static NTSTATUS Conf_Merge_Templates(CONF_DATA *data, ULONG session_id); + +static NTSTATUS Conf_Merge_Global( + CONF_DATA *data, ULONG session_id, + CONF_SECTION *global); + +static NTSTATUS Conf_Merge_Template( + CONF_DATA *data, ULONG session_id, + const WCHAR *tmpl_name, CONF_SECTION *section); + +static const WCHAR *Conf_Get_Helper( + const WCHAR *section_name, const WCHAR *setting_name, + ULONG *index, BOOLEAN skip_tmpl); + +static const WCHAR *Conf_Get_Section_Name(ULONG index, BOOLEAN skip_tmpl); + +static const WCHAR *Conf_Get_Setting_Name( + const WCHAR *section_name, ULONG index, BOOLEAN skip_tmpl); + + +//--------------------------------------------------------------------------- + + +static BOOLEAN str_map_match(const void* key1, const void* key2) { + const wchar_t** str1 = (const wchar_t**)key1; + const wchar_t** str2 = (const wchar_t**)key2; + return _wcsicmp(*str1, *str2) == 0; +} + +static unsigned int str_map_hash(const void* key, size_t size) { + const wchar_t** str = (const wchar_t**)key; + unsigned int hash = 5381; + for (unsigned short* ptr = (unsigned short*)*str; *ptr != 0; ptr++) + hash = ((hash << 5) + hash) ^ *ptr; + return hash; +} + + +//--------------------------------------------------------------------------- + +#ifdef ALLOC_PRAGMA +#pragma alloc_text (INIT, Conf_Init) +#endif // ALLOC_PRAGMA + + +//--------------------------------------------------------------------------- +// Variables +//--------------------------------------------------------------------------- + + +static CONF_DATA Conf_Data; +static PERESOURCE Conf_Lock = NULL; + +static const WCHAR *Conf_GlobalSettings = L"GlobalSettings"; +static const WCHAR *Conf_UserSettings_ = L"UserSettings_"; +static const WCHAR *Conf_Template_ = L"Template_"; +static const WCHAR *Conf_DefaultTemplates = L"DefaultTemplates"; + const WCHAR *Conf_TemplateSettings = L"TemplateSettings"; + +static const WCHAR *Conf_Template = L"Template"; + const WCHAR *Conf_Tmpl = L"Tmpl."; + +static const WCHAR *Conf_H = L"H"; +static const WCHAR *Conf_W = L"W"; + +static const WCHAR* Conf_Unicode = L"U"; +static const WCHAR* Conf_UTF8 = L"8"; + + +//--------------------------------------------------------------------------- +// Conf_AdjustUseCount +//--------------------------------------------------------------------------- + + +_FX void Conf_AdjustUseCount(BOOLEAN increase) +{ + KIRQL irql; + KeRaiseIrql(APC_LEVEL, &irql); + ExAcquireResourceExclusiveLite(Conf_Lock, TRUE); + + if (increase) + InterlockedIncrement(&Conf_Data.use_count); + else + InterlockedDecrement(&Conf_Data.use_count); + + ExReleaseResourceLite(Conf_Lock); + KeLowerIrql(irql); +} + + +//--------------------------------------------------------------------------- +// Conf_Read +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_Read(ULONG session_id) +{ + static const WCHAR *path_sandboxie = L"%s\\" SANDBOXIE_INI; + static const WCHAR *path_templates = L"%s\\Templates.ini"; + static const WCHAR *SystemRoot = L"\\SystemRoot"; + NTSTATUS status; + CONF_DATA data; + int linenum; + WCHAR linenum_str[32]; + ULONG path_len; + WCHAR *path = NULL; + BOOLEAN path_home; + STREAM *stream; + POOL *pool; + + // + // allocate a buffer large enough for \SystemRoot\Sandboxie.ini + // or (Home Path)\Sandboxie.ini + // + + path_len = 32; // room for \SystemRoot + if (path_len < wcslen(Driver_HomePathDos) * sizeof(WCHAR)) + path_len = wcslen(Driver_HomePathDos) * sizeof(WCHAR); + path_len += 64; // room for \Sandboxie.ini + + path = ExAllocatePoolWithTag(PagedPool, path_len, tzuk); + if (! path) + return STATUS_INSUFFICIENT_RESOURCES; + + // + // open the configuration file, try both places, home first + // + + path_home = TRUE; // = FALSE; + RtlStringCbPrintfW(path, path_len, path_sandboxie, Driver_HomePathDos); // , SystemRoot); + + status = Stream_Open( + &stream, path, FILE_GENERIC_READ, 0, FILE_SHARE_READ, FILE_OPEN, 0); + + if (status == STATUS_OBJECT_NAME_NOT_FOUND) { + + path_home = FALSE; // = TRUE; + RtlStringCbPrintfW(path, path_len, path_sandboxie, SystemRoot); // , Driver_HomePathDos); + + status = Stream_Open( + &stream, path, + FILE_GENERIC_READ, 0, FILE_SHARE_READ, FILE_OPEN, 0); + } + + if (! NT_SUCCESS(status)) { + + if (status == STATUS_OBJECT_NAME_NOT_FOUND || + status == STATUS_OBJECT_PATH_NOT_FOUND) + { + Log_Msg_Session(MSG_CONF_NO_FILE, NULL, NULL, session_id); + } else { + wcscpy(linenum_str, L"(none)"); + Log_Status_Ex_Session( + MSG_CONF_READ, 0, status, linenum_str, session_id); + } + } + + if (! NT_SUCCESS(status)) { + ExFreePoolWithTag(path, tzuk); + return status; + } + + // + // read data from the file + // + + pool = Pool_Create(); + if (! pool) + status = STATUS_INSUFFICIENT_RESOURCES; + + else { + + data.pool = pool; + List_Init(&data.sections); +#ifdef USE_CONF_MAP + map_init(&data.sections_map, data.pool); + data.sections_map.func_key_size = NULL; + data.sections_map.func_match_key = &str_map_match; + data.sections_map.func_hash_key = &str_map_hash; + map_resize(&data.sections_map, 16); // prepare some buckets for better performance +#endif + data.home = path_home; + data.use_count = 0; + + status = Stream_Read_BOM(stream, &data.encoding); + + linenum = 1; + while (NT_SUCCESS(status)) + status = Conf_Read_Sections(stream, &data, &linenum); + if (status == STATUS_END_OF_FILE) + status = STATUS_SUCCESS; + } + + Stream_Close(stream); + + // + // read (Home Path)\Templates.ini + // + + if (NT_SUCCESS(status)) { + + RtlStringCbPrintfW(path, path_len, path_templates, Driver_HomePathDos); + + status = Stream_Open( + &stream, path, + FILE_GENERIC_READ, 0, FILE_SHARE_READ, FILE_OPEN, 0); + + if (! NT_SUCCESS(status)) { + + Log_Status_Ex_Session( + MSG_CONF_NO_TMPL_FILE, 0, status, NULL, session_id); + + } else { + + status = Stream_Read_BOM(stream, NULL); + + linenum = 1 + CONF_TMPL_LINE_BASE; + + while (NT_SUCCESS(status)) + status = Conf_Read_Sections(stream, &data, &linenum); + if (status == STATUS_END_OF_FILE) + status = STATUS_SUCCESS; + + Stream_Close(stream); + + linenum -= CONF_TMPL_LINE_BASE; + if (! NT_SUCCESS(status)) + Log_Msg_Session(MSG_CONF_BAD_TMPL_FILE, 0, NULL, session_id); + } + } + + // + // merge templates + // + + if (NT_SUCCESS(status)) { + status = Conf_Merge_Templates(&data, session_id); + linenum = 0; + } + + // + // if read successfully, replace existing configuration + // + + if (NT_SUCCESS(status)) { + + BOOLEAN done = FALSE; + while (! done) { + + KIRQL irql; + KeRaiseIrql(APC_LEVEL, &irql); + ExAcquireResourceExclusiveLite(Conf_Lock, TRUE); + + if (Conf_Data.use_count == 0) { + + pool = Conf_Data.pool; + memcpy(&Conf_Data, &data, sizeof(CONF_DATA)); + + done = TRUE; + } + + ExReleaseResourceLite(Conf_Lock); + KeLowerIrql(irql); + + if (! done) + ZwYieldExecution(); + } + } + + if (pool) + Pool_Delete(pool); // may be either data.pool or old Conf_Data.pool + + // + // Possible error values through Conf_Read_* functions: + // + // STATUS_BUFFER_OVERFLOW (80000005) line too long + // STATUS_TOO_MANY_COMMANDS (C00000C1) too many lines in file + // STATUS_INVALID_PARAMETER (C000000D) syntax error + // + + if (! NT_SUCCESS(status)) { + RtlStringCbPrintfW(linenum_str, sizeof(linenum_str), L"%d", linenum); + //DbgPrint("Conf error %X at line %d (%S)\n", status, linenum, linenum_str); + if (status == STATUS_BUFFER_OVERFLOW) { + Log_Msg_Session( + MSG_CONF_LINE_TOO_LONG, linenum_str, NULL, session_id); + } else if (status == STATUS_TOO_MANY_COMMANDS) { + Log_Msg_Session( + MSG_CONF_FILE_TOO_LONG, linenum_str, NULL, session_id); + } else if (status == STATUS_INVALID_PARAMETER) { + Log_Msg_Session( + MSG_CONF_SYNTAX_ERROR, linenum_str, NULL, session_id); + } else { + Log_Status_Ex_Session( + MSG_CONF_READ, 0, status, linenum_str, session_id); + } + } + + ExFreePoolWithTag(path, tzuk); + return status; +} + + +//--------------------------------------------------------------------------- +// Conf_Read_Sections +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_Read_Sections( + STREAM *stream, CONF_DATA *data, int *linenum) +{ + const int line_len = (CONF_LINE_LEN + 2) * sizeof(WCHAR); + NTSTATUS status; + WCHAR *line; + WCHAR *ptr; + CONF_SECTION *section; + + line = Mem_Alloc(data->pool, line_len); + if (! line) + return STATUS_INSUFFICIENT_RESOURCES; + + status = Conf_Read_Line(stream, line, linenum); + //DbgPrint("Conf_Read_Line (%d/%X) --> %S\n", *linenum, status, line); + while (NT_SUCCESS(status)) { + + // + // extract the section name from the section name + // + + if (line[0] != L'[') { + status = STATUS_INVALID_PARAMETER; + break; + } + ptr = &line[1]; + while (*ptr && *ptr != L']') + ++ptr; + if (*ptr != L']') { + status = STATUS_INVALID_PARAMETER; + break; + } + *ptr = L'\0'; + + if (_wcsnicmp(&line[1], Conf_UserSettings_, 13) == 0) { + if (! line[14]) { + status = STATUS_INVALID_PARAMETER; + break; + } + } else if (_wcsnicmp(&line[1], Conf_Template_, 9) == 0) { + if (! line[10]) { + status = STATUS_INVALID_PARAMETER; + break; + } + } else if (! Box_IsValidName(&line[1])) { + status = STATUS_INVALID_PARAMETER; + break; + } + + // + // find an existing section by that name or create a new one + // +#ifdef USE_CONF_MAP + section = map_get(&data->sections_map, &line[1]); +#else + section = List_Head(&data->sections); + while (section) { + if (_wcsicmp(section->name, &line[1]) == 0) + break; + section = List_Next(section); + } +#endif + + if (! section) { + + section = Mem_Alloc(data->pool, sizeof(CONF_SECTION)); + if (! section) { + status = STATUS_INSUFFICIENT_RESOURCES; + break; + } + + if ((*linenum) >= CONF_TMPL_LINE_BASE) + section->from_template = TRUE; + else + section->from_template = FALSE; + + section->name = Mem_AllocString(data->pool, &line[1]); + if (! section->name) { + status = STATUS_INSUFFICIENT_RESOURCES; + break; + } + + List_Init(§ion->settings); +#ifdef USE_CONF_MAP + map_init(§ion->settings_map, data->pool); + section->settings_map.func_key_size = NULL; + section->settings_map.func_match_key = &str_map_match; + section->settings_map.func_hash_key = &str_map_hash; + map_resize(§ion->settings_map, 16); // prepare some buckets for better performance +#endif + + List_Insert_After(&data->sections, NULL, section); +#ifdef USE_CONF_MAP + if(map_insert(&data->sections_map, section->name, section, 0) == NULL) { + status = STATUS_INSUFFICIENT_RESOURCES; + break; + } +#endif + } + + // read settings for this section + + status = Conf_Read_Settings(stream, data, section, line, linenum); + } + + Mem_Free(line, line_len); + + return status; +} + + +//--------------------------------------------------------------------------- +// Conf_Read_Settings +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_Read_Settings( + STREAM *stream, CONF_DATA *data, CONF_SECTION *section, + WCHAR *line, int *linenum) +{ + NTSTATUS status; + WCHAR *ptr; + WCHAR *value; + CONF_SETTING *setting; + + while (1) { + + status = Conf_Read_Line(stream, line, linenum); + if (! NT_SUCCESS(status)) + break; + + if (line[0] == L'[' || line[0] == L']') + break; + + // parse setting name=value + + ptr = wcschr(line, L'='); + if ((! ptr) || ptr == line) { + status = STATUS_INVALID_PARAMETER; + break; + } + value = &ptr[1]; + + // eliminate trailing whitespace in the setting name + + while (ptr > line) { + --ptr; + if (*ptr > 32) { + ++ptr; + break; + } + } + *ptr = L'\0'; + + // eliminate leading and trailing whitespace in value + + while (*value <= 32) { + if (! (*value)) + break; + ++value; + } + + if (*value == L'\0') { + status = STATUS_INVALID_PARAMETER; + break; + } + + ptr = value + wcslen(value); + while (ptr > value) { + --ptr; + if (*ptr > 32) { + ++ptr; + break; + } + } + *ptr = L'\0'; + + // + // add the new setting + // + + setting = Mem_Alloc(data->pool, sizeof(CONF_SETTING)); + if (! setting) { + status = STATUS_INSUFFICIENT_RESOURCES; + break; + } + + if ((*linenum) >= CONF_TMPL_LINE_BASE) + setting->from_template = TRUE; + else + setting->from_template = FALSE; + + setting->template_handled = FALSE; + + setting->name = Mem_AllocString(data->pool, line); + if (! setting->name) { + status = STATUS_INSUFFICIENT_RESOURCES; + break; + } + + setting->value = Mem_AllocString(data->pool, value); + if (! setting->value) { + status = STATUS_INSUFFICIENT_RESOURCES; + break; + } + + List_Insert_After(§ion->settings, NULL, setting); +#ifdef USE_CONF_MAP + if(map_append(§ion->settings_map, setting->name, setting, 0) == NULL) { + status = STATUS_INSUFFICIENT_RESOURCES; + break; + } +#endif + } + + return status; +} + + +//--------------------------------------------------------------------------- +// Conf_Read_Line +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_Read_Line(STREAM *stream, WCHAR *line, int *linenum) +{ + NTSTATUS status; + WCHAR *ptr; + USHORT ch; + + while (1) { + + // skip leading control and whitespace characters + while (1) { + status = Stream_Read_Wchar(stream, &ch); + if ((! NT_SUCCESS(status)) || (ch > 32 && ch < 0xFE00)) + break; + if (ch == L'\r') + continue; + if (ch == L'\n') { + ULONG numlines = (++(*linenum)); + if (numlines >= CONF_TMPL_LINE_BASE) + numlines -= CONF_TMPL_LINE_BASE; + if (numlines > CONF_MAX_LINES) { + status = STATUS_TOO_MANY_COMMANDS; + break; + } + } + } + if (! NT_SUCCESS(status)) { + *line = L'\0'; + break; + } + + // read characters until hitting the newline mark + ptr = line; + while (1) { + *ptr = ch; + ++ptr; + if (ptr - line == CONF_LINE_LEN) + status = STATUS_BUFFER_OVERFLOW; + else + status = Stream_Read_Wchar(stream, &ch); + if ((! NT_SUCCESS(status)) || ch == L'\n' || ch == L'\r') + break; + } + + // remove all trailing control and whitespace characters + while (ptr > line) { + --ptr; + if (*ptr > 32) { + ++ptr; + break; + } + } + *ptr = L'\0'; + + // don't report end-of-file if we have data to return + if (ptr > line && status == STATUS_END_OF_FILE) + status = STATUS_SUCCESS; + + // if we are about to successfully return a comment line, + // then discard the line and restart from the top + if (status == STATUS_SUCCESS && *line == L'#') + continue; + + break; + } + + return status; +} + + +//--------------------------------------------------------------------------- +// Conf_Get_Section +//--------------------------------------------------------------------------- + + +_FX CONF_SECTION* Conf_Get_Section( + CONF_DATA* data, const WCHAR* section_name) +{ +#ifdef USE_CONF_MAP + // + // lookup the template section in the hash map + // + + return map_get(&data->sections_map, section_name); +#else + // + // scan for a matching template section + // + + CONF_SECTION* section = List_Head(&data->sections); + while (section) { + + if (_wcsicmp(section->name, section_name) == 0) { + + break; + } + + section = List_Next(section); + } + return section; +#endif +} + + +//--------------------------------------------------------------------------- +// Conf_Merge_Templates +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_Merge_Templates(CONF_DATA *data, ULONG session_id) +{ + NTSTATUS status; + CONF_SECTION *sandbox; + CONF_SETTING *setting; + + // + // first handle the global section + // + + CONF_SECTION* global = Conf_Get_Section(data, Conf_GlobalSettings); + if (global) { + status = Conf_Merge_Global(data, session_id, global); + if (!NT_SUCCESS(status)) + return status; + } + + // + // second handle the default templates + // + + global = Conf_Get_Section(data, Conf_DefaultTemplates); + if (global) { + status = Conf_Merge_Global(data, session_id, global); + if (!NT_SUCCESS(status)) + return status; + } + + // + // scan sections to find a sandbox section + // + + sandbox = List_Head(&data->sections); + while (sandbox) { + + CONF_SECTION *next_sandbox = List_Next(sandbox); + + // + // break once the template section starts + // + + if (sandbox->from_template) { + // we can break because template sections come after + // all non-template sections + break; + } + + // + // skip the global section, skip any local template sections and user settings sections + // + + if (_wcsicmp(sandbox->name, Conf_GlobalSettings) == 0 || + _wcsnicmp(sandbox->name, Conf_Template_, 9) == 0 || // Template_ or Template_Local_ + _wcsnicmp(sandbox->name, Conf_UserSettings_, 13) == 0) { + + sandbox = next_sandbox; + continue; + } + +#ifdef USE_CONF_MAP + + // + // use a keyed itterator to quickly go through all Template=Xxx settings + // + + map_iter_t iter2 = map_key_iter(&sandbox->settings_map, Conf_Template); + while (map_next(&sandbox->settings_map, &iter2)) { + setting = iter2.value; +#else + + // + // scan the section for a Template=Xxx setting + // + + setting = List_Head(&sandbox->settings); + while (setting) { + + if (_wcsicmp(setting->name, Conf_Template) != 0) { + + setting = List_Next(setting); + continue; + } +#endif + + if (setting->template_handled) { + +#ifndef USE_CONF_MAP + setting = List_Next(setting); +#endif + continue; + } + + // + // merge the template into the sandbox section + // + + status = Conf_Merge_Template( + data, session_id, setting->value, sandbox); + + if (! NT_SUCCESS(status)) + return status; + + setting->template_handled = TRUE; + +#ifndef USE_CONF_MAP + // + // advance to next setting + // + + setting = List_Head(&sandbox->settings); +#endif + } + + // + // advance to next section + // + + sandbox = next_sandbox; + } + + return STATUS_SUCCESS; +} + + +//--------------------------------------------------------------------------- +// Conf_Merge_Global +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_Merge_Global( + CONF_DATA *data, ULONG session_id, + CONF_SECTION *global) +{ + NTSTATUS status; + CONF_SECTION *sandbox; + CONF_SETTING *setting; + + // + // scan the section for a Template=Xxx setting + // + + setting = List_Head(&global->settings); + while (setting) { + + if (_wcsicmp(setting->name, Conf_Template) != 0) { + + setting = List_Next(setting); + continue; + } + + // + // scan sections to find a sandbox section + // + + sandbox = List_Head(&data->sections); + while (sandbox) { + + CONF_SECTION *next_sandbox = List_Next(sandbox); + + // + // break once the template section starts + // + + if (sandbox->from_template) { + // we can break because template sections come after + // all non-template sections + break; + } + + // + // skip the global section, any template sections and user settings sections + // + + if (_wcsicmp(sandbox->name, Conf_GlobalSettings) == 0 || + _wcsnicmp(sandbox->name, Conf_Template_, 9) == 0 || + _wcsnicmp(sandbox->name, Conf_UserSettings_, 13) == 0) { + + sandbox = next_sandbox; + continue; + } + + // + // merge the template into the sandbox section + // + + status = Conf_Merge_Template( + data, session_id, setting->value, sandbox); + + if (! NT_SUCCESS(status)) + return status; + + // + // advance to next section + // + + sandbox = next_sandbox; + } + + // + // advance to next setting + // + + setting = List_Next(setting); + } + + return STATUS_SUCCESS; +} + + +//--------------------------------------------------------------------------- +// Conf_Merge_Template +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_Merge_Template( + CONF_DATA *data, ULONG session_id, + const WCHAR *tmpl_name, CONF_SECTION *section) +{ + CONF_SECTION *tmpl = NULL; + + WCHAR section_name[130]; // 128 + 2 // max regular section length is 64 + if (wcslen(tmpl_name) < 119) { // 128 - wcslen(Conf_Template_) + wcscpy(section_name, Conf_Template_); + wcscat(section_name, tmpl_name); + tmpl = Conf_Get_Section(data, section_name); + } + + // + // copy settings from template section into sandbox section + // + + if (tmpl) { + + CONF_SETTING *oset, *nset; + + oset = List_Head(&tmpl->settings); + while (oset) { + + if (_wcsnicmp(oset->name, Conf_Tmpl, 5) == 0) { + oset = List_Next(oset); + continue; + } + + nset = Mem_Alloc(data->pool, sizeof(CONF_SETTING)); + nset->from_template = TRUE; + nset->template_handled = FALSE; + if (! nset) + return STATUS_INSUFFICIENT_RESOURCES; + nset->name = Mem_AllocString(data->pool, oset->name); + if (! nset->name) + return STATUS_INSUFFICIENT_RESOURCES; + nset->value = Mem_AllocString(data->pool, oset->value); + if (! nset->value) + return STATUS_INSUFFICIENT_RESOURCES; + + List_Insert_After(§ion->settings, NULL, nset); +#ifdef USE_CONF_MAP + if(map_append(§ion->settings_map, nset->name, nset, 0) == NULL) + return STATUS_INSUFFICIENT_RESOURCES; +#endif + + oset = List_Next(oset); + } + + } else { + + Log_Msg_Session(MSG_CONF_MISSING_TMPL, + section->name, tmpl_name, session_id); + } + + return STATUS_SUCCESS; +} + + +//--------------------------------------------------------------------------- +// Conf_Get_Helper +//--------------------------------------------------------------------------- + + +_FX const WCHAR *Conf_Get_Helper( + const WCHAR *section_name, const WCHAR *setting_name, + ULONG *index, BOOLEAN skip_tmpl) +{ + WCHAR *value; + CONF_SECTION *section; + CONF_SETTING *setting; + + value = NULL; + +#ifdef USE_CONF_MAP + // + // lookup the section in the hash map + // + + section = map_get(&Conf_Data.sections_map, section_name); +#else + section = List_Head(&Conf_Data.sections); + while (section) { + //DbgPrint(" Examining section at %X name %S (looking for %S)\n", section, section->name, section_name); + if (_wcsicmp(section->name, section_name) == 0) + break; + section = List_Next(section); + } +#endif + if (skip_tmpl && section && section->from_template) + section = NULL; + + if (section) { +#ifdef USE_CONF_MAP + // + // use a keyed itterator to quickly go through all matching settings + // + + map_iter_t iter2 = map_key_iter(§ion->settings_map, setting_name); + while (map_next(§ion->settings_map, &iter2)) { + setting = iter2.value; +#else + setting = List_Head(§ion->settings); + while (setting) { + //DbgPrint(" Examining setting at %X name %S (looking for %S)\n", setting, setting->name, setting_name); +#endif + if (skip_tmpl && setting->from_template) { + // we can break because template settings come after + // all non-template settings + break; + } +#ifndef USE_CONF_MAP + if (_wcsicmp(setting->name, setting_name) == 0) { +#endif + if (*index == 0) { + value = setting->value; + break; + } + --(*index); +#ifndef USE_CONF_MAP + } + setting = List_Next(setting); +#endif + } + } + + return value; +} + + +//--------------------------------------------------------------------------- +// Conf_Get_Section_Name +//--------------------------------------------------------------------------- + + +_FX const WCHAR *Conf_Get_Section_Name(ULONG index, BOOLEAN skip_tmpl) +{ + WCHAR *value; + CONF_SECTION *section; + + value = NULL; + + section = List_Head(&Conf_Data.sections); + while (section) { + CONF_SECTION *next_section = List_Next(section); + + if (_wcsicmp(section->name, Conf_GlobalSettings) == 0) { + section = next_section; + continue; + } + if (skip_tmpl && section->from_template) { + // we can break because template sections come after + // all non-template sections + break; + } + if (index == 0) { + value = section->name; + break; + } + + --index; + section = next_section; + } + + return value; +} + + +//--------------------------------------------------------------------------- +// Conf_Get_Setting_Name +//--------------------------------------------------------------------------- + + +_FX const WCHAR *Conf_Get_Setting_Name( + const WCHAR *section_name, ULONG index, BOOLEAN skip_tmpl) +{ + WCHAR *value; + CONF_SECTION *section; + CONF_SETTING *setting, *setting2; + BOOLEAN dup; + + value = NULL; + +#ifdef USE_CONF_MAP + // + // lookup the section in the hash map + // + + section = map_get(&Conf_Data.sections_map, section_name); +#else + section = List_Head(&Conf_Data.sections); + while (section) { + if (_wcsicmp(section->name, section_name) == 0) + break; + section = List_Next(section); + } +#endif + if (skip_tmpl && section && section->from_template) + section = NULL; + + if (section) { + setting = List_Head(§ion->settings); + while (setting) { + + if (skip_tmpl && setting->from_template) { + // we can break because template settings come after + // all non-template settings + break; + } + + // + // check if we already processed this name + // + + dup = FALSE; + setting2 = List_Head(§ion->settings); + while (setting2 && setting2 != setting) { + if (_wcsicmp(setting2->name, setting->name) == 0) { + dup = TRUE; + break; + } else + setting2 = List_Next(setting2); + } + + if (! dup) { + if (index == 0) { + value = setting->name; + break; + } else + --index; + } + + setting = List_Next(setting); + } + } + + return value; +} + + +//--------------------------------------------------------------------------- +// Conf_Get +//--------------------------------------------------------------------------- + + +_FX const WCHAR *Conf_Get( + const WCHAR *section, const WCHAR *setting, ULONG index) +{ + const WCHAR *value; + BOOLEAN have_section; + BOOLEAN have_setting; + BOOLEAN check_global; + BOOLEAN skip_tmpl; + KIRQL irql; + + value = NULL; + have_section = (section && section[0]); + have_setting = (setting && setting[0]); + skip_tmpl = ((index & CONF_GET_NO_TEMPLS) != 0); + + KeRaiseIrql(APC_LEVEL, &irql); + ExAcquireResourceSharedLite(Conf_Lock, TRUE); + + if ((! have_section) && have_setting && + _wcsicmp(setting, L"IniLocation") == 0) { + + // return "H" if configuration file was found in the Sandboxie + // home directory, or "W" if it was found in Windows directory + + value = (Conf_Data.home) ? Conf_H : Conf_W; + + } else if ((!have_section) && have_setting && + _wcsicmp(setting, L"IniEncoding") == 0) { + + // return "U" if configuration file was Unicode encoded, + // or "8" if it was UTF-8 encoded + + value = (Conf_Data.encoding == 1) ? Conf_UTF8 : Conf_Unicode; + + } + else if (have_setting) { + + check_global = ((index & CONF_GET_NO_GLOBAL) == 0); + index &= 0xFFFF; + + if (section) + value = Conf_Get_Helper(section, setting, &index, skip_tmpl); + + // + // when no value has been found for the given section + // try getting it from the global section + // + + if ((! value) && check_global) { + value = Conf_Get_Helper( + Conf_GlobalSettings, setting, &index, skip_tmpl); + } + + } else if (have_section && (! have_setting)) { + + value = Conf_Get_Setting_Name(section, index & 0xFFFF, skip_tmpl); + + } else if ((! have_section) && (! have_setting)) { + + value = Conf_Get_Section_Name(index & 0xFFFF, skip_tmpl); + } + + ExReleaseResourceLite(Conf_Lock); + KeLowerIrql(irql); + + return value; +} + + +//--------------------------------------------------------------------------- +// Conf_Get_Boolean +//--------------------------------------------------------------------------- + + +_FX BOOLEAN Conf_Get_Boolean( + const WCHAR *section, const WCHAR *setting, ULONG index, BOOLEAN def) +{ + const WCHAR *value; + BOOLEAN retval; + + Conf_AdjustUseCount(TRUE); + + value = Conf_Get(section, setting, index); + + retval = def; + if (value) { + if (*value == 'y' || *value == 'Y') + retval = TRUE; + else if (*value == 'n' || *value == 'N') + retval = FALSE; + } + + Conf_AdjustUseCount(FALSE); + + return retval; +} + + +//--------------------------------------------------------------------------- +// Conf_Get_Number +//--------------------------------------------------------------------------- + + +_FX ULONG Conf_Get_Number( + const WCHAR *section, const WCHAR *setting, ULONG index, ULONG def) +{ + const WCHAR *value; + ULONG retval; + + Conf_AdjustUseCount(TRUE); + + value = Conf_Get(section, setting, index); + + retval = def; + if (value) { + + NTSTATUS status; + UNICODE_STRING uni; + RtlInitUnicodeString(&uni, value); + status = RtlUnicodeStringToInteger(&uni, 10, &retval); + if (! NT_SUCCESS(status)) + retval = def; + } + + Conf_AdjustUseCount(FALSE); + + return retval; +} + + +//--------------------------------------------------------------------------- +// Conf_IsValidBox +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_IsValidBox(const WCHAR *section_name) +{ + CONF_SECTION *section; + NTSTATUS status; + KIRQL irql; + + if ( _wcsicmp(section_name, Conf_GlobalSettings) == 0 + || _wcsicmp(section_name, Conf_TemplateSettings) == 0 + || _wcsnicmp(section_name, Conf_Template_, 9) == 0 + || _wcsnicmp(section_name, Conf_UserSettings_, 13) == 0) { + + status = STATUS_OBJECT_TYPE_MISMATCH; + + } else { + + KeRaiseIrql(APC_LEVEL, &irql); + ExAcquireResourceSharedLite(Conf_Lock, TRUE); + + section = List_Head(&Conf_Data.sections); + while (section) { + if (_wcsicmp(section->name, section_name) == 0) + break; + section = List_Next(section); + } + + if (! section) + status = STATUS_OBJECT_NAME_NOT_FOUND; + + else if (section->from_template) + status = STATUS_OBJECT_TYPE_MISMATCH; + + else + status = STATUS_SUCCESS; + + ExReleaseResourceLite(Conf_Lock); + KeLowerIrql(irql); + } + + return status; +} + + +//--------------------------------------------------------------------------- +// Conf_Api_Reload +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_Api_Reload(PROCESS *proc, ULONG64 *parms) +{ + NTSTATUS status; + ULONG flags; + + if (proc) + return STATUS_NOT_IMPLEMENTED; + + flags = (ULONG)parms[2]; + + if (flags & SBIE_CONF_FLAG_RELOAD_CERT) { + status = MyValidateCertificate(); + goto finish; + } + + status = Conf_Read((ULONG)parms[1]); + + if (status == STATUS_OBJECT_NAME_NOT_FOUND || + status == STATUS_OBJECT_PATH_NOT_FOUND) { + + // + // if configuration file was removed, reset configuration + // + + POOL *pool; + + KIRQL irql; + KeRaiseIrql(APC_LEVEL, &irql); + ExAcquireResourceExclusiveLite(Conf_Lock, TRUE); + + pool = Conf_Data.pool; + + Conf_Data.pool = NULL; + List_Init(&Conf_Data.sections); +#ifdef USE_CONF_MAP + map_init(&Conf_Data.sections_map, NULL); + Conf_Data.sections_map.func_key_size = NULL; + Conf_Data.sections_map.func_match_key = &str_map_match; + Conf_Data.sections_map.func_hash_key = &str_map_hash; + map_resize(&Conf_Data.sections_map, 16); // prepare some buckets for better performance +#endif + + Conf_Data.home = FALSE; + Conf_Data.encoding = 0; + + ExReleaseResourceLite(Conf_Lock); + KeLowerIrql(irql); + + if (pool) + Pool_Delete(pool); + + status = STATUS_SUCCESS; + } + + // + // Check the reconfigure drier flag and if its set, load/unload the components accordingly + // + + if (flags & SBIE_CONF_FLAG_RECONFIGURE) { + + static volatile ULONG reconf_lock = 0; + if (InterlockedCompareExchange(&reconf_lock, 1, 0) != 0) { + status = STATUS_OPERATION_IN_PROGRESS; + goto finish; // don't do anything is a reconfiguration is already in progress + } + + BOOLEAN wpf_enabled = Conf_Get_Boolean(NULL, L"NetworkEnableWFP", 0, FALSE); + extern BOOLEAN WFP_Enabled; + if (WFP_Enabled != wpf_enabled) { + if (wpf_enabled) { + extern BOOLEAN WFP_Load(void); + WFP_Load(); + } + else { + extern void WFP_Unload(void); + WFP_Unload(); + } + } + + extern UCHAR SandboxieLogonSid[SECURITY_MAX_SID_SIZE]; + if (Conf_Get_Boolean(NULL, L"AllowSandboxieLogon", 0, FALSE) && SandboxieLogonSid[0] == 0) { + extern BOOLEAN Token_Init_SbieLogin(void); + Token_Init_SbieLogin(); + } + + InterlockedExchange(&reconf_lock, 0); + } + + Api_SendServiceMessage(SVC_CONFIG_UPDATED, 0, NULL); + +finish: + return status; +} + + +//--------------------------------------------------------------------------- +// Conf_Api_Query +//--------------------------------------------------------------------------- + + +_FX NTSTATUS Conf_Api_Query(PROCESS *proc, ULONG64 *parms) +{ + NTSTATUS status; + WCHAR *parm; + ULONG *parm2; + WCHAR boxname[70]; + WCHAR setting[70]; + ULONG index; + const WCHAR *value1; + WCHAR *value2; + + // parms[1] --> WCHAR [66] SectionName + + memzero(boxname, sizeof(boxname)); + if (proc) + wcscpy(boxname, proc->box->name); + else { + parm = (WCHAR *)parms[1]; + if (parm) { + ProbeForRead(parm, sizeof(WCHAR) * 64, sizeof(WCHAR)); + if (parm[0]) + wcsncpy(boxname, parm, 64); + } + } + + // parms[2] --> WCHAR [66] SettingName + + memzero(setting, sizeof(setting)); + parm = (WCHAR *)parms[2]; + if (parm) { + ProbeForRead(parm, sizeof(WCHAR) * 64, sizeof(WCHAR)); + if (parm[0]) + wcsncpy(setting, parm, 64); + } + + // parms[3] --> ULONG SettingIndex + + index = 0; + parm2 = (ULONG *)parms[3]; + if (parm2) { + ProbeForRead(parm2, sizeof(ULONG), sizeof(ULONG)); + index = *parm2; + if ((index & 0xFFFF) > 1000) + return STATUS_INVALID_PARAMETER; + } else + return STATUS_INVALID_PARAMETER; + + // + // get value + // + + Conf_AdjustUseCount(TRUE); + + if (setting && setting[0] == L'%') + value1 = setting; // shortcut to expand a avariable + else + value1 = Conf_Get(boxname, setting, index); + if (! value1) { + status = STATUS_RESOURCE_NAME_NOT_FOUND; + goto release_and_return; + } + + if (index & CONF_GET_NO_EXPAND) + value2 = (WCHAR *)value1; + else { + + // expand value. if caller is sandboxed, use its BOX (with its + // expand_args) for that. otherwise, create a temporary BOX + + if (proc) + value2 = Conf_Expand(proc->box->expand_args, value1, setting); + else { + + CONF_EXPAND_ARGS *expand_args = Mem_Alloc(Driver_Pool, sizeof(CONF_EXPAND_ARGS)); + if (! expand_args) { + status = STATUS_UNSUCCESSFUL; + goto release_and_return; + } + + expand_args->pool = Driver_Pool; + expand_args->sandbox = boxname; + + UNICODE_STRING SidString; + ULONG SessionId; + status = Process_GetSidStringAndSessionId(NtCurrentProcess(), NULL, &SidString, &SessionId); + if (!NT_SUCCESS(status)) { + Mem_Free(expand_args, sizeof(CONF_EXPAND_ARGS)); + status = STATUS_UNSUCCESSFUL; + goto release_and_return; + } + + expand_args->sid = SidString.Buffer; + expand_args->session = &SessionId; + + value2 = Conf_Expand(expand_args, value1, setting); + + RtlFreeUnicodeString(&SidString); + + Mem_Free(expand_args, sizeof(CONF_EXPAND_ARGS)); + } + + if (! value2) { + status = STATUS_INSUFFICIENT_RESOURCES; + goto release_and_return; + } + } + + // write value into user buffer Output + // parms[4] --> user buffer Output + + __try { + + UNICODE_STRING64 *user_uni = (UNICODE_STRING64 *)parms[4]; + ULONG len = (wcslen(value2) + 1) * sizeof(WCHAR); + Api_CopyStringToUser(user_uni, value2, len); + + status = STATUS_SUCCESS; + + } __except (EXCEPTION_EXECUTE_HANDLER) { + status = GetExceptionCode(); + } + + if (value2 != value1) + Mem_FreeString(value2); + +release_and_return: + + Conf_AdjustUseCount(FALSE); + + return status; +} + + +//--------------------------------------------------------------------------- +// Conf_Init +//--------------------------------------------------------------------------- + + +_FX BOOLEAN Conf_Init(void) +{ + Conf_Data.pool = NULL; + List_Init(&Conf_Data.sections); +#ifdef USE_CONF_MAP + map_init(&Conf_Data.sections_map, NULL); + Conf_Data.sections_map.func_key_size = NULL; + Conf_Data.sections_map.func_match_key = &str_map_match; + Conf_Data.sections_map.func_hash_key = &str_map_hash; +#endif + + Conf_Data.home = FALSE; + Conf_Data.encoding = 0; + + if (! Mem_GetLockResource(&Conf_Lock, TRUE)) + return FALSE; + + if (! Conf_Init_User()) + return FALSE; + + Conf_Read(-1); + + // + // set API functions + // + + Api_SetFunction(API_RELOAD_CONF, Conf_Api_Reload); + Api_SetFunction(API_QUERY_CONF, Conf_Api_Query); + + return TRUE; +} + + +//--------------------------------------------------------------------------- +// Conf_Unload +//--------------------------------------------------------------------------- + + +_FX void Conf_Unload(void) +{ + Conf_Unload_User(); + + if (Conf_Data.pool) { + Pool_Delete(Conf_Data.pool); + Conf_Data.pool = NULL; + } + + Mem_FreeLockResource(&Conf_Lock); +} diff --git a/Sandboxie/install/Templates.ini b/Sandboxie/install/Templates.ini index 84c4e380..f5e6280b 100644 --- a/Sandboxie/install/Templates.ini +++ b/Sandboxie/install/Templates.ini @@ -1,3343 +1,3343 @@ -# -# Sandboxie Official Configuration Templates -# -# PLEASE DO NOT EDIT -# -# You may place local (custom) templates in your Sandbox.ini -# file. Use the examples here to create your own templates, but -# do not copy the [TemplateSettings] section. -# -# Please name your own local templates in such a way that -# it will not introduce conflicts with the official templates. -# -# For example, if you design a local template to resolve -# a conflict with the utility ExampleSoft: -# -# [Template_Local_ExampleSoft] -# Tmpl.Title=ExampleSoft -# Tmpl.Class=Local -# OpenWinClass=ExampleSoft_WindowClass -# OpenIpcPath=*\BaseNamedObjects*\ExampleSoft_* -# -# Note the use of the word "local" to prevent a conflict, -# should this official template file later be revised to -# include a template for ExampleSoft. -# -# Local templates that appear in your Sandbox.ini are -# treated the same way as any official template in this file, -# and can be activated in Sandbox Control. -# -# A template section (official or local) may only contain the -# following settings: -# -# Tmpl.Title -# Tmpl.Class -# Tmpl.Url -# Tmpl.Comment -# Tmpl.Scan -# OpenFilePath -# OpenPipePath -# ReadFilePath -# ClosedFilePath -# OpenKeyPath -# ReadKeyPath -# ClosedKeyPath -# OpenIpcPath -# ClosedIpcPath -# OpenWinclass -# OpenClsid -# RecoverFolder -# AutoRecoverIgnore -# ForceProcess -# ForceFolder -# OpenProtectedStorage -# OpenCredentials -# ProcessGroup -# -# Any other settings must not be used, as it may confuse the -# Sandbox Control program. -# - -[DefaultTemplates] -Template=RpcPortBindings -Template=SpecialImages - - -[TemplateSettings] -Tmpl.Version=1 -Tmpl.RoboForm=%Personal%\My RoboForm Data -Tmpl.Firefox=%AppData%\Mozilla\Firefox\Profiles\* -Tmpl.Waterfox=%AppData%\Waterfox\Profiles\* -Tmpl.PaleMoon=%AppData%\Moonchild Productions\Pale Moon\Profiles\* -Tmpl.SeaMonkey=%AppData%\Mozilla\SeaMonkey\Profiles\* -Tmpl.LibreWolf=%AppData%\LibreWolf\Profiles\* -Tmpl.Office_Outlook=%Local AppData%\Microsoft\Outlook -Tmpl.Windows_Vista_Mail=%Local AppData%\Microsoft\Windows Mail -Tmpl.Windows_Live_Mail=%Local AppData%\Microsoft\Windows Live Mail -Tmpl.Incredimail=%Local AppData%\IM -Tmpl.eDocPrinter=%ProgramFiles%\ITEKSOFT\eDocPrinter* -Tmpl.FinePrint=%Personal%\FinePrint files -Tmpl.Chrome=%Local AppData%\Google\Chrome\User Data\Default -Tmpl.Edge=%Local AppData%\Microsoft\Edge\User Data\Default -Tmpl.Dragon=%Local AppData%\Comodo\Dragon\User Data\Default -Tmpl.Iron=%Local AppData%\Chromium\User Data\Default -Tmpl.Ungoogled=%Local AppData%\Chromium\User Data\Default -Tmpl.Vivaldi=%Local AppData%\Vivaldi\User Data\Default -Tmpl.Brave=%Local AppData%\BraveSoftware\Brave-Browser\User Data\Default -Tmpl.Maxthon_6=%Local AppData%\Maxthon\Application\User Data\Default -Tmpl.Opera=%AppData%\Opera Software\Opera Stable -Tmpl.Yandex=%Local AppData%\Yandex\YandexBrowser\User Data\Default -Tmpl.Thunderbird=%Local AppData%\Thunderbird -Tmpl.Thunderbird:ExpectFile=xulstore.json -Tmpl.Opera_Mail=%Local AppData%\Opera\*\mail -Tmpl.Opera_Mail:ExpectFile=accounts.ini -Tmpl.Zotero=%Tmpl.Firefox%\zotero -Tmpl.KasperskyDataRoot=%AllUsersProfile%\Kaspersky Lab -Tmpl.TheBat=%AppData%\The Bat! -Tmpl.eM_Client=%AppData%\eM Client - - -# -# Custom handling for special images -# - -[Template_SpecialImages] -#Tmpl.Title=#xxxx -Tmpl.Class=Misc - -SpecialImage=chrome,chrome.exe -SpecialImage=chrome,msedge.exe -SpecialImage=chrome,iron.exe -SpecialImage=chrome,dragon.exe -SpecialImage=chrome,opera.exe -SpecialImage=chrome,neon.exe -SpecialImage=chrome,maxthon.exe -SpecialImage=chrome,vivaldi.exe -SpecialImage=chrome,brave.exe -SpecialImage=chrome,browser.exe -SpecialImage=chrome,slack.exe - -SpecialImage=firefox,firefox.exe -SpecialImage=firefox,waterfox.exe -SpecialImage=firefox,palemoon.exe -SpecialImage=firefox,basilisk.exe -SpecialImage=firefox,seamonkey.exe -SpecialImage=firefox,k-meleon.exe -SpecialImage=firefox,librewolf.exe - -SpecialImage=thunderbird,thunderbird.exe - -SpecialImage=mail,winmail.exe -SpecialImage=mail,IncMail.exe -SpecialImage=mail,eudora.exe -SpecialImage=mail,thebat32.exe -SpecialImage=mail,thebat64.exe -SpecialImage=mail,Foxmail.exe -SpecialImage=mail,Mailbird.exe -SpecialImage=mail,MailClient.exe -SpecialImage=mail,postbox.exe -SpecialImage=mail,Inky.exe - -SpecialImage=browser,PuffinSecureBrowser.exe - - -# -# Internet Explorer -# - -[Template_IExplore_Force] -Tmpl.Title=#4323,Internet Explorer -Tmpl.Class=WebBrowser -ForceProcess=iexplore.exe - -[Template_IExplore_Favorites_DirectAccess] -Tmpl.Title=#4326,Internet Explorer -Tmpl.Class=WebBrowser -OpenFilePath=iexplore.exe,%Favorites% -#OpenFilePath=firefox.exe,%Favorites% - -[Template_IExplore_Favorites_RecoverFolder] -Tmpl.Title=#4327 -Tmpl.Class=WebBrowser -RecoverFolder=%Favorites% - -[Template_IExplore_History_DirectAccess] -Tmpl.Title=#4336,Internet Explorer -Tmpl.Class=WebBrowser -OpenFilePath=iexplore.exe,%Favorites% -OpenFilePath=iexplore.exe,%History%\History.IE5\* -OpenKeyPath=iexplore.exe,HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs -# Windows Search features needed for address bar in IE 8 -OpenClsid={7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} -OpenClsid={9E175B6D-F52A-11D8-B9A5-505054503030} -OpenPipePath=\Device\NamedPipe\MsFteWds -# Internet Explorer 10 history pane -OpenFilePath=|%Local AppData%\Microsoft\Windows\ - -[Template_IExplore_Cookies_DirectAccess] -Tmpl.Title=#4328,Internet Explorer -Tmpl.Class=WebBrowser -OpenFilePath=iexplore.exe,%Cookies% -# Internet Explorer 10 cookies -OpenClsid={0358b920-0ac7-461f-98f4-58e32cd89148} -OpenIpcPath=\RPC Control\webcache_* -OpenIpcPath=*\BaseNamedObjects*\windows_webcache_* -OpenFilePath=%Local AppData%\Microsoft\Internet Explorer\DOMStore\* - -[Template_IExplore_Feeds_DirectAccess] -Tmpl.Title=#4325,Internet Explorer -Tmpl.Class=WebBrowser -OpenFilePath=iexplore.exe,%Local AppData%\Microsoft\Feeds\ -OpenFilePath=iexplore.exe,%Local AppData%\Microsoft\Feeds Cache\ - -[Template_IExplore_ProtectedStorage] -Tmpl.Title=#4329 -Tmpl.Class=WebBrowser -OpenProtectedStorage=y -OpenKeyPath=iexplore.exe,HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms -OpenKeyPath=iexplore.exe,HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs - -# [Template_IExplore_Credentials] -# Tmpl.Title=#4330 -# Tmpl.Class=WebBrowser -# OpenCredentials=y - -# -# Firefox / Waterfox / PaleMoon / SeaMonkey / LibreWolf -# - -# -# Firefox -# - -[Template_Firefox_Force] -Tmpl.Title=#4323,Mozilla Firefox -Tmpl.Class=WebBrowser -ForceProcess=firefox.exe - -[Template_Firefox_Bookmarks_DirectAccess] -Tmpl.Title=#4336,Mozilla Firefox -Tmpl.Class=WebBrowser -OpenFilePath=firefox.exe,%Tmpl.Firefox%\bookmark* -OpenFilePath=firefox.exe,%Tmpl.Firefox%\places* -OpenFilePath=firefox.exe,%Tmpl.Firefox%\favicons.sqlite - -[Template_Firefox_Cookies_DirectAccess] -Tmpl.Title=#4328,Mozilla Firefox -Tmpl.Class=WebBrowser -OpenFilePath=firefox.exe,%Tmpl.Firefox%\cookies* - -[Template_Firefox_Passwords_DirectAccess] -Tmpl.Title=#4331,Mozilla Firefox -Tmpl.Class=WebBrowser -OpenFilePath=firefox.exe,%Tmpl.Firefox%\logins.json -OpenFilePath=firefox.exe,%Tmpl.Firefox%\key*.db - -[Template_Firefox_Session_DirectAccess] -Tmpl.Title=#4340,Mozilla Firefox -Tmpl.Class=WebBrowser -OpenFilePath=firefox.exe,%Tmpl.Firefox%\sessionstore.js* - -[Template_Firefox_Phishing_DirectAccess] -Tmpl.Title=#4337,Mozilla Firefox -Tmpl.Class=WebBrowser -OpenFilePath=firefox.exe,%Tmpl.Firefox%\cert9.db -OpenFilePath=firefox.exe,%Local AppData%\Mozilla\Firefox\Profiles\*\safebrowsing* - -[Template_Firefox_Profile_DirectAccess] -Tmpl.Title=#4338,Mozilla Firefox -Tmpl.Class=WebBrowser -OpenFilePath=firefox.exe,%Tmpl.Firefox%\* - -[Template_Firefox_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# Waterfox -# - -[Template_Waterfox_Force] -Tmpl.Title=#4323,Waterfox -Tmpl.Class=WebBrowser -ForceProcess=waterfox.exe - -[Template_Waterfox_Bookmarks_DirectAccess] -Tmpl.Title=#4336,Waterfox -Tmpl.Class=WebBrowser -OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\bookmark* -OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\places* - -[Template_Waterfox_Cookies_DirectAccess] -Tmpl.Title=#4328,Waterfox -Tmpl.Class=WebBrowser -OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\cookies* - -[Template_Waterfox_Passwords_DirectAccess] -Tmpl.Title=#4331,Waterfox -Tmpl.Class=WebBrowser -OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\logins.json -OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\key*.db - -[Template_Waterfox_Session_DirectAccess] -Tmpl.Title=#4340,Waterfox -Tmpl.Class=WebBrowser -OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\sessionstore.js* - -[Template_Waterfox_Phishing_DirectAccess] -Tmpl.Title=#4337,Waterfox -Tmpl.Class=WebBrowser -OpenFilePath=waterfox.exe,%Tmpl.WaterFox%\blocklist.xml -OpenFilePath=waterfox.exe,%Tmpl.WaterFox%\cert9.db -OpenFilePath=waterfox.exe,%Local AppData%\Waterfox\Profiles\*\safebrowsing* - -[Template_Waterfox_Profile_DirectAccess] -Tmpl.Title=#4338,Waterfox -Tmpl.Class=WebBrowser -OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\* - -[Template_Waterfox_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# Pale Moon -# - -[Template_PaleMoon_Force] -Tmpl.Title=#4323,Pale Moon -Tmpl.Class=WebBrowser -ForceProcess=palemoon.exe - -[Template_PaleMoon_Bookmarks_DirectAccess] -Tmpl.Title=#4336,Pale Moon -Tmpl.Class=WebBrowser -OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\bookmark* -OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\places* - -[Template_PaleMoon_Cookies_DirectAccess] -Tmpl.Title=#4328,Pale Moon -Tmpl.Class=WebBrowser -OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\cookies* - -[Template_PaleMoon_Passwords_DirectAccess] -Tmpl.Title=#4331,Pale Moon -Tmpl.Class=WebBrowser -OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\logins.json -OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\key*.db - -[Template_PaleMoon_Session_DirectAccess] -Tmpl.Title=#4340,Pale Moon -Tmpl.Class=WebBrowser -OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\sessionstore.js - -[Template_PaleMoon_Phishing_DirectAccess] -Tmpl.Title=#4337,Pale Moon -Tmpl.Class=WebBrowser -OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\blocklist.xml -OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\cert9.db - -[Template_PaleMoon_Profile_DirectAccess] -Tmpl.Title=#4338,Pale Moon -Tmpl.Class=WebBrowser -OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\* - -[Template_PaleMoon_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# SeaMonkey Browser -# - -[Template_SeaMonkey_Force] -Tmpl.Title=#4323,SeaMonkey -Tmpl.Class=WebBrowser -ForceProcess=seamonkey.exe - -[Template_SeaMonkey_Bookmarks_DirectAccess] -Tmpl.Title=#4336,SeaMonkey -Tmpl.Class=WebBrowser -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\bookmark* -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\places* - -[Template_SeaMonkey_Cookies_DirectAccess] -Tmpl.Title=#4328,SeaMonkey -Tmpl.Class=WebBrowser -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\cookies* - -[Template_SeaMonkey_Passwords_DirectAccess] -Tmpl.Title=#4331,SeaMonkey -Tmpl.Class=WebBrowser -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\logins.json -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\key*.db - -[Template_SeaMonkey_Session_DirectAccess] -Tmpl.Title=#4340,SeaMonkey -Tmpl.Class=WebBrowser -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\sessionstore.js - -[Template_SeaMonkey_Phishing_DirectAccess] -Tmpl.Title=#4337,SeaMonkey -Tmpl.Class=WebBrowser -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\blocklist.xml -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\cert9.db -OpenFilePath=seamonkey.exe,%Local AppData%\Mozilla\SeaMonkey\Profiles\*\safebrowsing* - -[Template_SeaMonkey_Profile_DirectAccess] -Tmpl.Title=#4338,SeaMonkey -Tmpl.Class=WebBrowser -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\* - -[Template_SeaMonkey_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# LibreWolf -# - -[Template_LibreWolf_Force] -Tmpl.Title=#4323,LibreWolf -Tmpl.Class=WebBrowser -ForceProcess=librewolf.exe - -[Template_LibreWolf_Bookmarks_DirectAccess] -Tmpl.Title=#4336,LibreWolf -Tmpl.Class=WebBrowser -OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\bookmark* -OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\places* -OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\favicons.sqlite - -[Template_LibreWolf_Cookies_DirectAccess] -Tmpl.Title=#4328,LibreWolf -Tmpl.Class=WebBrowser -OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\cookies* - -[Template_LibreWolf_Passwords_DirectAccess] -Tmpl.Title=#4331,LibreWolf -Tmpl.Class=WebBrowser -OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\logins.json -OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\key*.db - -[Template_LibreWolf_Session_DirectAccess] -Tmpl.Title=#4340,LibreWolf -Tmpl.Class=WebBrowser -OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\sessionstore.js* - -[Template_LibreWolf_Phishing_DirectAccess] -Tmpl.Title=#4337,LibreWolf -Tmpl.Class=WebBrowser -OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\cert9.db -OpenFilePath=librewolf.exe,%Local AppData%\LibreWolf\Profiles\*\safebrowsing* - -[Template_LibreWolf_Profile_DirectAccess] -Tmpl.Title=#4338,LibreWolf -Tmpl.Class=WebBrowser -OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\* - -# -# Firefox Add-ons -# - -[Template_Firefox_Addon_Zotero] -Tmpl.Title=Zotero (with XPDF) -Tmpl.Class=WebBrowser -Tmpl.Url=http://www.zotero.org/ -OpenFilePath=,%Tmpl.Zotero%\* -ProcessGroup=,firefox.exe,pdfinfo-Win32.exe,pdftotext-Win32.exe - -# -# Google Chrome / Microsoft Edge (Chromium) / Comodo Dragon / SRWare Iron / Ungoogled Chromium / Vivaldi / Brave Browser / Maxthon 6 (Chromium) / Opera / Yandex -# - -# -# Google Chrome -# - -[Template_Chrome_Force] -Tmpl.Title=#4323,Google Chrome -Tmpl.Class=WebBrowser -ForceProcess=chrome.exe - -[Template_Chrome_Bookmarks_DirectAccess] -Tmpl.Title=#4356,Google Chrome -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Bookmarks* -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Favicons* - -[Template_Chrome_History_DirectAccess] -Tmpl.Title=#4336,Google Chrome -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Bookmarks* -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Favicons* -OpenFilePath=chrome.exe,%Tmpl.Chrome%\*History* -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Current * -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Last * -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Visited Links* - -[Template_Chrome_Cookies_DirectAccess] -Tmpl.Title=#4328,Google Chrome -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Cookies* - -[Template_Chrome_Passwords_DirectAccess] -Tmpl.Title=#4331,Google Chrome -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Login Data* - -[Template_Chrome_Preferences_DirectAccess] -Tmpl.Title=#4339,Google Chrome -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Preferences* - -[Template_Chrome_Sync_DirectAccess] -Tmpl.Title=#4324,Google Chrome -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Sync Data\* -OpenFilePath=chrome.exe,%Tmpl.Chrome%\Sync Extension Settings\* - -[Template_Chrome_Phishing_DirectAccess] -Tmpl.Title=#4337,Google Chrome -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Local AppData%\Google\Chrome\User Data\Safe Browsing* -OpenFilePath=chrome.exe,%Local AppData%\Google\Chrome\User Data\CertificateRevocation - -[Template_Chrome_Profile_DirectAccess] -Tmpl.Title=#4338,Google Chrome -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Chrome%\* - -# -# Microsoft Edge (Chromium) -# - -[Template_Edge_Force] -Tmpl.Title=#4323,Microsoft Edge -Tmpl.Class=WebBrowser -ForceProcess=msedge.exe - -[Template_Edge_Bookmarks_DirectAccess] -Tmpl.Title=#4356,Microsoft Edge -Tmpl.Class=WebBrowser -OpenFilePath=msedge.exe,%Tmpl.Edge%\Bookmarks* -OpenFilePath=msedge.exe,%Tmpl.Edge%\Favicons* - -[Template_Edge_History_DirectAccess] -Tmpl.Title=#4336,Microsoft Edge -Tmpl.Class=WebBrowser -OpenFilePath=msedge.exe,%Tmpl.Edge%\Bookmarks* -OpenFilePath=msedge.exe,%Tmpl.Edge%\Favicons* -OpenFilePath=msedge.exe,%Tmpl.Edge%\*History* -OpenFilePath=msedge.exe,%Tmpl.Edge%\Current * -OpenFilePath=msedge.exe,%Tmpl.Edge%\Last * -OpenFilePath=msedge.exe,%Tmpl.Edge%\Visited Links* - -[Template_Edge_Cookies_DirectAccess] -Tmpl.Title=#4328,Microsoft Edge -Tmpl.Class=WebBrowser -OpenFilePath=msedge.exe,%Tmpl.Edge%\Cookies* - -[Template_Edge_Passwords_DirectAccess] -Tmpl.Title=#4331,Microsoft Edge -Tmpl.Class=WebBrowser -OpenFilePath=msedge.exe,%Tmpl.Edge%\Login Data* - -[Template_Edge_Preferences_DirectAccess] -Tmpl.Title=#4339,Microsoft Edge -Tmpl.Class=WebBrowser -OpenFilePath=msedge.exe,%Tmpl.Edge%\Preferences* - -[Template_Edge_Sync_DirectAccess] -Tmpl.Title=#4324,Microsoft Edge -Tmpl.Class=WebBrowser -OpenFilePath=msedge.exe,%Tmpl.Edge%\Sync Data\* -OpenFilePath=msedge.exe,%Tmpl.Edge%\Sync Extension Settings\* - -[Template_Edge_Phishing_DirectAccess] -Tmpl.Title=#4337,Microsoft Edge -Tmpl.Class=WebBrowser -OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\Safe Browsing* -OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\CertificateRevocation -OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\SmartScreen -OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\Ad Blocking - -[Template_Edge_Profile_DirectAccess] -Tmpl.Title=#4338,Microsoft Edge -Tmpl.Class=WebBrowser -OpenFilePath=msedge.exe,%Tmpl.Edge%\* - -# -# Comodo Dragon -# - -[Template_Dragon_Force] -Tmpl.Title=#4323,Comodo Dragon -Tmpl.Class=WebBrowser -ForceProcess=dragon.exe - -[Template_Dragon_Bookmarks_DirectAccess] -Tmpl.Title=#4356,Comodo Dragon -Tmpl.Class=WebBrowser -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Bookmarks* -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Favicons* - -[Template_Dragon_History_DirectAccess] -Tmpl.Title=#4336,Comodo Dragon -Tmpl.Class=WebBrowser -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Bookmarks* -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Favicons* -OpenFilePath=dragon.exe,%Tmpl.Dragon%\*History* -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Current * -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Last * -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Visited Links* - -[Template_Dragon_Cookies_DirectAccess] -Tmpl.Title=#4328,Comodo Dragon -Tmpl.Class=WebBrowser -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Cookies* - -[Template_Dragon_Passwords_DirectAccess] -Tmpl.Title=#4331,Comodo Dragon -Tmpl.Class=WebBrowser -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Login Data* - -[Template_Dragon_Preferences_DirectAccess] -Tmpl.Title=#4339,Comodo Dragon -Tmpl.Class=WebBrowser -OpenFilePath=dragon.exe,%Tmpl.Dragon%\Preferences* - -[Template_Dragon_Phishing_DirectAccess] -Tmpl.Title=#4337,Comodo Dragon -Tmpl.Class=WebBrowser -OpenFilePath=dragon.exe,%Local AppData%\Comodo\Dragon\User Data\Safe Browsing* -OpenFilePath=dragon.exe,%Local AppData%\Comodo\Dragon\User Data\CertificateRevocation - -[Template_Dragon_Profile_DirectAccess] -Tmpl.Title=#4338,Comodo Dragon -Tmpl.Class=WebBrowser -OpenFilePath=dragon.exe,%Tmpl.Dragon%\* - -[Template_Dragon_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# SRWare Iron -# - -[Template_Iron_Force] -Tmpl.Title=#4323,SRWare Iron -Tmpl.Class=WebBrowser -ForceFolder=C:\Program Files\SRWare Iron (64-Bit) - -[Template_Iron_Bookmarks_DirectAccess] -Tmpl.Title=#4356,SRWare Iron -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Iron%\Bookmarks* -OpenFilePath=chrome.exe,%Tmpl.Iron%\Favicons* - -[Template_Iron_History_DirectAccess] -Tmpl.Title=#4336,SRWare Iron -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Iron%\Bookmarks* -OpenFilePath=chrome.exe,%Tmpl.Iron%\Favicons* -OpenFilePath=chrome.exe,%Tmpl.Iron%\*History* -OpenFilePath=chrome.exe,%Tmpl.Iron%\Current * -OpenFilePath=chrome.exe,%Tmpl.Iron%\Last * -OpenFilePath=chrome.exe,%Tmpl.Iron%\Visited Links* - -[Template_Iron_Cookies_DirectAccess] -Tmpl.Title=#4328,SRWare Iron -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Iron%\Cookies* - -[Template_Iron_Passwords_DirectAccess] -Tmpl.Title=#4331,SRWare Iron -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Iron%\Login Data* - -[Template_Iron_Preferences_DirectAccess] -Tmpl.Title=#4339,SRWare Iron -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Iron%\Preferences* - -[Template_Iron_Sync_DirectAccess] -Tmpl.Title=#4324,SRWare Iron -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Iron%\Sync Data\* - -[Template_Iron_Phishing_DirectAccess] -Tmpl.Title=#4337,SRWare Iron -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Local AppData%\Chromium\User Data\Safe Browsing* -OpenFilePath=chrome.exe,%Local AppData%\Chromium\User Data\CertificateRevocation - -[Template_Iron_Profile_DirectAccess] -Tmpl.Title=#4338,SRWare Iron -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Iron%\* - -[Template_Iron_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# Ungoogled Chromium -# - -[Template_Ungoogled_Force] -Tmpl.Title=#4323,Ungoogled Chromium -Tmpl.Class=WebBrowser -ForceProcess=chrome.exe - -[Template_Ungoogled_Bookmarks_DirectAccess] -Tmpl.Title=#4356,Ungoogled Chromium -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Bookmarks* -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Favicons* - -[Template_Ungoogled_History_DirectAccess] -Tmpl.Title=#4336,Ungoogled Chromium -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Bookmarks* -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Favicons* -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\*History* -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Current * -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Last * -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Visited Links* - -[Template_Ungoogled_Cookies_DirectAccess] -Tmpl.Title=#4328,Ungoogled Chromium -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Cookies* - -[Template_Ungoogled_Passwords_DirectAccess] -Tmpl.Title=#4331,Ungoogled Chromium -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Login Data* - -[Template_Ungoogled_Preferences_DirectAccess] -Tmpl.Title=#4339,Ungoogled Chromium -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Preferences* - -[Template_Ungoogled_Sync_DirectAccess] -Tmpl.Title=#4324,Ungoogled Chromium -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Sync Data\* - -[Template_Ungoogled_Profile_DirectAccess] -Tmpl.Title=#4338,Ungoogled Chromium -Tmpl.Class=WebBrowser -OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\* - -[Template_Ungoogled_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# Vivaldi -# - -[Template_Vivaldi_Force] -Tmpl.Title=#4323,Vivaldi -Tmpl.Class=WebBrowser -ForceProcess=vivaldi.exe - -[Template_Vivaldi_Bookmarks_DirectAccess] -Tmpl.Title=#4356,Vivaldi -Tmpl.Class=WebBrowser -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Bookmarks* -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Favicons* - -[Template_Vivaldi_History_DirectAccess] -Tmpl.Title=#4336,Vivaldi -Tmpl.Class=WebBrowser -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Bookmarks* -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Favicons* -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\*History* -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Current * -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Last * -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Visited Links* - -[Template_Vivaldi_Cookies_DirectAccess] -Tmpl.Title=#4328,Vivaldi -Tmpl.Class=WebBrowser -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Cookies* - -[Template_Vivaldi_Notes_DirectAccess] -Tmpl.Title=#4341,Vivaldi -Tmpl.Class=WebBrowser -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Notes* - -[Template_Vivaldi_Passwords_DirectAccess] -Tmpl.Title=#4331,Vivaldi -Tmpl.Class=WebBrowser -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Login Data* - -[Template_Vivaldi_Preferences_DirectAccess] -Tmpl.Title=#4339,Vivaldi -Tmpl.Class=WebBrowser -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Preferences* - -[Template_Vivaldi_Sync_DirectAccess] -Tmpl.Title=#4324,Vivaldi -Tmpl.Class=WebBrowser -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Sync Data\* -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Sync Extension Settings\* - -[Template_Vivaldi_Phishing_DirectAccess] -Tmpl.Title=#4337,Vivaldi -Tmpl.Class=WebBrowser -OpenFilePath=vivaldi.exe,%Local AppData%\Vivaldi\User Data\Safe Browsing* -OpenFilePath=vivaldi.exe,%Local AppData%\Vivaldi\User Data\CertificateRevocation - -[Template_Vivaldi_Profile_DirectAccess] -Tmpl.Title=#4338,Vivaldi -Tmpl.Class=WebBrowser -OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\* - -[Template_Vivaldi_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# Brave Browser -# - -[Template_Brave_Force] -Tmpl.Title=#4323,Brave Browser -Tmpl.Class=WebBrowser -ForceProcess=brave.exe - -[Template_Brave_Bookmarks_DirectAccess] -Tmpl.Title=#4356,Brave Browser -Tmpl.Class=WebBrowser -OpenFilePath=brave.exe,%Tmpl.Brave%\Bookmarks* -OpenFilePath=brave.exe,%Tmpl.Brave%\Favicons* - -[Template_Brave_History_DirectAccess] -Tmpl.Title=#4336,Brave Browser -Tmpl.Class=WebBrowser -OpenFilePath=brave.exe,%Tmpl.Brave%\Bookmarks* -OpenFilePath=brave.exe,%Tmpl.Brave%\Favicons* -OpenFilePath=brave.exe,%Tmpl.Brave%\*History* -OpenFilePath=brave.exe,%Tmpl.Brave%\Current * -OpenFilePath=brave.exe,%Tmpl.Brave%\Last * -OpenFilePath=brave.exe,%Tmpl.Brave%\Visited Links* - -[Template_Brave_Cookies_DirectAccess] -Tmpl.Title=#4328,Brave Browser -Tmpl.Class=WebBrowser -OpenFilePath=brave.exe,%Tmpl.Brave%\Cookies* - -[Template_Brave_Passwords_DirectAccess] -Tmpl.Title=#4331,Brave Browser -Tmpl.Class=WebBrowser -OpenFilePath=brave.exe,%Tmpl.Brave%\Login Data* - -[Template_Brave_Preferences_DirectAccess] -Tmpl.Title=#4339,Brave Browser -Tmpl.Class=WebBrowser -OpenFilePath=brave.exe,%Tmpl.Brave%\Preferences* - -[Template_Brave_Sync_DirectAccess] -Tmpl.Title=#4324,Brave Browser -Tmpl.Class=WebBrowser -OpenFilePath=brave.exe,%Tmpl.Brave%\Sync Data\* - -[Template_Brave_Phishing_DirectAccess] -Tmpl.Title=#4337,Brave Browser -Tmpl.Class=WebBrowser -OpenFilePath=brave.exe,%Local AppData%\BraveSoftware\Brave-Browser\User Data\Safe Browsing* -OpenFilePath=brave.exe,%Local AppData%\BraveSoftware\Brave-Browser\User Data\CertificateRevocation - -[Template_Brave_Profile_DirectAccess] -Tmpl.Title=#4338,Brave Browser -Tmpl.Class=WebBrowser -OpenFilePath=brave.exe,%Tmpl.Brave%\* - -[Template_Brave_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# Maxthon 6 (Chromium) -# - -[Template_Maxthon6_Force] -Tmpl.Title=#4323,Maxthon 6 -Tmpl.Class=WebBrowser -ForceProcess=Maxthon.exe - -[Template_Maxthon6_Bookmarks_DirectAccess] -Tmpl.Title=#4356,Maxthon 6 -Tmpl.Class=WebBrowser -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Bookmarks* -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Favicons* - -[Template_Maxthon6_History_DirectAccess] -Tmpl.Title=#4336,Maxthon 6 -Tmpl.Class=WebBrowser -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Bookmarks* -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Favicons* -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\*History* -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Current * -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Last * -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Visited Links* - -[Template_Maxthon6_Cookies_DirectAccess] -Tmpl.Title=#4328,Maxthon 6 -Tmpl.Class=WebBrowser -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Cookies* - -[Template_Maxthon6_Passwords_DirectAccess] -Tmpl.Title=#4331,Maxthon 6 -Tmpl.Class=WebBrowser -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Login Data* - -[Template_Maxthon6_Preferences_DirectAccess] -Tmpl.Title=#4339,Maxthon 6 -Tmpl.Class=WebBrowser -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Preferences* - -[Template_Maxthon6_Phishing_DirectAccess] -Tmpl.Title=#4337,Maxthon 6 -Tmpl.Class=WebBrowser -OpenFilePath=Maxthon.exe,%Local AppData%\Maxthon\Application\User Data\Safe Browsing* -OpenFilePath=Maxthon.exe,%Local AppData%\Maxthon\Application\User Data\CertificateRevocation - -[Template_Maxthon6_Profile_DirectAccess] -Tmpl.Title=#4338,Maxthon 6 -Tmpl.Class=WebBrowser -OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\* - -[Template_Maxthon6_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# Opera -# - -[Template_Opera_Force] -Tmpl.Title=#4323,Opera -Tmpl.Class=WebBrowser -ForceProcess=opera.exe - -[Template_Opera_Bookmarks_DirectAccess] -Tmpl.Title=#4356,Opera -Tmpl.Class=WebBrowser -OpenFilePath=opera.exe,%Tmpl.Opera%\Bookmarks* -OpenFilePath=opera.exe,%Tmpl.Opera%\Favicons* - -[Template_Opera_History_DirectAccess] -Tmpl.Title=#4336,Opera -Tmpl.Class=WebBrowser -OpenFilePath=opera.exe,%Tmpl.Opera%\Bookmarks* -OpenFilePath=opera.exe,%Tmpl.Opera%\Favicons* -OpenFilePath=opera.exe,%Tmpl.Opera%\*History* -OpenFilePath=opera.exe,%Tmpl.Opera%\Current * -OpenFilePath=opera.exe,%Tmpl.Opera%\Last * -OpenFilePath=opera.exe,%Tmpl.Opera%\Visited Links* - -[Template_Opera_Cookies_DirectAccess] -Tmpl.Title=#4328,Opera -Tmpl.Class=WebBrowser -OpenFilePath=opera.exe,%Tmpl.Opera%\Cookies* - -[Template_Opera_Passwords_DirectAccess] -Tmpl.Title=#4331,Opera -Tmpl.Class=WebBrowser -OpenFilePath=opera.exe,%Tmpl.Opera%\Login Data* - -[Template_Opera_Preferences_DirectAccess] -Tmpl.Title=#4339,Opera -Tmpl.Class=WebBrowser -OpenFilePath=opera.exe,%Tmpl.Opera%\Preferences* - -[Template_Opera_Sync_DirectAccess] -Tmpl.Title=#4324,Opera -Tmpl.Class=WebBrowser -OpenFilePath=opera.exe,%Tmpl.Opera%\Sync Data\* - -[Template_Opera_Phishing_DirectAccess] -Tmpl.Title=#4337,Opera -Tmpl.Class=WebBrowser -OpenFilePath=opera.exe,%Tmpl.Opera%\CertificateRevocation - -[Template_Opera_Profile_DirectAccess] -Tmpl.Title=#4338,Opera -Tmpl.Class=WebBrowser -OpenFilePath=opera.exe,%Tmpl.Opera%\* -OpenFilePath=launcher.exe,%Local AppData%\*\Opera\* -OpenFilePath=opera.exe,%Local AppData%\*\Opera\*\* - -[Template_Opera_Separator] -Tmpl.Title=- -Tmpl.Class=WebBrowser - -# -# Yandex -# - -[Template_Yandex_Force] -Tmpl.Title=#4323,Yandex Browser -Tmpl.Class=WebBrowser -ForceProcess=browser.exe - -[Template_Yandex_Bookmarks_DirectAccess] -Tmpl.Title=#4356,Yandex Browser -Tmpl.Class=WebBrowser -OpenFilePath=browser.exe,%Tmpl.Yandex%\Bookmarks* -OpenFilePath=browser.exe,%Tmpl.Yandex%\Favicons* - -[Template_Yandex_History_DirectAccess] -Tmpl.Title=#4336,Yandex Browser -Tmpl.Class=WebBrowser -OpenFilePath=browser.exe,%Tmpl.Yandex%\Bookmarks* -OpenFilePath=browser.exe,%Tmpl.Yandex%\Favicons* -OpenFilePath=browser.exe,%Tmpl.Yandex%\*History* -OpenFilePath=browser.exe,%Tmpl.Yandex%\Current * -OpenFilePath=browser.exe,%Tmpl.Yandex%\Last * -OpenFilePath=browser.exe,%Tmpl.Yandex%\Visited Links* - -[Template_Yandex_Cookies_DirectAccess] -Tmpl.Title=#4328,Yandex Browser -Tmpl.Class=WebBrowser -OpenFilePath=browser.exe,%Tmpl.Yandex%\Cookies* - -[Template_Yandex_Passwords_DirectAccess] -Tmpl.Title=#4331,Yandex Browser -Tmpl.Class=WebBrowser -OpenFilePath=browser.exe,%Tmpl.Yandex%\Ya Passman Data* - -[Template_Yandex_Preferences_DirectAccess] -Tmpl.Title=#4339,Yandex Browser -Tmpl.Class=WebBrowser -OpenFilePath=browser.exe,%Tmpl.Yandex%\Preferences* - -[Template_Yandex_Sync_DirectAccess] -Tmpl.Title=#4324,Yandex Browser -Tmpl.Class=WebBrowser -OpenFilePath=browser.exe,%Tmpl.Yandex%\Sync Data\* - -[Template_Yandex_Phishing_DirectAccess] -Tmpl.Title=#4337,Yandex Browser -Tmpl.Class=WebBrowser -OpenFilePath=browser.exe,%Local AppData%\Yandex\YandexBrowser\User Data\Safe Browsing* -OpenFilePath=browser.exe,%Local AppData%\Yandex\YandexBrowser\User Data\CertificateRevocation - -[Template_Yandex_Profile_DirectAccess] -Tmpl.Title=#4338,Yandex Browser -Tmpl.Class=WebBrowser -OpenFilePath=browser.exe,%Tmpl.Yandex%\* - -# -# Email Reader -# - -[Template_Office_Outlook] -Tmpl.Title=Office Outlook -Tmpl.Class=EmailReader -ProcessGroup=,outlook.exe -OpenFilePath=,%Tmpl.Office_Outlook% -OpenFilePath=,%AppData%\Microsoft\Outlook -OpenFilePath=,%Local AppData%\Microsoft\Outlook -OpenFilePath=outlook.exe,*.eml -OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Office -OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager -OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook -# Outlook pst locks -OpenIpcPath=,*\BaseNamedObjects*\OLKCRPC.OBJ=* -OpenIpcPath=,*\BaseNamedObjects*\MAPI-HP* -OpenIpcPath=,*\BaseNamedObjects*\*_WCIDXPACKED -OpenIpcPath=,*\BaseNamedObjects*\*_WCEMPTY -OpenIpcPath=,*\BaseNamedObjects*\*_WCWRITE -OpenIpcPath=,*\BaseNamedObjects*\*_WCINFO -OpenIpcPath=,*\BaseNamedObjects*\*_CACHEMUTEX -OpenIpcPath=,*\BaseNamedObjects*\*_NDB_ZOMBIE -OpenIpcPath=,*\BaseNamedObjects*\NDB_ROOT_MUTEX -OpenIpcPath=,*\BaseNamedObjects*\Shared-NDB-FE -OpenIpcPath=,*\BaseNamedObjects*\Optex_*_LogOptex -OpenIpcPath=,*\BaseNamedObjects*\OfficeSharedLocks_* -OpenIpcPath=,*\BaseNamedObjects\WMS Notif Engine* -OpenWinClass=,WMS ST Notif Class -# Integration with Windows Desktop Search -OpenClsid={7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} -OpenClsid={9E175B6D-F52A-11D8-B9A5-505054503030} -OpenPipePath=\Device\NamedPipe\MsFteWds - -[Template_Office_Outlook_NEO_Pro] -Tmpl.Title=Office Outlook + NEO Pro -Tmpl.Class=EmailReader -Tmpl.Url=http://www.caelo.com/ -ProcessGroup=,neopro.exe -OpenFilePath=,%Local AppData%\Caelo\NEO Pro\* -OpenKeyPath=,HKEY_CURRENT_USER\Software\Caelo Software\ -LingerProcess=w32mkde.exe - -[Template_Office_Outlook_Copernic_Desktop_Search] -Tmpl.Title=Office Outlook + Copernic Desktop Search -Tmpl.Class=EmailReader -Tmpl.Url=http://www.copernic.com/index.html -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{728F7B17-0053-4543-B232-EC3F19A97985} -OpenIpcPath=,$:DesktopSearchService.exe -OpenIpcPath=,*\BaseNamedObjects*\*DDCS - -[Template_Office_Outlook_Avast_Mail_Scanner] -Tmpl.Title=Office Outlook + avast! Mail Scanner -Tmpl.Class=EmailReader -Tmpl.Url=http://www.avast.com -Tmpl.Scan=s -Tmpl.ScanService=avast! Mail Scanner -OpenIpcPath=,\RPC Control\[Aavm] -OpenIpcPath=,*\BaseNamedObjects*\*Aavm* -OpenIpcPath=,*\BaseNamedObjects*\AvOut* -OpenIpcPath=,*\BaseNamedObjects*\AvSPM* -OpenIpcPath=,*\BaseNamedObjects*\AvRes* -ProcessGroup=,outlook.exe - -[Template_Office_Outlook_Rainlendar] -Tmpl.Title=Office Outlook + Rainlendar -Tmpl.Class=EmailReader -Tmpl.Url=http://www.rainlendar.net -Tmpl.Scan=s -Tmpl.ScanProduct=Rainlendar2 -OpenIpcPath=,*\BaseNamedObjects*\Mutex_MSOSharedMem -OpenIpcPath=,*\BaseNamedObjects*\MSOutlook97_ANCTinuse -OpenIpcPath=,$:Rainlendar2.exe -ProcessGroup=,outlook.exe - -[Template_Windows_Vista_Mail] -Tmpl.Title=Windows Vista Mail -Tmpl.Class=EmailReader -OpenFilePath=winmail.exe,%Tmpl.Windows_Vista_Mail% -OpenFilePath=winmail.exe,%AppData%\Microsoft\Windows Mail -OpenFilePath=winmail.exe,%Local AppData%\Microsoft\Windows Mail -OpenFilePath=winmail.exe,*.eml -OpenKeyPath=winmail.exe,HKEY_CURRENT_USER\Software\Microsoft\Windows Mail -OpenKeyPath=winmail.exe,HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager - -[Template_Windows_Live_Mail] -Tmpl.Title=Windows Live Mail -Tmpl.Class=EmailReader -ProcessGroup=,wlmail.exe,wlcomm.exe -OpenFilePath=,%Tmpl.Windows_Live_Mail% -OpenFilePath=,%AppData%\Microsoft\Windows Live Mail -OpenFilePath=,%AppData%\Microsoft\Windows Live Contacts -OpenFilePath=,%Local AppData%\Microsoft\Windows Live Mail -OpenFilePath=,%Local AppData%\Microsoft\Windows Live Contacts -OpenFilePath=,%Local AppData%\Microsoft\Windows Live\Contacts -OpenFilePath=wlmail.exe,*.eml -OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Windows Live -OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Windows Live Mail -OpenIpcPath=,\RPC Control\LiveIdSvc - -[Template_Thunderbird] -Tmpl.Title=Thunderbird -Tmpl.Class=EmailReader -OpenFilePath=thunderbird.exe,%Tmpl.Thunderbird% -OpenFilePath=thunderbird.exe,%AppData%\Thunderbird -OpenFilePath=thunderbird.exe,%Local AppData%\Thunderbird -OpenKeyPath=thunderbird.exe,HKEY_LOCAL_MACHINE\SOFTWARE\Clients\*\Mozilla Thunderbird* -OpenKeyPath=thunderbird.exe,HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird* - -[Template_Thunderbird_PGP] -Tmpl.Title=OpenPGP for Thunderbird -Tmpl.Class=EmailReader -OpenFilePath=thunderbird.exe,%AppData%\gnupg -ProcessGroup=,gpg.exe,gpg2.exe,gpg-agent.exe -OpenFilePath=,%Tmpl.Thunderbird% -OpenFilePath=,%AppData%\Thunderbird -OpenFilePath=,%Local AppData%\Thunderbird -OpenFilePath=,%AppData%\gnupg\ -LingerProcess=gpg-agent.exe - -[Template_SeaMonkey] -Tmpl.Title=SeaMonkey -Tmpl.Class=EmailReader -OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\Mail* -#OpenFilePath=seamonkey.exe,%AppData%\Mozilla\Profiles\*\Mail* -#OpenFilePath=seamonkey.exe,%Local AppData%\Mozilla\Profiles\*\Mail* -OpenKeyPath=seamonkey.exe,HKEY_CURRENT_USER\Software\Mozilla*\SeaMonkey* -OpenKeyPath=seamonkey.exe,HKEY_LOCAL_MACHINE\Software\Mozilla\SeaMonkey* - -[Template_Opera_Mail] -Tmpl.Title=Opera Mail -Tmpl.Class=EmailReader -OpenFilePath=opera.exe,%Tmpl.Opera_Mail%\* -OpenFilePath=opera.exe,%AppData%\Opera\*\mail\* -OpenFilePath=opera.exe,%Local AppData%\Opera\*\mail\* - -[Template_IncrediMail] -Tmpl.Title=IncrediMail -Tmpl.Class=EmailReader -OpenFilePath=IncMail.exe,*\IncrediMail\Data\* -OpenFilePath=IncMail.exe,%Tmpl.Incredimail%\ -OpenFilePath=IncMail.exe,%Local AppData%\IM\ -OpenFilePath=IncMail.exe,%AppData%\IM\ -OpenFilePath=ImApp.exe,*\IncrediMail\Data\* -OpenFilePath=ImApp.exe,%Tmpl.Incredimail%\ -OpenFilePath=ImApp.exe,%Local AppData%\IM\ -OpenFilePath=ImApp.exe,%AppData%\IM\ -LingerProcess=ImApp.exe - -[Template_Eudora] -Tmpl.Title=Eudora -Tmpl.Class=EmailReader -OpenFilePath=eudora.exe,%Tmpl.Eudora% -OpenKeyPath=eudora.exe,HKEY_CURRENT_USER\Software\Qualcomm\Eudora - -[Template_TheBat] -Tmpl.Title=The Bat! -Tmpl.Class=EmailReader -ProcessGroup=,thebat32.exe,thebat64.exe -OpenFilePath=,%Tmpl.TheBat% -OpenKeyPath=,HKEY_CURRENT_USER\Software\RIT\The Bat! - -[Template_eM_Client] -Tmpl.Title=eM Client -Tmpl.Class=EmailReader -Tmpl.Url=http://www.emclient.com -OpenFilePath=MailClient.exe,%Tmpl.em_Client%\ - -[Template_SpamFighter] -Tmpl.Title=SPAMfighter -Tmpl.Class=EmailReader -Tmpl.Url=http://www.spamfighter.com/ -OpenIpcPath=*\BaseNamedObjects*\SPAMfighter.* -OpenIpcPath=*\BaseNamedObjects*\sfsg.update_* -OpenIpcPath=*\BaseNamedObjects*\log-*_SPAMfighter_Logs_* -OpenIpcPath=*\BaseNamedObjects*\*?SPAMCFG.EXE -OpenKeyPath=HKEY_CURRENT_USER\Software\SPAMfighter\ - -[Template_GreatNews] -Tmpl.Title=Great News RSS Reader -Tmpl.Class=EmailReader -Tmpl.Url=http://www.curiostudio.com/download.html -Tmpl.Scan=s -Tmpl.ScanProduct={AA381A22-834B-4b21-AB78-CAFF2B05A4C3}}_is1 -OpenFilePath=GreatNews.exe,*\greatnews.ini -OpenFilePath=GreatNews.exe,*\newsfeed.db - -# -# PDF and Printing -# - -[Template_AdobeAcrobat] -Tmpl.Title=Adobe Acrobat -Tmpl.Class=Print -Tmpl.Url=http://www.adobe.com/ -OpenPipePath=\Device\NamedPipe\FLEXnet Licensing Service* -OpenIpcPath=*\BaseNamedObjects*\FLEXnet Licensing Service* -OpenWinClass=AcrobatTrayIcon - -[Template_AdobeAcrobatReader] -Tmpl.Title=Adobe Acrobat Reader -Tmpl.Class=Print -Tmpl.Url=http://www.adobe.com/ -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} -OpenPipePath=\Device\NamedPipe\AIPC_SRV\pdfshell_* -OpenPipePath=\Device\NamedPipe\AIPC_SRV\AcroSBL_* -NoRenameWinClass=AcrobatSDIWindow - -[Template_AdobeDistiller] -Tmpl.Title=Adobe Acrobat (version 8 or 9) with Distiller -Tmpl.Class=Print -Tmpl.Url=http://www.adobe.com/ -Tmpl.Scan=w -OpenPipePath=\Device\NamedPipe\PMtoDistiller -OpenWinClass=Distiller - -[Template_AdobeLicensing] -Tmpl.Title=FlexNet Licensing for Adobe and Autodesk -Tmpl.Class=Print -Tmpl.Url=http://www.adobe.com/ -Tmpl.Scan=i -OpenPipePath=\Device\NamedPipe\FLEXnet Licensing Service* -OpenIpcPath=*\BaseNamedObjects*\FLEXnet Licensing Service* - -[Template_eDocPrinter] -Tmpl.Title=ITEKSOFT eDocPrinter PDF -Tmpl.Class=Print -Tmpl.Url=http://uk.iteksoft.com/ -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{E6718EF2-2B9F-4FFE-B783-35E2CDC6F12E} -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{621483E9-77B0-4E2E-A737-2DB9D5CD02E0} -OpenIpcPath=*\BaseNamedObjects*\eDocPDF* -OpenIpcPath=*\BaseNamedObjects*\Global\eDocPDF* -OpenIpcPath=*\BaseNamedObjects*\EPDFEVTREGPIPE* -OpenPipePath=%Tmpl.eDocPrinter%\ -OpenKeyPath=HKEY_CURRENT_USER\Software\ITEKSOFT\eDocPrinter\PDF\ -OpenPipePath=%Temp%\ep*\ - -[Template_FinePrint] -Tmpl.Title=FinePrint (PDF) -Tmpl.Class=Print -Tmpl.Url=http://www.fineprint.com/products/fineprint/index.html -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\Software\FinePrint Software\FinePrint5 -Tmpl.ScanKey=\REGISTRY\MACHINE\Software\FinePrint Software\FinePrint6 -OpenIpcPath=*\BaseNamedObjects*\FP5* -OpenIpcPath=*\BaseNamedObjects*\FP6* -OpenPipePath=\Device\NamedPipe\FP5_Dispatcher_* -OpenPipePath=\Device\NamedPipe\FP6_Dispatcher_* -OpenWinClass=FP5_DispWndClass -OpenWinClass=FP6_DispWndClass -OpenKeyPath=\REGISTRY\MACHINE\Software\FinePrint Software\FinePrint5 -OpenKeyPath=\REGISTRY\MACHINE\Software\FinePrint Software\FinePrint6 -OpenFilePath=%Tmpl.FinePrint%\fp5.ini -OpenFilePath=%Tmpl.FinePrint%\fp6.ini -RecoverFolder=%Tmpl.FinePrint% - -[Template_HP_UniversalPrintDriver] -Tmpl.Title=HP Universal Print Driver -Tmpl.Class=Print -Tmpl.Url=http://www.hp.com/ -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{877A5D52-5F6F-4175-907D-A6AC4E8F1171} -OpenClsid={877A5D52-5F6F-4175-907D-A6AC4E8F1171} -#OpenPipePath=\Device\NamedPipe\wkssvc - -[Template_NitroPDF5] -Tmpl.Title=Nitro PDF 5 -Tmpl.Class=Print -Tmpl.Url=http://www.nitropdf.com/index.asp -Tmpl.Scan=w -OpenWinClass={FAF5BE9E-BAFF-47BF-BA47-1A4B15185066} -OpenWinClass={03576772-AD02-4630-BC5F-3648526FDF87} -OpenWinClass={AD744029-AC6A-4C0C-A597-D0B02CDB4DE4} -OpenPipePath=%Temp%\BCL Technologies - -[Template_NitroPDF6] -Tmpl.Title=Nitro PDF 6/7 -Tmpl.Class=Print -Tmpl.Scan=s -Tmpl.ScanService=NitroDriverReadSpool -Tmpl.ScanService=NitroDriverReadSpool2 -OpenPipePath=\Device\Mailslot\nlsX86ccMailslot -OpenPipePath=\Device\Mailslot\nlsX86ccCtlSlot -OpenPipePath=\Device\NamedPipe\nitropdfdriverspool -OpenPipePath=\Device\NamedPipe\nitropdfreaderdriverspool -OpenPipePath=\Device\Mailslot\AstccMailslot* -OpenIpcPath=*\BaseNamedObjects*\Nitro PDF Professional* - -[Template_Evernote] -Tmpl.Title=Evernote -Tmpl.Class=Print -Tmpl.Url=http://evernote.com/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\Evernote* -OpenIpcPath=*\BaseNamedObjects*\ENClipperInstanceMutex -OpenIpcPath=*\BaseNamedObjects*\ENSyncServiceAuthMutex -OpenWinClass=TENTrayMainWindow -OpenWinClass=ENMainFrame -OpenWinClass=ENMainFrame3 -OpenWinClass=HwndWrapper[Evernote.exe;* -OpenWinClass=$:EvernoteClipper.exe -LingerProcess=EvernoteClipper.exe - -[Template_MetaProducts_Inquiry] -Tmpl.Title=MetaProducts Inquiry -Tmpl.Class=Print -Tmpl.Url=http://www.metaproducts.com/mp/Inquiry_Standard_Edition.htm -ProcessGroup=,iqls.exe,iqserv.exe,inquiry.exe,iexplore.exe -OpenFilePath=,%AppData%\MetaProducts\Inquiry\ -OpenFilePath=,%Personal%\ -LingerProcess=iqserv.exe - -[Template_Pdf995] -Tmpl.Title=Pdf995 -Tmpl.Class=Print -Tmpl.Url=http://www.pdf995.com/index.html -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\PDF995 -OpenPipePath=%Common AppData%\pdf995\ -OpenPipePath=%AppData%\pdf995\ -OpenPipePath=%Local AppData%\pdf995\ - -[Template_PretonSaver] -Tmpl.Title=PretonSaver -Tmpl.Class=Print -Tmpl.Url=http://www.preton.com/ -Tmpl.Scan=s -Tmpl.ScanService=PretonClientService -OpenPipePath=\Device\NamedPipe\PT32_IpcSessionQueue* - -[Template_SolidConverter] -Tmpl.Title=Solid Converter -Tmpl.Class=Print -Tmpl.Url=http://www.soliddocuments.com/features.htm?product=SolidConverterPDF -Tmpl.Scan=s -Tmpl.ScanService=SPDFCreatorReadSpool -OpenPipePath=\Device\NamedPipe\sdspool -OpenIpcPath=*\BaseNamedObjects*\*.spl* -OpenIpcPath=*\BaseNamedObjects*\Solid* -LingerProcess=SolidConverterPDFv8.exe -LingerProcess=SolidScanServiceX86.exe -ClosedFilePath=SolidConverterPDFV8.exe,* - -[Template_UltraRecall] -Tmpl.Title=UltraRecall -Tmpl.Class=Print -Tmpl.Url=http://www.kinook.com/UltraRecall/ -Tmpl.Scan=s -Tmpl.ScanProduct=Ultra Recall_is1 -OpenWinClass=Afx:00400000:0 -OpenWinClass=$:UltraRecall.exe -OpenIpcPath=*\BaseNamedObjects*\UltraRecall - -# -# Security/Privacy -# - -[Template_a2AntiMalware] -Tmpl.Title=Emsisoft A-Squared Anti-Malware -Tmpl.Class=Security -Tmpl.Url=http://www.emsisoft.com/en/software/free/ -Tmpl.Scan=s -Tmpl.ScanService=a2AntiMalware -# version 5.0 -OpenPipePath=\Device\NamedPipe\{A2IPC}a2_ipc -OpenIpcPath=*\BaseNamedObjects*\{A2IPCMUTEX}a2_ipc -# earlier versions -OpenIpcPath=*\BaseNamedObjects*\mc2SWDIJ* -OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API* -OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* -OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* -OpenIpcPath=*\BaseNamedObjects*\mchMixCache* -OpenIpcPath=*\BaseNamedObjects*\TestQueue* -OpenIpcPath=\RPC Control\mchIpcTestQueue -OpenIpcPath=$:a2service.exe - -[Template_Anonymizer] -Tmpl.Title=Anonymizer Anonymous Surfing -Tmpl.Class=Security -Tmpl.Url=http://www.anonymizer.com/consumer/products/anonymous_surfing/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\AnonFrmWrk* -OpenIpcPath=*\BaseNamedObjects*\AnonTCPMutex - -[Template_Avast_Antivirus] -Tmpl.Title=avast! Antivirus -Tmpl.Class=Security -Tmpl.Url=http://www.avast.com -Tmpl.Scan=s -Tmpl.ScanService=avast! Antivirus -OpenWinClass=asw_av_tray_icon_wndclass -OpenIpcPath=*\BaseNamedObjects*\asw.script_blocking.conf_data* -OpenIpcPath=*\BaseNamedObjects*\aavmGlob.* -OpenIpcPath=*\BaseNamedObjects*\aavmSema.* -OpenIpcPath=*\BaseNamedObjects*\*aavmRq.map -OpenIpcPath=*\BaseNamedObjects*\*aavmSync.evt -OpenIpcPath=*\BaseNamedObjects*\*avscr*.map -ClosedFilePath=*\snxhk.dll -ClosedFilePath=*\snxhk64.dll - -[Template_AVG_Anti_Virus] -Tmpl.Title=AVG Anti-Virus / LinkScanner -Tmpl.Class=Security -Tmpl.Url=http://www.avg.com -Tmpl.Scan=s -Tmpl.ScanService=AvgLdx86 -Tmpl.ScanService=AvgMfx86 -Tmpl.ScanService=avgwd -Tmpl.ScanService=avgsvc -ProcessGroup=,avgscana.exe,avgscanx.exe,avgcsrvx.exe,avgui.exe -ProcessGroup=,avgscana.exe,avgscanx.exe,avgcsrvx.exe,avgui.exe,firefox.exe,iexplore.exe -ProcessGroup=,avgscana.exe -OpenPipePath=,\Device\NamedPipe\*-*-*-*-*::* -OpenPipePath=,\Device\NamedPipe\AVG-CHJW-* -OpenPipePath=,\Device\NamedPipe\AvgScanPipeName* -OpenPipePath=,\Device\NamedPipe\AvgUIPipeName* -OpenPipePath=,\Device\NamedPipe\__hex8__-__hex4__-__hex4__-__hex4__-__hex12__ -OpenIpcPath=,*\BaseNamedObjects*\bce5ad8b-264e-024b-81d6-f289aa672301* -OpenIpcPath=*\BaseNamedObjects*\__AVG_FW_*__ -OpenIpcPath=*\BaseNamedObjects*\CE6383A0-EB13-428c-A97E-92FE645B06E3 -OpenFilePath=,%AllUsersProfile%\AVG*\* -OpenPipePath=\Device\NamedPipe\avg-* -ClosedFilePath=*avg*snxhk*.dll - -[Template_Avira_Antivirus] -Tmpl.Title=Avira Antivirus / Internet Security -Tmpl.Class=Security -Tmpl.Url=http://www.avira.com -Tmpl.Scan=s -Tmpl.ScanService=AntiVirService -OpenIpcPath=*\BaseNamedObjects*\AVSDA_KERNELOBJECT_* -OpenIpcPath=*\BaseNamedObjects*\WEBGUARD_KERNEL_OBJECT_* -OpenIpcPath=*\BaseNamedObjects*\AVMAILC_ISPOP3ACTIVE_* -OpenIpcPath=*\BaseNamedObjects*\AVMAILC_KERNELOBJECT_* -OpenIpcPath=*\BaseNamedObjects*\AVMAILC_KERNEL_OBJECT_* -OpenIpcPath=*\BaseNamedObjects*\KERNELOBJECTNAME_* -OpenIpcPath=*\BaseNamedObjects*\KERNELOBJECT_* -OpenIpcPath=*\BaseNamedObjects*\{506A71E2-D744-4717-8689-649A16CBBA0F} - -[Template_BitDefenderInternetSecurity] -Tmpl.Title=BitDefender Internet Security -Tmpl.Class=Security -Tmpl.Url=http://www.bitdefender.com -Tmpl.Scan=s -Tmpl.ScanProduct=BitDefender -Tmpl.ScanService=vsserv -Tmpl.ScanService=ProductAgentService -OpenPipePath=\Device\NamedPipe\DEFAULT_BD_COMM_PIPE -ClosedFilePath=*BitDefender*atcuf*.dll - -[Template_BitVise] -Tmpl.Title=Bitvise SSH Client -Tmpl.Class=Security -Tmpl.Url=http://www.bitvise.com/ -Tmpl.Scan=s -Tmpl.ScanProduct=BvSshClient -OpenIpcPath=\Device\NamedPipe\TLINETLOCKPIPE - -[Template_TrendMicroBrowserGuard] -Tmpl.Title=Trend Micro Browser Guard -Tmpl.Class=Security -Tmpl.Url=http://free.antivirus.com/browser-guard/ -Tmpl.Scan=s -Tmpl.ScanProduct={D4ADDB2A-EE3C-41A7-88DF-99333DAE18E3} -OpenPipePath=\Device\NamedPipe\bgpipe - -[Template_BullGuard] -Tmpl.Title=BullGuard Antivirus / Internet Security -Tmpl.Class=Security -Tmpl.Url=http://www.bullguard.com/ -Tmpl.Scan=s -Tmpl.ScanProduct=BullGuard -OpenIpcPath=*\BaseNamedObjects*\BullGuard* - -[Template_Bsecure] -Tmpl.Title=Bsecure CloudCare -Tmpl.Class=Security -Tmpl.Url=http://www.bsecure.com/ -Tmpl.Scan=s -Tmpl.ScanService=Bsecure -Tmpl.ScanService=BsecureAV -Tmpl.ScanService=BsecureFilter -Tmpl.ScanService=BSecACFltr -OpenIpcPath=*\BaseNamedObjects*\Bsecure* -OpenIpcPath=*\BaseNamedObjects*\IsBsecureServiceRunning - -[Template_CA_InternetSecuritySuite] -Tmpl.Title=CA Internet Security Suite -Tmpl.Class=Security -Tmpl.Url=http://shop.ca.com/ca/products/internetsecurity/internetsecurity_suite.asp -Tmpl.Scan=s -Tmpl.ScanService=CAISafe -OpenIpcPath=*\BaseNamedObjects*\820EEE67-B517-405d-A775-8BE1879BD279 -OpenIpcPath=*\BaseNamedObjects*\0F727B36-E18C-47fa-B5A4-30C2B84E2EAA -OpenIpcPath=*\BaseNamedObjects*\672AF2F3-FCBE-4870-A103-E78DDCFC051C* -OpenIpcPath=*\BaseNamedObjects*\2212AC6F-01F9-4107-9DD6-C75DA65A7A1F* -OpenIpcPath=*\BaseNamedObjects*\CallingID.* -OpenIpcPath=*\BaseNamedObjects*\*UmxSbx_* -OpenClsid={1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C} -OpenClsid={5F36DC27-B076-4D0C-BD8C-7AEE14022193} -OpenClsid={E82070F7-4174-4F49-8DCF-C87F8DDF0BAA} - -[Template_ChildControl2011] -Tmpl.Title=Salfeld.com Child Control 2011 -Tmpl.Class=Security -Tmpl.Url=http://www.salfeld.com/software/parentalcontrol/index.html -Tmpl.Scan=s -Tmpl.ScanIpc=*\BaseNamedObjects*\ChicoTaskCaller* -OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* -OpenIpcPath=*\BaseNamedObjects*\mchLLEW* -OpenIpcPath=*\BaseNamedObjects*\mchMixCache* -OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API* -OpenIpcPath=*\BaseNamedObjects*\ChicoTaskCaller* -OpenIpcPath=*\BaseNamedObjects*\IPCMyLogIpc* -OpenIpcPath=*\BaseNamedObjects*\IPCWebCheck* -OpenIpcPath=*\BaseNamedObjects*\Salfeld-* -OpenIpcPath=$:webtmr.exe - -[Template_CovenantEyes] -Tmpl.Title=Covenant Eyes -Tmpl.Class=Security -Tmpl.Url=http://www.covenanteyes.com/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\CE_*Obj -OpenWinClass=$:nmSvc.exe - -[Template_ComodoInternetSecurity] -Tmpl.Title=Comodo Internet Security / Antivirus / Firewall -Tmpl.Class=Security -Tmp.Url=http://www.comodo.com/home/internet-security/free-internet-security.php -Tmpl.Scan=s -Tmpl.ScanService=cmdGuard -DelayLoadDll=guard32.dll -DelayLoadDll=guard64.dll -ClosedFilePath=*\Guard32.dll -ClosedFilePath=*\Guard64.dll - -[Template_ComodoVerificationEngine] -Tmpl.Title=Comodo Verification Engine -Tmpl.Class=Security -Tmp.Url=http://www.vengine.com/ -Tmpl.Scan=w -OpenWinClass=Comodo_TTB_Shadow_Class -OpenIpcPath=*\BaseNamedObjects*\Verification Engine Registry Mutex Object -OpenIpcPath=*\BaseNamedObjects*\EE855D62-517A-420e-ADEA-9813658B0442 -OpenIpcPath=*\BaseNamedObjects*\ESigilTaskTrayLoadMutex -OpenIpcPath=*\BaseNamedObjects*\ESigilBho::ValidateOnEvent -OpenIpcPath=*\BaseNamedObjects*\ESigilBho::ValidateOffEvent - -[Template_CyberPatrol] -Tmpl.Title=CyberPatrol -Tmpl.Class=Security -Tmp.Url=http://www.cyberpatrol.com/index.htm -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{6EE6F203-0E4B-4D35-AA06-2B6FBA833D14} -OpenClsid={09ECA3F9-F977-4FD1-84ED-68C89D435D75} -OpenClsid={24E83BB6-80E1-4A1D-BE63-82BF306F3CFA} -OpenClsid={280B4C50-B42E-47E1-8D8D-39F4CD41CDE3} -OpenClsid={37AFD09F-D0D0-47DF-91FE-67F952482929} -OpenClsid={3AA786BD-E3DB-472C-81E3-F38FF100B6BF} -OpenClsid={3D5B796D-8364-4D81-83CE-E5B32FF345AD} -OpenClsid={4C4D3C2E-A908-4F0B-90EB-0E736564CA96} -OpenClsid={4E386DFE-659D-4428-B9FC-B7B1865E8FCE} -OpenClsid={575E825A-91AB-485E-A450-351449256BEA} -OpenClsid={5D40EC06-89EC-447D-A5E1-EFEAF7FBD3B5} -OpenClsid={6164DE26-D577-4323-B588-F11105C6D30A} -OpenClsid={6792F97B-A3C1-4E89-A1C7-C7DFDA70DBE9} -OpenClsid={6DCE346B-1205-4D49-9E52-6670CF1844AB} -OpenClsid={7714CE7E-F32F-4739-9BCB-3CB442DFA724} -OpenClsid={7B5CCBA7-38B5-4B9C-A0EC-4E5ADFD7BA3A} -OpenClsid={7E9B677A-A155-4B12-A17B-9DBD4F359BCB} -OpenClsid={8ABBB2C6-FF5B-4B01-8250-673EC5155561} -OpenClsid={8C62E4AD-C390-48FD-8311-7C3E764EAD70} -OpenClsid={9B4B7F18-D1EA-43BC-93F4-EDF14E0AA703} -OpenClsid={A747A75D-D03D-48F9-9AC6-50D9B610FAC5} -OpenClsid={AA9AD697-20E3-4ECC-A746-0ABAD875C548} -OpenClsid={BB930754-5C0E-4708-B2AC-8567B9753ADE} -OpenClsid={C42F10D8-967A-4F5C-B78C-F0291C0F7FAA} -OpenClsid={D529E5B4-B49D-4D88-B04D-2FA598D76BEA} -OpenClsid={D57CF01D-10C8-46CA-B7AC-D6969D5433B8} -OpenClsid={DDC8AA23-8016-4E16-B567-8F9FBF153010} -OpenClsid={F51CD102-642B-4381-A549-CFEAF9E1EA53} -OpenClsid={FCAA2E8F-EA4E-44F6-97F5-4418E84073CA} -OpenIpcPath=*\BaseNamedObjects*\CYBERPATROLLLC_CYBERPATROL_* -OpenIpcPath=*\BaseNamedObjects*\CP_LSP_MEM_FILE_EVENT -OpenIpcPath=*\BaseNamedObjects*\CPLSP_CONTENT_MEM_MAPPED_FILE_* - -[Template_DigitalPersona] -Tmpl.Title=Digital Persona Fingerprint Reader -Tmpl.Class=Security -Tmpl.Url=http://www.digitalpersona.com/index.php?id=dev_hdw_uareu_reader -Tmpl.Scan=iw -OpenIpcPath=*\BaseNamedObjects*\__DP_TRACE_MUTEX__ -OpenIpcPath=*\BaseNamedObjects*\DP_OTS_IPC_MUTEX -OpenIpcPath=*\BaseNamedObjects*\U.are.U_VerifyCriptoprovider -OpenIpcPath=*\BaseNamedObjects*\DP_OTS_IPC_BUFFER -OpenIpcPath=*\BaseNamedObjects*\DP_OTS_LOOKUP_CACHE -OpenIpcPath=\RPC Control\DPHOST -OpenWinClass=DigitalPersona Pro Agent -OpenWinClass=DP_GlobalAvatarClass - -[Template_DrWeb_SecuritySpace] -Tmpl.Title=Dr.Web Security Space -Tmpl.Class=Security -Tmpl.Url=http://products.drweb.com/win/security_space/?lng=en -Tmpl.Scan=s -Tmpl.ScanService=DrWebEngine -Tmpl.ScanService=DrWebAVService -OpenPipePath=\Device\SpiderG3 -OpenPipePath=\Device\NamedPipe\Dr.Web -OpenPipePath=\??\SPIDER -OpenIpcPath=*\BaseNamedObjects*\DrWebOutlookRunningEvent -OpenWinClass=SpiderAgent GUI Class - -[Template_EasyHideIp] -Tmpl.Title=Easy Hide IP -Tmpl.Class=Security -Tmpl.Url=http://www.easy-hide-ip.com/ -Tmpl.Scan=s -Tmpl.ScanService=EasyRedirect -OpenIpcPath=*\BaseNamedObjects*\Redirector_event2 -OpenClsid={E8B2A82A-2B16-4DBE-BCF0-70CB49FF5022} - -[Template_FastAccessAnywhere] -Tmpl.Title=FastAccess Anywhere -Tmpl.Class=Security -Tmpl.Url=http://www.sensiblevision.com/en-us/fastaccessanywhere/overview.aspx -Tmpl.Scan=s -Tmpl.ScanIpc=*\BaseNamedObjects*\E84B01BF-FA91-48e4-A4B3-EECD7E4DB810 -OpenIpcPath=*\BaseNamedObjects*\E84B01BF-FA91-48e4-A4B3-EECD7E4DB810 -OpenIpcPath=\RPC Control\Callbacks* -OpenWinClass=FATrayAlert - -[Template_FSecure] -Tmpl.Title=F-Secure Internet Protection -Tmpl.Class=Security -Tmpl.Url=http://www.f-secure.com/en_US/products/home-office/internet-security/index.html -Tmpl.Scan=s -Tmpl.ScanService=F-Secure Filter -Tmpl.ScanService=F-Secure Gatekeeper Handler Starter -Tmpl.ScanService=F-Secure Gatekeeper -OpenIpcPath=\RPC Control\__hex12__*.*.*.*.*.*.*.* -OpenIpcPath=\RPC Control\F-Secure ORSP V1 -OpenIpcPath=*\BaseNamedObjects*\FSMB * -OpenIpcPath=*\BaseNamedObjects*\dxk390x-* -OpenIpcPath=*\BaseNamedObjects*\pipeserverhere* -OpenIpcPath=*\BaseNamedObjects*\pipeserversync* -OpenIpcPath=*\BaseNamedObjects*\pipeservertaken* -OpenPipePath=\Device\NamedPipe\__fs*__ -OpenPipePath=\Device\NamedPipe\*.*.*.*.*.*.*.*.*.* -OpenPipePath=\Device\NamedPipe\rcn_* -LingerProcess=fsavaui.exe -# F-Secure 2012 -OpenPipePath=\Device\NamedPipe\ccf_cuif* -OpenPipePath=\Device\NamedPipe\fsccfSettingsServer* -OpenPipePath=\Device\NamedPipe\CCFSettingsChangeNotif_* -OpenPipePath=\Device\NamedPipe\PipeServerTaken* -# F-Secure 2013 -OpenIpcPath=*\BaseNamedObjects*\FsCcfLogging_*.log -OpenIpcPath=*\BaseNamedObjects*\PipeServerTaken* -OpenPipePath=\Device\NamedPipe\FS_CCF_NI_DAEMON* -# change line below to OpenPipePath=\Device\NamedPipe\%EXENAME%-%PID% -OpenPipePath=\Device\NamedPipe\*.exe-* - -[Template_GDataInternetSecurity] -Tmpl.Title=G Data Anti-Virus/Internet Security -Tmpl.Class=Security -Tmpl.Url=http://www.gdata-software.com/home-security/ -Tmpl.Scan=s -Tmpl.ScanService=GDScan -OpenClsid={1E0D02B2-989A-45FF-9318-F43CC56C515A} - -[Template_HomeGuard] -Tmpl.Title=HomeGuard Activity Monitor -Tmpl.Class=Security -Tmpl.Url=http://veridium.net/ -Tmpl.Scan=s -Tmpl.ScanService=HomeGuard AMC -OpenIpcPath=*\BaseNamedObjects*\*Ipc2Map* -OpenIpcPath=*\BaseNamedObjects*\*Ipc2Mutex* -OpenIpcPath=*\BaseNamedObjects*\mc2SWDIJ* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API* -OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API* -OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* -OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* -OpenIpcPath=*\BaseNamedObjects*\mchMixCache* -OpenIpcPath=*\BaseNamedObjects*\*AnswerBuf*Event* -OpenIpcPath=*\BaseNamedObjects*\*AnswerBuf*Map* -OpenIpcPath=$:vglset.exe - -[Template_IoloSystemMechanic] -Tmpl.Title=iolo System Mechanic -Tmpl.Class=Security -Tmpl.Url=http://www.iolo.com/system-mechanic/standard/ -Tmpl.Scan=s -Tmpl.ScanService=ioloSystemService -OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* -OpenIpcPath=*\BaseNamedObjects*\Mutex*mAH*Process*API* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mAH*Process*API* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mix*Process*API* -OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* -OpenIpcPath=*\BaseNamedObjects*\mchMixCache* -OpenIpcPath=*\BaseNamedObjects*\mhicce* - -[Template_Microsoft_EMET] -Tmpl.Title=Enhanced Mitigation Experience Toolkit (Microsoft EMET) -Tmpl.Class=Security -# old EMET homepage -# Tmpl.Url=http://www.microsoft.com/downloads/en/confirmation.aspx?FamilyID=c6f0a6ee-05ac-4eb6-acd0-362559fd2f04 -Tmpl.Url=http://technet.microsoft.com/en-us/security/jj653751 -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Microsoft\EMET -OpenIpcPath=*\BaseNamedObjects*\emet_pid_* -OpenWinClass=$:EMET_notifier.exe -# EMET 4 -OpenPipePath=\Device\Mailslot\EMET_Agent_* -OpenPipePath=\Device\Mailslot\EMET_Recipient_* - -[Template_Kaspersky] -Tmpl.Title=Kaspersky Anti-Virus/Internet Security -Tmpl.Class=Security -Tmpl.Url=http://www.kaspersky.com/kaspersky_internet_security -Tmpl.Scan=s -Tmpl.ScanService=klim5 -Tmpl.ScanService=klim6 -OpenIpcPath=\RPC Control\PRRemote:* -OpenIpcPath=*\BaseNamedObjects*\PRCustomProps* -OpenIpcPath=*\BaseNamedObjects*\PREvent* -OpenIpcPath=*\BaseNamedObjects*\PRObjects* -OpenIpcPath=*\BaseNamedObjects*\KLObj_mt_KLSCRIPTCHECKER_PR_* -OpenIpcPath=*\BaseNamedObjects*\__hex30-90__ -OpenPipePath=\Device\NamedPipe\sa_hlp_srv -LingerProcess=klwtblfs.exe -# following setting comes from value DataRoot of the following key -# HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\protected\AVP9\environment -OpenPipePath=%Tmpl.KasperskyDataRoot%\~PR*.dat - -[Template_Kaspersky_Pure_Password_Manager] -Tmpl.Title=Kaspersky Pure Password Manager -Tmpl.Class=Security -Tmpl.Url=http://www.kaspersky.com/kaspersky_internet_security -Tmpl.Scan=s -Tmpl.ScanProduct={1A59064A-12A9-469F-99F6-04BF118DBCFF} -OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API* -OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* -OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* -OpenIpcPath=*\BaseNamedObjects*\mchMixCache* -OpenIpcPath=*\BaseNamedObjects*\TtsMappedObject_Tts* -# settings specific to Kaspersky Pure -OpenIpcPath=*\BaseNamedObjects*\kpmPasswordAssistantClosedEvent:* -OpenIpcPath=*\BaseNamedObjects*\kpmAutofillInfo:* - -[Template_KeyScrambler] -Tmpl.Title=KeyScrambler -Tmpl.Class=Security -Tmpl.Url=http://www.qfxsoftware.com/ -Tmpl.Scan=i -OpenIpcPath=\Device\KeyScrambler -OpenIpcPath=\RPC Control\KSControlEp.Default* -OpenIpcPath=*\BaseNamedObjects*\KeyScrambler* -OpenIpcPath=*\BaseNamedObjects*\KSEncryptionEvent* -OpenIpcPath=*\BaseNamedObjects*\KSProcEvent* -OpenIpcPath=*\BaseNamedObjects*\KSEncStatusEvent -OpenIpcPath=*\BaseNamedObjects*\KSSettingsEvent* -OpenPipePath=\Device\NamedPipe\KSTIPipe* -OpenPipePath=\Device\NamedPipe\KSSettingsPipe* - -[Template_HideMyIp] -Tmpl.Title=Hide My IP -Tmpl.Class=Security -Tmpl.Url=http://www.hide-my-ip.com/ -Tmpl.Scan=s -Tmpl.ScanService=HideMyIpSRV -OpenIpcPath=*\BaseNamedObjects*\Redirector_event -OpenClsid={B1A429DB-FB06-4645-B7C0-0CC405EAD3CD} -OpenClsid={6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} - -[Template_HitmanProAlert] -Tmpl.Title=Hitman Pro Alert -Tmpl.Class=Security -Tmpl.Url=https://www.hitmanpro.com/en-us/alert.aspx -Tmpl.Scan=s -Tmpl.ScanProduct=HitmanPro.Alert -Tmpl.ScanService=hmpalertsvc -OpenPipePath=\Device\NamedPipe\hmpalert - -[Template_HmaProVpn] -Tmpl.Title=HMA! Pro VPN -Tmpl.Class=Security -Tmpl.Url=http://www.hidemyass.com/vpn/ -Tmpl.Scan=s -Tmpl.ScanProduct=HMA! Pro VPN -OpenIpcPath=*\BaseNamedObjects*\{3A4BE5AC-E783-4939-A746-05920ACDE790} -OpenIpcPath=*\BaseNamedObjects*\{73B2E84B-B7D9-464d-8376-68D43DE31E1D} - -[Template_LastPass] -Tmpl.Title=LastPass -Tmpl.Class=Security -Tmpl.Url=https://lastpass.com/ -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\lpgetr -Tmpl.ScanFile=%{A520A1A4-1780-4FF6-BD18-167343C5AF16}%\LastPass -OpenFilePath=,%UserProfile%\*\LastPass\* -ProcessGroup=,iexplore.exe,firefox.exe,opera.exe,chrome.exe - -[Template_McAfee_Guardian_Firewall] -Tmpl.Title=McAfee Guardian Firewall -Tmpl.Class=Security -Tmpl.Url=http://www.mcafee.com/us/index.html -Tmpl.Scan=i -OpenIpcPath=\RPC Control\McAfee_FW_RPC - -[Template_Microsoft_Security_Essentials] -Tmpl.Title=Microsoft Security Essentials -Tmpl.Class=Security -Tmpl.Url=http://windows.microsoft.com/en-US/windows/products/security-essentials -Tmpl.Scan=s -Tmpl.ScanService=MsMpSvc -OpenWinClass=msseces_class -OpenWinClass=$:msseces.exe -IContextMenuClsid={09A47860-11B0-4DA5-AFA5-26D86198A780} - -[Template_Mirekusoft_Install_Monitor] -Tmpl.Title=Mirekusoft Install Monitor -Tmpl.Class=Security -Tmpl.Url=http://www.mirekusoft.com/ -Tmpl.Scan=s -Tmpl.ScanService=MSpyData -Tmpl.ScanService=MSpyMon -#Tmpl.ScanProduct={E4ED1ADE-60A6-4660-811E-6E4096EBCA36} -SkipHook=//start.exe,createproc,cocreate -ClosedFilePath=*\MSpyDll.dll - -[Template_NetNanny] -Tmpl.Title=NetNanny -Tmpl.Class=Security -Tmpl.Url=http://www.netnanny.com/ -Tmpl.Scan=s -Tmpl.ScanService=CwAltaService20 -OpenPipePath=\Device\NamedPipe\CWIPCServer_ContentWatch* -OpenIpcPath=*\BaseNamedObjects*\*STRulesSTRules* -OpenIpcPath=*\BaseNamedObjects*\*SearchTree_* -OpenIpcPath=*\BaseNamedObjects*\Alta::* -OpenIpcPath=*\BaseNamedObjects*\SM::* -OpenIpcPath=*\BaseNamedObjects*\CW::* -OpenIpcPath=*\BaseNamedObjects*\CW_* -OpenIpcPath=*\BaseNamedObjects*\CP_SHARED_* -OpenIpcPath=*\BaseNamedObjects*\WORD_PARSER_* -OpenIpcPath=*\BaseNamedObjects*\CwAlta* -OpenFilePath=%AllUsersProfile%\*\ContentWatch\Internet Protection\* -OpenFilePath=%AppData%\ContentWatch\Internet Protection\* -# NetNanny 5 -OpenIpcPath=*\BaseNamedObjects*\*/NETNANNY5/* -OpenClsid={056CDF58-CD7A-41D2-AF75-7CA1F44B84E9} - -[Template_NOD32] -Tmpl.Title=ESET NOD32 Antivirus -Tmpl.Class=Security -Tmpl.Url=http://www.eset.com/ -Tmpl.Scan=s -Tmpl.ScanService=eamon -Tmpl.ScanService=ehdrv -Tmpl.ScanService=ekrn -OpenIpcPath=*\BaseNamedObjects*\NOD32* -OpenIpcPath=*\BaseNamedObjects*\NODCOMM* - -[Template_NormanSecuritySuite] -Tmpl.Title=Norman Security Suite with Parental Controls -Tmpl.Class=Security -Tmpl.Url=http://norman.com/Product/Home_Home_office/49887/en-us -Tmpl.Scan=s -Tmpl.ScanService=NPROSECSVC -OpenIpcPath=*\BaseNamedObjects*\SEM32_COM_MUTEX -OpenIpcPath=*\BaseNamedObjects*\SEM32_EVENT_* -OpenIpcPath=*\BaseNamedObjects*\SHAREMEM_*_MEM* - -[Template_NortonInternetSecurity] -Tmpl.Title=Norton Internet Security / AntiVirus / Norton 360 -Tmpl.Class=Security -Tmpl.Url=https://www.norton.com -Tmpl.Scan=s -Tmpl.ScanService=NortonSecurity -Tmpl.ScanService=NIS -Tmpl.ScanService=NAV -Tmpl.ScanService=N360 -OpenIpcPath=\RPC Control\{__hex8__-__hex4__-__hex4__-__hex4__-__hex12__} -OpenIpcPath=*\BaseNamedObjects*\ccSetMgr_Running* -OpenIpcPath=*\BaseNamedObjects*\NewWCIDConfig* -OpenIpcPath=*\BaseNamedObjects*\LockWCIDConfig* -OpenIpcPath=*\BaseNamedObjects*\IDS_STORAGE_MUTEX -OpenIpcPath=*\BaseNamedObjects*\CGSCE -OpenIpcPath=*\BaseNamedObjects*\CSECE -OpenIpcPath=*\BaseNamedObjects*\CNDIE - -[Template_NortonSafeWebLite] -Tmpl.Title=Norton Safe Web Lite -Tmpl.Class=Security -Tmpl.Url=http://safeweb.norton.com/lite -Tmpl.Scan=s -Tmpl.ScanService=NSL -ProcessGroup=,firefox.exe,iexplore.exe -OpenIpcPath=,\RPC Control\{__hex8__-__hex4__-__hex4__-__hex4__-__hex12__} -OpenIpcPath=,*\BaseNamedObjects*\ccSetMgr_Running* - -[Template_OnlineArmor] -Tmpl.Title=Online Armor -Tmpl.Class=Security -Tmpl.Url=http://www.tallemu.com/product_overview.html -Tmpl.Scan=s -Tmpl.ScanService=OAcat -Tmpl.ScanService=OADevice -Tmpl.ScanService=OAmon -Tmpl.ScanService=OAnet -OpenIpcPath=*\BaseNamedObjects*\{50EA3133-3D0D-44C2-8131-8A1BD21A5B99}AnswerBuf* -OpenIpcPath=*\BaseNamedObjects*\{EDC06980-7B0E-4103-BC5B-413F14A75812}AnswerBuf* -OpenIpcPath=*\BaseNamedObjects*\WinsockProxySendAnswerBuf* -OpenIpcPath=*\BaseNamedObjects*\WinsockProxyRecvAnswerBuf* -OpenIpcPath=*\BaseNamedObjects*\Mutex*mAH*Process*API* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mAH*Process*API* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mix*Process*API* -OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt* -OpenIpcPath=*\BaseNamedObjects*\mchMixCache* -OpenIpcPath=*\BaseNamedObjects*\mc2SWDIJ* -OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* -OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* -OpenIpcPath=\RPC Control\mchIpc{50EA3133-3D0D-44C2-8131-8A1BD21A5B99} -OpenIpcPath=\RPC Control\mchIpc{EDC06980-7B0E-4103-BC5B-413F14A75812} -OpenIpcPath=\RPC Control\mchIpcWinsockProxyRecv -OpenIpcPath=\RPC Control\mchIpcWinsockProxySend -DelayLoadDll=OAwatch.dll - -[Template_PandaCloudAntivirus] -Tmpl.Title=Panda Cloud Antivirus -Tmpl.Class=Security -Tmpl.Url=http://www.cloudantivirus.com/en/ -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{39655A7E-1CCB-4BC7-8686-342A4581CA94} -OpenIpcPath=*\BaseNamedObjects*\76529309-F679-41df-8CAD-383D589867CF -OpenIpcPath=*\BaseNamedObjects*\psanmsrvcppal_* -OpenIpcPath=*\BaseNamedObjects*\_sbf_*panda2* - -[Template_PandaInternetSecurity] -Tmpl.Title=Panda Internet Security -Tmpl.Class=Security -Tmpl.Url=http://www.pandasecurity.com/usa/homeusers/solutions/internet-security/ -Tmpl.Scan=s -Tmpl.ScanService=Panda Software Controller -Tmpl.ScanService=pavboot -Tmpl.ScanService=PAVDRV -Tmpl.ScanService=PAVFNSVR -Tmpl.ScanService=PavProc -Tmpl.ScanService=PavPrSrv -Tmpl.ScanService=PAVSRV -OpenIpcPath=*\BaseNamedObjects*\*PAVPROT_* -OpenIpcPath=*\BaseNamedObjects*\PAVKRE_* -OpenIpcPath=*\BaseNamedObjects*\PAV_icl_proxy_evento_fin -OpenIpcPath=*\BaseNamedObjects*\pavwp_* -OpenIpcPath=*\BaseNamedObjects*\TPSRV_* -OpenIpcPath=*\BaseNamedObjects*\TP_MINIDUMPER_* -OpenIpcPath=*\BaseNamedObjects*\Mutex_Lect_Escri_Memoria_Compartida_* -OpenIpcPath=*\BaseNamedObjects*_ACTIVATION_SHARED_OBJECT_EVENT -OpenIpcPath=*\BaseNamedObjects*_IPC_COMMAND -OpenIpcPath=*\BaseNamedObjects*_IPC_COMMAND_ANSWER -OpenIpcPath=*\BaseNamedObjects*_IPC_CONTROL -OpenIpcPath=*\BaseNamedObjects*_IPC_CONTROL_MUTEX -OpenIpcPath=*\BaseNamedObjects*_IPC_IS_OPEN -OpenIpcPath=*\BaseNamedObjects*_IPC_MUTEX -OpenIpcPath=*\BaseNamedObjects*_IPC_NEW_MESSAGE -OpenIpcPath=*\BaseNamedObjects*_RULES_CHANGE_SHARED_OBJECT_EVENT - -[Template_PasswordDoor] -Tmpl.Title=Password Door -Tmpl.Class=Security -Tmpl.Url=http://toplang.com/passworddoor.htm -Tmpl.Scan=s -Tmpl.ScanProduct=Password Door -OpenPipePath=\Device\NamedPipe\PasswordDoor* - -[Template_PC_Tools_Security] -Tmpl.Title=PC Tools Security -Tmpl.Class=Security -Tmpl.Url=http://www.pctools.com/ -Tmpl.Scan=s -Tmpl.ScanService=ThreatFire -OpenIpcPath=\RPC Control\mchIpcThreatfireApiHook -OpenIpcPath=*\BaseNamedObjects*\ThreatfireApiHookAnswerBuf* -OpenIpcPath=*\BaseNamedObjects*\Mutex*mAH*Process*API* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mAH*Process*API* -OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mix*Process*API* -OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt* -OpenIpcPath=*\BaseNamedObjects*\mchMixCache* -OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* -OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* -OpenIpcPath=*\BaseNamedObjects*\{1E57CBD2-232C-4f17-867C-7F9B4052D89C} -OpenIpcPath=*\BaseNamedObjects*\{CB98E8A0-6E8B-4a24-9953-41D8F2FED3FC} -OpenIpcPath=*\BaseNamedObjects*\{0C84A7BB-7D57-4b00-A418-1448159824DA} -DelayLoadDll=TfWah.dll - -[Template_PGP] -Tmpl.Title=PGP (Pretty Good Privacy) -Tmpl.Class=Security -Tmpl.Url=http://www.pgp.com/products/desktop_home/index.html -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\PGPhkSharedMemory -OpenIpcPath=*\BaseNamedObjects*\PGPocTrayInstSem -OpenIpcPath=*\BaseNamedObjects*\PGPocTrayListenSem -OpenIpcPath=*\BaseNamedObjects*\PGPtray_Hidden_Window -OpenIpcPath=*\BaseNamedObjects*\PGPlsp Debug Print Mutex -OpenPipePath=\Device\NamedPipe\pgpserv -OpenPipePath=\Device\NamedPipe\pgpsdkserv - -[Template_Proxifier] -Tmpl.Title=Proxifier -Tmpl.Class=Security -Tmpl.Url=http://www.proxifier.com/ -Tmpl.Scan=w -OpenWinClass=Proxifier32Cls -OpenWinClass=$:proxifier.exe -OpenIpcPath=*\BaseNamedObjects*\Proxifier* -OpenPipePath=\Device\NamedPipe\proxifier - -[Template_ProxyCap] -Tmpl.Title=ProxyCap -Tmpl.Class=Security -Tmpl.Url=http://www.proxycap.com/ -Tmpl.Scan=s -Tmpl.ScanService=pcapsvc -OpenIpcPath=*\BaseNamedObjects*\proxycap_*_event* -OpenPipePath=\Device\NamedPipe\proxycap_s_pipe - -[Template_RoboForm] -Tmpl.Title=RoboForm -Tmpl.Class=Security -Tmpl.Url=http://www.roboform.com/ -Tmpl.Scan=i -OpenFilePath=%Tmpl.RoboForm% -OpenFilePath=%Tmpl.RoboForm%\* -OpenIpcPath=*\BaseNamedObjects*\{45DB34C3-955C-11D3-ABEF-444553540000}* -OpenPipePath=\Device\NamedPipe\{9A04C483-2EDC-40CE-B4F9-D9809ADA75E1} -# ProcessGroup=,identities.exe -OpenWinClass=RfWatcher333233 - -[Template_SafeEyes] -Tmpl.Title=Safe Eyes -Tmpl.Class=Security -Tmpl.Url=http://www.internetsafety.com/safe-eyes-parental-control-software.php -Tmpl.Scan=s -Tmpl.ScanWinClass=SE_LSP_MsgSink -OpenWinClass=ICA_Class - -[Template_SafeCentral] -Tmpl.Title=SafeCentral -Tmpl.Class=Security -Tmpl.Url=http://www.safecentral.com/index.html -Tmpl.Scan=s -Tmpl.ScanService=AuthPluginServer -OpenPipePath=\Device\NamedPipe\*AuthPluginServer_Pipe -OpenPipePath=\Device\NamedPipe\*WebAdvisor_IpcPipe -OpenIpcPath=*\BaseNamedObjects*\LauncherServer* -OpenIpcPath=*\BaseNamedObjects*\CREATEPROCESS_RESPONCE_EVENT - -[Template_SafeNet] -Tmpl.Title=SafeNet Authentication -Tmpl.Class=Security -Tmpl.Url=http://www.safenet-inc.com/products/data-protection/multi-factor-authentication/ -Tmpl.Scan=s -Tmpl.ScanIpc=*\BaseNamedObjects*\DatakeyTokenServerReadyEvent -OpenIpcPath=*\BaseNamedObjects*\Datakey* - -[Template_SiteAdvisor] -Tmpl.Title=McAfee SiteAdvisor -Tmpl.Class=Security -Tmpl.Url=http://www.siteadvisor.com/ -Tmpl.Scan=s -Tmpl.ScanService=McAfee SiteAdvisor Service -# -- second version: run SiteAdvisor in sandbox -StartService=McAfee SiteAdvisor Service -LingerProcess=McSACore.exe -LingerProcess=McSvHost.exe -# -- first version: talk to SiteAdvisor outside sandbox -# Tmpl.Scan=s -# Tmpl.ScanKey=\REGISTRY\MACHINE\Software\Classes\Clsid\{5A90F5EE-16B8-4C2A-81B3-FD5329BA477C} -# OpenClsid={5A90F5EE-16B8-4C2A-81B3-FD5329BA477C} -# OpenClsid={5A90F5EE-16B8-4C2A-81B3-FD5329BA4780} -# OpenIpcPath=*\BaseNamedObjects*\McSACore_* -# OpenWinClass=ATL:1009CD70 -# OpenWinClass=ATL:1009DDD8 - -[Template_Super_Socks5Cap] -Tmpl.Title=Super Socks5Cap / Super Network Tunnel / Ssh Tunnel Easy (LSP + Tunnel All) -Tmpl.Class=Security -Tmpl.Url=http://www.networktunnel.net/ -# Super Network Tunnel -OpenIpcPath=*\BaseNamedObjects*\*tunnelapi* -OpenIpcPath=*\RPC Control\*tunnelapi* -OpenIpcPath=*\BaseNamedObjects*\*NetworkTunnel* -OpenIpcPath=*\RPC Control\*NetworkTunnel* -OpenIpcPath=$:TunnelClient.exe -OpenIpcPath=$:TunnelClient_Portable.exe -# Super Socks5cap -OpenIpcPath=*\RPC Control\*networkdll* -OpenIpcPath=*\BaseNamedObjects*\*networkdll* -OpenIpcPath=*\BaseNamedObjects*\*SuperSocks5Cap* -OpenIpcPath=*\RPC Control\*SuperSocks5Cap* -OpenIpcPath=$:SuperSocks5Cap.exe -# Ssh Tunnel Easy -OpenIpcPath=*\BaseNamedObjects\*SshTunnelEasy* -OpenIpcPath=*\RPC Control\*SshTunnelEasy* -OpenIpcPath=$:SshTunnelEasy.exe -Tmpl.Scan=w -OpenWinClass=TSetupSocksForm - -[Template_VipreAntiVirus] -Tmpl.Title=Vipre Antivirus -Tmpl.Class=Security -Tmpl.Url=http://www.vipreantivirus.com/Software/VIPRE-Antivirus/ -Tmpl.Scan=s -Tmpl.ScanService=SBAMSvc -OpenIpcPath=*\BaseNamedObjects*\SBAM* -OpenIpcPath=*\BaseNamedObjects*\OEAPI* - -[Template_VPNTunnel] -Tmpl.Title=VPNTunnel Anonymous Internet -Tmpl.Class=Security -Tmpl.Url=https://www.vpntunnel.se -Tmpl.Scan=s -Tmpl.ScanProduct=VPNTunnel -SkipHook=*,wsaconn - -[Template_WindowsDefender] -Tmpl.Title=Windows Defender -Tmpl.Class=Security -Tmpl.Url=http://www.microsoft.com/windows/products/winfamily/defender/default.mspx -Tmpl.Scan=i -OpenIpcPath=\RPC Control\MsMp-* - -[Template_ZoneAlarmSecuritySuite] -Tmpl.Title=ZoneAlarm Internet Security Toolbar -Tmpl.Class=Security -Tmpl.Url=http://www.zonealarm.com/security/en-us/zonealarm-computer-security-suite.htm -Tmpl.Scan=s -Tmpl.ScanService=IswSvc -OpenPipePath=\Device\NamedPipe\IswSvc -OpenPipePath=\Device\NamedPipe\IswSessionMin* -OpenIpcPath=*\BaseNamedObjects*\ISW_WIEC_* -OpenIpcPath=*\BaseNamedObjects*\ISWUL_* -OpenIpcPath=*\BaseNamedObjects*\_ISWINTERNAL_* -OpenIpcPath=*\BaseNamedObjects*\IswSessionMinShared* -OpenIpcPath=*\BaseNamedObjects*\ISWDMP_* - -# -# Desktop Utilities -# - -[Template_4tTrayMinimizer] -Tmpl.Title=4t Tray Minimizer -Tmpl.Class=Desktop -Tmpl.Url=http://www.4t-niagara.com/tray.html -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\ShellEh*.dll -OpenWinClass=*UtilWindow - -[Template_7zipShellEx] -Tmpl.Title=7-Zip Shell Extension -Tmpl.Class=Desktop -Tmpl.Url=http://www.7-zip.org/ -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} -OpenIpcPath=*\BaseNamedObjects*\7zCompressMapping* -OpenIpcPath=*\BaseNamedObjects*\7zMap* - -[Template_ActiveCaptions] -Tmpl.Title=Active Captions -Tmpl.Class=Desktop -Tmpl.Url=http://www.shelltoys.com/minimize_tray/index.html -Tmpl.Scan=w -OpenWinClass=ActiveCaptions - -[Template_ASUS_CapsHook] -Tmpl.Title=ASUS CapsHook -Tmpl.Class=Desktop -Tmpl.Url=http://support.asus.com/Download.aspx?SLanguage=en&m=Eee+PC+1015PX&p=20&s=1 -Tmpl.Scan=s -Tmpl.ScanProduct={4B5092B6-F231-4D18-83BC-2618B729CA45} -OpenWinClass=$:CapsHook.exe - -[Template_AcerGridVista] -Tmpl.Title=Acer GridVista -Tmpl.Class=Desktop -Tmpl.Scan=w -OpenWinClass=DritekScreenSplitterMainWindowClass -OpenIpcPath=*\BaseNamedObjects*\Dritek-WindowMessageHooker-FileMappingStamp - -[Template_ActualWindowManager] -Tmpl.Title=Actual Tools Actual Window Manager -Tmpl.Class=Desktop -Tmpl.Url=http://www.actualtools.com/ -OpenIpcPath=*\BaseNamedObjects*\*_ServiceMapping -OpenIpcPath=*\BaseNamedObjects*\*_ParamStrings_* -OpenIpcPath=*\BaseNamedObjects*\MMF{*} -OpenIpcPath=*\BaseNamedObjects*\ActualTools* -OpenWinClass=*_MessengerServerWindow -Tmpl.Scan=s -Tmpl.ScanIpc=*\BaseNamedObjects*\ActualTools_* - -[Template_AdFender] -Tmpl.Title=AdFender -Tmpl.Class=Desktop -Tmpl.Url=http://www.adfender.com/ -OpenIpcPath=*\BaseNamedObjects*\AdFenderActive_* -OpenIpcPath=*\BaseNamedObjects*\AdFenderDisabled_* -Tmpl.Scan=s -Tmpl.ScanProduct=AdFender - -[Template_ArumSwitcher] -Tmpl.Title=Arum Switcher -Tmpl.Class=Desktop -Tmpl.Url=http://www.arumswitcher.com/ -OpenIpcPath=*\BaseNamedObjects*\Arum_Switcher_Hook* - -[Template_Asutype] -Tmpl.Title=Asutype -Tmpl.Class=Desktop -Tmpl.Url=http://www.asutype.com/index.html -Tmpl.Scan=w -OpenIpcPath=*\BaseNamedObjects*\fa00000* -OpenWinClass=*asutype - -[Template_AutoSizer] -Tmpl.Title=AutoSizer -Tmpl.Class=Desktop -Tmpl.Url=http://www.southbaypc.com/autosizer/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\AutoSizer123 -OpenWinClass=SysListView32 - -[Template_Babylon] -Tmpl.Title=Babylon -Tmpl.Class=Desktop -Tmpl.Url=http://www.babylon.com/ -Tmpl.Scan=w -OpenPipePath=\device\namedpipe\babypipe - -[Template_BingToolbar] -Tmpl.Title=Bing Search Toolbar -Tmpl.Class=Desktop -Tmpl.Url=http://www.discoverbing.com/toolbar/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\ChannelReady_ac620ca9-6743-44d7-b861-e1d5ad76dd2c -OpenPipePath=\Device\NamedPipe\msn\toolbar* - -[Template_Bins_Windows7Taskbar] -Tmpl.Title=Bins for Windows 7 Taskbar -Tmpl.Class=Desktop -Tmpl.Url=http://www.1upindustries.com/bins/ -Tmpl.Scan=s -Tmpl.ScanProduct=Bins -ClosedFilePath=*\TaskbarDockAppIntegration32.dll -ClosedFilePath=*\TaskbarDockAppIntegration64.dll - -[Template_BookmarkBuddy] -Tmpl.Title=Bookmark Buddy -Tmpl.Class=Desktop -Tmpl.Url=http://www.bookmarkbuddy.net/ -Tmpl.Scan=w -OpenWinClass=BMKBUDDY - -[Template_Chameleon_Window_Manager] -Tmpl.Title=Chameleon Window Manager -Tmpl.Class=Desktop -Tmpl.Url=http://www.chameleon-managers.com/window-manager/ -Tmpl.Scan=s -Tmpl.ScanProduct=Chameleon Window Manager -OpenIpcPath=*\BaseNamedObjects*\{System-*-*-*-*-*} -OpenIpcPath=*\BaseNamedObjects*\chameleon* - -[Template_DialogMate2] -Tmpl.Title=Dialog Mate 2 -Tmpl.Class=Desktop -Tmpl.Url=http://dm2.sourceforge.net/ -Tmpl.Scan=iw -OpenIpcPath=*\BaseNamedObjects*\DM2_SharedMem -OpenIpcPath=*\BaseNamedObjects*\DM2_RollWindow_SharedMem -OpenWinClass=DM2 Server class - -[Template_DragonNaturallySpeaking] -Tmpl.Title=Dragon NaturallySpeaking -Tmpl.Class=Desktop -Tmpl.Url=http://www.nuance.com/naturallyspeaking/products/default.asp -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\Dragon NaturallySpeaking* - -[Template_FeedDemon] -Tmpl.Title=FeedDemon -Tmpl.Class=Desktop -Tmpl.Url=http://www.feeddemon.com/ -Tmpl.Scan=s -Tmpl.ScanProduct=FeedDemon_is1 -OpenPipePath=FeedDemon.exe,*\FeedDemon\v1\* -OpenIpcPath=FeedDemon.exe,*\BaseNamedObjects*\FeedDemonMutex -OpenWinClass=FeedDemon.exe,* - -[Template_FileEx] -Tmpl.Title=File-Ex 3 -Tmpl.Class=Desktop -Tmpl.Url=http://www.cottonwoodsw.com/fx3summ.html -Tmpl.Scan=s -Tmpl.ScanProduct=File-Ex v3.* -OpenWinClass=$:FileEx.exe - -[Template_GoogleToolbarIE] -Tmpl.Title=Google Toolbar for Internet Explorer -Tmpl.Class=Desktop -Tmpl.Url=http://toolbar.google.com/ -OpenIpcPath=*\BaseNamedObjects*\{40635BCA-4026-4CE3-9741-C8DC476E6268} -OpenIpcPath=*\BaseNamedObjects*\{B7F1F778-8315-4EB2-AC1E-5AFCAA603271} -OpenIpcPath=*\BaseNamedObjects*\{DEBFCCE1-B446-4992-9C9E-CA1CB548C718} -OpenIpcPath=*\BaseNamedObjects*\*{E709AE98-F4E6-40DE-BE47-CFBA9B4605C0} -OpenWinClass={A7E495BF-9589-4A6E-8479-DDA2D8D3C05F} -OpenWinClass=$:GoogleToolbarNotifier.exe -OpenClsid={FBA44040-BD27-4A09-ACC8-C08B7C723DCD} -LingerProcess=GoogleToolbarUser.exe -LingerProcess=GoogleToolbarUser_32.exe -Tmpl.Scan=s -Tmpl.ScanProduct={18455581-E099-4BA8-BC6B-F34B2F06600C} - -[Template_Intel_HD_Graphics] -Tmpl.Title=Intel HD Graphics Driver -Tmpl.Class=Desktop -OpenIpcPath=\RPC Control\{27B4FD7B-035B-4853-938E-CC13FE3724D4} -OpenIpcPath=*\BaseNamedObjects*\{3BFDD3D2-761C-4206-990C-3CC0643CF73A} -OpenIpcPath=*\BaseNamedObjects*\? -Tmpl.Scan=s -Tmpl.ScanIpc=\RPC Control\{27B4FD7B-035B-4853-938E-CC13FE3724D4} - -[Template_IntelliTypePro] -Tmpl.Title=IntelliType Pro -Tmpl.Class=Desktop -Tmpl.Url=http://www.microsoft.com/hardware/download/download.aspx?category=MK -OpenWinClass=TInstanceManager - -[Template_Folder_Size] -Tmpl.Title=Folder Size -Tmpl.Url=http://foldersize.sourceforge.net/ -Tmpl.Class=Desktop -Tmpl.Scan=s -Tmpl.ScanService=FolderSize -OpenPipePath=\Device\NamedPipe\FolderSize -OpenIpcPath=*\BaseNamedObjects*\FolderSizeShellUpdateMutex - -[Template_JetStart] -Tmpl.Title=JetStart -Tmpl.Class=Desktop -Tmpl.Url=http://www.codesector.com/jetstart.php -Tmpl.Scan=w -OpenWinClass=MetaLauncher -OpenIpcPath=*\BaseNamedObjects*\MetaLauncherMapObject* - -[Template_gMote] -Tmpl.Title=gMote -Tmpl.Class=Desktop -Tmpl.Url=http://www.handform.net/gmote.php -Tmpl.Scan=w -OpenWinClass=TGestureConfigForm - -[Template_GoogleJapaneseIME] -Tmpl.Title=Google Japanese Input Method (IME) -Tmpl.Class=Desktop -Tmpl.Url=http://www.google.com/intl/ja/ime/ -Tmpl.Scan=s -Tmpl.ScanService=GoogleIMEJaCacheService -OpenPipePath=\Device\NamedPipe\googlejapaneseinput.* -LingerProcess=GoogleIMEJaTool.exe -LingerProcess=GoogleIMEJaRenderer.exe - -[Template_KeyboardNinja] -Tmpl.Title=Keyboard Ninja -Tmpl.Class=Desktop -Tmpl.Url=http://www.intelife.net/ninja/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\KEYBOARD_NINJA_2 -OpenWinClass=$:ninja.exe - -[Template_Lingoes] -Tmpl.Title=Lingoes Translator -Tmpl.Class=Desktop -Tmpl.Url=http://www.lingoes.net/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\OpenText_ZWFilter_GlobaData* -OpenIpcPath=*\BaseNamedObjects*\OpenText_GrabText_GlobaData* -OpenIpcPath=*\BaseNamedObjects*\OpenText_GrabText_Mutex* -OpenWinClass=$:lingoes.exe - -[Template_Linkman] -Tmpl.Title=Linkman -Tmpl.Class=Desktop -Tmpl.Url=http://www.outertech.com/index.php?_charisma_page=product&id=5 -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\Linkman* -OpenWinClass=TLinkmanF -OpenWinClass=opera.exe,op* -OpenWinClass=opera.exe,DDEMLAnsiClient - -[Template_LinkStash] -Tmpl.Title=LinkStash -Tmpl.Class=Desktop -Tmpl.Url=http://www.xrayz.co.uk/ -Tmpl.Scan=w -OpenWinClass=LinkStash -OpenWinClass=LinkStashMonitor -OpenWinClass=$:lnkstash.exe - -[Template_Listary] -Tmpl.Title=Listary -Tmpl.Class=Desktop -Tmpl.Url=http://www.listary.com/ -Tmpl.Scan=s -Tmpl.ScanProduct=Listary_is1 -OpenIpcPath=*\BaseNamedObjects*\ListarySharedData -OpenWinClass=ListaryToolbarCls -OpenWinClass=$:listary.exe -# v4 -OpenIpcPath=*\BaseNamedObjects*\Listary_MainSharedMemory - -[Template_Logitech_G15_Keyboard] -Tmpl.Title=Logitech Keyboard LCD Display -Tmpl.Class=Desktop -Tmpl.Url=https://support.logi.com/hc/en-us/articles/360024851053--Downloads-G15-Gaming-Keyboard -# This scan is unreliable and it should be disabled by default -#Tmpl.Scan=s -#Tmpl.ScanProduct=Logitech Gaming Software -OpenPipePath=\Device\NamedPipe\LGLCDPIPE-* - -[Template_LogitechProcessMonitor] -Tmpl.Title=Logitech Process Monitor Service -Tmpl.Class=Desktop -Tmpl.Scan=s -Tmpl.ScanService=LVPrcSrv -DelayLoadDll=LVPrcInj.dll - -[Template_LogitechSetPoint] -Tmpl.Title=Logitech SetPoint Mouse -Tmpl.Class=Desktop -Tmpl.Url=https://www.logitech.com/en-us/articles/11650 -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Logitech\SetPoint -NoRenameWinClass=Internet Explorer_Server - -[Template_LogitechScrollApp] -Tmpl.Title=Logitech Scroll App -Tmpl.Class=Desktop -Tmpl.Url=https://www.softpedia.com/get/Tweak/System-Tweak/Scroll-App.shtml -Tmpl.Scan=w -OpenWinClass=LogiSmoothScrlBckGrndWnd -NoRenameWinClass=IEFrame -OpenIpcPath=*\BaseNamedObjects*\LogiSmoothWheelInUse - -[Template_MacroExpress] -Tmpl.Title=Macro Express -Tmpl.Class=Desktop -Tmpl.Url=http://www.macroexpress.com -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\ME98aveR -OpenIpcPath=*\BaseNamedObjects*\MEBA3KGR -OpenIpcPath=*\BaseNamedObjects*\me4hml -OpenIpcPath=*\BaseNamedObjects*\me4hsd -OpenIpcPath=*\BaseNamedObjects*\me4mmm -OpenIpcPath=*\BaseNamedObjects*\me4msd -OpenIpcPath=*\BaseNamedObjects*\me4pml -OpenIpcPath=*\BaseNamedObjects*\me4esd -OpenWinClass=TMainWin - -[Template_ManyCam] -Tmpl.Title=ManyCam -Tmpl.Class=Desktop -Tmpl.Url=http://www.manycam.com/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\ManyCam_FileMapping* - -[Template_Microsoft_MSMQ] -Tmpl.Title=Microsoft Message Queuing (MSMQ) -Tmpl.Class=Desktop -Tmpl.Url=http://msdn.microsoft.com/en-us/library/windows/desktop/ms711472%28v=vs.85%29.aspx -Tmpl.Scan=i -OpenIpcPath=\RPC Control\QMsvc$* - -[Template_NTrig_DuoSense] -Tmpl.Title=N-Trig DuoSense -Tmpl.Class=Desktop -Tmpl.Url=http://www.n-trig.com/Content.aspx?Page=DualModeTechnology -Tmpl.Scan=w -OpenIpcPath=*\BaseNamedObjects*\ntrignativegesturesmutex -OpenWinClass=NtrigSessionClient - -[Template_nVidia_nView] -Tmpl.Title=nVidia nView -Tmpl.Class=Desktop -Tmpl.Url=http://www.nvidia.com/object/nview_display_us.html -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\nView Shared * -OpenIpcPath=*\BaseNamedObjects*\nView * Event - -[Template_nVidia_Stereoscopic3D] -Tmpl.Title=nVidia Stereoscopic 3D Driver -Tmpl.Class=Desktop -Tmpl.Url=http://www.nvidia.com/object/3d-vision-main.html -Tmpl.Scan=s -Tmpl.ScanService=Stereo Service -OpenPipePath=\Device\NamedPipe\stereosvrpipe - -[Template_ObjectDock] -Tmpl.Title=ObjectDock -Tmpl.Class=Desktop -Tmpl.Url=http://www.stardock.com/products/objectdock/ -Tmpl.Scan=w -OpenWinClass=ObjectDockServer - -[Template_OfficeLicensing] -Tmpl.Title=Windows and Office Licensing Services -Tmpl.Class=Desktop -Tmpl.Url=http://office.microsoft.com -Tmpl.Scan=s -Tmpl.ScanService=osppsvc -# Office 2010 -OpenIpcPath=\RPC Control\OSPPCTransportEndpoint-* -# Office 2013 -Tmpl.ScanService=sppsvc -OpenIpcPath=\RPC Control\SPPCTransportEndpoint-* - -[Template_OfficeClickToRun] -Tmpl.Title=Microsoft Office Click-to-Run -Tmpl.Class=Desktop -Tmpl.Url=http://office.microsoft.com -Tmpl.Scan=s -Tmpl.ScanService=ClickToRunSvc -HostInjectDll=\SboxHostDll.dll -HostInjectDll64=\SboxHostDll.dll -HostInjectProcess=OfficeClicktoRun.exe|ClickToRunSvc -OpenIpcPath=\RPC Control\C2RClientAPI_Server_System* -OpenIpcPath=\RPC Control\ClickToRun_Pipeline* -OpenIpcPath=\RPC Control\AppV-ISV-* -BoxNameTitle=EXCEL.EXE,- -BoxNameTitle=MSACCESS.EXE,- -BoxNameTitle=MSPUB.EXE,- -BoxNameTitle=ONENOTE.EXE,- -BoxNameTitle=OUTLOOK.EXE,- -BoxNameTitle=POWERPNT.EXE,- -BoxNameTitle=WINWORD.EXE,- - - -[Template_RadeonPro] -Tmpl.Title=RadeonPro -Tmpl.Class=Desktop -Tmpl.Url=http://radeonpro.info/ -Tmpl.Scan=s -Tmpl.ScanService=RadeonPro Support Service -OpenIpcPath=*\BaseNamedObjects*\_rppmdata -OpenIpcPath=*\BaseNamedObjects*\__rpapicf -OpenIpcPath=*\BaseNamedObjects*\__rpssd - -[Template_RBTray] -Tmpl.Title=RBTray -Tmpl.Class=Desktop -Tmpl.Url=http://rbtray.sourceforge.net/ -Tmpl.Scan=w -OpenWinClass=RBTrayHook - -[Template_RemoteDesktop] -Tmpl.Title=Remote Desktop -Tmpl.Class=Desktop -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\RDPSound* - -[Template_RoboType3] -Tmpl.Title=RoboType 3 (PC Magazine Downloads) -Tmpl.Class=Desktop -Tmpl.Url=http://www.pcmag.com/article2/0,2817,427378,00.asp -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\RoboType.document -OpenWinClass=Afx:400000:b:10003:* -OpenWinClass=Afx:400000:b:10011:* - -[Template_RocketDock] -Tmpl.Title=RocketDock -Tmpl.Class=Desktop -Tmpl.Url=http://rocketdock.com/ -Tmpl.Scan=iw -OpenIpcPath=*\BaseNamedObjects*\FdMe -OpenWinClass=ROCKETDOCK - -[Template_RTSS] -Tmpl.Title=Rivatuner Statistics Server -Tmpl.Class=Desktop -Tmpl.Url=https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html -Tmpl.Scan=s -Tmpl.ScanProduct=RTSS -OpenPipePath=\Device\NamedPipe\rtss_frametime -OpenIpcPath=*\BaseNamedObjects*\RTSSSharedMemoryV2 - -[Template_ShortKeys] -Tmpl.Title=ShortKeys (Lite) -Tmpl.Class=Desktop -Tmpl.Url=http://www.shortkeys.com -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\sh02hasd -OpenIpcPath=*\BaseNamedObjects*\sh03hasd -OpenIpcPath=*\BaseNamedObjects*\sh02mpas -OpenIpcPath=*\BaseNamedObjects*\sh03mpas -OpenWinClass=TMainWin - -[Template_SnagIt] -Tmpl.Title=TechSmith SnagIt -Tmpl.Class=Desktop -Tmpl.Url=http://www.techsmith.com/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\SnagPriv* -OpenPipePath=\Device\NamedPipe\SnagPriv.* - -[Template_SrsAudioSandbox] -Tmpl.Title=SRS Audio Sandbox -Tmpl.Class=Desktop -Tmpl.Url=http://www.srslabs.com/store/audioproducts.asp -OpenIpcPath=*\BaseNamedObjects*\AudioEngineDuplicateHandleApiPort* - -[Template_StrokeIt] -Tmpl.Title=StrokeIt -Tmpl.Class=Desktop -Tmpl.Url=http://www.tcbmi.com/strokeit/ -Tmpl.Scan=w -OpenWinClass=StrokeIt -OpenWinClass=StrokeIt/IgnoreUIPI -OpenWinClass=# - -[Template_SynapticsTouchPad] -Tmpl.Title=Synaptics TouchPad -Tmpl.Class=Desktop -Tmpl.Url=http://www.synaptics.com/support/drivers -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Synaptics\SynTP -NoRenameWinClass=MozillaWindowClass - -[Template_SystemAudioStream] -Tmpl.Title=System Audio Stream -Tmpl.Class=Desktop -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\System_Audio_Stream_* - -[Template_TypingAssistant] -Tmpl.Title=Typing Assistance -Tmpl.Class=Desktop -Tmpl.Url=http://www.sumitsoft.com/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\Typing Assistant (*) -OpenWinClass=$:Typing Assistant (English).exe -OpenWinClass=$:Typing Assistant (French).exe -OpenWinClass=$:Typing Assistant (German).exe -OpenWinClass=$:Typing Assistant (Hungarian).exe -OpenWinClass=$:Typing Assistant (Italian).exe -OpenWinClass=$:Typing Assistant (Portuguese).exe -OpenWinClass=$:Typing Assistant (Spanish).exe - -[Template_TwoPilots_SpeedTyping] -Tmpl.Title=Two Pilots Speed Typing -Tmpl.Class=Desktop -Tmpl.Url=http://www.colorpilot.com/speed-typing.html -Tmpl.Scan=w -OpenWinClass=TYPEPILOTMAINWND - -[Template_UltraMon] -Tmpl.Title=UltraMon -Tmpl.Class=Desktop -Tmpl.Url=http://www.realtimesoft.com/de/ultramon/ -Tmpl.Scan=w -OpenWinClass=UltraMon App -OpenWinClass=UltraMonWndExtMsg - -[Template_WacomTablet] -Tmpl.Title=Wacom Tablet -Tmpl.Class=Desktop -Tmpl.Url=http://www.wacom.com/customercare/drivers.aspx -OpenIpcPath=*\BaseNamedObjects*\Wacom*WintabConnection* -OpenIpcPath=$:Tablet.exe -Tmpl.Scan=i - -[Template_WindowsRasMan] -Tmpl.Title=Windows Remote Access Connection Manager (dial-up/VPN) -Tmpl.Class=Desktop -Tmpl.Scan=i -OpenIpcPath=\RPC Control\RasManLrpc - -[Template_VirtuaWin] -Tmpl.Title=VirtuaWin -Tmpl.Class=Desktop -Tmpl.Url=http://virtuawin.sourceforge.net/ -Tmpl.Scan=w -OpenWinClass=VirtuaWinMainClass -NoAutoExitExplorer=y - -[Template_Volumouse] -Tmpl.Title=NirSoft Volumouse -Tmpl.Class=Desktop -Tmpl.Url=http://www.nirsoft.net/utils/volumouse.html -Tmpl.Scan=w -OpenWinClass=NirSoft_VolumouseMsg* - -[Template_WindowsLive] -Tmpl.Title=Windows Live -Tmpl.Class=Desktop -Tmpl.Url=http://www.live.com -Tmpl.Scan=s -Tmpl.ScanService=wlidsvc -OpenIpcPath=\RPC Control\LiveIdSvc -ClosedFilePath=%SystemRoot%\System32\IDStore.dll -ClosedFilePath=%SystemRoot%\System32\wlidprov.dll -ClosedKeyPath=\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\NetworkServiceTriggers\Triggers\bc90d167-9470-4139-a9ba-be0bbbf5b74d\CC105610-DA03-467E-BC73-5B9E2937458D - -[Template_WindowBlinds] -Tmpl.Title=WindowBlinds -Tmpl.Class=Desktop -Tmpl.Url=http://www.stardock.com/products/windowblinds/ -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\Software\Stardock\WindowBlinds -OpenPipePath=\Device\NamedPipe\WBServer* -OpenIpcPath=*\BaseNamedObjects*\WB_WAIT - -[Template_ZoomText] -Tmpl.Title=ZoomText -Tmpl.Class=Desktop -Tmpl.Url=http://www.synapseadaptive.com/aisquared/zoomtext_9/zoomtext_9_home_page.htm -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\AH_XMSAA_* -OpenIpcPath=*\BaseNamedObjects*\ZSMEscapeKeyEvent -OpenIpcPath=*\BaseNamedObjects*\Ai2_HOOKDATA_FILEMAP* -OpenIpcPath=*\BaseNamedObjects*\ZoomTextRunning* -OpenWinClass=ZT9MainWindow - -# -# Media Players -# - -[Template_VLC_Force] -Tmpl.Title=#4323,VLC -Tmpl.Class=MediaPlayer -ForceProcess=vlc.exe - -[Template_VLC_DirectAccess_Profile] -Tmpl.Title=#4338,VLC -Tmpl.Class=MediaPlayer -OpenFilePath=vlc.exe,%AppData%\vlc\* - -[Template_VLC_DirectAccess_Photos] -Tmpl.Title=#4395,VLC -Tmpl.Class=MediaPlayer -OpenFilePath=vlc.exe,%UserProfile%\Pictures\* - -[Template_MPC-HC_Force] -Tmpl.Title=#4323,MPC-HC -Tmpl.Class=MediaPlayer -ForceProcess=mpc-hc64.exe -ForceProcess=mpc-hc.exe - -[Template_MPC-HC_DirectAccess_Profile] -Tmpl.Title=#4338,MPC-HC -Tmpl.Class=MediaPlayer -OpenFilePath=mpc-hc64.exe,%AppData%\MPC-HC\* -OpenFilePath=mpc-hc.exe,%AppData%\MPC-HC\* - -[Template_MPC-HC_DirectAccess_Photos] -Tmpl.Title=#4395,MPC-HC -Tmpl.Class=MediaPlayer -OpenFilePath=mpc-hc64.exe,%UserProfile%\Pictures\* -OpenFilePath=mpc-hc.exe,%UserProfile%\Pictures\* - -[Template_MPC-BE_Force] -Tmpl.Title=#4323,MPC-BE -Tmpl.Class=MediaPlayer -ForceProcess=mpc-be64.exe -ForceProcess=mpc-be.exe - -[Template_MPC-BE_DirectAccess_Profile] -Tmpl.Title=#4338,MPC-BE -Tmpl.Class=MediaPlayer -OpenFilePath=mpc-be64.exe,%AppData%\MPC-BE\* -OpenFilePath=mpc-be.exe,%AppData%\MPC-BE\* - -[Template_MPC-BE_DirectAccess_Photos] -Tmpl.Title=#4395,MPC-BE -Tmpl.Class=MediaPlayer -OpenFilePath=mpc-be64.exe,%UserProfile%\Pictures\* -OpenFilePath=mpc-be.exe,%UserProfile%\Pictures\* - -[Template_PotPlayer_Force] -Tmpl.Title=#4323,PotPlayer -Tmpl.Class=MediaPlayer -ForceProcess=PotPlayerMini64.exe -ForceProcess=PotPlayerMini.exe - -[Template_PotPlayer_DirectAccess_Profile] -Tmpl.Title=#4338,PotPlayer -Tmpl.Class=MediaPlayer -OpenFilePath=PotPlayerMini64.exe,%AppData%\PotPlayerMini64 -OpenFilePath=PotPlayerMini.exe,%AppData%\PotPlayerMini - -[Template_SMPlayer_Force] -Tmpl.Title=#4323,SMPlayer -Tmpl.Class=MediaPlayer -ForceProcess=smplayer.exe - -[Template_SMPlayer_DirectAccess_Profile] -Tmpl.Title=#4338,SMPlayer -Tmpl.Class=MediaPlayer -OpenFilePath=smplayer.exe,%AppData%\mpv\* - -[Template_SMPlayer_DirectAccess_Photos] -Tmpl.Title=#4395,SMPlayer -Tmpl.Class=MediaPlayer -OpenFilePath=smplayer.exe,%UserProfile%\Pictures\smplayer_screenshots -OpenFilePath=smplayer.exe,%UserProfile%\Pictures\smplayer_screenshots - -[Template_KMPlayer_Force] -Tmpl.Title=#4323,KMPlayer -Tmpl.Class=MediaPlayer -ForceProcess=KMPlayer64.exe -ForceProcess=KMPlayer.exe - -[Template_KMPlayer_DirectAccess_Profile] -Tmpl.Title=#4338,KMPlayer -Tmpl.Class=MediaPlayer -OpenFilePath=KMPlayer64.exe,%AppData%\KMP -OpenFilePath=KMPlayer.exe,%AppData%\KMP - -[Template_Clementine_Force] -Tmpl.Title=#4323,Clementine -Tmpl.Class=MediaPlayer -ForceProcess=clementine.exe - -[Template_Clementine_DirectAccess_Profile] -Tmpl.Title=#4338,Clementine -Tmpl.Class=MediaPlayer -OpenFilePath=clementine.exe,%UserProfile%\current\.config\Clementine\* - -[Template_Clementine_DirectAccess_Music] -Tmpl.Title=#4398,Clementine -Tmpl.Class=MediaPlayer -OpenFilePath=clementine.exe,%UserProfile%\Music\* - -[Template_Strawberry_Force] -Tmpl.Title=#4323,Strawberry Music Player -Tmpl.Class=MediaPlayer -ForceProcess=strawberry.exe - -[Template_Strawberry_DirectAccess_Profile] -Tmpl.Title=#4338,Strawberry Music Player -Tmpl.Class=MediaPlayer -OpenFilePath=strawberry.exe,%Local AppData%\Strawberry - -[Template_Strawberry_DirectAccess_Music] -Tmpl.Title=#4398,Strawberry Music Player -Tmpl.Class=MediaPlayer -OpenFilePath=strawberry.exe,%UserProfile%\Music\* - -# -# Torrent Clients -# - -[Template_qBittorrent_Force] -Tmpl.Title=#4323,qBittorrent -Tmpl.Class=TorrentClient -ForceProcess=qBittorrent.exe - -[Template_qBittorrent_DirectAccess_Profile] -Tmpl.Title=#4338,qBittorrent -Tmpl.Class=TorrentClient -OpenFilePath=qBittorrent.exe,%Local AppData%\qBittorrent -OpenFilePath=qBittorrent.exe,%AppData%\qBittorrent - -[Template_Transmission_Force] -Tmpl.Title=#4323,Transmission -Tmpl.Class=TorrentClient -ForceProcess=transmission-qt.exe - -[Template_Transmission_DirectAccess_Profile] -Tmpl.Title=#4338,Transmission -Tmpl.Class=TorrentClient -OpenFilePath=transmission-qt.exe,%Local AppData%\transmission - -[Template_BiglyBT_Force] -Tmpl.Title=#4323,BiglyBT -Tmpl.Class=TorrentClient -ForceProcess=BiglyBT.exe - -[Template_BiglyBT_DirectAccess_Profile] -Tmpl.Title=#4338,BiglyBT -Tmpl.Class=TorrentClient -OpenFilePath=BiglyBT.exe,%AppData%\BiglyBT - -[Template_Popcorn-Time_Force] -Tmpl.Title=#4323,Popcorn Time (popcorntime.app) -Tmpl.Class=TorrentClient -ForceProcess=Popcorn-Time.exe - -[Template_Popcorn-Time_DirectAccess_Profile] -Tmpl.Title=#4338,Popcorn Time (popcorntime.app) -Tmpl.Class=TorrentClient -OpenFilePath=Popcorn-Time.exe,%Local AppData%\popcorn-time - -[Template_PicoTorrent_Force] -Tmpl.Title=#4323,Pico Torrent -Tmpl.Class=TorrentClient -ForceProcess=PicoTorrent.exe -ForceRestart=PicoTorrent.exe - -# -# Download Managers -# - -[Template_InternetDownloadManager] -Tmpl.Title=Internet Download Manager -Tmpl.Class=Download -Tmpl.Url=http://www.internetdownloadmanager.com/ -Tmpl.Scan=s -# Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{AC746233-E9D3-49CD-862F-068F7B7CCCA4} -Tmpl.ScanProduct=Internet Download Manager -OpenClsid={AC746233-E9D3-49CD-862F-068F7B7CCCA4} -# prevent access to host port -# BlockPort=1001 - -[Template_SothinkWebVideoDownloader] -Tmpl.Title=Sothink Web Video Downloader Stand-alone -Tmpl.Class=Download -Tmpl.Url=http://www.sothinkmedia.com/web-video-downloader/ -Tmpl.Scan=w -OpenWinClass=WVD_Class -OpenIpcPath=$:VideoDownloader.exe - -[Template_OrbitDownloader] -Tmpl.Title=Orbit Downloader -Tmpl.Class=Download -Tmpl.Url=http://www.orbitdownloader.com -Tmpl.Scan=w -OpenIpcPath=*\BaseNamedObjects*\GRABPRO_WEBSITEMUTEX_* -OpenIpcPath=*\BaseNamedObjects*\orbitcth_ipc* -OpenIpcPath=*\BaseNamedObjects*\orbitdm_app* -OpenIpcPath=*\BaseNamedObjects*\ORBTPROS_APP -OpenWinClass=ORBTPROS_APP -OpenWinClass=orbitdm_app - -[Template_Replay_Music] -Tmpl.Title=Applian Replay Music -Tmpl.Class=Download -Tmpl.Url=http://www.applian.com/replay-music/index.php -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\{034DBD6D-6784-4CB3-97D8-749947D01F70} -OpenIpcPath=*\BaseNamedObjects*\{3EA1EB13-8045-44FC-AD59-B4F05478B400} -OpenIpcPath=*\BaseNamedObjects*\{6560EAD3-F709-4B66-B90B-EA2D2C85AE30} -OpenIpcPath=*\BaseNamedObjects*\{F22F2429-009C-4B5D-959F-519B59E25170} - -[Template_Replay_Media_Catcher] -Tmpl.Title=Applian Replay Media Catcher -Tmpl.Class=Download -Tmpl.Url=http://www.applian.com/download-videos/ -Tmpl.Scan=i -OpenIpcPath=*\BaseNamedObjects*\{F22F2429-009C-4B5D-959F-519B59E25176} -OpenIpcPath=*\BaseNamedObjects*\{6560EAD3-F709-4B66-B90B-EA2D2C85AE3B} -OpenIpcPath=*\BaseNamedObjects*\{3EA1EB13-8045-44FC-AD59-B4F05478B40D} -OpenIpcPath=*\BaseNamedObjects*\{034DBD6D-6784-4CB3-97D8-749947D01F72} - -# -# Other -# - -[Template_ScreenReader] -Tmpl.Title=#4305,JAWS, NVDA, Window-Eyes, System Access -Tmpl.Class=Misc -# Tmpl.Scan=i -Tmpl.Hide=y -OpenIpcPath=\RPC Control\epmapper -OpenIpcPath=\RPC Control\OLE* -OpenIpcPath=\RPC Control\LRPC* -OpenIpcPath=*\BaseNamedObjects*\JAWS* -OpenIpcPath=*\BaseNamedObjects*\JFW* -OpenIpcPath=*\BaseNamedObjects*\GWM* -OpenIpcPath=*\BaseNamedObjects*\GWSync* -OpenIpcPath=*\BaseNamedObjects*\GWSync* -OpenIpcPath=*\BaseNamedObjects*\FS_CACHED_MSAA_DATA_MUTEX -OpenIpcPath=*\BaseNamedObjects*\FS_FSDOM_LOADER_MUTEX -OpenIpcPath=*\BaseNamedObjects*\SharedFSDomLoaderData* -OpenIpcPath=\RPC Control\nvdaHelperRemote_* -OpenIpcPath=*\BaseNamedObjects*\Serotek-* -OpenWinClass=* - -# [Template_PlugPlayService] -# Tmpl.Title=#3938 -# Tmpl.Class=Misc -# OpenIpcPath=\RPC Control\plugplay -# OpenIpcPath=\RPC Control\ntsvcs - -[Template_TaskbarJumpList] -Tmpl.Title=#4294 -Tmpl.Class=Misc -OpenPipePath=%Recent%\AutomaticDestinations\* -OpenPipePath=%Recent%\CustomDestinations\* - -[Template_ActivIdentity] -Tmpl.Title=ActivIdentity (CAC) -Tmpl.Url=https://www.hidglobal.com/identity-management -Tmpl.Class=Security -Tmpl.Scan=s -Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\ActivCard -OpenClsid={5E248397-8614-4EC5-8926-BD242DC9830A} -OpenClsid={30E5C61A-E359-498B-B833-1FB56CCDDCE2} -OpenClsid={884E2007-217D-11DA-B2A4-000E7BBB2B09} -OpenClsid={8BF9A910-A8FF-457F-999F-A5CA10B4A885} -OpenIpcPath=\RPC Control\LSMApi -OpenIpcPath=\RPC Control\samss lpc -OpenIpcPath=*\BaseNamedObjects*\Microsoft Smart Card Resource Manager* - -[Template_Yubikey] -Tmpl.Title=Yubikey Authentication -Tmpl.Class=Security -OpenIpcPath=\RPC Control\keysvc - - - - - -# -# Default settings -# - -[Template_AutoRecoverIgnore] -Tmpl.Title=#4291 -Tmpl.Class=Misc -AutoRecoverIgnore=.part -AutoRecoverIgnore=.jc! -AutoRecoverIgnore=.leechget -AutoRecoverIgnore=.dlm -AutoRecoverIgnore=.tmp -AutoRecoverIgnore=.download -AutoRecoverIgnore=.dtapart -AutoRecoverIgnore=.crdownload -AutoRecoverIgnore=.crx -AutoRecoverIgnore=.ob! -AutoRecoverIgnore=.partial -AutoRecoverIgnore=.!ut -AutoRecoverIgnore=.lnk -AutoRecoverIgnore=desktop.ini -AutoRecoverIgnore=.opdownload - -[Template_LingerPrograms] -Tmpl.Title=#4292 -Tmpl.Class=Misc -LingerProcess=mscorsvw.exe -LingerProcess=AcroRd32.exe -LingerProcess=Adobe_Updater.exe -LingerProcess=JUSched.exe -LingerProcess=SynCor.exe -LingerProcess=GoogleUpdate.exe -LingerProcess=GoogleToolbarNotifier.exe -LingerProcess=RunDll32.exe -LingerProcess=RealSched.exe -LingerProcess=wisptis.exe -LingerProcess=CS5ServiceManager.exe -LingerProcess=AcrobatInfo.exe -LingerProcess=IeLowUtil.exe -LingerProcess=DllHost.exe -LingerProcess=SplWow64.exe -LingerProcess=nacl.exe -LingerProcess=nacl64.exe -LingerProcess=pdf24.exe -LingerProcess=RuntimeBroker.exe -LingerProcess=ssh-agent.exe -# Vivaldi_Updater -LingerProcess=update_notifier.exe -# Chrome_Telemetry -LingerProcess=software_reporter_tool.exe -# Opera -LingerProcess=opera_crashreporter.exe -LingerProcess=opera_autoupdate.exe - -[Template_BlockPorts] -Tmpl.Title=#4293 -Tmpl.Class=Misc -#BlockPort=137,138,139,445 -NetworkAccess=Block;Port=137,138,139,445 - -[Template_qWave] -Tmpl.Title=#3459 -Tmpl.Class=Misc -OpenPipePath=\Device\QWAVEdrv - -[Template_SkipHook] -Tmpl.Title=#3460 -Tmpl.Class=Misc -SkipHook=DragonSaga.exe,ntqsi,enumwin,findwin -SkipHook=BatmanAC.exe,enumwin,findwin -SkipHook=PotPlayer64.exe,cocreate -SkipHook=PotPlayerMini64.exe,cocreate -SkipHook=mpc-hc64.exe,cocreate - -[Template_FileCopy] -Tmpl.Title=#4295 -Tmpl.Class=Misc -DontCopy=*.url -CopyEmpty=*\microsoft\windows\explorer\thumbcache_* -CopyEmpty=*\microsoft\windows\explorer\iconcache_* -# firefox -CopyAlways=*\places.sqlite -CopyAlways=*\xul.mfl -# windows installer etc -CopyAlways=*\qmgr0.dat -CopyAlways=*\qmgr1.dat -CopyAlways=*\infcache.1 -CopyAlways=*\cbs.log -# internet explorer 10 web cache -CopyAlways=*\webcachev*.dat -# Media Players -DontCopy=*.aac -DontCopy=*.ac3 -DontCopy=*.aiff -DontCopy=*.ape -DontCopy=*.asf -DontCopy=*.avi -DontCopy=*.f4v -DontCopy=*.flac -DontCopy=*.flv -DontCopy=*.m4a -DontCopy=*.m4v -DontCopy=*.mid -DontCopy=*.mka -DontCopy=*.mkv -DontCopy=*.mov -DontCopy=*.mp3 -DontCopy=*.mp4 -DontCopy=*.mpeg -DontCopy=*.mpg -DontCopy=*.oga -DontCopy=*.ogg -DontCopy=*.ogv -DontCopy=*.opus -DontCopy=*.ra -DontCopy=*.rm -DontCopy=*.rmvb -DontCopy=*.ts -DontCopy=*.vob -DontCopy=*.wav -DontCopy=*.webm -DontCopy=*.wma -DontCopy=*.wmv - -[Template_RpcPortBindings] -Tmpl.Title=#4296 -Tmpl.Class=Misc -#Tmpl.Scan=s -#Tmpl.ScanService=RpcSs -#Tmpl.ScanService=RpcEptMapper -#Tmpl.ScanService=DcomLaunch - -# hardcoded options: -#RpcPortBinding=*,{906B0CE0-C70B-1067-B317-00DD010662DA},IpcPort="samss lpc" -#RpcPortBinding=winspool.drv,'ncalrpc:[,Security=Impersonation Dynamic False]',Resolve=PrintSpooler -#RpcPortBindingSvc=Spooler,PrintSpooler - - -# AppInfo -RpcPortBinding=kernel32.dll,'0497b57d-2e66-424f-a0c6-157cd5d41700@ncalrpc:',Resolve=AppInfo,TimeOut=y -RpcPortBindingIfId=AppInfo,{0497b57d-2e66-424f-a0c6-157cd5d41700} -#RpcPortBindingSvc=AppInfo,appinfo - -# RpcMgmtSetComTimeout presets -UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y -UseRpcMgmtSetComTimeout=WINNSI.DLL,n - -# windows proxy auto discovery -#Tmpl.ScanService=WinHttpAutoProxySvc -RpcPortBinding=WinHttp.dll,'ncalrpc:',Resolve=WPAD,TimeOut=y -RpcPortBindingSvc=WPAD,WinHttpAutoProxySvc - -# windows 10 game port -#Tmpl.ScanService=??? -RpcPortBinding=resourcepolicyclient.dll,{00000000-0000-0000-0000-000000000000},Resolve=GamePort -RpcPortBindingIfId=GamePort,{88ABCBC3-34EA-76AE-8215-767520655A23} - -# -# Optional RPC Port Config -# - -[Template_RpcPortBindingsExt] -Tmpl.Title=#4300 -Tmpl.Class=Misc - -# NSI -RpcPortBinding=WINNSI.DLL,'ncalrpc:[,Security=Impersonation Dynamic True]',Resolve=NSI,TimeOut=n -RpcPortBindingIfId=NSI,{7ea70bcf-48af-4f6a-8968-6a440754d5fa} -#RpcPortBindingSvc=NSI,nsi - - -[Template_OpenBluetooth] -Tmpl.Title=#4297 -Tmpl.Class=Misc -#bluetooth -RpcPortBinding=BluetoothApis.dll,'ncalrpc:',Resolve=Bluetooth,TimeOut=y -RpcPortBindingIfId=Bluetooth,{2ACB9D68-B434-4B3E-B966-E06B4B3A84CB} -#RpcPortBindingSvc=Bluetooth,bthserv - -[Template_OpenSmartCard] -Tmpl.Title=#4298 -Tmpl.Class=Misc -#smartcard -RpcPortBinding=WinSCard.dll,{00000000-0000-0000-0000-000000000000},Resolve=SmartCard -RpcPortBindingIfId=SmartCard,{C6B5235A-E413-481D-9AC8-31681B1FAAF5} - -[Template_SSDP] -Tmpl.Title=#4299 -Tmpl.Class=Misc -#upnp -#Tmpl.ScanService=ssdpsrv -RpcPortBinding=SSDPAPI.dll,'ncalrpc:',Resolve=SSDP -RpcPortBindingIfId=SSDP,{4B112204-0E19-11D3-B42B-0000F81FEB9F} -#RpcPortBindingSvc=SSDP,ssdpsrv - - - - -# -# Known Conflicts -# - -[Template_KnownConflicts] -Tmpl.Entry=Folder Lock | Folder Lock -Tmpl.Entry=StrokeIt | StrokeIt -#Tmpl.Entry=AquaSnap 1.16.2 | {CF0C7CA1-9BDC-4660-9CF5-E44446D49725} -#Tmpl.Entry=avast! Antivirus | avast -#Tmpl.Entry=AVG Antivirus | AVG -#Tmpl.Entry=BitDefender Antivirus | BitDefender -#Tmpl.Entry=Blue Ridge Networks AppGuard 3.0.13.1 | {2C9B1E69-DD05-40F5-8378-056A117028F9} -#Tmpl.Entry=Comodo Antivirus | {4E9C1938-BDC8-4897-8368-9574F9AF83E3} -#Tmpl.Entry=Comodo GeekBuddy 4.19.131 | {266FA04F-F0FA-4F7A-AA1E-387A57F579F2} -#Tmpl.Entry=Dr. Web 9 | {937CFD3F-8BFB-4208-81CB-F5004CD7B000} -#Tmpl.Entry=Dr. Web Katana | {7599F709-61D5-44F1-996C-4DFEB1B855E0} -#Tmpl.Entry=iTunes | {FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E} -#Tmpl.Entry=Kaspersky Total Security 16 | {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} -#Tmpl.Entry=Norton Security | NS -#Tmpl.Entry=Nuance Power PDF Advanced 1.0 | {BD71D245-1A8B-4FB3-83E4-74F77FB39267} -#Tmpl.Entry=Office 2016 Click-to-Run | {90160000-007E-0000-0000-0000000FF1CE} -#Tmpl.Entry=PC Tools Firewall Plus | PC Tools Firewall Plus - - - -# -# Deprecated templates -# - -[Template_Firefox_Addon_FoxNotes] - -[Template_Firefox_Addon_SpeedDial] - -[Template_Firefox_Addon_ScrapBook] - -[Template_Neon_Force] - -[Template_Neon_Bookmarks_DirectAccess] - -[Template_Neon_History_DirectAccess] - -[Template_Neon_Cookies_DirectAccess] - -[Template_Neon_Passwords_DirectAccess] - -[Template_Neon_Preferences_DirectAccess] - -[Template_Neon_Profile_DirectAccess] - -[Template_Neon_WallpaperAccess] - -[Template_Maxthon2_Force] - -[Template_Maxthon2_Favorites_DirectAccess] - -[Template_Maxthon2_SharedAccount_DirectAccess] - -[Template_Outlook_Express] - -[Template_DefenseWall] - -[Template_StickyPassword] - -[Template_ActiveSync] - -[Template_Windows2000Internat] - -[Template_FreeDownloadManager] - -[Template_WindowsFontCache] - -[Template_Windows10CoreUI] - -[Template_FireFix_for_Win7] - +# +# Sandboxie Official Configuration Templates +# +# PLEASE DO NOT EDIT +# +# You may place local (custom) templates in your Sandbox.ini +# file. Use the examples here to create your own templates, but +# do not copy the [TemplateSettings] section. +# +# Please name your own local templates in such a way that +# it will not introduce conflicts with the official templates. +# +# For example, if you design a local template to resolve +# a conflict with the utility ExampleSoft: +# +# [Template_Local_ExampleSoft] +# Tmpl.Title=ExampleSoft +# Tmpl.Class=Local +# OpenWinClass=ExampleSoft_WindowClass +# OpenIpcPath=*\BaseNamedObjects*\ExampleSoft_* +# +# Note the use of the word "local" to prevent a conflict, +# should this official template file later be revised to +# include a template for ExampleSoft. +# +# Local templates that appear in your Sandbox.ini are +# treated the same way as any official template in this file, +# and can be activated in Sandbox Control. +# +# A template section (official or local) may only contain the +# following settings: +# +# Tmpl.Title +# Tmpl.Class +# Tmpl.Url +# Tmpl.Comment +# Tmpl.Scan +# OpenFilePath +# OpenPipePath +# ReadFilePath +# ClosedFilePath +# OpenKeyPath +# ReadKeyPath +# ClosedKeyPath +# OpenIpcPath +# ClosedIpcPath +# OpenWinclass +# OpenClsid +# RecoverFolder +# AutoRecoverIgnore +# ForceProcess +# ForceFolder +# OpenProtectedStorage +# OpenCredentials +# ProcessGroup +# +# Any other settings must not be used, as it may confuse the +# Sandbox Control program. +# + +[DefaultTemplates] +Template=RpcPortBindings +Template=SpecialImages + + +[TemplateSettings] +Tmpl.Version=1 +Tmpl.RoboForm=%Personal%\My RoboForm Data +Tmpl.Firefox=%AppData%\Mozilla\Firefox\Profiles\* +Tmpl.Waterfox=%AppData%\Waterfox\Profiles\* +Tmpl.PaleMoon=%AppData%\Moonchild Productions\Pale Moon\Profiles\* +Tmpl.SeaMonkey=%AppData%\Mozilla\SeaMonkey\Profiles\* +Tmpl.LibreWolf=%AppData%\LibreWolf\Profiles\* +Tmpl.Office_Outlook=%Local AppData%\Microsoft\Outlook +Tmpl.Windows_Vista_Mail=%Local AppData%\Microsoft\Windows Mail +Tmpl.Windows_Live_Mail=%Local AppData%\Microsoft\Windows Live Mail +Tmpl.Incredimail=%Local AppData%\IM +Tmpl.eDocPrinter=%ProgramFiles%\ITEKSOFT\eDocPrinter* +Tmpl.FinePrint=%Personal%\FinePrint files +Tmpl.Chrome=%Local AppData%\Google\Chrome\User Data\Default +Tmpl.Edge=%Local AppData%\Microsoft\Edge\User Data\Default +Tmpl.Dragon=%Local AppData%\Comodo\Dragon\User Data\Default +Tmpl.Iron=%Local AppData%\Chromium\User Data\Default +Tmpl.Ungoogled=%Local AppData%\Chromium\User Data\Default +Tmpl.Vivaldi=%Local AppData%\Vivaldi\User Data\Default +Tmpl.Brave=%Local AppData%\BraveSoftware\Brave-Browser\User Data\Default +Tmpl.Maxthon_6=%Local AppData%\Maxthon\Application\User Data\Default +Tmpl.Opera=%AppData%\Opera Software\Opera Stable +Tmpl.Yandex=%Local AppData%\Yandex\YandexBrowser\User Data\Default +Tmpl.Thunderbird=%Local AppData%\Thunderbird +Tmpl.Thunderbird:ExpectFile=xulstore.json +Tmpl.Opera_Mail=%Local AppData%\Opera\*\mail +Tmpl.Opera_Mail:ExpectFile=accounts.ini +Tmpl.Zotero=%Tmpl.Firefox%\zotero +Tmpl.KasperskyDataRoot=%AllUsersProfile%\Kaspersky Lab +Tmpl.TheBat=%AppData%\The Bat! +Tmpl.eM_Client=%AppData%\eM Client + + +# +# Custom handling for special images +# + +[Template_SpecialImages] +#Tmpl.Title=#xxxx +Tmpl.Class=Misc + +SpecialImage=chrome,chrome.exe +SpecialImage=chrome,msedge.exe +SpecialImage=chrome,iron.exe +SpecialImage=chrome,dragon.exe +SpecialImage=chrome,opera.exe +SpecialImage=chrome,neon.exe +SpecialImage=chrome,maxthon.exe +SpecialImage=chrome,vivaldi.exe +SpecialImage=chrome,brave.exe +SpecialImage=chrome,browser.exe +SpecialImage=chrome,slack.exe + +SpecialImage=firefox,firefox.exe +SpecialImage=firefox,waterfox.exe +SpecialImage=firefox,palemoon.exe +SpecialImage=firefox,basilisk.exe +SpecialImage=firefox,seamonkey.exe +SpecialImage=firefox,k-meleon.exe +SpecialImage=firefox,librewolf.exe + +SpecialImage=thunderbird,thunderbird.exe + +SpecialImage=mail,winmail.exe +SpecialImage=mail,IncMail.exe +SpecialImage=mail,eudora.exe +SpecialImage=mail,thebat32.exe +SpecialImage=mail,thebat64.exe +SpecialImage=mail,Foxmail.exe +SpecialImage=mail,Mailbird.exe +SpecialImage=mail,MailClient.exe +SpecialImage=mail,postbox.exe +SpecialImage=mail,Inky.exe + +SpecialImage=browser,PuffinSecureBrowser.exe + + +# +# Internet Explorer +# + +[Template_IExplore_Force] +Tmpl.Title=#4323,Internet Explorer +Tmpl.Class=WebBrowser +ForceProcess=iexplore.exe + +[Template_IExplore_Favorites_DirectAccess] +Tmpl.Title=#4326,Internet Explorer +Tmpl.Class=WebBrowser +OpenFilePath=iexplore.exe,%Favorites% +#OpenFilePath=firefox.exe,%Favorites% + +[Template_IExplore_Favorites_RecoverFolder] +Tmpl.Title=#4327 +Tmpl.Class=WebBrowser +RecoverFolder=%Favorites% + +[Template_IExplore_History_DirectAccess] +Tmpl.Title=#4336,Internet Explorer +Tmpl.Class=WebBrowser +OpenFilePath=iexplore.exe,%Favorites% +OpenFilePath=iexplore.exe,%History%\History.IE5\* +OpenKeyPath=iexplore.exe,HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs +# Windows Search features needed for address bar in IE 8 +OpenClsid={7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} +OpenClsid={9E175B6D-F52A-11D8-B9A5-505054503030} +OpenPipePath=\Device\NamedPipe\MsFteWds +# Internet Explorer 10 history pane +OpenFilePath=|%Local AppData%\Microsoft\Windows\ + +[Template_IExplore_Cookies_DirectAccess] +Tmpl.Title=#4328,Internet Explorer +Tmpl.Class=WebBrowser +OpenFilePath=iexplore.exe,%Cookies% +# Internet Explorer 10 cookies +OpenClsid={0358b920-0ac7-461f-98f4-58e32cd89148} +OpenIpcPath=\RPC Control\webcache_* +OpenIpcPath=*\BaseNamedObjects*\windows_webcache_* +OpenFilePath=%Local AppData%\Microsoft\Internet Explorer\DOMStore\* + +[Template_IExplore_Feeds_DirectAccess] +Tmpl.Title=#4325,Internet Explorer +Tmpl.Class=WebBrowser +OpenFilePath=iexplore.exe,%Local AppData%\Microsoft\Feeds\ +OpenFilePath=iexplore.exe,%Local AppData%\Microsoft\Feeds Cache\ + +[Template_IExplore_ProtectedStorage] +Tmpl.Title=#4329 +Tmpl.Class=WebBrowser +OpenProtectedStorage=y +OpenKeyPath=iexplore.exe,HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms +OpenKeyPath=iexplore.exe,HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs + +# [Template_IExplore_Credentials] +# Tmpl.Title=#4330 +# Tmpl.Class=WebBrowser +# OpenCredentials=y + +# +# Firefox / Waterfox / PaleMoon / SeaMonkey / LibreWolf +# + +# +# Firefox +# + +[Template_Firefox_Force] +Tmpl.Title=#4323,Mozilla Firefox +Tmpl.Class=WebBrowser +ForceProcess=firefox.exe + +[Template_Firefox_Bookmarks_DirectAccess] +Tmpl.Title=#4336,Mozilla Firefox +Tmpl.Class=WebBrowser +OpenFilePath=firefox.exe,%Tmpl.Firefox%\bookmark* +OpenFilePath=firefox.exe,%Tmpl.Firefox%\places* +OpenFilePath=firefox.exe,%Tmpl.Firefox%\favicons.sqlite + +[Template_Firefox_Cookies_DirectAccess] +Tmpl.Title=#4328,Mozilla Firefox +Tmpl.Class=WebBrowser +OpenFilePath=firefox.exe,%Tmpl.Firefox%\cookies* + +[Template_Firefox_Passwords_DirectAccess] +Tmpl.Title=#4331,Mozilla Firefox +Tmpl.Class=WebBrowser +OpenFilePath=firefox.exe,%Tmpl.Firefox%\logins.json +OpenFilePath=firefox.exe,%Tmpl.Firefox%\key*.db + +[Template_Firefox_Session_DirectAccess] +Tmpl.Title=#4340,Mozilla Firefox +Tmpl.Class=WebBrowser +OpenFilePath=firefox.exe,%Tmpl.Firefox%\sessionstore.js* + +[Template_Firefox_Phishing_DirectAccess] +Tmpl.Title=#4337,Mozilla Firefox +Tmpl.Class=WebBrowser +OpenFilePath=firefox.exe,%Tmpl.Firefox%\cert9.db +OpenFilePath=firefox.exe,%Local AppData%\Mozilla\Firefox\Profiles\*\safebrowsing* + +[Template_Firefox_Profile_DirectAccess] +Tmpl.Title=#4338,Mozilla Firefox +Tmpl.Class=WebBrowser +OpenFilePath=firefox.exe,%Tmpl.Firefox%\* + +[Template_Firefox_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# Waterfox +# + +[Template_Waterfox_Force] +Tmpl.Title=#4323,Waterfox +Tmpl.Class=WebBrowser +ForceProcess=waterfox.exe + +[Template_Waterfox_Bookmarks_DirectAccess] +Tmpl.Title=#4336,Waterfox +Tmpl.Class=WebBrowser +OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\bookmark* +OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\places* + +[Template_Waterfox_Cookies_DirectAccess] +Tmpl.Title=#4328,Waterfox +Tmpl.Class=WebBrowser +OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\cookies* + +[Template_Waterfox_Passwords_DirectAccess] +Tmpl.Title=#4331,Waterfox +Tmpl.Class=WebBrowser +OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\logins.json +OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\key*.db + +[Template_Waterfox_Session_DirectAccess] +Tmpl.Title=#4340,Waterfox +Tmpl.Class=WebBrowser +OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\sessionstore.js* + +[Template_Waterfox_Phishing_DirectAccess] +Tmpl.Title=#4337,Waterfox +Tmpl.Class=WebBrowser +OpenFilePath=waterfox.exe,%Tmpl.WaterFox%\blocklist.xml +OpenFilePath=waterfox.exe,%Tmpl.WaterFox%\cert9.db +OpenFilePath=waterfox.exe,%Local AppData%\Waterfox\Profiles\*\safebrowsing* + +[Template_Waterfox_Profile_DirectAccess] +Tmpl.Title=#4338,Waterfox +Tmpl.Class=WebBrowser +OpenFilePath=waterfox.exe,%Tmpl.Waterfox%\* + +[Template_Waterfox_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# Pale Moon +# + +[Template_PaleMoon_Force] +Tmpl.Title=#4323,Pale Moon +Tmpl.Class=WebBrowser +ForceProcess=palemoon.exe + +[Template_PaleMoon_Bookmarks_DirectAccess] +Tmpl.Title=#4336,Pale Moon +Tmpl.Class=WebBrowser +OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\bookmark* +OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\places* + +[Template_PaleMoon_Cookies_DirectAccess] +Tmpl.Title=#4328,Pale Moon +Tmpl.Class=WebBrowser +OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\cookies* + +[Template_PaleMoon_Passwords_DirectAccess] +Tmpl.Title=#4331,Pale Moon +Tmpl.Class=WebBrowser +OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\logins.json +OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\key*.db + +[Template_PaleMoon_Session_DirectAccess] +Tmpl.Title=#4340,Pale Moon +Tmpl.Class=WebBrowser +OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\sessionstore.js + +[Template_PaleMoon_Phishing_DirectAccess] +Tmpl.Title=#4337,Pale Moon +Tmpl.Class=WebBrowser +OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\blocklist.xml +OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\cert9.db + +[Template_PaleMoon_Profile_DirectAccess] +Tmpl.Title=#4338,Pale Moon +Tmpl.Class=WebBrowser +OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\* + +[Template_PaleMoon_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# SeaMonkey Browser +# + +[Template_SeaMonkey_Force] +Tmpl.Title=#4323,SeaMonkey +Tmpl.Class=WebBrowser +ForceProcess=seamonkey.exe + +[Template_SeaMonkey_Bookmarks_DirectAccess] +Tmpl.Title=#4336,SeaMonkey +Tmpl.Class=WebBrowser +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\bookmark* +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\places* + +[Template_SeaMonkey_Cookies_DirectAccess] +Tmpl.Title=#4328,SeaMonkey +Tmpl.Class=WebBrowser +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\cookies* + +[Template_SeaMonkey_Passwords_DirectAccess] +Tmpl.Title=#4331,SeaMonkey +Tmpl.Class=WebBrowser +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\logins.json +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\key*.db + +[Template_SeaMonkey_Session_DirectAccess] +Tmpl.Title=#4340,SeaMonkey +Tmpl.Class=WebBrowser +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\sessionstore.js + +[Template_SeaMonkey_Phishing_DirectAccess] +Tmpl.Title=#4337,SeaMonkey +Tmpl.Class=WebBrowser +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\blocklist.xml +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\cert9.db +OpenFilePath=seamonkey.exe,%Local AppData%\Mozilla\SeaMonkey\Profiles\*\safebrowsing* + +[Template_SeaMonkey_Profile_DirectAccess] +Tmpl.Title=#4338,SeaMonkey +Tmpl.Class=WebBrowser +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\* + +[Template_SeaMonkey_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# LibreWolf +# + +[Template_LibreWolf_Force] +Tmpl.Title=#4323,LibreWolf +Tmpl.Class=WebBrowser +ForceProcess=librewolf.exe + +[Template_LibreWolf_Bookmarks_DirectAccess] +Tmpl.Title=#4336,LibreWolf +Tmpl.Class=WebBrowser +OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\bookmark* +OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\places* +OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\favicons.sqlite + +[Template_LibreWolf_Cookies_DirectAccess] +Tmpl.Title=#4328,LibreWolf +Tmpl.Class=WebBrowser +OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\cookies* + +[Template_LibreWolf_Passwords_DirectAccess] +Tmpl.Title=#4331,LibreWolf +Tmpl.Class=WebBrowser +OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\logins.json +OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\key*.db + +[Template_LibreWolf_Session_DirectAccess] +Tmpl.Title=#4340,LibreWolf +Tmpl.Class=WebBrowser +OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\sessionstore.js* + +[Template_LibreWolf_Phishing_DirectAccess] +Tmpl.Title=#4337,LibreWolf +Tmpl.Class=WebBrowser +OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\cert9.db +OpenFilePath=librewolf.exe,%Local AppData%\LibreWolf\Profiles\*\safebrowsing* + +[Template_LibreWolf_Profile_DirectAccess] +Tmpl.Title=#4338,LibreWolf +Tmpl.Class=WebBrowser +OpenFilePath=librewolf.exe,%Tmpl.LibreWolf%\* + +# +# Firefox Add-ons +# + +[Template_Firefox_Addon_Zotero] +Tmpl.Title=Zotero (with XPDF) +Tmpl.Class=WebBrowser +Tmpl.Url=http://www.zotero.org/ +OpenFilePath=,%Tmpl.Zotero%\* +ProcessGroup=,firefox.exe,pdfinfo-Win32.exe,pdftotext-Win32.exe + +# +# Google Chrome / Microsoft Edge (Chromium) / Comodo Dragon / SRWare Iron / Ungoogled Chromium / Vivaldi / Brave Browser / Maxthon 6 (Chromium) / Opera / Yandex +# + +# +# Google Chrome +# + +[Template_Chrome_Force] +Tmpl.Title=#4323,Google Chrome +Tmpl.Class=WebBrowser +ForceProcess=chrome.exe + +[Template_Chrome_Bookmarks_DirectAccess] +Tmpl.Title=#4356,Google Chrome +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Bookmarks* +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Favicons* + +[Template_Chrome_History_DirectAccess] +Tmpl.Title=#4336,Google Chrome +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Bookmarks* +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Favicons* +OpenFilePath=chrome.exe,%Tmpl.Chrome%\*History* +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Current * +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Last * +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Visited Links* + +[Template_Chrome_Cookies_DirectAccess] +Tmpl.Title=#4328,Google Chrome +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Cookies* + +[Template_Chrome_Passwords_DirectAccess] +Tmpl.Title=#4331,Google Chrome +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Login Data* + +[Template_Chrome_Preferences_DirectAccess] +Tmpl.Title=#4339,Google Chrome +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Preferences* + +[Template_Chrome_Sync_DirectAccess] +Tmpl.Title=#4324,Google Chrome +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Sync Data\* +OpenFilePath=chrome.exe,%Tmpl.Chrome%\Sync Extension Settings\* + +[Template_Chrome_Phishing_DirectAccess] +Tmpl.Title=#4337,Google Chrome +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Local AppData%\Google\Chrome\User Data\Safe Browsing* +OpenFilePath=chrome.exe,%Local AppData%\Google\Chrome\User Data\CertificateRevocation + +[Template_Chrome_Profile_DirectAccess] +Tmpl.Title=#4338,Google Chrome +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Chrome%\* + +# +# Microsoft Edge (Chromium) +# + +[Template_Edge_Force] +Tmpl.Title=#4323,Microsoft Edge +Tmpl.Class=WebBrowser +ForceProcess=msedge.exe + +[Template_Edge_Bookmarks_DirectAccess] +Tmpl.Title=#4356,Microsoft Edge +Tmpl.Class=WebBrowser +OpenFilePath=msedge.exe,%Tmpl.Edge%\Bookmarks* +OpenFilePath=msedge.exe,%Tmpl.Edge%\Favicons* + +[Template_Edge_History_DirectAccess] +Tmpl.Title=#4336,Microsoft Edge +Tmpl.Class=WebBrowser +OpenFilePath=msedge.exe,%Tmpl.Edge%\Bookmarks* +OpenFilePath=msedge.exe,%Tmpl.Edge%\Favicons* +OpenFilePath=msedge.exe,%Tmpl.Edge%\*History* +OpenFilePath=msedge.exe,%Tmpl.Edge%\Current * +OpenFilePath=msedge.exe,%Tmpl.Edge%\Last * +OpenFilePath=msedge.exe,%Tmpl.Edge%\Visited Links* + +[Template_Edge_Cookies_DirectAccess] +Tmpl.Title=#4328,Microsoft Edge +Tmpl.Class=WebBrowser +OpenFilePath=msedge.exe,%Tmpl.Edge%\Cookies* + +[Template_Edge_Passwords_DirectAccess] +Tmpl.Title=#4331,Microsoft Edge +Tmpl.Class=WebBrowser +OpenFilePath=msedge.exe,%Tmpl.Edge%\Login Data* + +[Template_Edge_Preferences_DirectAccess] +Tmpl.Title=#4339,Microsoft Edge +Tmpl.Class=WebBrowser +OpenFilePath=msedge.exe,%Tmpl.Edge%\Preferences* + +[Template_Edge_Sync_DirectAccess] +Tmpl.Title=#4324,Microsoft Edge +Tmpl.Class=WebBrowser +OpenFilePath=msedge.exe,%Tmpl.Edge%\Sync Data\* +OpenFilePath=msedge.exe,%Tmpl.Edge%\Sync Extension Settings\* + +[Template_Edge_Phishing_DirectAccess] +Tmpl.Title=#4337,Microsoft Edge +Tmpl.Class=WebBrowser +OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\Safe Browsing* +OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\CertificateRevocation +OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\SmartScreen +OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\Ad Blocking + +[Template_Edge_Profile_DirectAccess] +Tmpl.Title=#4338,Microsoft Edge +Tmpl.Class=WebBrowser +OpenFilePath=msedge.exe,%Tmpl.Edge%\* + +# +# Comodo Dragon +# + +[Template_Dragon_Force] +Tmpl.Title=#4323,Comodo Dragon +Tmpl.Class=WebBrowser +ForceProcess=dragon.exe + +[Template_Dragon_Bookmarks_DirectAccess] +Tmpl.Title=#4356,Comodo Dragon +Tmpl.Class=WebBrowser +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Bookmarks* +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Favicons* + +[Template_Dragon_History_DirectAccess] +Tmpl.Title=#4336,Comodo Dragon +Tmpl.Class=WebBrowser +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Bookmarks* +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Favicons* +OpenFilePath=dragon.exe,%Tmpl.Dragon%\*History* +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Current * +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Last * +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Visited Links* + +[Template_Dragon_Cookies_DirectAccess] +Tmpl.Title=#4328,Comodo Dragon +Tmpl.Class=WebBrowser +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Cookies* + +[Template_Dragon_Passwords_DirectAccess] +Tmpl.Title=#4331,Comodo Dragon +Tmpl.Class=WebBrowser +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Login Data* + +[Template_Dragon_Preferences_DirectAccess] +Tmpl.Title=#4339,Comodo Dragon +Tmpl.Class=WebBrowser +OpenFilePath=dragon.exe,%Tmpl.Dragon%\Preferences* + +[Template_Dragon_Phishing_DirectAccess] +Tmpl.Title=#4337,Comodo Dragon +Tmpl.Class=WebBrowser +OpenFilePath=dragon.exe,%Local AppData%\Comodo\Dragon\User Data\Safe Browsing* +OpenFilePath=dragon.exe,%Local AppData%\Comodo\Dragon\User Data\CertificateRevocation + +[Template_Dragon_Profile_DirectAccess] +Tmpl.Title=#4338,Comodo Dragon +Tmpl.Class=WebBrowser +OpenFilePath=dragon.exe,%Tmpl.Dragon%\* + +[Template_Dragon_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# SRWare Iron +# + +[Template_Iron_Force] +Tmpl.Title=#4323,SRWare Iron +Tmpl.Class=WebBrowser +ForceFolder=C:\Program Files\SRWare Iron (64-Bit) + +[Template_Iron_Bookmarks_DirectAccess] +Tmpl.Title=#4356,SRWare Iron +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Iron%\Bookmarks* +OpenFilePath=chrome.exe,%Tmpl.Iron%\Favicons* + +[Template_Iron_History_DirectAccess] +Tmpl.Title=#4336,SRWare Iron +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Iron%\Bookmarks* +OpenFilePath=chrome.exe,%Tmpl.Iron%\Favicons* +OpenFilePath=chrome.exe,%Tmpl.Iron%\*History* +OpenFilePath=chrome.exe,%Tmpl.Iron%\Current * +OpenFilePath=chrome.exe,%Tmpl.Iron%\Last * +OpenFilePath=chrome.exe,%Tmpl.Iron%\Visited Links* + +[Template_Iron_Cookies_DirectAccess] +Tmpl.Title=#4328,SRWare Iron +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Iron%\Cookies* + +[Template_Iron_Passwords_DirectAccess] +Tmpl.Title=#4331,SRWare Iron +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Iron%\Login Data* + +[Template_Iron_Preferences_DirectAccess] +Tmpl.Title=#4339,SRWare Iron +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Iron%\Preferences* + +[Template_Iron_Sync_DirectAccess] +Tmpl.Title=#4324,SRWare Iron +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Iron%\Sync Data\* + +[Template_Iron_Phishing_DirectAccess] +Tmpl.Title=#4337,SRWare Iron +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Local AppData%\Chromium\User Data\Safe Browsing* +OpenFilePath=chrome.exe,%Local AppData%\Chromium\User Data\CertificateRevocation + +[Template_Iron_Profile_DirectAccess] +Tmpl.Title=#4338,SRWare Iron +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Iron%\* + +[Template_Iron_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# Ungoogled Chromium +# + +[Template_Ungoogled_Force] +Tmpl.Title=#4323,Ungoogled Chromium +Tmpl.Class=WebBrowser +ForceProcess=chrome.exe + +[Template_Ungoogled_Bookmarks_DirectAccess] +Tmpl.Title=#4356,Ungoogled Chromium +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Bookmarks* +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Favicons* + +[Template_Ungoogled_History_DirectAccess] +Tmpl.Title=#4336,Ungoogled Chromium +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Bookmarks* +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Favicons* +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\*History* +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Current * +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Last * +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Visited Links* + +[Template_Ungoogled_Cookies_DirectAccess] +Tmpl.Title=#4328,Ungoogled Chromium +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Cookies* + +[Template_Ungoogled_Passwords_DirectAccess] +Tmpl.Title=#4331,Ungoogled Chromium +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Login Data* + +[Template_Ungoogled_Preferences_DirectAccess] +Tmpl.Title=#4339,Ungoogled Chromium +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Preferences* + +[Template_Ungoogled_Sync_DirectAccess] +Tmpl.Title=#4324,Ungoogled Chromium +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\Sync Data\* + +[Template_Ungoogled_Profile_DirectAccess] +Tmpl.Title=#4338,Ungoogled Chromium +Tmpl.Class=WebBrowser +OpenFilePath=chrome.exe,%Tmpl.Ungoogled%\* + +[Template_Ungoogled_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# Vivaldi +# + +[Template_Vivaldi_Force] +Tmpl.Title=#4323,Vivaldi +Tmpl.Class=WebBrowser +ForceProcess=vivaldi.exe + +[Template_Vivaldi_Bookmarks_DirectAccess] +Tmpl.Title=#4356,Vivaldi +Tmpl.Class=WebBrowser +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Bookmarks* +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Favicons* + +[Template_Vivaldi_History_DirectAccess] +Tmpl.Title=#4336,Vivaldi +Tmpl.Class=WebBrowser +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Bookmarks* +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Favicons* +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\*History* +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Current * +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Last * +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Visited Links* + +[Template_Vivaldi_Cookies_DirectAccess] +Tmpl.Title=#4328,Vivaldi +Tmpl.Class=WebBrowser +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Cookies* + +[Template_Vivaldi_Notes_DirectAccess] +Tmpl.Title=#4341,Vivaldi +Tmpl.Class=WebBrowser +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Notes* + +[Template_Vivaldi_Passwords_DirectAccess] +Tmpl.Title=#4331,Vivaldi +Tmpl.Class=WebBrowser +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Login Data* + +[Template_Vivaldi_Preferences_DirectAccess] +Tmpl.Title=#4339,Vivaldi +Tmpl.Class=WebBrowser +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Preferences* + +[Template_Vivaldi_Sync_DirectAccess] +Tmpl.Title=#4324,Vivaldi +Tmpl.Class=WebBrowser +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Sync Data\* +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\Sync Extension Settings\* + +[Template_Vivaldi_Phishing_DirectAccess] +Tmpl.Title=#4337,Vivaldi +Tmpl.Class=WebBrowser +OpenFilePath=vivaldi.exe,%Local AppData%\Vivaldi\User Data\Safe Browsing* +OpenFilePath=vivaldi.exe,%Local AppData%\Vivaldi\User Data\CertificateRevocation + +[Template_Vivaldi_Profile_DirectAccess] +Tmpl.Title=#4338,Vivaldi +Tmpl.Class=WebBrowser +OpenFilePath=vivaldi.exe,%Tmpl.Vivaldi%\* + +[Template_Vivaldi_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# Brave Browser +# + +[Template_Brave_Force] +Tmpl.Title=#4323,Brave Browser +Tmpl.Class=WebBrowser +ForceProcess=brave.exe + +[Template_Brave_Bookmarks_DirectAccess] +Tmpl.Title=#4356,Brave Browser +Tmpl.Class=WebBrowser +OpenFilePath=brave.exe,%Tmpl.Brave%\Bookmarks* +OpenFilePath=brave.exe,%Tmpl.Brave%\Favicons* + +[Template_Brave_History_DirectAccess] +Tmpl.Title=#4336,Brave Browser +Tmpl.Class=WebBrowser +OpenFilePath=brave.exe,%Tmpl.Brave%\Bookmarks* +OpenFilePath=brave.exe,%Tmpl.Brave%\Favicons* +OpenFilePath=brave.exe,%Tmpl.Brave%\*History* +OpenFilePath=brave.exe,%Tmpl.Brave%\Current * +OpenFilePath=brave.exe,%Tmpl.Brave%\Last * +OpenFilePath=brave.exe,%Tmpl.Brave%\Visited Links* + +[Template_Brave_Cookies_DirectAccess] +Tmpl.Title=#4328,Brave Browser +Tmpl.Class=WebBrowser +OpenFilePath=brave.exe,%Tmpl.Brave%\Cookies* + +[Template_Brave_Passwords_DirectAccess] +Tmpl.Title=#4331,Brave Browser +Tmpl.Class=WebBrowser +OpenFilePath=brave.exe,%Tmpl.Brave%\Login Data* + +[Template_Brave_Preferences_DirectAccess] +Tmpl.Title=#4339,Brave Browser +Tmpl.Class=WebBrowser +OpenFilePath=brave.exe,%Tmpl.Brave%\Preferences* + +[Template_Brave_Sync_DirectAccess] +Tmpl.Title=#4324,Brave Browser +Tmpl.Class=WebBrowser +OpenFilePath=brave.exe,%Tmpl.Brave%\Sync Data\* + +[Template_Brave_Phishing_DirectAccess] +Tmpl.Title=#4337,Brave Browser +Tmpl.Class=WebBrowser +OpenFilePath=brave.exe,%Local AppData%\BraveSoftware\Brave-Browser\User Data\Safe Browsing* +OpenFilePath=brave.exe,%Local AppData%\BraveSoftware\Brave-Browser\User Data\CertificateRevocation + +[Template_Brave_Profile_DirectAccess] +Tmpl.Title=#4338,Brave Browser +Tmpl.Class=WebBrowser +OpenFilePath=brave.exe,%Tmpl.Brave%\* + +[Template_Brave_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# Maxthon 6 (Chromium) +# + +[Template_Maxthon6_Force] +Tmpl.Title=#4323,Maxthon 6 +Tmpl.Class=WebBrowser +ForceProcess=Maxthon.exe + +[Template_Maxthon6_Bookmarks_DirectAccess] +Tmpl.Title=#4356,Maxthon 6 +Tmpl.Class=WebBrowser +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Bookmarks* +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Favicons* + +[Template_Maxthon6_History_DirectAccess] +Tmpl.Title=#4336,Maxthon 6 +Tmpl.Class=WebBrowser +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Bookmarks* +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Favicons* +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\*History* +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Current * +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Last * +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Visited Links* + +[Template_Maxthon6_Cookies_DirectAccess] +Tmpl.Title=#4328,Maxthon 6 +Tmpl.Class=WebBrowser +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Cookies* + +[Template_Maxthon6_Passwords_DirectAccess] +Tmpl.Title=#4331,Maxthon 6 +Tmpl.Class=WebBrowser +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Login Data* + +[Template_Maxthon6_Preferences_DirectAccess] +Tmpl.Title=#4339,Maxthon 6 +Tmpl.Class=WebBrowser +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\Preferences* + +[Template_Maxthon6_Phishing_DirectAccess] +Tmpl.Title=#4337,Maxthon 6 +Tmpl.Class=WebBrowser +OpenFilePath=Maxthon.exe,%Local AppData%\Maxthon\Application\User Data\Safe Browsing* +OpenFilePath=Maxthon.exe,%Local AppData%\Maxthon\Application\User Data\CertificateRevocation + +[Template_Maxthon6_Profile_DirectAccess] +Tmpl.Title=#4338,Maxthon 6 +Tmpl.Class=WebBrowser +OpenFilePath=Maxthon.exe,%Tmpl.Maxthon_6%\* + +[Template_Maxthon6_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# Opera +# + +[Template_Opera_Force] +Tmpl.Title=#4323,Opera +Tmpl.Class=WebBrowser +ForceProcess=opera.exe + +[Template_Opera_Bookmarks_DirectAccess] +Tmpl.Title=#4356,Opera +Tmpl.Class=WebBrowser +OpenFilePath=opera.exe,%Tmpl.Opera%\Bookmarks* +OpenFilePath=opera.exe,%Tmpl.Opera%\Favicons* + +[Template_Opera_History_DirectAccess] +Tmpl.Title=#4336,Opera +Tmpl.Class=WebBrowser +OpenFilePath=opera.exe,%Tmpl.Opera%\Bookmarks* +OpenFilePath=opera.exe,%Tmpl.Opera%\Favicons* +OpenFilePath=opera.exe,%Tmpl.Opera%\*History* +OpenFilePath=opera.exe,%Tmpl.Opera%\Current * +OpenFilePath=opera.exe,%Tmpl.Opera%\Last * +OpenFilePath=opera.exe,%Tmpl.Opera%\Visited Links* + +[Template_Opera_Cookies_DirectAccess] +Tmpl.Title=#4328,Opera +Tmpl.Class=WebBrowser +OpenFilePath=opera.exe,%Tmpl.Opera%\Cookies* + +[Template_Opera_Passwords_DirectAccess] +Tmpl.Title=#4331,Opera +Tmpl.Class=WebBrowser +OpenFilePath=opera.exe,%Tmpl.Opera%\Login Data* + +[Template_Opera_Preferences_DirectAccess] +Tmpl.Title=#4339,Opera +Tmpl.Class=WebBrowser +OpenFilePath=opera.exe,%Tmpl.Opera%\Preferences* + +[Template_Opera_Sync_DirectAccess] +Tmpl.Title=#4324,Opera +Tmpl.Class=WebBrowser +OpenFilePath=opera.exe,%Tmpl.Opera%\Sync Data\* + +[Template_Opera_Phishing_DirectAccess] +Tmpl.Title=#4337,Opera +Tmpl.Class=WebBrowser +OpenFilePath=opera.exe,%Tmpl.Opera%\CertificateRevocation + +[Template_Opera_Profile_DirectAccess] +Tmpl.Title=#4338,Opera +Tmpl.Class=WebBrowser +OpenFilePath=opera.exe,%Tmpl.Opera%\* +OpenFilePath=launcher.exe,%Local AppData%\*\Opera\* +OpenFilePath=opera.exe,%Local AppData%\*\Opera\*\* + +[Template_Opera_Separator] +Tmpl.Title=- +Tmpl.Class=WebBrowser + +# +# Yandex +# + +[Template_Yandex_Force] +Tmpl.Title=#4323,Yandex Browser +Tmpl.Class=WebBrowser +ForceProcess=browser.exe + +[Template_Yandex_Bookmarks_DirectAccess] +Tmpl.Title=#4356,Yandex Browser +Tmpl.Class=WebBrowser +OpenFilePath=browser.exe,%Tmpl.Yandex%\Bookmarks* +OpenFilePath=browser.exe,%Tmpl.Yandex%\Favicons* + +[Template_Yandex_History_DirectAccess] +Tmpl.Title=#4336,Yandex Browser +Tmpl.Class=WebBrowser +OpenFilePath=browser.exe,%Tmpl.Yandex%\Bookmarks* +OpenFilePath=browser.exe,%Tmpl.Yandex%\Favicons* +OpenFilePath=browser.exe,%Tmpl.Yandex%\*History* +OpenFilePath=browser.exe,%Tmpl.Yandex%\Current * +OpenFilePath=browser.exe,%Tmpl.Yandex%\Last * +OpenFilePath=browser.exe,%Tmpl.Yandex%\Visited Links* + +[Template_Yandex_Cookies_DirectAccess] +Tmpl.Title=#4328,Yandex Browser +Tmpl.Class=WebBrowser +OpenFilePath=browser.exe,%Tmpl.Yandex%\Cookies* + +[Template_Yandex_Passwords_DirectAccess] +Tmpl.Title=#4331,Yandex Browser +Tmpl.Class=WebBrowser +OpenFilePath=browser.exe,%Tmpl.Yandex%\Ya Passman Data* + +[Template_Yandex_Preferences_DirectAccess] +Tmpl.Title=#4339,Yandex Browser +Tmpl.Class=WebBrowser +OpenFilePath=browser.exe,%Tmpl.Yandex%\Preferences* + +[Template_Yandex_Sync_DirectAccess] +Tmpl.Title=#4324,Yandex Browser +Tmpl.Class=WebBrowser +OpenFilePath=browser.exe,%Tmpl.Yandex%\Sync Data\* + +[Template_Yandex_Phishing_DirectAccess] +Tmpl.Title=#4337,Yandex Browser +Tmpl.Class=WebBrowser +OpenFilePath=browser.exe,%Local AppData%\Yandex\YandexBrowser\User Data\Safe Browsing* +OpenFilePath=browser.exe,%Local AppData%\Yandex\YandexBrowser\User Data\CertificateRevocation + +[Template_Yandex_Profile_DirectAccess] +Tmpl.Title=#4338,Yandex Browser +Tmpl.Class=WebBrowser +OpenFilePath=browser.exe,%Tmpl.Yandex%\* + +# +# Email Reader +# + +[Template_Office_Outlook] +Tmpl.Title=Office Outlook +Tmpl.Class=EmailReader +ProcessGroup=,outlook.exe +OpenFilePath=,%Tmpl.Office_Outlook% +OpenFilePath=,%AppData%\Microsoft\Outlook +OpenFilePath=,%Local AppData%\Microsoft\Outlook +OpenFilePath=outlook.exe,*.eml +OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Office +OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager +OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook +# Outlook pst locks +OpenIpcPath=,*\BaseNamedObjects*\OLKCRPC.OBJ=* +OpenIpcPath=,*\BaseNamedObjects*\MAPI-HP* +OpenIpcPath=,*\BaseNamedObjects*\*_WCIDXPACKED +OpenIpcPath=,*\BaseNamedObjects*\*_WCEMPTY +OpenIpcPath=,*\BaseNamedObjects*\*_WCWRITE +OpenIpcPath=,*\BaseNamedObjects*\*_WCINFO +OpenIpcPath=,*\BaseNamedObjects*\*_CACHEMUTEX +OpenIpcPath=,*\BaseNamedObjects*\*_NDB_ZOMBIE +OpenIpcPath=,*\BaseNamedObjects*\NDB_ROOT_MUTEX +OpenIpcPath=,*\BaseNamedObjects*\Shared-NDB-FE +OpenIpcPath=,*\BaseNamedObjects*\Optex_*_LogOptex +OpenIpcPath=,*\BaseNamedObjects*\OfficeSharedLocks_* +OpenIpcPath=,*\BaseNamedObjects\WMS Notif Engine* +OpenWinClass=,WMS ST Notif Class +# Integration with Windows Desktop Search +OpenClsid={7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} +OpenClsid={9E175B6D-F52A-11D8-B9A5-505054503030} +OpenPipePath=\Device\NamedPipe\MsFteWds + +[Template_Office_Outlook_NEO_Pro] +Tmpl.Title=Office Outlook + NEO Pro +Tmpl.Class=EmailReader +Tmpl.Url=http://www.caelo.com/ +ProcessGroup=,neopro.exe +OpenFilePath=,%Local AppData%\Caelo\NEO Pro\* +OpenKeyPath=,HKEY_CURRENT_USER\Software\Caelo Software\ +LingerProcess=w32mkde.exe + +[Template_Office_Outlook_Copernic_Desktop_Search] +Tmpl.Title=Office Outlook + Copernic Desktop Search +Tmpl.Class=EmailReader +Tmpl.Url=http://www.copernic.com/index.html +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{728F7B17-0053-4543-B232-EC3F19A97985} +OpenIpcPath=,$:DesktopSearchService.exe +OpenIpcPath=,*\BaseNamedObjects*\*DDCS + +[Template_Office_Outlook_Avast_Mail_Scanner] +Tmpl.Title=Office Outlook + avast! Mail Scanner +Tmpl.Class=EmailReader +Tmpl.Url=http://www.avast.com +Tmpl.Scan=s +Tmpl.ScanService=avast! Mail Scanner +OpenIpcPath=,\RPC Control\[Aavm] +OpenIpcPath=,*\BaseNamedObjects*\*Aavm* +OpenIpcPath=,*\BaseNamedObjects*\AvOut* +OpenIpcPath=,*\BaseNamedObjects*\AvSPM* +OpenIpcPath=,*\BaseNamedObjects*\AvRes* +ProcessGroup=,outlook.exe + +[Template_Office_Outlook_Rainlendar] +Tmpl.Title=Office Outlook + Rainlendar +Tmpl.Class=EmailReader +Tmpl.Url=http://www.rainlendar.net +Tmpl.Scan=s +Tmpl.ScanProduct=Rainlendar2 +OpenIpcPath=,*\BaseNamedObjects*\Mutex_MSOSharedMem +OpenIpcPath=,*\BaseNamedObjects*\MSOutlook97_ANCTinuse +OpenIpcPath=,$:Rainlendar2.exe +ProcessGroup=,outlook.exe + +[Template_Windows_Vista_Mail] +Tmpl.Title=Windows Vista Mail +Tmpl.Class=EmailReader +OpenFilePath=winmail.exe,%Tmpl.Windows_Vista_Mail% +OpenFilePath=winmail.exe,%AppData%\Microsoft\Windows Mail +OpenFilePath=winmail.exe,%Local AppData%\Microsoft\Windows Mail +OpenFilePath=winmail.exe,*.eml +OpenKeyPath=winmail.exe,HKEY_CURRENT_USER\Software\Microsoft\Windows Mail +OpenKeyPath=winmail.exe,HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager + +[Template_Windows_Live_Mail] +Tmpl.Title=Windows Live Mail +Tmpl.Class=EmailReader +ProcessGroup=,wlmail.exe,wlcomm.exe +OpenFilePath=,%Tmpl.Windows_Live_Mail% +OpenFilePath=,%AppData%\Microsoft\Windows Live Mail +OpenFilePath=,%AppData%\Microsoft\Windows Live Contacts +OpenFilePath=,%Local AppData%\Microsoft\Windows Live Mail +OpenFilePath=,%Local AppData%\Microsoft\Windows Live Contacts +OpenFilePath=,%Local AppData%\Microsoft\Windows Live\Contacts +OpenFilePath=wlmail.exe,*.eml +OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Windows Live +OpenKeyPath=,HKEY_CURRENT_USER\Software\Microsoft\Windows Live Mail +OpenIpcPath=,\RPC Control\LiveIdSvc + +[Template_Thunderbird] +Tmpl.Title=Thunderbird +Tmpl.Class=EmailReader +OpenFilePath=thunderbird.exe,%Tmpl.Thunderbird% +OpenFilePath=thunderbird.exe,%AppData%\Thunderbird +OpenFilePath=thunderbird.exe,%Local AppData%\Thunderbird +OpenKeyPath=thunderbird.exe,HKEY_LOCAL_MACHINE\SOFTWARE\Clients\*\Mozilla Thunderbird* +OpenKeyPath=thunderbird.exe,HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird* + +[Template_Thunderbird_PGP] +Tmpl.Title=OpenPGP for Thunderbird +Tmpl.Class=EmailReader +OpenFilePath=thunderbird.exe,%AppData%\gnupg +ProcessGroup=,gpg.exe,gpg2.exe,gpg-agent.exe +OpenFilePath=,%Tmpl.Thunderbird% +OpenFilePath=,%AppData%\Thunderbird +OpenFilePath=,%Local AppData%\Thunderbird +OpenFilePath=,%AppData%\gnupg\ +LingerProcess=gpg-agent.exe + +[Template_SeaMonkey] +Tmpl.Title=SeaMonkey +Tmpl.Class=EmailReader +OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\Mail* +#OpenFilePath=seamonkey.exe,%AppData%\Mozilla\Profiles\*\Mail* +#OpenFilePath=seamonkey.exe,%Local AppData%\Mozilla\Profiles\*\Mail* +OpenKeyPath=seamonkey.exe,HKEY_CURRENT_USER\Software\Mozilla*\SeaMonkey* +OpenKeyPath=seamonkey.exe,HKEY_LOCAL_MACHINE\Software\Mozilla\SeaMonkey* + +[Template_Opera_Mail] +Tmpl.Title=Opera Mail +Tmpl.Class=EmailReader +OpenFilePath=opera.exe,%Tmpl.Opera_Mail%\* +OpenFilePath=opera.exe,%AppData%\Opera\*\mail\* +OpenFilePath=opera.exe,%Local AppData%\Opera\*\mail\* + +[Template_IncrediMail] +Tmpl.Title=IncrediMail +Tmpl.Class=EmailReader +OpenFilePath=IncMail.exe,*\IncrediMail\Data\* +OpenFilePath=IncMail.exe,%Tmpl.Incredimail%\ +OpenFilePath=IncMail.exe,%Local AppData%\IM\ +OpenFilePath=IncMail.exe,%AppData%\IM\ +OpenFilePath=ImApp.exe,*\IncrediMail\Data\* +OpenFilePath=ImApp.exe,%Tmpl.Incredimail%\ +OpenFilePath=ImApp.exe,%Local AppData%\IM\ +OpenFilePath=ImApp.exe,%AppData%\IM\ +LingerProcess=ImApp.exe + +[Template_Eudora] +Tmpl.Title=Eudora +Tmpl.Class=EmailReader +OpenFilePath=eudora.exe,%Tmpl.Eudora% +OpenKeyPath=eudora.exe,HKEY_CURRENT_USER\Software\Qualcomm\Eudora + +[Template_TheBat] +Tmpl.Title=The Bat! +Tmpl.Class=EmailReader +ProcessGroup=,thebat32.exe,thebat64.exe +OpenFilePath=,%Tmpl.TheBat% +OpenKeyPath=,HKEY_CURRENT_USER\Software\RIT\The Bat! + +[Template_eM_Client] +Tmpl.Title=eM Client +Tmpl.Class=EmailReader +Tmpl.Url=http://www.emclient.com +OpenFilePath=MailClient.exe,%Tmpl.em_Client%\ + +[Template_SpamFighter] +Tmpl.Title=SPAMfighter +Tmpl.Class=EmailReader +Tmpl.Url=http://www.spamfighter.com/ +OpenIpcPath=*\BaseNamedObjects*\SPAMfighter.* +OpenIpcPath=*\BaseNamedObjects*\sfsg.update_* +OpenIpcPath=*\BaseNamedObjects*\log-*_SPAMfighter_Logs_* +OpenIpcPath=*\BaseNamedObjects*\*?SPAMCFG.EXE +OpenKeyPath=HKEY_CURRENT_USER\Software\SPAMfighter\ + +[Template_GreatNews] +Tmpl.Title=Great News RSS Reader +Tmpl.Class=EmailReader +Tmpl.Url=http://www.curiostudio.com/download.html +Tmpl.Scan=s +Tmpl.ScanProduct={AA381A22-834B-4b21-AB78-CAFF2B05A4C3}}_is1 +OpenFilePath=GreatNews.exe,*\greatnews.ini +OpenFilePath=GreatNews.exe,*\newsfeed.db + +# +# PDF and Printing +# + +[Template_AdobeAcrobat] +Tmpl.Title=Adobe Acrobat +Tmpl.Class=Print +Tmpl.Url=http://www.adobe.com/ +OpenPipePath=\Device\NamedPipe\FLEXnet Licensing Service* +OpenIpcPath=*\BaseNamedObjects*\FLEXnet Licensing Service* +OpenWinClass=AcrobatTrayIcon + +[Template_AdobeAcrobatReader] +Tmpl.Title=Adobe Acrobat Reader +Tmpl.Class=Print +Tmpl.Url=http://www.adobe.com/ +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} +OpenPipePath=\Device\NamedPipe\AIPC_SRV\pdfshell_* +OpenPipePath=\Device\NamedPipe\AIPC_SRV\AcroSBL_* +NoRenameWinClass=AcrobatSDIWindow + +[Template_AdobeDistiller] +Tmpl.Title=Adobe Acrobat (version 8 or 9) with Distiller +Tmpl.Class=Print +Tmpl.Url=http://www.adobe.com/ +Tmpl.Scan=w +OpenPipePath=\Device\NamedPipe\PMtoDistiller +OpenWinClass=Distiller + +[Template_AdobeLicensing] +Tmpl.Title=FlexNet Licensing for Adobe and Autodesk +Tmpl.Class=Print +Tmpl.Url=http://www.adobe.com/ +Tmpl.Scan=i +OpenPipePath=\Device\NamedPipe\FLEXnet Licensing Service* +OpenIpcPath=*\BaseNamedObjects*\FLEXnet Licensing Service* + +[Template_eDocPrinter] +Tmpl.Title=ITEKSOFT eDocPrinter PDF +Tmpl.Class=Print +Tmpl.Url=http://uk.iteksoft.com/ +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{E6718EF2-2B9F-4FFE-B783-35E2CDC6F12E} +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{621483E9-77B0-4E2E-A737-2DB9D5CD02E0} +OpenIpcPath=*\BaseNamedObjects*\eDocPDF* +OpenIpcPath=*\BaseNamedObjects*\Global\eDocPDF* +OpenIpcPath=*\BaseNamedObjects*\EPDFEVTREGPIPE* +OpenPipePath=%Tmpl.eDocPrinter%\ +OpenKeyPath=HKEY_CURRENT_USER\Software\ITEKSOFT\eDocPrinter\PDF\ +OpenPipePath=%Temp%\ep*\ + +[Template_FinePrint] +Tmpl.Title=FinePrint (PDF) +Tmpl.Class=Print +Tmpl.Url=http://www.fineprint.com/products/fineprint/index.html +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\Software\FinePrint Software\FinePrint5 +Tmpl.ScanKey=\REGISTRY\MACHINE\Software\FinePrint Software\FinePrint6 +OpenIpcPath=*\BaseNamedObjects*\FP5* +OpenIpcPath=*\BaseNamedObjects*\FP6* +OpenPipePath=\Device\NamedPipe\FP5_Dispatcher_* +OpenPipePath=\Device\NamedPipe\FP6_Dispatcher_* +OpenWinClass=FP5_DispWndClass +OpenWinClass=FP6_DispWndClass +OpenKeyPath=\REGISTRY\MACHINE\Software\FinePrint Software\FinePrint5 +OpenKeyPath=\REGISTRY\MACHINE\Software\FinePrint Software\FinePrint6 +OpenFilePath=%Tmpl.FinePrint%\fp5.ini +OpenFilePath=%Tmpl.FinePrint%\fp6.ini +RecoverFolder=%Tmpl.FinePrint% + +[Template_HP_UniversalPrintDriver] +Tmpl.Title=HP Universal Print Driver +Tmpl.Class=Print +Tmpl.Url=http://www.hp.com/ +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{877A5D52-5F6F-4175-907D-A6AC4E8F1171} +OpenClsid={877A5D52-5F6F-4175-907D-A6AC4E8F1171} +#OpenPipePath=\Device\NamedPipe\wkssvc + +[Template_NitroPDF5] +Tmpl.Title=Nitro PDF 5 +Tmpl.Class=Print +Tmpl.Url=http://www.nitropdf.com/index.asp +Tmpl.Scan=w +OpenWinClass={FAF5BE9E-BAFF-47BF-BA47-1A4B15185066} +OpenWinClass={03576772-AD02-4630-BC5F-3648526FDF87} +OpenWinClass={AD744029-AC6A-4C0C-A597-D0B02CDB4DE4} +OpenPipePath=%Temp%\BCL Technologies + +[Template_NitroPDF6] +Tmpl.Title=Nitro PDF 6/7 +Tmpl.Class=Print +Tmpl.Scan=s +Tmpl.ScanService=NitroDriverReadSpool +Tmpl.ScanService=NitroDriverReadSpool2 +OpenPipePath=\Device\Mailslot\nlsX86ccMailslot +OpenPipePath=\Device\Mailslot\nlsX86ccCtlSlot +OpenPipePath=\Device\NamedPipe\nitropdfdriverspool +OpenPipePath=\Device\NamedPipe\nitropdfreaderdriverspool +OpenPipePath=\Device\Mailslot\AstccMailslot* +OpenIpcPath=*\BaseNamedObjects*\Nitro PDF Professional* + +[Template_Evernote] +Tmpl.Title=Evernote +Tmpl.Class=Print +Tmpl.Url=http://evernote.com/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\Evernote* +OpenIpcPath=*\BaseNamedObjects*\ENClipperInstanceMutex +OpenIpcPath=*\BaseNamedObjects*\ENSyncServiceAuthMutex +OpenWinClass=TENTrayMainWindow +OpenWinClass=ENMainFrame +OpenWinClass=ENMainFrame3 +OpenWinClass=HwndWrapper[Evernote.exe;* +OpenWinClass=$:EvernoteClipper.exe +LingerProcess=EvernoteClipper.exe + +[Template_MetaProducts_Inquiry] +Tmpl.Title=MetaProducts Inquiry +Tmpl.Class=Print +Tmpl.Url=http://www.metaproducts.com/mp/Inquiry_Standard_Edition.htm +ProcessGroup=,iqls.exe,iqserv.exe,inquiry.exe,iexplore.exe +OpenFilePath=,%AppData%\MetaProducts\Inquiry\ +OpenFilePath=,%Personal%\ +LingerProcess=iqserv.exe + +[Template_Pdf995] +Tmpl.Title=Pdf995 +Tmpl.Class=Print +Tmpl.Url=http://www.pdf995.com/index.html +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\PDF995 +OpenPipePath=%Common AppData%\pdf995\ +OpenPipePath=%AppData%\pdf995\ +OpenPipePath=%Local AppData%\pdf995\ + +[Template_PretonSaver] +Tmpl.Title=PretonSaver +Tmpl.Class=Print +Tmpl.Url=http://www.preton.com/ +Tmpl.Scan=s +Tmpl.ScanService=PretonClientService +OpenPipePath=\Device\NamedPipe\PT32_IpcSessionQueue* + +[Template_SolidConverter] +Tmpl.Title=Solid Converter +Tmpl.Class=Print +Tmpl.Url=http://www.soliddocuments.com/features.htm?product=SolidConverterPDF +Tmpl.Scan=s +Tmpl.ScanService=SPDFCreatorReadSpool +OpenPipePath=\Device\NamedPipe\sdspool +OpenIpcPath=*\BaseNamedObjects*\*.spl* +OpenIpcPath=*\BaseNamedObjects*\Solid* +LingerProcess=SolidConverterPDFv8.exe +LingerProcess=SolidScanServiceX86.exe +ClosedFilePath=SolidConverterPDFV8.exe,* + +[Template_UltraRecall] +Tmpl.Title=UltraRecall +Tmpl.Class=Print +Tmpl.Url=http://www.kinook.com/UltraRecall/ +Tmpl.Scan=s +Tmpl.ScanProduct=Ultra Recall_is1 +OpenWinClass=Afx:00400000:0 +OpenWinClass=$:UltraRecall.exe +OpenIpcPath=*\BaseNamedObjects*\UltraRecall + +# +# Security/Privacy +# + +[Template_a2AntiMalware] +Tmpl.Title=Emsisoft A-Squared Anti-Malware +Tmpl.Class=Security +Tmpl.Url=http://www.emsisoft.com/en/software/free/ +Tmpl.Scan=s +Tmpl.ScanService=a2AntiMalware +# version 5.0 +OpenPipePath=\Device\NamedPipe\{A2IPC}a2_ipc +OpenIpcPath=*\BaseNamedObjects*\{A2IPCMUTEX}a2_ipc +# earlier versions +OpenIpcPath=*\BaseNamedObjects*\mc2SWDIJ* +OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API* +OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* +OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* +OpenIpcPath=*\BaseNamedObjects*\mchMixCache* +OpenIpcPath=*\BaseNamedObjects*\TestQueue* +OpenIpcPath=\RPC Control\mchIpcTestQueue +OpenIpcPath=$:a2service.exe + +[Template_Anonymizer] +Tmpl.Title=Anonymizer Anonymous Surfing +Tmpl.Class=Security +Tmpl.Url=http://www.anonymizer.com/consumer/products/anonymous_surfing/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\AnonFrmWrk* +OpenIpcPath=*\BaseNamedObjects*\AnonTCPMutex + +[Template_Avast_Antivirus] +Tmpl.Title=avast! Antivirus +Tmpl.Class=Security +Tmpl.Url=http://www.avast.com +Tmpl.Scan=s +Tmpl.ScanService=avast! Antivirus +OpenWinClass=asw_av_tray_icon_wndclass +OpenIpcPath=*\BaseNamedObjects*\asw.script_blocking.conf_data* +OpenIpcPath=*\BaseNamedObjects*\aavmGlob.* +OpenIpcPath=*\BaseNamedObjects*\aavmSema.* +OpenIpcPath=*\BaseNamedObjects*\*aavmRq.map +OpenIpcPath=*\BaseNamedObjects*\*aavmSync.evt +OpenIpcPath=*\BaseNamedObjects*\*avscr*.map +ClosedFilePath=*\snxhk.dll +ClosedFilePath=*\snxhk64.dll + +[Template_AVG_Anti_Virus] +Tmpl.Title=AVG Anti-Virus / LinkScanner +Tmpl.Class=Security +Tmpl.Url=http://www.avg.com +Tmpl.Scan=s +Tmpl.ScanService=AvgLdx86 +Tmpl.ScanService=AvgMfx86 +Tmpl.ScanService=avgwd +Tmpl.ScanService=avgsvc +ProcessGroup=,avgscana.exe,avgscanx.exe,avgcsrvx.exe,avgui.exe +ProcessGroup=,avgscana.exe,avgscanx.exe,avgcsrvx.exe,avgui.exe,firefox.exe,iexplore.exe +ProcessGroup=,avgscana.exe +OpenPipePath=,\Device\NamedPipe\*-*-*-*-*::* +OpenPipePath=,\Device\NamedPipe\AVG-CHJW-* +OpenPipePath=,\Device\NamedPipe\AvgScanPipeName* +OpenPipePath=,\Device\NamedPipe\AvgUIPipeName* +OpenPipePath=,\Device\NamedPipe\__hex8__-__hex4__-__hex4__-__hex4__-__hex12__ +OpenIpcPath=,*\BaseNamedObjects*\bce5ad8b-264e-024b-81d6-f289aa672301* +OpenIpcPath=*\BaseNamedObjects*\__AVG_FW_*__ +OpenIpcPath=*\BaseNamedObjects*\CE6383A0-EB13-428c-A97E-92FE645B06E3 +OpenFilePath=,%AllUsersProfile%\AVG*\* +OpenPipePath=\Device\NamedPipe\avg-* +ClosedFilePath=*avg*snxhk*.dll + +[Template_Avira_Antivirus] +Tmpl.Title=Avira Antivirus / Internet Security +Tmpl.Class=Security +Tmpl.Url=http://www.avira.com +Tmpl.Scan=s +Tmpl.ScanService=AntiVirService +OpenIpcPath=*\BaseNamedObjects*\AVSDA_KERNELOBJECT_* +OpenIpcPath=*\BaseNamedObjects*\WEBGUARD_KERNEL_OBJECT_* +OpenIpcPath=*\BaseNamedObjects*\AVMAILC_ISPOP3ACTIVE_* +OpenIpcPath=*\BaseNamedObjects*\AVMAILC_KERNELOBJECT_* +OpenIpcPath=*\BaseNamedObjects*\AVMAILC_KERNEL_OBJECT_* +OpenIpcPath=*\BaseNamedObjects*\KERNELOBJECTNAME_* +OpenIpcPath=*\BaseNamedObjects*\KERNELOBJECT_* +OpenIpcPath=*\BaseNamedObjects*\{506A71E2-D744-4717-8689-649A16CBBA0F} + +[Template_BitDefenderInternetSecurity] +Tmpl.Title=BitDefender Internet Security +Tmpl.Class=Security +Tmpl.Url=http://www.bitdefender.com +Tmpl.Scan=s +Tmpl.ScanProduct=BitDefender +Tmpl.ScanService=vsserv +Tmpl.ScanService=ProductAgentService +OpenPipePath=\Device\NamedPipe\DEFAULT_BD_COMM_PIPE +ClosedFilePath=*BitDefender*atcuf*.dll + +[Template_BitVise] +Tmpl.Title=Bitvise SSH Client +Tmpl.Class=Security +Tmpl.Url=http://www.bitvise.com/ +Tmpl.Scan=s +Tmpl.ScanProduct=BvSshClient +OpenIpcPath=\Device\NamedPipe\TLINETLOCKPIPE + +[Template_TrendMicroBrowserGuard] +Tmpl.Title=Trend Micro Browser Guard +Tmpl.Class=Security +Tmpl.Url=http://free.antivirus.com/browser-guard/ +Tmpl.Scan=s +Tmpl.ScanProduct={D4ADDB2A-EE3C-41A7-88DF-99333DAE18E3} +OpenPipePath=\Device\NamedPipe\bgpipe + +[Template_BullGuard] +Tmpl.Title=BullGuard Antivirus / Internet Security +Tmpl.Class=Security +Tmpl.Url=http://www.bullguard.com/ +Tmpl.Scan=s +Tmpl.ScanProduct=BullGuard +OpenIpcPath=*\BaseNamedObjects*\BullGuard* + +[Template_Bsecure] +Tmpl.Title=Bsecure CloudCare +Tmpl.Class=Security +Tmpl.Url=http://www.bsecure.com/ +Tmpl.Scan=s +Tmpl.ScanService=Bsecure +Tmpl.ScanService=BsecureAV +Tmpl.ScanService=BsecureFilter +Tmpl.ScanService=BSecACFltr +OpenIpcPath=*\BaseNamedObjects*\Bsecure* +OpenIpcPath=*\BaseNamedObjects*\IsBsecureServiceRunning + +[Template_CA_InternetSecuritySuite] +Tmpl.Title=CA Internet Security Suite +Tmpl.Class=Security +Tmpl.Url=http://shop.ca.com/ca/products/internetsecurity/internetsecurity_suite.asp +Tmpl.Scan=s +Tmpl.ScanService=CAISafe +OpenIpcPath=*\BaseNamedObjects*\820EEE67-B517-405d-A775-8BE1879BD279 +OpenIpcPath=*\BaseNamedObjects*\0F727B36-E18C-47fa-B5A4-30C2B84E2EAA +OpenIpcPath=*\BaseNamedObjects*\672AF2F3-FCBE-4870-A103-E78DDCFC051C* +OpenIpcPath=*\BaseNamedObjects*\2212AC6F-01F9-4107-9DD6-C75DA65A7A1F* +OpenIpcPath=*\BaseNamedObjects*\CallingID.* +OpenIpcPath=*\BaseNamedObjects*\*UmxSbx_* +OpenClsid={1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C} +OpenClsid={5F36DC27-B076-4D0C-BD8C-7AEE14022193} +OpenClsid={E82070F7-4174-4F49-8DCF-C87F8DDF0BAA} + +[Template_ChildControl2011] +Tmpl.Title=Salfeld.com Child Control 2011 +Tmpl.Class=Security +Tmpl.Url=http://www.salfeld.com/software/parentalcontrol/index.html +Tmpl.Scan=s +Tmpl.ScanIpc=*\BaseNamedObjects*\ChicoTaskCaller* +OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* +OpenIpcPath=*\BaseNamedObjects*\mchLLEW* +OpenIpcPath=*\BaseNamedObjects*\mchMixCache* +OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API* +OpenIpcPath=*\BaseNamedObjects*\ChicoTaskCaller* +OpenIpcPath=*\BaseNamedObjects*\IPCMyLogIpc* +OpenIpcPath=*\BaseNamedObjects*\IPCWebCheck* +OpenIpcPath=*\BaseNamedObjects*\Salfeld-* +OpenIpcPath=$:webtmr.exe + +[Template_CovenantEyes] +Tmpl.Title=Covenant Eyes +Tmpl.Class=Security +Tmpl.Url=http://www.covenanteyes.com/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\CE_*Obj +OpenWinClass=$:nmSvc.exe + +[Template_ComodoInternetSecurity] +Tmpl.Title=Comodo Internet Security / Antivirus / Firewall +Tmpl.Class=Security +Tmp.Url=http://www.comodo.com/home/internet-security/free-internet-security.php +Tmpl.Scan=s +Tmpl.ScanService=cmdGuard +DelayLoadDll=guard32.dll +DelayLoadDll=guard64.dll +ClosedFilePath=*\Guard32.dll +ClosedFilePath=*\Guard64.dll + +[Template_ComodoVerificationEngine] +Tmpl.Title=Comodo Verification Engine +Tmpl.Class=Security +Tmp.Url=http://www.vengine.com/ +Tmpl.Scan=w +OpenWinClass=Comodo_TTB_Shadow_Class +OpenIpcPath=*\BaseNamedObjects*\Verification Engine Registry Mutex Object +OpenIpcPath=*\BaseNamedObjects*\EE855D62-517A-420e-ADEA-9813658B0442 +OpenIpcPath=*\BaseNamedObjects*\ESigilTaskTrayLoadMutex +OpenIpcPath=*\BaseNamedObjects*\ESigilBho::ValidateOnEvent +OpenIpcPath=*\BaseNamedObjects*\ESigilBho::ValidateOffEvent + +[Template_CyberPatrol] +Tmpl.Title=CyberPatrol +Tmpl.Class=Security +Tmp.Url=http://www.cyberpatrol.com/index.htm +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{6EE6F203-0E4B-4D35-AA06-2B6FBA833D14} +OpenClsid={09ECA3F9-F977-4FD1-84ED-68C89D435D75} +OpenClsid={24E83BB6-80E1-4A1D-BE63-82BF306F3CFA} +OpenClsid={280B4C50-B42E-47E1-8D8D-39F4CD41CDE3} +OpenClsid={37AFD09F-D0D0-47DF-91FE-67F952482929} +OpenClsid={3AA786BD-E3DB-472C-81E3-F38FF100B6BF} +OpenClsid={3D5B796D-8364-4D81-83CE-E5B32FF345AD} +OpenClsid={4C4D3C2E-A908-4F0B-90EB-0E736564CA96} +OpenClsid={4E386DFE-659D-4428-B9FC-B7B1865E8FCE} +OpenClsid={575E825A-91AB-485E-A450-351449256BEA} +OpenClsid={5D40EC06-89EC-447D-A5E1-EFEAF7FBD3B5} +OpenClsid={6164DE26-D577-4323-B588-F11105C6D30A} +OpenClsid={6792F97B-A3C1-4E89-A1C7-C7DFDA70DBE9} +OpenClsid={6DCE346B-1205-4D49-9E52-6670CF1844AB} +OpenClsid={7714CE7E-F32F-4739-9BCB-3CB442DFA724} +OpenClsid={7B5CCBA7-38B5-4B9C-A0EC-4E5ADFD7BA3A} +OpenClsid={7E9B677A-A155-4B12-A17B-9DBD4F359BCB} +OpenClsid={8ABBB2C6-FF5B-4B01-8250-673EC5155561} +OpenClsid={8C62E4AD-C390-48FD-8311-7C3E764EAD70} +OpenClsid={9B4B7F18-D1EA-43BC-93F4-EDF14E0AA703} +OpenClsid={A747A75D-D03D-48F9-9AC6-50D9B610FAC5} +OpenClsid={AA9AD697-20E3-4ECC-A746-0ABAD875C548} +OpenClsid={BB930754-5C0E-4708-B2AC-8567B9753ADE} +OpenClsid={C42F10D8-967A-4F5C-B78C-F0291C0F7FAA} +OpenClsid={D529E5B4-B49D-4D88-B04D-2FA598D76BEA} +OpenClsid={D57CF01D-10C8-46CA-B7AC-D6969D5433B8} +OpenClsid={DDC8AA23-8016-4E16-B567-8F9FBF153010} +OpenClsid={F51CD102-642B-4381-A549-CFEAF9E1EA53} +OpenClsid={FCAA2E8F-EA4E-44F6-97F5-4418E84073CA} +OpenIpcPath=*\BaseNamedObjects*\CYBERPATROLLLC_CYBERPATROL_* +OpenIpcPath=*\BaseNamedObjects*\CP_LSP_MEM_FILE_EVENT +OpenIpcPath=*\BaseNamedObjects*\CPLSP_CONTENT_MEM_MAPPED_FILE_* + +[Template_DigitalPersona] +Tmpl.Title=Digital Persona Fingerprint Reader +Tmpl.Class=Security +Tmpl.Url=http://www.digitalpersona.com/index.php?id=dev_hdw_uareu_reader +Tmpl.Scan=iw +OpenIpcPath=*\BaseNamedObjects*\__DP_TRACE_MUTEX__ +OpenIpcPath=*\BaseNamedObjects*\DP_OTS_IPC_MUTEX +OpenIpcPath=*\BaseNamedObjects*\U.are.U_VerifyCriptoprovider +OpenIpcPath=*\BaseNamedObjects*\DP_OTS_IPC_BUFFER +OpenIpcPath=*\BaseNamedObjects*\DP_OTS_LOOKUP_CACHE +OpenIpcPath=\RPC Control\DPHOST +OpenWinClass=DigitalPersona Pro Agent +OpenWinClass=DP_GlobalAvatarClass + +[Template_DrWeb_SecuritySpace] +Tmpl.Title=Dr.Web Security Space +Tmpl.Class=Security +Tmpl.Url=http://products.drweb.com/win/security_space/?lng=en +Tmpl.Scan=s +Tmpl.ScanService=DrWebEngine +Tmpl.ScanService=DrWebAVService +OpenPipePath=\Device\SpiderG3 +OpenPipePath=\Device\NamedPipe\Dr.Web +OpenPipePath=\??\SPIDER +OpenIpcPath=*\BaseNamedObjects*\DrWebOutlookRunningEvent +OpenWinClass=SpiderAgent GUI Class + +[Template_EasyHideIp] +Tmpl.Title=Easy Hide IP +Tmpl.Class=Security +Tmpl.Url=http://www.easy-hide-ip.com/ +Tmpl.Scan=s +Tmpl.ScanService=EasyRedirect +OpenIpcPath=*\BaseNamedObjects*\Redirector_event2 +OpenClsid={E8B2A82A-2B16-4DBE-BCF0-70CB49FF5022} + +[Template_FastAccessAnywhere] +Tmpl.Title=FastAccess Anywhere +Tmpl.Class=Security +Tmpl.Url=http://www.sensiblevision.com/en-us/fastaccessanywhere/overview.aspx +Tmpl.Scan=s +Tmpl.ScanIpc=*\BaseNamedObjects*\E84B01BF-FA91-48e4-A4B3-EECD7E4DB810 +OpenIpcPath=*\BaseNamedObjects*\E84B01BF-FA91-48e4-A4B3-EECD7E4DB810 +OpenIpcPath=\RPC Control\Callbacks* +OpenWinClass=FATrayAlert + +[Template_FSecure] +Tmpl.Title=F-Secure Internet Protection +Tmpl.Class=Security +Tmpl.Url=http://www.f-secure.com/en_US/products/home-office/internet-security/index.html +Tmpl.Scan=s +Tmpl.ScanService=F-Secure Filter +Tmpl.ScanService=F-Secure Gatekeeper Handler Starter +Tmpl.ScanService=F-Secure Gatekeeper +OpenIpcPath=\RPC Control\__hex12__*.*.*.*.*.*.*.* +OpenIpcPath=\RPC Control\F-Secure ORSP V1 +OpenIpcPath=*\BaseNamedObjects*\FSMB * +OpenIpcPath=*\BaseNamedObjects*\dxk390x-* +OpenIpcPath=*\BaseNamedObjects*\pipeserverhere* +OpenIpcPath=*\BaseNamedObjects*\pipeserversync* +OpenIpcPath=*\BaseNamedObjects*\pipeservertaken* +OpenPipePath=\Device\NamedPipe\__fs*__ +OpenPipePath=\Device\NamedPipe\*.*.*.*.*.*.*.*.*.* +OpenPipePath=\Device\NamedPipe\rcn_* +LingerProcess=fsavaui.exe +# F-Secure 2012 +OpenPipePath=\Device\NamedPipe\ccf_cuif* +OpenPipePath=\Device\NamedPipe\fsccfSettingsServer* +OpenPipePath=\Device\NamedPipe\CCFSettingsChangeNotif_* +OpenPipePath=\Device\NamedPipe\PipeServerTaken* +# F-Secure 2013 +OpenIpcPath=*\BaseNamedObjects*\FsCcfLogging_*.log +OpenIpcPath=*\BaseNamedObjects*\PipeServerTaken* +OpenPipePath=\Device\NamedPipe\FS_CCF_NI_DAEMON* +# change line below to OpenPipePath=\Device\NamedPipe\%EXENAME%-%PID% +OpenPipePath=\Device\NamedPipe\*.exe-* + +[Template_GDataInternetSecurity] +Tmpl.Title=G Data Anti-Virus/Internet Security +Tmpl.Class=Security +Tmpl.Url=http://www.gdata-software.com/home-security/ +Tmpl.Scan=s +Tmpl.ScanService=GDScan +OpenClsid={1E0D02B2-989A-45FF-9318-F43CC56C515A} + +[Template_HomeGuard] +Tmpl.Title=HomeGuard Activity Monitor +Tmpl.Class=Security +Tmpl.Url=http://veridium.net/ +Tmpl.Scan=s +Tmpl.ScanService=HomeGuard AMC +OpenIpcPath=*\BaseNamedObjects*\*Ipc2Map* +OpenIpcPath=*\BaseNamedObjects*\*Ipc2Mutex* +OpenIpcPath=*\BaseNamedObjects*\mc2SWDIJ* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API* +OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API* +OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* +OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* +OpenIpcPath=*\BaseNamedObjects*\mchMixCache* +OpenIpcPath=*\BaseNamedObjects*\*AnswerBuf*Event* +OpenIpcPath=*\BaseNamedObjects*\*AnswerBuf*Map* +OpenIpcPath=$:vglset.exe + +[Template_IoloSystemMechanic] +Tmpl.Title=iolo System Mechanic +Tmpl.Class=Security +Tmpl.Url=http://www.iolo.com/system-mechanic/standard/ +Tmpl.Scan=s +Tmpl.ScanService=ioloSystemService +OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* +OpenIpcPath=*\BaseNamedObjects*\Mutex*mAH*Process*API* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mAH*Process*API* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mix*Process*API* +OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* +OpenIpcPath=*\BaseNamedObjects*\mchMixCache* +OpenIpcPath=*\BaseNamedObjects*\mhicce* + +[Template_Microsoft_EMET] +Tmpl.Title=Enhanced Mitigation Experience Toolkit (Microsoft EMET) +Tmpl.Class=Security +# old EMET homepage +# Tmpl.Url=http://www.microsoft.com/downloads/en/confirmation.aspx?FamilyID=c6f0a6ee-05ac-4eb6-acd0-362559fd2f04 +Tmpl.Url=http://technet.microsoft.com/en-us/security/jj653751 +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Microsoft\EMET +OpenIpcPath=*\BaseNamedObjects*\emet_pid_* +OpenWinClass=$:EMET_notifier.exe +# EMET 4 +OpenPipePath=\Device\Mailslot\EMET_Agent_* +OpenPipePath=\Device\Mailslot\EMET_Recipient_* + +[Template_Kaspersky] +Tmpl.Title=Kaspersky Anti-Virus/Internet Security +Tmpl.Class=Security +Tmpl.Url=http://www.kaspersky.com/kaspersky_internet_security +Tmpl.Scan=s +Tmpl.ScanService=klim5 +Tmpl.ScanService=klim6 +OpenIpcPath=\RPC Control\PRRemote:* +OpenIpcPath=*\BaseNamedObjects*\PRCustomProps* +OpenIpcPath=*\BaseNamedObjects*\PREvent* +OpenIpcPath=*\BaseNamedObjects*\PRObjects* +OpenIpcPath=*\BaseNamedObjects*\KLObj_mt_KLSCRIPTCHECKER_PR_* +OpenIpcPath=*\BaseNamedObjects*\__hex30-90__ +OpenPipePath=\Device\NamedPipe\sa_hlp_srv +LingerProcess=klwtblfs.exe +# following setting comes from value DataRoot of the following key +# HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab\protected\AVP9\environment +OpenPipePath=%Tmpl.KasperskyDataRoot%\~PR*.dat + +[Template_Kaspersky_Pure_Password_Manager] +Tmpl.Title=Kaspersky Pure Password Manager +Tmpl.Class=Security +Tmpl.Url=http://www.kaspersky.com/kaspersky_internet_security +Tmpl.Scan=s +Tmpl.ScanProduct={1A59064A-12A9-469F-99F6-04BF118DBCFF} +OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API* +OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* +OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* +OpenIpcPath=*\BaseNamedObjects*\mchMixCache* +OpenIpcPath=*\BaseNamedObjects*\TtsMappedObject_Tts* +# settings specific to Kaspersky Pure +OpenIpcPath=*\BaseNamedObjects*\kpmPasswordAssistantClosedEvent:* +OpenIpcPath=*\BaseNamedObjects*\kpmAutofillInfo:* + +[Template_KeyScrambler] +Tmpl.Title=KeyScrambler +Tmpl.Class=Security +Tmpl.Url=http://www.qfxsoftware.com/ +Tmpl.Scan=i +OpenIpcPath=\Device\KeyScrambler +OpenIpcPath=\RPC Control\KSControlEp.Default* +OpenIpcPath=*\BaseNamedObjects*\KeyScrambler* +OpenIpcPath=*\BaseNamedObjects*\KSEncryptionEvent* +OpenIpcPath=*\BaseNamedObjects*\KSProcEvent* +OpenIpcPath=*\BaseNamedObjects*\KSEncStatusEvent +OpenIpcPath=*\BaseNamedObjects*\KSSettingsEvent* +OpenPipePath=\Device\NamedPipe\KSTIPipe* +OpenPipePath=\Device\NamedPipe\KSSettingsPipe* + +[Template_HideMyIp] +Tmpl.Title=Hide My IP +Tmpl.Class=Security +Tmpl.Url=http://www.hide-my-ip.com/ +Tmpl.Scan=s +Tmpl.ScanService=HideMyIpSRV +OpenIpcPath=*\BaseNamedObjects*\Redirector_event +OpenClsid={B1A429DB-FB06-4645-B7C0-0CC405EAD3CD} +OpenClsid={6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} + +[Template_HitmanProAlert] +Tmpl.Title=Hitman Pro Alert +Tmpl.Class=Security +Tmpl.Url=https://www.hitmanpro.com/en-us/alert.aspx +Tmpl.Scan=s +Tmpl.ScanProduct=HitmanPro.Alert +Tmpl.ScanService=hmpalertsvc +OpenPipePath=\Device\NamedPipe\hmpalert + +[Template_HmaProVpn] +Tmpl.Title=HMA! Pro VPN +Tmpl.Class=Security +Tmpl.Url=http://www.hidemyass.com/vpn/ +Tmpl.Scan=s +Tmpl.ScanProduct=HMA! Pro VPN +OpenIpcPath=*\BaseNamedObjects*\{3A4BE5AC-E783-4939-A746-05920ACDE790} +OpenIpcPath=*\BaseNamedObjects*\{73B2E84B-B7D9-464d-8376-68D43DE31E1D} + +[Template_LastPass] +Tmpl.Title=LastPass +Tmpl.Class=Security +Tmpl.Url=https://lastpass.com/ +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\lpgetr +Tmpl.ScanFile=%{A520A1A4-1780-4FF6-BD18-167343C5AF16}%\LastPass +OpenFilePath=,%UserProfile%\*\LastPass\* +ProcessGroup=,iexplore.exe,firefox.exe,opera.exe,chrome.exe + +[Template_McAfee_Guardian_Firewall] +Tmpl.Title=McAfee Guardian Firewall +Tmpl.Class=Security +Tmpl.Url=http://www.mcafee.com/us/index.html +Tmpl.Scan=i +OpenIpcPath=\RPC Control\McAfee_FW_RPC + +[Template_Microsoft_Security_Essentials] +Tmpl.Title=Microsoft Security Essentials +Tmpl.Class=Security +Tmpl.Url=http://windows.microsoft.com/en-US/windows/products/security-essentials +Tmpl.Scan=s +Tmpl.ScanService=MsMpSvc +OpenWinClass=msseces_class +OpenWinClass=$:msseces.exe +IContextMenuClsid={09A47860-11B0-4DA5-AFA5-26D86198A780} + +[Template_Mirekusoft_Install_Monitor] +Tmpl.Title=Mirekusoft Install Monitor +Tmpl.Class=Security +Tmpl.Url=http://www.mirekusoft.com/ +Tmpl.Scan=s +Tmpl.ScanService=MSpyData +Tmpl.ScanService=MSpyMon +#Tmpl.ScanProduct={E4ED1ADE-60A6-4660-811E-6E4096EBCA36} +SkipHook=//start.exe,createproc,cocreate +ClosedFilePath=*\MSpyDll.dll + +[Template_NetNanny] +Tmpl.Title=NetNanny +Tmpl.Class=Security +Tmpl.Url=http://www.netnanny.com/ +Tmpl.Scan=s +Tmpl.ScanService=CwAltaService20 +OpenPipePath=\Device\NamedPipe\CWIPCServer_ContentWatch* +OpenIpcPath=*\BaseNamedObjects*\*STRulesSTRules* +OpenIpcPath=*\BaseNamedObjects*\*SearchTree_* +OpenIpcPath=*\BaseNamedObjects*\Alta::* +OpenIpcPath=*\BaseNamedObjects*\SM::* +OpenIpcPath=*\BaseNamedObjects*\CW::* +OpenIpcPath=*\BaseNamedObjects*\CW_* +OpenIpcPath=*\BaseNamedObjects*\CP_SHARED_* +OpenIpcPath=*\BaseNamedObjects*\WORD_PARSER_* +OpenIpcPath=*\BaseNamedObjects*\CwAlta* +OpenFilePath=%AllUsersProfile%\*\ContentWatch\Internet Protection\* +OpenFilePath=%AppData%\ContentWatch\Internet Protection\* +# NetNanny 5 +OpenIpcPath=*\BaseNamedObjects*\*/NETNANNY5/* +OpenClsid={056CDF58-CD7A-41D2-AF75-7CA1F44B84E9} + +[Template_NOD32] +Tmpl.Title=ESET NOD32 Antivirus +Tmpl.Class=Security +Tmpl.Url=http://www.eset.com/ +Tmpl.Scan=s +Tmpl.ScanService=eamon +Tmpl.ScanService=ehdrv +Tmpl.ScanService=ekrn +OpenIpcPath=*\BaseNamedObjects*\NOD32* +OpenIpcPath=*\BaseNamedObjects*\NODCOMM* + +[Template_NormanSecuritySuite] +Tmpl.Title=Norman Security Suite with Parental Controls +Tmpl.Class=Security +Tmpl.Url=http://norman.com/Product/Home_Home_office/49887/en-us +Tmpl.Scan=s +Tmpl.ScanService=NPROSECSVC +OpenIpcPath=*\BaseNamedObjects*\SEM32_COM_MUTEX +OpenIpcPath=*\BaseNamedObjects*\SEM32_EVENT_* +OpenIpcPath=*\BaseNamedObjects*\SHAREMEM_*_MEM* + +[Template_NortonInternetSecurity] +Tmpl.Title=Norton Internet Security / AntiVirus / Norton 360 +Tmpl.Class=Security +Tmpl.Url=https://www.norton.com +Tmpl.Scan=s +Tmpl.ScanService=NortonSecurity +Tmpl.ScanService=NIS +Tmpl.ScanService=NAV +Tmpl.ScanService=N360 +OpenIpcPath=\RPC Control\{__hex8__-__hex4__-__hex4__-__hex4__-__hex12__} +OpenIpcPath=*\BaseNamedObjects*\ccSetMgr_Running* +OpenIpcPath=*\BaseNamedObjects*\NewWCIDConfig* +OpenIpcPath=*\BaseNamedObjects*\LockWCIDConfig* +OpenIpcPath=*\BaseNamedObjects*\IDS_STORAGE_MUTEX +OpenIpcPath=*\BaseNamedObjects*\CGSCE +OpenIpcPath=*\BaseNamedObjects*\CSECE +OpenIpcPath=*\BaseNamedObjects*\CNDIE + +[Template_NortonSafeWebLite] +Tmpl.Title=Norton Safe Web Lite +Tmpl.Class=Security +Tmpl.Url=http://safeweb.norton.com/lite +Tmpl.Scan=s +Tmpl.ScanService=NSL +ProcessGroup=,firefox.exe,iexplore.exe +OpenIpcPath=,\RPC Control\{__hex8__-__hex4__-__hex4__-__hex4__-__hex12__} +OpenIpcPath=,*\BaseNamedObjects*\ccSetMgr_Running* + +[Template_OnlineArmor] +Tmpl.Title=Online Armor +Tmpl.Class=Security +Tmpl.Url=http://www.tallemu.com/product_overview.html +Tmpl.Scan=s +Tmpl.ScanService=OAcat +Tmpl.ScanService=OADevice +Tmpl.ScanService=OAmon +Tmpl.ScanService=OAnet +OpenIpcPath=*\BaseNamedObjects*\{50EA3133-3D0D-44C2-8131-8A1BD21A5B99}AnswerBuf* +OpenIpcPath=*\BaseNamedObjects*\{EDC06980-7B0E-4103-BC5B-413F14A75812}AnswerBuf* +OpenIpcPath=*\BaseNamedObjects*\WinsockProxySendAnswerBuf* +OpenIpcPath=*\BaseNamedObjects*\WinsockProxyRecvAnswerBuf* +OpenIpcPath=*\BaseNamedObjects*\Mutex*mAH*Process*API* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mAH*Process*API* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mix*Process*API* +OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt* +OpenIpcPath=*\BaseNamedObjects*\mchMixCache* +OpenIpcPath=*\BaseNamedObjects*\mc2SWDIJ* +OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* +OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* +OpenIpcPath=\RPC Control\mchIpc{50EA3133-3D0D-44C2-8131-8A1BD21A5B99} +OpenIpcPath=\RPC Control\mchIpc{EDC06980-7B0E-4103-BC5B-413F14A75812} +OpenIpcPath=\RPC Control\mchIpcWinsockProxyRecv +OpenIpcPath=\RPC Control\mchIpcWinsockProxySend +DelayLoadDll=OAwatch.dll + +[Template_PandaCloudAntivirus] +Tmpl.Title=Panda Cloud Antivirus +Tmpl.Class=Security +Tmpl.Url=http://www.cloudantivirus.com/en/ +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{39655A7E-1CCB-4BC7-8686-342A4581CA94} +OpenIpcPath=*\BaseNamedObjects*\76529309-F679-41df-8CAD-383D589867CF +OpenIpcPath=*\BaseNamedObjects*\psanmsrvcppal_* +OpenIpcPath=*\BaseNamedObjects*\_sbf_*panda2* + +[Template_PandaInternetSecurity] +Tmpl.Title=Panda Internet Security +Tmpl.Class=Security +Tmpl.Url=http://www.pandasecurity.com/usa/homeusers/solutions/internet-security/ +Tmpl.Scan=s +Tmpl.ScanService=Panda Software Controller +Tmpl.ScanService=pavboot +Tmpl.ScanService=PAVDRV +Tmpl.ScanService=PAVFNSVR +Tmpl.ScanService=PavProc +Tmpl.ScanService=PavPrSrv +Tmpl.ScanService=PAVSRV +OpenIpcPath=*\BaseNamedObjects*\*PAVPROT_* +OpenIpcPath=*\BaseNamedObjects*\PAVKRE_* +OpenIpcPath=*\BaseNamedObjects*\PAV_icl_proxy_evento_fin +OpenIpcPath=*\BaseNamedObjects*\pavwp_* +OpenIpcPath=*\BaseNamedObjects*\TPSRV_* +OpenIpcPath=*\BaseNamedObjects*\TP_MINIDUMPER_* +OpenIpcPath=*\BaseNamedObjects*\Mutex_Lect_Escri_Memoria_Compartida_* +OpenIpcPath=*\BaseNamedObjects*_ACTIVATION_SHARED_OBJECT_EVENT +OpenIpcPath=*\BaseNamedObjects*_IPC_COMMAND +OpenIpcPath=*\BaseNamedObjects*_IPC_COMMAND_ANSWER +OpenIpcPath=*\BaseNamedObjects*_IPC_CONTROL +OpenIpcPath=*\BaseNamedObjects*_IPC_CONTROL_MUTEX +OpenIpcPath=*\BaseNamedObjects*_IPC_IS_OPEN +OpenIpcPath=*\BaseNamedObjects*_IPC_MUTEX +OpenIpcPath=*\BaseNamedObjects*_IPC_NEW_MESSAGE +OpenIpcPath=*\BaseNamedObjects*_RULES_CHANGE_SHARED_OBJECT_EVENT + +[Template_PasswordDoor] +Tmpl.Title=Password Door +Tmpl.Class=Security +Tmpl.Url=http://toplang.com/passworddoor.htm +Tmpl.Scan=s +Tmpl.ScanProduct=Password Door +OpenPipePath=\Device\NamedPipe\PasswordDoor* + +[Template_PC_Tools_Security] +Tmpl.Title=PC Tools Security +Tmpl.Class=Security +Tmpl.Url=http://www.pctools.com/ +Tmpl.Scan=s +Tmpl.ScanService=ThreatFire +OpenIpcPath=\RPC Control\mchIpcThreatfireApiHook +OpenIpcPath=*\BaseNamedObjects*\ThreatfireApiHookAnswerBuf* +OpenIpcPath=*\BaseNamedObjects*\Mutex*mAH*Process*API* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mAH*Process*API* +OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*mix*Process*API* +OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt* +OpenIpcPath=*\BaseNamedObjects*\mchMixCache* +OpenIpcPath=*\BaseNamedObjects*\mchLLEW2* +OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap* +OpenIpcPath=*\BaseNamedObjects*\{1E57CBD2-232C-4f17-867C-7F9B4052D89C} +OpenIpcPath=*\BaseNamedObjects*\{CB98E8A0-6E8B-4a24-9953-41D8F2FED3FC} +OpenIpcPath=*\BaseNamedObjects*\{0C84A7BB-7D57-4b00-A418-1448159824DA} +DelayLoadDll=TfWah.dll + +[Template_PGP] +Tmpl.Title=PGP (Pretty Good Privacy) +Tmpl.Class=Security +Tmpl.Url=http://www.pgp.com/products/desktop_home/index.html +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\PGPhkSharedMemory +OpenIpcPath=*\BaseNamedObjects*\PGPocTrayInstSem +OpenIpcPath=*\BaseNamedObjects*\PGPocTrayListenSem +OpenIpcPath=*\BaseNamedObjects*\PGPtray_Hidden_Window +OpenIpcPath=*\BaseNamedObjects*\PGPlsp Debug Print Mutex +OpenPipePath=\Device\NamedPipe\pgpserv +OpenPipePath=\Device\NamedPipe\pgpsdkserv + +[Template_Proxifier] +Tmpl.Title=Proxifier +Tmpl.Class=Security +Tmpl.Url=http://www.proxifier.com/ +Tmpl.Scan=w +OpenWinClass=Proxifier32Cls +OpenWinClass=$:proxifier.exe +OpenIpcPath=*\BaseNamedObjects*\Proxifier* +OpenPipePath=\Device\NamedPipe\proxifier + +[Template_ProxyCap] +Tmpl.Title=ProxyCap +Tmpl.Class=Security +Tmpl.Url=http://www.proxycap.com/ +Tmpl.Scan=s +Tmpl.ScanService=pcapsvc +OpenIpcPath=*\BaseNamedObjects*\proxycap_*_event* +OpenPipePath=\Device\NamedPipe\proxycap_s_pipe + +[Template_RoboForm] +Tmpl.Title=RoboForm +Tmpl.Class=Security +Tmpl.Url=http://www.roboform.com/ +Tmpl.Scan=i +OpenFilePath=%Tmpl.RoboForm% +OpenFilePath=%Tmpl.RoboForm%\* +OpenIpcPath=*\BaseNamedObjects*\{45DB34C3-955C-11D3-ABEF-444553540000}* +OpenPipePath=\Device\NamedPipe\{9A04C483-2EDC-40CE-B4F9-D9809ADA75E1} +# ProcessGroup=,identities.exe +OpenWinClass=RfWatcher333233 + +[Template_SafeEyes] +Tmpl.Title=Safe Eyes +Tmpl.Class=Security +Tmpl.Url=http://www.internetsafety.com/safe-eyes-parental-control-software.php +Tmpl.Scan=s +Tmpl.ScanWinClass=SE_LSP_MsgSink +OpenWinClass=ICA_Class + +[Template_SafeCentral] +Tmpl.Title=SafeCentral +Tmpl.Class=Security +Tmpl.Url=http://www.safecentral.com/index.html +Tmpl.Scan=s +Tmpl.ScanService=AuthPluginServer +OpenPipePath=\Device\NamedPipe\*AuthPluginServer_Pipe +OpenPipePath=\Device\NamedPipe\*WebAdvisor_IpcPipe +OpenIpcPath=*\BaseNamedObjects*\LauncherServer* +OpenIpcPath=*\BaseNamedObjects*\CREATEPROCESS_RESPONCE_EVENT + +[Template_SafeNet] +Tmpl.Title=SafeNet Authentication +Tmpl.Class=Security +Tmpl.Url=http://www.safenet-inc.com/products/data-protection/multi-factor-authentication/ +Tmpl.Scan=s +Tmpl.ScanIpc=*\BaseNamedObjects*\DatakeyTokenServerReadyEvent +OpenIpcPath=*\BaseNamedObjects*\Datakey* + +[Template_SiteAdvisor] +Tmpl.Title=McAfee SiteAdvisor +Tmpl.Class=Security +Tmpl.Url=http://www.siteadvisor.com/ +Tmpl.Scan=s +Tmpl.ScanService=McAfee SiteAdvisor Service +# -- second version: run SiteAdvisor in sandbox +StartService=McAfee SiteAdvisor Service +LingerProcess=McSACore.exe +LingerProcess=McSvHost.exe +# -- first version: talk to SiteAdvisor outside sandbox +# Tmpl.Scan=s +# Tmpl.ScanKey=\REGISTRY\MACHINE\Software\Classes\Clsid\{5A90F5EE-16B8-4C2A-81B3-FD5329BA477C} +# OpenClsid={5A90F5EE-16B8-4C2A-81B3-FD5329BA477C} +# OpenClsid={5A90F5EE-16B8-4C2A-81B3-FD5329BA4780} +# OpenIpcPath=*\BaseNamedObjects*\McSACore_* +# OpenWinClass=ATL:1009CD70 +# OpenWinClass=ATL:1009DDD8 + +[Template_Super_Socks5Cap] +Tmpl.Title=Super Socks5Cap / Super Network Tunnel / Ssh Tunnel Easy (LSP + Tunnel All) +Tmpl.Class=Security +Tmpl.Url=http://www.networktunnel.net/ +# Super Network Tunnel +OpenIpcPath=*\BaseNamedObjects*\*tunnelapi* +OpenIpcPath=*\RPC Control\*tunnelapi* +OpenIpcPath=*\BaseNamedObjects*\*NetworkTunnel* +OpenIpcPath=*\RPC Control\*NetworkTunnel* +OpenIpcPath=$:TunnelClient.exe +OpenIpcPath=$:TunnelClient_Portable.exe +# Super Socks5cap +OpenIpcPath=*\RPC Control\*networkdll* +OpenIpcPath=*\BaseNamedObjects*\*networkdll* +OpenIpcPath=*\BaseNamedObjects*\*SuperSocks5Cap* +OpenIpcPath=*\RPC Control\*SuperSocks5Cap* +OpenIpcPath=$:SuperSocks5Cap.exe +# Ssh Tunnel Easy +OpenIpcPath=*\BaseNamedObjects\*SshTunnelEasy* +OpenIpcPath=*\RPC Control\*SshTunnelEasy* +OpenIpcPath=$:SshTunnelEasy.exe +Tmpl.Scan=w +OpenWinClass=TSetupSocksForm + +[Template_VipreAntiVirus] +Tmpl.Title=Vipre Antivirus +Tmpl.Class=Security +Tmpl.Url=http://www.vipreantivirus.com/Software/VIPRE-Antivirus/ +Tmpl.Scan=s +Tmpl.ScanService=SBAMSvc +OpenIpcPath=*\BaseNamedObjects*\SBAM* +OpenIpcPath=*\BaseNamedObjects*\OEAPI* + +[Template_VPNTunnel] +Tmpl.Title=VPNTunnel Anonymous Internet +Tmpl.Class=Security +Tmpl.Url=https://www.vpntunnel.se +Tmpl.Scan=s +Tmpl.ScanProduct=VPNTunnel +SkipHook=*,wsaconn + +[Template_WindowsDefender] +Tmpl.Title=Windows Defender +Tmpl.Class=Security +Tmpl.Url=http://www.microsoft.com/windows/products/winfamily/defender/default.mspx +Tmpl.Scan=i +OpenIpcPath=\RPC Control\MsMp-* + +[Template_ZoneAlarmSecuritySuite] +Tmpl.Title=ZoneAlarm Internet Security Toolbar +Tmpl.Class=Security +Tmpl.Url=http://www.zonealarm.com/security/en-us/zonealarm-computer-security-suite.htm +Tmpl.Scan=s +Tmpl.ScanService=IswSvc +OpenPipePath=\Device\NamedPipe\IswSvc +OpenPipePath=\Device\NamedPipe\IswSessionMin* +OpenIpcPath=*\BaseNamedObjects*\ISW_WIEC_* +OpenIpcPath=*\BaseNamedObjects*\ISWUL_* +OpenIpcPath=*\BaseNamedObjects*\_ISWINTERNAL_* +OpenIpcPath=*\BaseNamedObjects*\IswSessionMinShared* +OpenIpcPath=*\BaseNamedObjects*\ISWDMP_* + +# +# Desktop Utilities +# + +[Template_4tTrayMinimizer] +Tmpl.Title=4t Tray Minimizer +Tmpl.Class=Desktop +Tmpl.Url=http://www.4t-niagara.com/tray.html +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\ShellEh*.dll +OpenWinClass=*UtilWindow + +[Template_7zipShellEx] +Tmpl.Title=7-Zip Shell Extension +Tmpl.Class=Desktop +Tmpl.Url=http://www.7-zip.org/ +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} +OpenIpcPath=*\BaseNamedObjects*\7zCompressMapping* +OpenIpcPath=*\BaseNamedObjects*\7zMap* + +[Template_ActiveCaptions] +Tmpl.Title=Active Captions +Tmpl.Class=Desktop +Tmpl.Url=http://www.shelltoys.com/minimize_tray/index.html +Tmpl.Scan=w +OpenWinClass=ActiveCaptions + +[Template_ASUS_CapsHook] +Tmpl.Title=ASUS CapsHook +Tmpl.Class=Desktop +Tmpl.Url=http://support.asus.com/Download.aspx?SLanguage=en&m=Eee+PC+1015PX&p=20&s=1 +Tmpl.Scan=s +Tmpl.ScanProduct={4B5092B6-F231-4D18-83BC-2618B729CA45} +OpenWinClass=$:CapsHook.exe + +[Template_AcerGridVista] +Tmpl.Title=Acer GridVista +Tmpl.Class=Desktop +Tmpl.Scan=w +OpenWinClass=DritekScreenSplitterMainWindowClass +OpenIpcPath=*\BaseNamedObjects*\Dritek-WindowMessageHooker-FileMappingStamp + +[Template_ActualWindowManager] +Tmpl.Title=Actual Tools Actual Window Manager +Tmpl.Class=Desktop +Tmpl.Url=http://www.actualtools.com/ +OpenIpcPath=*\BaseNamedObjects*\*_ServiceMapping +OpenIpcPath=*\BaseNamedObjects*\*_ParamStrings_* +OpenIpcPath=*\BaseNamedObjects*\MMF{*} +OpenIpcPath=*\BaseNamedObjects*\ActualTools* +OpenWinClass=*_MessengerServerWindow +Tmpl.Scan=s +Tmpl.ScanIpc=*\BaseNamedObjects*\ActualTools_* + +[Template_AdFender] +Tmpl.Title=AdFender +Tmpl.Class=Desktop +Tmpl.Url=http://www.adfender.com/ +OpenIpcPath=*\BaseNamedObjects*\AdFenderActive_* +OpenIpcPath=*\BaseNamedObjects*\AdFenderDisabled_* +Tmpl.Scan=s +Tmpl.ScanProduct=AdFender + +[Template_ArumSwitcher] +Tmpl.Title=Arum Switcher +Tmpl.Class=Desktop +Tmpl.Url=http://www.arumswitcher.com/ +OpenIpcPath=*\BaseNamedObjects*\Arum_Switcher_Hook* + +[Template_Asutype] +Tmpl.Title=Asutype +Tmpl.Class=Desktop +Tmpl.Url=http://www.asutype.com/index.html +Tmpl.Scan=w +OpenIpcPath=*\BaseNamedObjects*\fa00000* +OpenWinClass=*asutype + +[Template_AutoSizer] +Tmpl.Title=AutoSizer +Tmpl.Class=Desktop +Tmpl.Url=http://www.southbaypc.com/autosizer/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\AutoSizer123 +OpenWinClass=SysListView32 + +[Template_Babylon] +Tmpl.Title=Babylon +Tmpl.Class=Desktop +Tmpl.Url=http://www.babylon.com/ +Tmpl.Scan=w +OpenPipePath=\device\namedpipe\babypipe + +[Template_BingToolbar] +Tmpl.Title=Bing Search Toolbar +Tmpl.Class=Desktop +Tmpl.Url=http://www.discoverbing.com/toolbar/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\ChannelReady_ac620ca9-6743-44d7-b861-e1d5ad76dd2c +OpenPipePath=\Device\NamedPipe\msn\toolbar* + +[Template_Bins_Windows7Taskbar] +Tmpl.Title=Bins for Windows 7 Taskbar +Tmpl.Class=Desktop +Tmpl.Url=http://www.1upindustries.com/bins/ +Tmpl.Scan=s +Tmpl.ScanProduct=Bins +ClosedFilePath=*\TaskbarDockAppIntegration32.dll +ClosedFilePath=*\TaskbarDockAppIntegration64.dll + +[Template_BookmarkBuddy] +Tmpl.Title=Bookmark Buddy +Tmpl.Class=Desktop +Tmpl.Url=http://www.bookmarkbuddy.net/ +Tmpl.Scan=w +OpenWinClass=BMKBUDDY + +[Template_Chameleon_Window_Manager] +Tmpl.Title=Chameleon Window Manager +Tmpl.Class=Desktop +Tmpl.Url=http://www.chameleon-managers.com/window-manager/ +Tmpl.Scan=s +Tmpl.ScanProduct=Chameleon Window Manager +OpenIpcPath=*\BaseNamedObjects*\{System-*-*-*-*-*} +OpenIpcPath=*\BaseNamedObjects*\chameleon* + +[Template_DialogMate2] +Tmpl.Title=Dialog Mate 2 +Tmpl.Class=Desktop +Tmpl.Url=http://dm2.sourceforge.net/ +Tmpl.Scan=iw +OpenIpcPath=*\BaseNamedObjects*\DM2_SharedMem +OpenIpcPath=*\BaseNamedObjects*\DM2_RollWindow_SharedMem +OpenWinClass=DM2 Server class + +[Template_DragonNaturallySpeaking] +Tmpl.Title=Dragon NaturallySpeaking +Tmpl.Class=Desktop +Tmpl.Url=http://www.nuance.com/naturallyspeaking/products/default.asp +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\Dragon NaturallySpeaking* + +[Template_FeedDemon] +Tmpl.Title=FeedDemon +Tmpl.Class=Desktop +Tmpl.Url=http://www.feeddemon.com/ +Tmpl.Scan=s +Tmpl.ScanProduct=FeedDemon_is1 +OpenPipePath=FeedDemon.exe,*\FeedDemon\v1\* +OpenIpcPath=FeedDemon.exe,*\BaseNamedObjects*\FeedDemonMutex +OpenWinClass=FeedDemon.exe,* + +[Template_FileEx] +Tmpl.Title=File-Ex 3 +Tmpl.Class=Desktop +Tmpl.Url=http://www.cottonwoodsw.com/fx3summ.html +Tmpl.Scan=s +Tmpl.ScanProduct=File-Ex v3.* +OpenWinClass=$:FileEx.exe + +[Template_GoogleToolbarIE] +Tmpl.Title=Google Toolbar for Internet Explorer +Tmpl.Class=Desktop +Tmpl.Url=http://toolbar.google.com/ +OpenIpcPath=*\BaseNamedObjects*\{40635BCA-4026-4CE3-9741-C8DC476E6268} +OpenIpcPath=*\BaseNamedObjects*\{B7F1F778-8315-4EB2-AC1E-5AFCAA603271} +OpenIpcPath=*\BaseNamedObjects*\{DEBFCCE1-B446-4992-9C9E-CA1CB548C718} +OpenIpcPath=*\BaseNamedObjects*\*{E709AE98-F4E6-40DE-BE47-CFBA9B4605C0} +OpenWinClass={A7E495BF-9589-4A6E-8479-DDA2D8D3C05F} +OpenWinClass=$:GoogleToolbarNotifier.exe +OpenClsid={FBA44040-BD27-4A09-ACC8-C08B7C723DCD} +LingerProcess=GoogleToolbarUser.exe +LingerProcess=GoogleToolbarUser_32.exe +Tmpl.Scan=s +Tmpl.ScanProduct={18455581-E099-4BA8-BC6B-F34B2F06600C} + +[Template_Intel_HD_Graphics] +Tmpl.Title=Intel HD Graphics Driver +Tmpl.Class=Desktop +OpenIpcPath=\RPC Control\{27B4FD7B-035B-4853-938E-CC13FE3724D4} +OpenIpcPath=*\BaseNamedObjects*\{3BFDD3D2-761C-4206-990C-3CC0643CF73A} +OpenIpcPath=*\BaseNamedObjects*\? +Tmpl.Scan=s +Tmpl.ScanIpc=\RPC Control\{27B4FD7B-035B-4853-938E-CC13FE3724D4} + +[Template_IntelliTypePro] +Tmpl.Title=IntelliType Pro +Tmpl.Class=Desktop +Tmpl.Url=http://www.microsoft.com/hardware/download/download.aspx?category=MK +OpenWinClass=TInstanceManager + +[Template_Folder_Size] +Tmpl.Title=Folder Size +Tmpl.Url=http://foldersize.sourceforge.net/ +Tmpl.Class=Desktop +Tmpl.Scan=s +Tmpl.ScanService=FolderSize +OpenPipePath=\Device\NamedPipe\FolderSize +OpenIpcPath=*\BaseNamedObjects*\FolderSizeShellUpdateMutex + +[Template_JetStart] +Tmpl.Title=JetStart +Tmpl.Class=Desktop +Tmpl.Url=http://www.codesector.com/jetstart.php +Tmpl.Scan=w +OpenWinClass=MetaLauncher +OpenIpcPath=*\BaseNamedObjects*\MetaLauncherMapObject* + +[Template_gMote] +Tmpl.Title=gMote +Tmpl.Class=Desktop +Tmpl.Url=http://www.handform.net/gmote.php +Tmpl.Scan=w +OpenWinClass=TGestureConfigForm + +[Template_GoogleJapaneseIME] +Tmpl.Title=Google Japanese Input Method (IME) +Tmpl.Class=Desktop +Tmpl.Url=http://www.google.com/intl/ja/ime/ +Tmpl.Scan=s +Tmpl.ScanService=GoogleIMEJaCacheService +OpenPipePath=\Device\NamedPipe\googlejapaneseinput.* +LingerProcess=GoogleIMEJaTool.exe +LingerProcess=GoogleIMEJaRenderer.exe + +[Template_KeyboardNinja] +Tmpl.Title=Keyboard Ninja +Tmpl.Class=Desktop +Tmpl.Url=http://www.intelife.net/ninja/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\KEYBOARD_NINJA_2 +OpenWinClass=$:ninja.exe + +[Template_Lingoes] +Tmpl.Title=Lingoes Translator +Tmpl.Class=Desktop +Tmpl.Url=http://www.lingoes.net/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\OpenText_ZWFilter_GlobaData* +OpenIpcPath=*\BaseNamedObjects*\OpenText_GrabText_GlobaData* +OpenIpcPath=*\BaseNamedObjects*\OpenText_GrabText_Mutex* +OpenWinClass=$:lingoes.exe + +[Template_Linkman] +Tmpl.Title=Linkman +Tmpl.Class=Desktop +Tmpl.Url=http://www.outertech.com/index.php?_charisma_page=product&id=5 +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\Linkman* +OpenWinClass=TLinkmanF +OpenWinClass=opera.exe,op* +OpenWinClass=opera.exe,DDEMLAnsiClient + +[Template_LinkStash] +Tmpl.Title=LinkStash +Tmpl.Class=Desktop +Tmpl.Url=http://www.xrayz.co.uk/ +Tmpl.Scan=w +OpenWinClass=LinkStash +OpenWinClass=LinkStashMonitor +OpenWinClass=$:lnkstash.exe + +[Template_Listary] +Tmpl.Title=Listary +Tmpl.Class=Desktop +Tmpl.Url=http://www.listary.com/ +Tmpl.Scan=s +Tmpl.ScanProduct=Listary_is1 +OpenIpcPath=*\BaseNamedObjects*\ListarySharedData +OpenWinClass=ListaryToolbarCls +OpenWinClass=$:listary.exe +# v4 +OpenIpcPath=*\BaseNamedObjects*\Listary_MainSharedMemory + +[Template_Logitech_G15_Keyboard] +Tmpl.Title=Logitech Keyboard LCD Display +Tmpl.Class=Desktop +Tmpl.Url=https://support.logi.com/hc/en-us/articles/360024851053--Downloads-G15-Gaming-Keyboard +# This scan is unreliable and it should be disabled by default +#Tmpl.Scan=s +#Tmpl.ScanProduct=Logitech Gaming Software +OpenPipePath=\Device\NamedPipe\LGLCDPIPE-* + +[Template_LogitechProcessMonitor] +Tmpl.Title=Logitech Process Monitor Service +Tmpl.Class=Desktop +Tmpl.Scan=s +Tmpl.ScanService=LVPrcSrv +DelayLoadDll=LVPrcInj.dll + +[Template_LogitechSetPoint] +Tmpl.Title=Logitech SetPoint Mouse +Tmpl.Class=Desktop +Tmpl.Url=https://www.logitech.com/en-us/articles/11650 +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Logitech\SetPoint +NoRenameWinClass=Internet Explorer_Server + +[Template_LogitechScrollApp] +Tmpl.Title=Logitech Scroll App +Tmpl.Class=Desktop +Tmpl.Url=https://www.softpedia.com/get/Tweak/System-Tweak/Scroll-App.shtml +Tmpl.Scan=w +OpenWinClass=LogiSmoothScrlBckGrndWnd +NoRenameWinClass=IEFrame +OpenIpcPath=*\BaseNamedObjects*\LogiSmoothWheelInUse + +[Template_MacroExpress] +Tmpl.Title=Macro Express +Tmpl.Class=Desktop +Tmpl.Url=http://www.macroexpress.com +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\ME98aveR +OpenIpcPath=*\BaseNamedObjects*\MEBA3KGR +OpenIpcPath=*\BaseNamedObjects*\me4hml +OpenIpcPath=*\BaseNamedObjects*\me4hsd +OpenIpcPath=*\BaseNamedObjects*\me4mmm +OpenIpcPath=*\BaseNamedObjects*\me4msd +OpenIpcPath=*\BaseNamedObjects*\me4pml +OpenIpcPath=*\BaseNamedObjects*\me4esd +OpenWinClass=TMainWin + +[Template_ManyCam] +Tmpl.Title=ManyCam +Tmpl.Class=Desktop +Tmpl.Url=http://www.manycam.com/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\ManyCam_FileMapping* + +[Template_Microsoft_MSMQ] +Tmpl.Title=Microsoft Message Queuing (MSMQ) +Tmpl.Class=Desktop +Tmpl.Url=http://msdn.microsoft.com/en-us/library/windows/desktop/ms711472%28v=vs.85%29.aspx +Tmpl.Scan=i +OpenIpcPath=\RPC Control\QMsvc$* + +[Template_NTrig_DuoSense] +Tmpl.Title=N-Trig DuoSense +Tmpl.Class=Desktop +Tmpl.Url=http://www.n-trig.com/Content.aspx?Page=DualModeTechnology +Tmpl.Scan=w +OpenIpcPath=*\BaseNamedObjects*\ntrignativegesturesmutex +OpenWinClass=NtrigSessionClient + +[Template_nVidia_nView] +Tmpl.Title=nVidia nView +Tmpl.Class=Desktop +Tmpl.Url=http://www.nvidia.com/object/nview_display_us.html +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\nView Shared * +OpenIpcPath=*\BaseNamedObjects*\nView * Event + +[Template_nVidia_Stereoscopic3D] +Tmpl.Title=nVidia Stereoscopic 3D Driver +Tmpl.Class=Desktop +Tmpl.Url=http://www.nvidia.com/object/3d-vision-main.html +Tmpl.Scan=s +Tmpl.ScanService=Stereo Service +OpenPipePath=\Device\NamedPipe\stereosvrpipe + +[Template_ObjectDock] +Tmpl.Title=ObjectDock +Tmpl.Class=Desktop +Tmpl.Url=http://www.stardock.com/products/objectdock/ +Tmpl.Scan=w +OpenWinClass=ObjectDockServer + +[Template_OfficeLicensing] +Tmpl.Title=Windows and Office Licensing Services +Tmpl.Class=Desktop +Tmpl.Url=http://office.microsoft.com +Tmpl.Scan=s +Tmpl.ScanService=osppsvc +# Office 2010 +OpenIpcPath=\RPC Control\OSPPCTransportEndpoint-* +# Office 2013 +Tmpl.ScanService=sppsvc +OpenIpcPath=\RPC Control\SPPCTransportEndpoint-* + +[Template_OfficeClickToRun] +Tmpl.Title=Microsoft Office Click-to-Run +Tmpl.Class=Desktop +Tmpl.Url=http://office.microsoft.com +Tmpl.Scan=s +Tmpl.ScanService=ClickToRunSvc +HostInjectDll=\SboxHostDll.dll +HostInjectDll64=\SboxHostDll.dll +HostInjectProcess=OfficeClicktoRun.exe|ClickToRunSvc +OpenIpcPath=\RPC Control\C2RClientAPI_Server_System* +OpenIpcPath=\RPC Control\ClickToRun_Pipeline* +OpenIpcPath=\RPC Control\AppV-ISV-* +BoxNameTitle=EXCEL.EXE,- +BoxNameTitle=MSACCESS.EXE,- +BoxNameTitle=MSPUB.EXE,- +BoxNameTitle=ONENOTE.EXE,- +BoxNameTitle=OUTLOOK.EXE,- +BoxNameTitle=POWERPNT.EXE,- +BoxNameTitle=WINWORD.EXE,- + + +[Template_RadeonPro] +Tmpl.Title=RadeonPro +Tmpl.Class=Desktop +Tmpl.Url=http://radeonpro.info/ +Tmpl.Scan=s +Tmpl.ScanService=RadeonPro Support Service +OpenIpcPath=*\BaseNamedObjects*\_rppmdata +OpenIpcPath=*\BaseNamedObjects*\__rpapicf +OpenIpcPath=*\BaseNamedObjects*\__rpssd + +[Template_RBTray] +Tmpl.Title=RBTray +Tmpl.Class=Desktop +Tmpl.Url=http://rbtray.sourceforge.net/ +Tmpl.Scan=w +OpenWinClass=RBTrayHook + +[Template_RemoteDesktop] +Tmpl.Title=Remote Desktop +Tmpl.Class=Desktop +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\RDPSound* + +[Template_RoboType3] +Tmpl.Title=RoboType 3 (PC Magazine Downloads) +Tmpl.Class=Desktop +Tmpl.Url=http://www.pcmag.com/article2/0,2817,427378,00.asp +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\RoboType.document +OpenWinClass=Afx:400000:b:10003:* +OpenWinClass=Afx:400000:b:10011:* + +[Template_RocketDock] +Tmpl.Title=RocketDock +Tmpl.Class=Desktop +Tmpl.Url=http://rocketdock.com/ +Tmpl.Scan=iw +OpenIpcPath=*\BaseNamedObjects*\FdMe +OpenWinClass=ROCKETDOCK + +[Template_RTSS] +Tmpl.Title=Rivatuner Statistics Server +Tmpl.Class=Desktop +Tmpl.Url=https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html +Tmpl.Scan=s +Tmpl.ScanProduct=RTSS +OpenPipePath=\Device\NamedPipe\rtss_frametime +OpenIpcPath=*\BaseNamedObjects*\RTSSSharedMemoryV2 + +[Template_ShortKeys] +Tmpl.Title=ShortKeys (Lite) +Tmpl.Class=Desktop +Tmpl.Url=http://www.shortkeys.com +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\sh02hasd +OpenIpcPath=*\BaseNamedObjects*\sh03hasd +OpenIpcPath=*\BaseNamedObjects*\sh02mpas +OpenIpcPath=*\BaseNamedObjects*\sh03mpas +OpenWinClass=TMainWin + +[Template_SnagIt] +Tmpl.Title=TechSmith SnagIt +Tmpl.Class=Desktop +Tmpl.Url=http://www.techsmith.com/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\SnagPriv* +OpenPipePath=\Device\NamedPipe\SnagPriv.* + +[Template_SrsAudioSandbox] +Tmpl.Title=SRS Audio Sandbox +Tmpl.Class=Desktop +Tmpl.Url=http://www.srslabs.com/store/audioproducts.asp +OpenIpcPath=*\BaseNamedObjects*\AudioEngineDuplicateHandleApiPort* + +[Template_StrokeIt] +Tmpl.Title=StrokeIt +Tmpl.Class=Desktop +Tmpl.Url=http://www.tcbmi.com/strokeit/ +Tmpl.Scan=w +OpenWinClass=StrokeIt +OpenWinClass=StrokeIt/IgnoreUIPI +OpenWinClass=# + +[Template_SynapticsTouchPad] +Tmpl.Title=Synaptics TouchPad +Tmpl.Class=Desktop +Tmpl.Url=http://www.synaptics.com/support/drivers +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Synaptics\SynTP +NoRenameWinClass=MozillaWindowClass + +[Template_SystemAudioStream] +Tmpl.Title=System Audio Stream +Tmpl.Class=Desktop +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\System_Audio_Stream_* + +[Template_TypingAssistant] +Tmpl.Title=Typing Assistance +Tmpl.Class=Desktop +Tmpl.Url=http://www.sumitsoft.com/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\Typing Assistant (*) +OpenWinClass=$:Typing Assistant (English).exe +OpenWinClass=$:Typing Assistant (French).exe +OpenWinClass=$:Typing Assistant (German).exe +OpenWinClass=$:Typing Assistant (Hungarian).exe +OpenWinClass=$:Typing Assistant (Italian).exe +OpenWinClass=$:Typing Assistant (Portuguese).exe +OpenWinClass=$:Typing Assistant (Spanish).exe + +[Template_TwoPilots_SpeedTyping] +Tmpl.Title=Two Pilots Speed Typing +Tmpl.Class=Desktop +Tmpl.Url=http://www.colorpilot.com/speed-typing.html +Tmpl.Scan=w +OpenWinClass=TYPEPILOTMAINWND + +[Template_UltraMon] +Tmpl.Title=UltraMon +Tmpl.Class=Desktop +Tmpl.Url=http://www.realtimesoft.com/de/ultramon/ +Tmpl.Scan=w +OpenWinClass=UltraMon App +OpenWinClass=UltraMonWndExtMsg + +[Template_WacomTablet] +Tmpl.Title=Wacom Tablet +Tmpl.Class=Desktop +Tmpl.Url=http://www.wacom.com/customercare/drivers.aspx +OpenIpcPath=*\BaseNamedObjects*\Wacom*WintabConnection* +OpenIpcPath=$:Tablet.exe +Tmpl.Scan=i + +[Template_WindowsRasMan] +Tmpl.Title=Windows Remote Access Connection Manager (dial-up/VPN) +Tmpl.Class=Desktop +Tmpl.Scan=i +OpenIpcPath=\RPC Control\RasManLrpc + +[Template_VirtuaWin] +Tmpl.Title=VirtuaWin +Tmpl.Class=Desktop +Tmpl.Url=http://virtuawin.sourceforge.net/ +Tmpl.Scan=w +OpenWinClass=VirtuaWinMainClass +NoAutoExitExplorer=y + +[Template_Volumouse] +Tmpl.Title=NirSoft Volumouse +Tmpl.Class=Desktop +Tmpl.Url=http://www.nirsoft.net/utils/volumouse.html +Tmpl.Scan=w +OpenWinClass=NirSoft_VolumouseMsg* + +[Template_WindowsLive] +Tmpl.Title=Windows Live +Tmpl.Class=Desktop +Tmpl.Url=http://www.live.com +Tmpl.Scan=s +Tmpl.ScanService=wlidsvc +OpenIpcPath=\RPC Control\LiveIdSvc +ClosedFilePath=%SystemRoot%\System32\IDStore.dll +ClosedFilePath=%SystemRoot%\System32\wlidprov.dll +ClosedKeyPath=\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\NetworkServiceTriggers\Triggers\bc90d167-9470-4139-a9ba-be0bbbf5b74d\CC105610-DA03-467E-BC73-5B9E2937458D + +[Template_WindowBlinds] +Tmpl.Title=WindowBlinds +Tmpl.Class=Desktop +Tmpl.Url=http://www.stardock.com/products/windowblinds/ +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\Software\Stardock\WindowBlinds +OpenPipePath=\Device\NamedPipe\WBServer* +OpenIpcPath=*\BaseNamedObjects*\WB_WAIT + +[Template_ZoomText] +Tmpl.Title=ZoomText +Tmpl.Class=Desktop +Tmpl.Url=http://www.synapseadaptive.com/aisquared/zoomtext_9/zoomtext_9_home_page.htm +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\AH_XMSAA_* +OpenIpcPath=*\BaseNamedObjects*\ZSMEscapeKeyEvent +OpenIpcPath=*\BaseNamedObjects*\Ai2_HOOKDATA_FILEMAP* +OpenIpcPath=*\BaseNamedObjects*\ZoomTextRunning* +OpenWinClass=ZT9MainWindow + +# +# Media Players +# + +[Template_VLC_Force] +Tmpl.Title=#4323,VLC +Tmpl.Class=MediaPlayer +ForceProcess=vlc.exe + +[Template_VLC_DirectAccess_Profile] +Tmpl.Title=#4338,VLC +Tmpl.Class=MediaPlayer +OpenFilePath=vlc.exe,%AppData%\vlc\* + +[Template_VLC_DirectAccess_Photos] +Tmpl.Title=#4395,VLC +Tmpl.Class=MediaPlayer +OpenFilePath=vlc.exe,%UserProfile%\Pictures\* + +[Template_MPC-HC_Force] +Tmpl.Title=#4323,MPC-HC +Tmpl.Class=MediaPlayer +ForceProcess=mpc-hc64.exe +ForceProcess=mpc-hc.exe + +[Template_MPC-HC_DirectAccess_Profile] +Tmpl.Title=#4338,MPC-HC +Tmpl.Class=MediaPlayer +OpenFilePath=mpc-hc64.exe,%AppData%\MPC-HC\* +OpenFilePath=mpc-hc.exe,%AppData%\MPC-HC\* + +[Template_MPC-HC_DirectAccess_Photos] +Tmpl.Title=#4395,MPC-HC +Tmpl.Class=MediaPlayer +OpenFilePath=mpc-hc64.exe,%UserProfile%\Pictures\* +OpenFilePath=mpc-hc.exe,%UserProfile%\Pictures\* + +[Template_MPC-BE_Force] +Tmpl.Title=#4323,MPC-BE +Tmpl.Class=MediaPlayer +ForceProcess=mpc-be64.exe +ForceProcess=mpc-be.exe + +[Template_MPC-BE_DirectAccess_Profile] +Tmpl.Title=#4338,MPC-BE +Tmpl.Class=MediaPlayer +OpenFilePath=mpc-be64.exe,%AppData%\MPC-BE\* +OpenFilePath=mpc-be.exe,%AppData%\MPC-BE\* + +[Template_MPC-BE_DirectAccess_Photos] +Tmpl.Title=#4395,MPC-BE +Tmpl.Class=MediaPlayer +OpenFilePath=mpc-be64.exe,%UserProfile%\Pictures\* +OpenFilePath=mpc-be.exe,%UserProfile%\Pictures\* + +[Template_PotPlayer_Force] +Tmpl.Title=#4323,PotPlayer +Tmpl.Class=MediaPlayer +ForceProcess=PotPlayerMini64.exe +ForceProcess=PotPlayerMini.exe + +[Template_PotPlayer_DirectAccess_Profile] +Tmpl.Title=#4338,PotPlayer +Tmpl.Class=MediaPlayer +OpenFilePath=PotPlayerMini64.exe,%AppData%\PotPlayerMini64 +OpenFilePath=PotPlayerMini.exe,%AppData%\PotPlayerMini + +[Template_SMPlayer_Force] +Tmpl.Title=#4323,SMPlayer +Tmpl.Class=MediaPlayer +ForceProcess=smplayer.exe + +[Template_SMPlayer_DirectAccess_Profile] +Tmpl.Title=#4338,SMPlayer +Tmpl.Class=MediaPlayer +OpenFilePath=smplayer.exe,%AppData%\mpv\* + +[Template_SMPlayer_DirectAccess_Photos] +Tmpl.Title=#4395,SMPlayer +Tmpl.Class=MediaPlayer +OpenFilePath=smplayer.exe,%UserProfile%\Pictures\smplayer_screenshots +OpenFilePath=smplayer.exe,%UserProfile%\Pictures\smplayer_screenshots + +[Template_KMPlayer_Force] +Tmpl.Title=#4323,KMPlayer +Tmpl.Class=MediaPlayer +ForceProcess=KMPlayer64.exe +ForceProcess=KMPlayer.exe + +[Template_KMPlayer_DirectAccess_Profile] +Tmpl.Title=#4338,KMPlayer +Tmpl.Class=MediaPlayer +OpenFilePath=KMPlayer64.exe,%AppData%\KMP +OpenFilePath=KMPlayer.exe,%AppData%\KMP + +[Template_Clementine_Force] +Tmpl.Title=#4323,Clementine +Tmpl.Class=MediaPlayer +ForceProcess=clementine.exe + +[Template_Clementine_DirectAccess_Profile] +Tmpl.Title=#4338,Clementine +Tmpl.Class=MediaPlayer +OpenFilePath=clementine.exe,%UserProfile%\current\.config\Clementine\* + +[Template_Clementine_DirectAccess_Music] +Tmpl.Title=#4398,Clementine +Tmpl.Class=MediaPlayer +OpenFilePath=clementine.exe,%UserProfile%\Music\* + +[Template_Strawberry_Force] +Tmpl.Title=#4323,Strawberry Music Player +Tmpl.Class=MediaPlayer +ForceProcess=strawberry.exe + +[Template_Strawberry_DirectAccess_Profile] +Tmpl.Title=#4338,Strawberry Music Player +Tmpl.Class=MediaPlayer +OpenFilePath=strawberry.exe,%Local AppData%\Strawberry + +[Template_Strawberry_DirectAccess_Music] +Tmpl.Title=#4398,Strawberry Music Player +Tmpl.Class=MediaPlayer +OpenFilePath=strawberry.exe,%UserProfile%\Music\* + +# +# Torrent Clients +# + +[Template_qBittorrent_Force] +Tmpl.Title=#4323,qBittorrent +Tmpl.Class=TorrentClient +ForceProcess=qBittorrent.exe + +[Template_qBittorrent_DirectAccess_Profile] +Tmpl.Title=#4338,qBittorrent +Tmpl.Class=TorrentClient +OpenFilePath=qBittorrent.exe,%Local AppData%\qBittorrent +OpenFilePath=qBittorrent.exe,%AppData%\qBittorrent + +[Template_Transmission_Force] +Tmpl.Title=#4323,Transmission +Tmpl.Class=TorrentClient +ForceProcess=transmission-qt.exe + +[Template_Transmission_DirectAccess_Profile] +Tmpl.Title=#4338,Transmission +Tmpl.Class=TorrentClient +OpenFilePath=transmission-qt.exe,%Local AppData%\transmission + +[Template_BiglyBT_Force] +Tmpl.Title=#4323,BiglyBT +Tmpl.Class=TorrentClient +ForceProcess=BiglyBT.exe + +[Template_BiglyBT_DirectAccess_Profile] +Tmpl.Title=#4338,BiglyBT +Tmpl.Class=TorrentClient +OpenFilePath=BiglyBT.exe,%AppData%\BiglyBT + +[Template_Popcorn-Time_Force] +Tmpl.Title=#4323,Popcorn Time (popcorntime.app) +Tmpl.Class=TorrentClient +ForceProcess=Popcorn-Time.exe + +[Template_Popcorn-Time_DirectAccess_Profile] +Tmpl.Title=#4338,Popcorn Time (popcorntime.app) +Tmpl.Class=TorrentClient +OpenFilePath=Popcorn-Time.exe,%Local AppData%\popcorn-time + +[Template_PicoTorrent_Force] +Tmpl.Title=#4323,Pico Torrent +Tmpl.Class=TorrentClient +ForceProcess=PicoTorrent.exe +ForceRestart=PicoTorrent.exe + +# +# Download Managers +# + +[Template_InternetDownloadManager] +Tmpl.Title=Internet Download Manager +Tmpl.Class=Download +Tmpl.Url=http://www.internetdownloadmanager.com/ +Tmpl.Scan=s +# Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{AC746233-E9D3-49CD-862F-068F7B7CCCA4} +Tmpl.ScanProduct=Internet Download Manager +OpenClsid={AC746233-E9D3-49CD-862F-068F7B7CCCA4} +# prevent access to host port +# BlockPort=1001 + +[Template_SothinkWebVideoDownloader] +Tmpl.Title=Sothink Web Video Downloader Stand-alone +Tmpl.Class=Download +Tmpl.Url=http://www.sothinkmedia.com/web-video-downloader/ +Tmpl.Scan=w +OpenWinClass=WVD_Class +OpenIpcPath=$:VideoDownloader.exe + +[Template_OrbitDownloader] +Tmpl.Title=Orbit Downloader +Tmpl.Class=Download +Tmpl.Url=http://www.orbitdownloader.com +Tmpl.Scan=w +OpenIpcPath=*\BaseNamedObjects*\GRABPRO_WEBSITEMUTEX_* +OpenIpcPath=*\BaseNamedObjects*\orbitcth_ipc* +OpenIpcPath=*\BaseNamedObjects*\orbitdm_app* +OpenIpcPath=*\BaseNamedObjects*\ORBTPROS_APP +OpenWinClass=ORBTPROS_APP +OpenWinClass=orbitdm_app + +[Template_Replay_Music] +Tmpl.Title=Applian Replay Music +Tmpl.Class=Download +Tmpl.Url=http://www.applian.com/replay-music/index.php +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\{034DBD6D-6784-4CB3-97D8-749947D01F70} +OpenIpcPath=*\BaseNamedObjects*\{3EA1EB13-8045-44FC-AD59-B4F05478B400} +OpenIpcPath=*\BaseNamedObjects*\{6560EAD3-F709-4B66-B90B-EA2D2C85AE30} +OpenIpcPath=*\BaseNamedObjects*\{F22F2429-009C-4B5D-959F-519B59E25170} + +[Template_Replay_Media_Catcher] +Tmpl.Title=Applian Replay Media Catcher +Tmpl.Class=Download +Tmpl.Url=http://www.applian.com/download-videos/ +Tmpl.Scan=i +OpenIpcPath=*\BaseNamedObjects*\{F22F2429-009C-4B5D-959F-519B59E25176} +OpenIpcPath=*\BaseNamedObjects*\{6560EAD3-F709-4B66-B90B-EA2D2C85AE3B} +OpenIpcPath=*\BaseNamedObjects*\{3EA1EB13-8045-44FC-AD59-B4F05478B40D} +OpenIpcPath=*\BaseNamedObjects*\{034DBD6D-6784-4CB3-97D8-749947D01F72} + +# +# Other +# + +[Template_ScreenReader] +Tmpl.Title=#4305,JAWS, NVDA, Window-Eyes, System Access +Tmpl.Class=Misc +# Tmpl.Scan=i +Tmpl.Hide=y +OpenIpcPath=\RPC Control\epmapper +OpenIpcPath=\RPC Control\OLE* +OpenIpcPath=\RPC Control\LRPC* +OpenIpcPath=*\BaseNamedObjects*\JAWS* +OpenIpcPath=*\BaseNamedObjects*\JFW* +OpenIpcPath=*\BaseNamedObjects*\GWM* +OpenIpcPath=*\BaseNamedObjects*\GWSync* +OpenIpcPath=*\BaseNamedObjects*\GWSync* +OpenIpcPath=*\BaseNamedObjects*\FS_CACHED_MSAA_DATA_MUTEX +OpenIpcPath=*\BaseNamedObjects*\FS_FSDOM_LOADER_MUTEX +OpenIpcPath=*\BaseNamedObjects*\SharedFSDomLoaderData* +OpenIpcPath=\RPC Control\nvdaHelperRemote_* +OpenIpcPath=*\BaseNamedObjects*\Serotek-* +OpenWinClass=* + +# [Template_PlugPlayService] +# Tmpl.Title=#3938 +# Tmpl.Class=Misc +# OpenIpcPath=\RPC Control\plugplay +# OpenIpcPath=\RPC Control\ntsvcs + +[Template_TaskbarJumpList] +Tmpl.Title=#4294 +Tmpl.Class=Misc +OpenPipePath=%Recent%\AutomaticDestinations\* +OpenPipePath=%Recent%\CustomDestinations\* + +[Template_ActivIdentity] +Tmpl.Title=ActivIdentity (CAC) +Tmpl.Url=https://www.hidglobal.com/identity-management +Tmpl.Class=Security +Tmpl.Scan=s +Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\ActivCard +OpenClsid={5E248397-8614-4EC5-8926-BD242DC9830A} +OpenClsid={30E5C61A-E359-498B-B833-1FB56CCDDCE2} +OpenClsid={884E2007-217D-11DA-B2A4-000E7BBB2B09} +OpenClsid={8BF9A910-A8FF-457F-999F-A5CA10B4A885} +OpenIpcPath=\RPC Control\LSMApi +OpenIpcPath=\RPC Control\samss lpc +OpenIpcPath=*\BaseNamedObjects*\Microsoft Smart Card Resource Manager* + +[Template_Yubikey] +Tmpl.Title=Yubikey Authentication +Tmpl.Class=Security +OpenIpcPath=\RPC Control\keysvc + + + + + +# +# Default settings +# + +[Template_AutoRecoverIgnore] +Tmpl.Title=#4291 +Tmpl.Class=Misc +AutoRecoverIgnore=.part +AutoRecoverIgnore=.jc! +AutoRecoverIgnore=.leechget +AutoRecoverIgnore=.dlm +AutoRecoverIgnore=.tmp +AutoRecoverIgnore=.download +AutoRecoverIgnore=.dtapart +AutoRecoverIgnore=.crdownload +AutoRecoverIgnore=.crx +AutoRecoverIgnore=.ob! +AutoRecoverIgnore=.partial +AutoRecoverIgnore=.!ut +AutoRecoverIgnore=.lnk +AutoRecoverIgnore=desktop.ini +AutoRecoverIgnore=.opdownload + +[Template_LingerPrograms] +Tmpl.Title=#4292 +Tmpl.Class=Misc +LingerProcess=mscorsvw.exe +LingerProcess=AcroRd32.exe +LingerProcess=Adobe_Updater.exe +LingerProcess=JUSched.exe +LingerProcess=SynCor.exe +LingerProcess=GoogleUpdate.exe +LingerProcess=GoogleToolbarNotifier.exe +LingerProcess=RunDll32.exe +LingerProcess=RealSched.exe +LingerProcess=wisptis.exe +LingerProcess=CS5ServiceManager.exe +LingerProcess=AcrobatInfo.exe +LingerProcess=IeLowUtil.exe +LingerProcess=DllHost.exe +LingerProcess=SplWow64.exe +LingerProcess=nacl.exe +LingerProcess=nacl64.exe +LingerProcess=pdf24.exe +LingerProcess=RuntimeBroker.exe +LingerProcess=ssh-agent.exe +# Vivaldi_Updater +LingerProcess=update_notifier.exe +# Chrome_Telemetry +LingerProcess=software_reporter_tool.exe +# Opera +LingerProcess=opera_crashreporter.exe +LingerProcess=opera_autoupdate.exe + +[Template_BlockPorts] +Tmpl.Title=#4293 +Tmpl.Class=Misc +#BlockPort=137,138,139,445 +NetworkAccess=Block;Port=137,138,139,445 + +[Template_qWave] +Tmpl.Title=#3459 +Tmpl.Class=Misc +OpenPipePath=\Device\QWAVEdrv + +[Template_SkipHook] +Tmpl.Title=#3460 +Tmpl.Class=Misc +SkipHook=DragonSaga.exe,ntqsi,enumwin,findwin +SkipHook=BatmanAC.exe,enumwin,findwin +SkipHook=PotPlayer64.exe,cocreate +SkipHook=PotPlayerMini64.exe,cocreate +SkipHook=mpc-hc64.exe,cocreate + +[Template_FileCopy] +Tmpl.Title=#4295 +Tmpl.Class=Misc +DontCopy=*.url +CopyEmpty=*\microsoft\windows\explorer\thumbcache_* +CopyEmpty=*\microsoft\windows\explorer\iconcache_* +# firefox +CopyAlways=*\places.sqlite +CopyAlways=*\xul.mfl +# windows installer etc +CopyAlways=*\qmgr0.dat +CopyAlways=*\qmgr1.dat +CopyAlways=*\infcache.1 +CopyAlways=*\cbs.log +# internet explorer 10 web cache +CopyAlways=*\webcachev*.dat +# Media Players +DontCopy=*.aac +DontCopy=*.ac3 +DontCopy=*.aiff +DontCopy=*.ape +DontCopy=*.asf +DontCopy=*.avi +DontCopy=*.f4v +DontCopy=*.flac +DontCopy=*.flv +DontCopy=*.m4a +DontCopy=*.m4v +DontCopy=*.mid +DontCopy=*.mka +DontCopy=*.mkv +DontCopy=*.mov +DontCopy=*.mp3 +DontCopy=*.mp4 +DontCopy=*.mpeg +DontCopy=*.mpg +DontCopy=*.oga +DontCopy=*.ogg +DontCopy=*.ogv +DontCopy=*.opus +DontCopy=*.ra +DontCopy=*.rm +DontCopy=*.rmvb +DontCopy=*.ts +DontCopy=*.vob +DontCopy=*.wav +DontCopy=*.webm +DontCopy=*.wma +DontCopy=*.wmv + +[Template_RpcPortBindings] +Tmpl.Title=#4296 +Tmpl.Class=Misc +#Tmpl.Scan=s +#Tmpl.ScanService=RpcSs +#Tmpl.ScanService=RpcEptMapper +#Tmpl.ScanService=DcomLaunch + +# hardcoded options: +#RpcPortBinding=*,{906B0CE0-C70B-1067-B317-00DD010662DA},IpcPort="samss lpc" +#RpcPortBinding=winspool.drv,'ncalrpc:[,Security=Impersonation Dynamic False]',Resolve=PrintSpooler +#RpcPortBindingSvc=Spooler,PrintSpooler + + +# AppInfo +RpcPortBinding=kernel32.dll,'0497b57d-2e66-424f-a0c6-157cd5d41700@ncalrpc:',Resolve=AppInfo,TimeOut=y +RpcPortBindingIfId=AppInfo,{0497b57d-2e66-424f-a0c6-157cd5d41700} +#RpcPortBindingSvc=AppInfo,appinfo + +# RpcMgmtSetComTimeout presets +UseRpcMgmtSetComTimeout=AppXDeploymentClient.dll,y +UseRpcMgmtSetComTimeout=WINNSI.DLL,n + +# windows proxy auto discovery +#Tmpl.ScanService=WinHttpAutoProxySvc +RpcPortBinding=WinHttp.dll,'ncalrpc:',Resolve=WPAD,TimeOut=y +RpcPortBindingSvc=WPAD,WinHttpAutoProxySvc + +# windows 10 game port +#Tmpl.ScanService=??? +RpcPortBinding=resourcepolicyclient.dll,{00000000-0000-0000-0000-000000000000},Resolve=GamePort +RpcPortBindingIfId=GamePort,{88ABCBC3-34EA-76AE-8215-767520655A23} + +# +# Optional RPC Port Config +# + +[Template_RpcPortBindingsExt] +Tmpl.Title=#4300 +Tmpl.Class=Misc + +# NSI +RpcPortBinding=WINNSI.DLL,'ncalrpc:[,Security=Impersonation Dynamic True]',Resolve=NSI,TimeOut=n +RpcPortBindingIfId=NSI,{7ea70bcf-48af-4f6a-8968-6a440754d5fa} +#RpcPortBindingSvc=NSI,nsi + + +[Template_OpenBluetooth] +Tmpl.Title=#4297 +Tmpl.Class=Misc +#bluetooth +RpcPortBinding=BluetoothApis.dll,'ncalrpc:',Resolve=Bluetooth,TimeOut=y +RpcPortBindingIfId=Bluetooth,{2ACB9D68-B434-4B3E-B966-E06B4B3A84CB} +#RpcPortBindingSvc=Bluetooth,bthserv + +[Template_OpenSmartCard] +Tmpl.Title=#4298 +Tmpl.Class=Misc +#smartcard +RpcPortBinding=WinSCard.dll,{00000000-0000-0000-0000-000000000000},Resolve=SmartCard +RpcPortBindingIfId=SmartCard,{C6B5235A-E413-481D-9AC8-31681B1FAAF5} + +[Template_SSDP] +Tmpl.Title=#4299 +Tmpl.Class=Misc +#upnp +#Tmpl.ScanService=ssdpsrv +RpcPortBinding=SSDPAPI.dll,'ncalrpc:',Resolve=SSDP +RpcPortBindingIfId=SSDP,{4B112204-0E19-11D3-B42B-0000F81FEB9F} +#RpcPortBindingSvc=SSDP,ssdpsrv + + + + +# +# Known Conflicts +# + +[Template_KnownConflicts] +Tmpl.Entry=Folder Lock | Folder Lock +Tmpl.Entry=StrokeIt | StrokeIt +#Tmpl.Entry=AquaSnap 1.16.2 | {CF0C7CA1-9BDC-4660-9CF5-E44446D49725} +#Tmpl.Entry=avast! Antivirus | avast +#Tmpl.Entry=AVG Antivirus | AVG +#Tmpl.Entry=BitDefender Antivirus | BitDefender +#Tmpl.Entry=Blue Ridge Networks AppGuard 3.0.13.1 | {2C9B1E69-DD05-40F5-8378-056A117028F9} +#Tmpl.Entry=Comodo Antivirus | {4E9C1938-BDC8-4897-8368-9574F9AF83E3} +#Tmpl.Entry=Comodo GeekBuddy 4.19.131 | {266FA04F-F0FA-4F7A-AA1E-387A57F579F2} +#Tmpl.Entry=Dr. Web 9 | {937CFD3F-8BFB-4208-81CB-F5004CD7B000} +#Tmpl.Entry=Dr. Web Katana | {7599F709-61D5-44F1-996C-4DFEB1B855E0} +#Tmpl.Entry=iTunes | {FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E} +#Tmpl.Entry=Kaspersky Total Security 16 | {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} +#Tmpl.Entry=Norton Security | NS +#Tmpl.Entry=Nuance Power PDF Advanced 1.0 | {BD71D245-1A8B-4FB3-83E4-74F77FB39267} +#Tmpl.Entry=Office 2016 Click-to-Run | {90160000-007E-0000-0000-0000000FF1CE} +#Tmpl.Entry=PC Tools Firewall Plus | PC Tools Firewall Plus + + + +# +# Deprecated templates +# + +[Template_Firefox_Addon_FoxNotes] + +[Template_Firefox_Addon_SpeedDial] + +[Template_Firefox_Addon_ScrapBook] + +[Template_Neon_Force] + +[Template_Neon_Bookmarks_DirectAccess] + +[Template_Neon_History_DirectAccess] + +[Template_Neon_Cookies_DirectAccess] + +[Template_Neon_Passwords_DirectAccess] + +[Template_Neon_Preferences_DirectAccess] + +[Template_Neon_Profile_DirectAccess] + +[Template_Neon_WallpaperAccess] + +[Template_Maxthon2_Force] + +[Template_Maxthon2_Favorites_DirectAccess] + +[Template_Maxthon2_SharedAccount_DirectAccess] + +[Template_Outlook_Express] + +[Template_DefenseWall] + +[Template_StickyPassword] + +[Template_ActiveSync] + +[Template_Windows2000Internat] + +[Template_FreeDownloadManager] + +[Template_WindowsFontCache] + +[Template_Windows10CoreUI] + +[Template_FireFix_for_Win7] + diff --git a/SandboxiePlus/MiscHelpers/Common/Finder.cpp b/SandboxiePlus/MiscHelpers/Common/Finder.cpp index 28753b6e..ab96a516 100644 --- a/SandboxiePlus/MiscHelpers/Common/Finder.cpp +++ b/SandboxiePlus/MiscHelpers/Common/Finder.cpp @@ -1,164 +1,164 @@ -#include "stdafx.h" -#include "Finder.h" - -bool CFinder::m_DarkMode = false; - -QWidget* CFinder::AddFinder(QWidget* pList, QObject* pFilterTarget, bool HighLightOption, CFinder** ppFinder) -{ - QWidget* pWidget = new QWidget(); - QVBoxLayout* pLayout = new QVBoxLayout(); - pLayout->setMargin(0); - pWidget->setLayout(pLayout); - - pLayout->addWidget(pList); - CFinder* pFinder = new CFinder(pFilterTarget, pWidget, HighLightOption); - pLayout->addWidget(pFinder); - - if (ppFinder) - *ppFinder = pFinder; - return pWidget; -} - -CFinder::CFinder(QObject* pFilterTarget, QWidget *parent, bool HighLightOption) -:QWidget(parent) -{ - m_pSearchLayout = new QHBoxLayout(); - m_pSearchLayout->setMargin(0); - m_pSearchLayout->setSpacing(3); - m_pSearchLayout->setAlignment(Qt::AlignLeft); - - m_pSearch = new QLineEdit(); - m_pSearch->setMinimumWidth(150); - m_pSearch->setMaximumWidth(350); - m_pSearchLayout->addWidget(m_pSearch); - QObject::connect(m_pSearch, SIGNAL(textChanged(QString)), this, SLOT(OnText())); - QObject::connect(m_pSearch, SIGNAL(returnPressed()), this, SLOT(OnReturn())); - - m_pCaseSensitive = new QCheckBox(tr("Case Sensitive")); - m_pSearchLayout->addWidget(m_pCaseSensitive); - connect(m_pCaseSensitive, SIGNAL(stateChanged(int)), this, SLOT(OnUpdate())); - - m_pRegExp = new QCheckBox(tr("RegExp")); - m_pSearchLayout->addWidget(m_pRegExp); - connect(m_pRegExp, SIGNAL(stateChanged(int)), this, SLOT(OnUpdate())); - - m_pColumn = new QComboBox(); - m_pSearchLayout->addWidget(m_pColumn); - connect(m_pColumn, SIGNAL(currentIndexChanged(int)), this, SLOT(OnUpdate())); - m_pColumn->setVisible(false); - - if (HighLightOption) - { - m_pHighLight = new QCheckBox(tr("Highlight")); - //m_pHighLight->setChecked(true); - m_pSearchLayout->addWidget(m_pHighLight); - connect(m_pHighLight, SIGNAL(stateChanged(int)), this, SLOT(OnUpdate())); - } - else - m_pHighLight = NULL; - - QToolButton* pClose = new QToolButton(this); - pClose->setIcon(QIcon(":/close.png")); - pClose->setAutoRaise(true); - pClose->setText(tr("Close")); - m_pSearchLayout->addWidget(pClose); - QObject::connect(pClose, SIGNAL(clicked()), this, SLOT(Close())); - - QWidget* pSpacer = new QWidget(); - pSpacer->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); - m_pSearchLayout->addWidget(pSpacer); - - setLayout(m_pSearchLayout); - - setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Fixed); - - //setMaximumHeight(30); - - hide(); - - if (parent) - { - QAction* pFind = new QAction(tr("&Find ..."), parent); - pFind->setShortcut(QKeySequence::Find); - pFind->setShortcutContext(Qt::WidgetWithChildrenShortcut); - parent->addAction(pFind); - QObject::connect(pFind, SIGNAL(triggered()), this, SLOT(Open())); - } - - m_pSortProxy = qobject_cast(pFilterTarget); - if (pFilterTarget) { - QObject::connect(this, SIGNAL(SetFilter(const QRegExp&, bool, int)), pFilterTarget, SLOT(SetFilter(const QRegExp&, bool, int))); - QObject::connect(this, SIGNAL(SelectNext()), pFilterTarget, SLOT(SelectNext())); - } - - m_pTimer = new QTimer(this); - m_pTimer->setSingleShot(true); - m_pTimer->setInterval(500); - connect(m_pTimer, SIGNAL(timeout()), SLOT(OnUpdate())); - - this->installEventFilter(this); -} - -CFinder::~CFinder() -{ -} - -bool CFinder::eventFilter(QObject* source, QEvent* event) -{ - if (event->type() == QEvent::KeyPress && ((QKeyEvent*)event)->key() == Qt::Key_Escape - && ((QKeyEvent*)event)->modifiers() == Qt::NoModifier) - { - Close(); - return true; // cancel event - } - - return QWidget::eventFilter(source, event); -} - -void CFinder::Open() -{ - if (m_pSortProxy && m_pColumn->count() == 0) - { - m_pColumn->addItem(tr("All columns"), -1); - for (int i = 0; i < m_pSortProxy->columnCount(); i++) - m_pColumn->addItem(m_pSortProxy->headerData(i, Qt::Horizontal, Qt::DisplayRole).toString(), i); - m_pColumn->setVisible(true); - } - - show(); - m_pSearch->setFocus(Qt::OtherFocusReason); - m_pSearch->selectAll(); - OnUpdate(); -} - -QRegExp CFinder::GetRegExp() const -{ - if (!isVisible()) - return QRegExp(); - return QRegExp(m_pSearch->text(), m_pCaseSensitive->isChecked() ? Qt::CaseSensitive : Qt::CaseInsensitive, m_pRegExp->isChecked() ? QRegExp::RegExp : QRegExp::FixedString); -} - -void CFinder::OnUpdate() -{ - m_pTimer->stop(); - emit SetFilter(GetRegExp(), GetHighLight(), GetColumn()); -} - -void CFinder::OnText() -{ - m_pTimer->stop(); - m_pTimer->start(); -} - -void CFinder::OnReturn() -{ - OnUpdate(); - if (m_pHighLight->isChecked()) - emit SelectNext(); -} - -void CFinder::Close() -{ - emit SetFilter(QRegExp()); - hide(); +#include "stdafx.h" +#include "Finder.h" + +bool CFinder::m_DarkMode = false; + +QWidget* CFinder::AddFinder(QWidget* pList, QObject* pFilterTarget, bool HighLightOption, CFinder** ppFinder) +{ + QWidget* pWidget = new QWidget(); + QVBoxLayout* pLayout = new QVBoxLayout(); + pLayout->setMargin(0); + pWidget->setLayout(pLayout); + + pLayout->addWidget(pList); + CFinder* pFinder = new CFinder(pFilterTarget, pWidget, HighLightOption); + pLayout->addWidget(pFinder); + + if (ppFinder) + *ppFinder = pFinder; + return pWidget; +} + +CFinder::CFinder(QObject* pFilterTarget, QWidget *parent, bool HighLightOption) +:QWidget(parent) +{ + m_pSearchLayout = new QHBoxLayout(); + m_pSearchLayout->setMargin(0); + m_pSearchLayout->setSpacing(3); + m_pSearchLayout->setAlignment(Qt::AlignLeft); + + m_pSearch = new QLineEdit(); + m_pSearch->setMinimumWidth(150); + m_pSearch->setMaximumWidth(350); + m_pSearchLayout->addWidget(m_pSearch); + QObject::connect(m_pSearch, SIGNAL(textChanged(QString)), this, SLOT(OnText())); + QObject::connect(m_pSearch, SIGNAL(returnPressed()), this, SLOT(OnReturn())); + + m_pCaseSensitive = new QCheckBox(tr("Case Sensitive")); + m_pSearchLayout->addWidget(m_pCaseSensitive); + connect(m_pCaseSensitive, SIGNAL(stateChanged(int)), this, SLOT(OnUpdate())); + + m_pRegExp = new QCheckBox(tr("RegExp")); + m_pSearchLayout->addWidget(m_pRegExp); + connect(m_pRegExp, SIGNAL(stateChanged(int)), this, SLOT(OnUpdate())); + + m_pColumn = new QComboBox(); + m_pSearchLayout->addWidget(m_pColumn); + connect(m_pColumn, SIGNAL(currentIndexChanged(int)), this, SLOT(OnUpdate())); + m_pColumn->setVisible(false); + + if (HighLightOption) + { + m_pHighLight = new QCheckBox(tr("Highlight")); + //m_pHighLight->setChecked(true); + m_pSearchLayout->addWidget(m_pHighLight); + connect(m_pHighLight, SIGNAL(stateChanged(int)), this, SLOT(OnUpdate())); + } + else + m_pHighLight = NULL; + + QToolButton* pClose = new QToolButton(this); + pClose->setIcon(QIcon(":/close.png")); + pClose->setAutoRaise(true); + pClose->setText(tr("Close")); + m_pSearchLayout->addWidget(pClose); + QObject::connect(pClose, SIGNAL(clicked()), this, SLOT(Close())); + + QWidget* pSpacer = new QWidget(); + pSpacer->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); + m_pSearchLayout->addWidget(pSpacer); + + setLayout(m_pSearchLayout); + + setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Fixed); + + //setMaximumHeight(30); + + hide(); + + if (parent) + { + QAction* pFind = new QAction(tr("&Find ..."), parent); + pFind->setShortcut(QKeySequence::Find); + pFind->setShortcutContext(Qt::WidgetWithChildrenShortcut); + parent->addAction(pFind); + QObject::connect(pFind, SIGNAL(triggered()), this, SLOT(Open())); + } + + m_pSortProxy = qobject_cast(pFilterTarget); + if (pFilterTarget) { + QObject::connect(this, SIGNAL(SetFilter(const QRegExp&, bool, int)), pFilterTarget, SLOT(SetFilter(const QRegExp&, bool, int))); + QObject::connect(this, SIGNAL(SelectNext()), pFilterTarget, SLOT(SelectNext())); + } + + m_pTimer = new QTimer(this); + m_pTimer->setSingleShot(true); + m_pTimer->setInterval(500); + connect(m_pTimer, SIGNAL(timeout()), SLOT(OnUpdate())); + + this->installEventFilter(this); +} + +CFinder::~CFinder() +{ +} + +bool CFinder::eventFilter(QObject* source, QEvent* event) +{ + if (event->type() == QEvent::KeyPress && ((QKeyEvent*)event)->key() == Qt::Key_Escape + && ((QKeyEvent*)event)->modifiers() == Qt::NoModifier) + { + Close(); + return true; // cancel event + } + + return QWidget::eventFilter(source, event); +} + +void CFinder::Open() +{ + if (m_pSortProxy && m_pColumn->count() == 0) + { + m_pColumn->addItem(tr("All columns"), -1); + for (int i = 0; i < m_pSortProxy->columnCount(); i++) + m_pColumn->addItem(m_pSortProxy->headerData(i, Qt::Horizontal, Qt::DisplayRole).toString(), i); + m_pColumn->setVisible(true); + } + + show(); + m_pSearch->setFocus(Qt::OtherFocusReason); + m_pSearch->selectAll(); + OnUpdate(); +} + +QRegExp CFinder::GetRegExp() const +{ + if (!isVisible()) + return QRegExp(); + return QRegExp(m_pSearch->text(), m_pCaseSensitive->isChecked() ? Qt::CaseSensitive : Qt::CaseInsensitive, m_pRegExp->isChecked() ? QRegExp::RegExp : QRegExp::FixedString); +} + +void CFinder::OnUpdate() +{ + m_pTimer->stop(); + emit SetFilter(GetRegExp(), GetHighLight(), GetColumn()); +} + +void CFinder::OnText() +{ + m_pTimer->stop(); + m_pTimer->start(); +} + +void CFinder::OnReturn() +{ + OnUpdate(); + if (m_pHighLight->isChecked()) + emit SelectNext(); +} + +void CFinder::Close() +{ + emit SetFilter(QRegExp()); + hide(); } \ No newline at end of file diff --git a/SandboxiePlus/MiscHelpers/Common/Finder.h b/SandboxiePlus/MiscHelpers/Common/Finder.h index b87016da..696dd9d6 100644 --- a/SandboxiePlus/MiscHelpers/Common/Finder.h +++ b/SandboxiePlus/MiscHelpers/Common/Finder.h @@ -1,53 +1,53 @@ -#pragma once - +#pragma once + #include "../mischelpers_global.h" -class MISCHELPERS_EXPORT CFinder: public QWidget -{ - Q_OBJECT - -public: - CFinder(QObject* pFilterTarget, QWidget *parent = NULL, bool HighLightOption = true); - ~CFinder(); - - static void SetDarkMode(bool bDarkMode) { m_DarkMode = bDarkMode; } - static bool GetDarkMode() { return m_DarkMode; } - - static QWidget* AddFinder(QWidget* pList, QObject* pFilterTarget, bool HighLightOption = true, CFinder** ppFinder = NULL); - - QRegExp GetRegExp() const; - bool GetHighLight() const { return m_pHighLight ? m_pHighLight->isChecked() : false; } - int GetColumn() const { return m_pColumn->currentData().toInt(); } - -signals: - void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Column = -1); - void SelectNext(); - -public slots: - void Open(); - void Close(); - -private slots: - void OnUpdate(); - void OnText(); - void OnReturn(); - -protected: - bool eventFilter(QObject* source, QEvent* event); - -private: - - QHBoxLayout* m_pSearchLayout; - - QLineEdit* m_pSearch; - QCheckBox* m_pCaseSensitive; - QCheckBox* m_pRegExp; - QComboBox* m_pColumn; - QCheckBox* m_pHighLight; - - QSortFilterProxyModel* m_pSortProxy; - - QTimer* m_pTimer; - - static bool m_DarkMode; +class MISCHELPERS_EXPORT CFinder: public QWidget +{ + Q_OBJECT + +public: + CFinder(QObject* pFilterTarget, QWidget *parent = NULL, bool HighLightOption = true); + ~CFinder(); + + static void SetDarkMode(bool bDarkMode) { m_DarkMode = bDarkMode; } + static bool GetDarkMode() { return m_DarkMode; } + + static QWidget* AddFinder(QWidget* pList, QObject* pFilterTarget, bool HighLightOption = true, CFinder** ppFinder = NULL); + + QRegExp GetRegExp() const; + bool GetHighLight() const { return m_pHighLight ? m_pHighLight->isChecked() : false; } + int GetColumn() const { return m_pColumn->currentData().toInt(); } + +signals: + void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Column = -1); + void SelectNext(); + +public slots: + void Open(); + void Close(); + +private slots: + void OnUpdate(); + void OnText(); + void OnReturn(); + +protected: + bool eventFilter(QObject* source, QEvent* event); + +private: + + QHBoxLayout* m_pSearchLayout; + + QLineEdit* m_pSearch; + QCheckBox* m_pCaseSensitive; + QCheckBox* m_pRegExp; + QComboBox* m_pColumn; + QCheckBox* m_pHighLight; + + QSortFilterProxyModel* m_pSortProxy; + + QTimer* m_pTimer; + + static bool m_DarkMode; }; \ No newline at end of file diff --git a/SandboxiePlus/MiscHelpers/Common/PanelView.cpp b/SandboxiePlus/MiscHelpers/Common/PanelView.cpp index 8b458965..18989b56 100644 --- a/SandboxiePlus/MiscHelpers/Common/PanelView.cpp +++ b/SandboxiePlus/MiscHelpers/Common/PanelView.cpp @@ -1,226 +1,226 @@ -#include "stdafx.h" -#include "PanelView.h" - -bool CPanelView::m_SimpleFormat = false; -bool CPanelView::m_DarkMode = false; -int CPanelView::m_MaxCellWidth = 0; -QString CPanelView::m_CellSeparator = "\t"; - -QString CPanelView::m_CopyCell = "Copy Cell"; -QString CPanelView::m_CopyRow = "Copy Row"; -QString CPanelView::m_CopyPanel = "Copy Panel"; - -CPanelView::CPanelView(QWidget *parent) - :QWidget(parent) -{ - //m_CopyAll = false; - - m_pMenu = new QMenu(); -} - -CPanelView::~CPanelView() -{ -} - -void CPanelView::AddPanelItemsToMenu(bool bAddSeparator) -{ - if(bAddSeparator) - m_pMenu->addSeparator(); - m_pCopyCell = m_pMenu->addAction(m_CopyCell, this, SLOT(OnCopyCell())); - m_pCopyRow = m_pMenu->addAction(m_CopyRow, this, SLOT(OnCopyRow())); - m_pCopyRow->setShortcut(QKeySequence::Copy); - m_pCopyRow->setShortcutContext(Qt::WidgetWithChildrenShortcut); - this->addAction(m_pCopyRow); - m_pCopyPanel = m_pMenu->addAction(m_CopyPanel, this, SLOT(OnCopyPanel())); -} - -void CPanelView::OnMenu(const QPoint& Point) -{ - QModelIndex Index = GetView()->currentIndex(); - - m_pCopyCell->setEnabled(Index.isValid()); - m_pCopyRow->setEnabled(Index.isValid()); - m_pCopyPanel->setEnabled(true); - - m_pMenu->popup(QCursor::pos()); -} - -void CPanelView::OnCopyCell() -{ - QAbstractItemModel* pModel = GetModel(); - QTreeView * pView = GetView(); - - QModelIndex Index = pView->currentIndex(); - QModelIndex ModelIndex = MapToSource(Index); - int Column = ModelIndex.column(); - - QList Rows; - foreach(const QModelIndex& Index, pView->selectionModel()->selectedIndexes()) - { - if (Index.column() != Column) - continue; - QModelIndex CurIndex = pModel->index(Index.row(), Column, Index.parent()); - QString Cell = pModel->data(CurIndex, Qt::DisplayRole).toString(); - Rows.append(QStringList() << Cell); - } - FormatAndCopy(Rows, false); -} - -void CPanelView::OnCopyRow() -{ - QAbstractItemModel* pModel = GetModel(); - QTreeView * pView = GetView(); - - int Column = 0; // find first not hidden column - for (int i = 0; i < pModel->columnCount(); i++) - { - if (!pView->isColumnHidden(i) || m_ForcedColumns.contains(i)) - { - Column = i; - break; - } - } - - QList Rows; - foreach(const QModelIndex& Index, pView->selectionModel()->selectedIndexes()) - { - if (Index.column() != Column) - continue; - - QModelIndex ModelIndex = MapToSource(Index); - Rows.append(CopyRow(ModelIndex)); - } - FormatAndCopy(Rows); -} - -QStringList CPanelView::CopyHeader() -{ - QAbstractItemModel* pModel = GetModel(); - QTreeView * pView = GetView(); - - QStringList Headder; - for (int i = 0; i < pModel->columnCount(); i++) - { - if (/*!m_CopyAll &&*/ pView->isColumnHidden(i) && !m_ForcedColumns.contains(i)) - continue; - QString Cell = pModel->headerData(i, Qt::Horizontal, Qt::DisplayRole).toString(); - if (!m_SimpleFormat) - Cell = "|" + Cell + "|"; - Headder.append(Cell); - } - return Headder; -} - -QStringList CPanelView::CopyRow(const QModelIndex& ModelIndex, int Level) -{ - QAbstractItemModel* pModel = GetModel(); - QTreeView * pView = GetView(); - - QStringList Cells; - for (int i = 0; i < pModel->columnCount(); i++) - { - if (/*!m_CopyAll &&*/ pView->isColumnHidden(i) && !m_ForcedColumns.contains(i)) - continue; - QModelIndex CellIndex = pModel->index(ModelIndex.row(), i, ModelIndex.parent()); - QString Cell = pModel->data(CellIndex, Qt::DisplayRole).toString(); - if (Level && i == 0) - Cell.prepend(QString(Level, '_') + " "); - Cells.append(Cell); - } - return Cells; -} - -void CPanelView::RecursiveCopyPanel(const QModelIndex& ModelIndex, QList& Rows, int Level) -{ - QAbstractItemModel* pModel = GetModel(); - - Rows.append(CopyRow(ModelIndex, Level)); - - for (int i = 0; i < pModel->rowCount(ModelIndex); i++) - { - QModelIndex SubIndex = pModel->index(i, 0, ModelIndex); - RecursiveCopyPanel(SubIndex, Rows, Level + 1); - } -} - -void CPanelView::OnCopyPanel() -{ - QAbstractItemModel* pModel = GetModel(); - - QList Rows; - for (int i = 0; i < pModel->rowCount(); ++i) - { - QModelIndex ModelIndex = pModel->index(i, 0); - RecursiveCopyPanel(ModelIndex, Rows); - } - FormatAndCopy(Rows); -} - -void CPanelView::FormatAndCopy(QList Rows, bool Headder) -{ - int RowCount = Rows.length(); - - if (Headder) - { - Rows.prepend(QStringList()); - Rows.prepend(CopyHeader()); - Rows.prepend(QStringList()); - } - - QStringList TextRows; - if (m_SimpleFormat || !Headder) - { - foreach(const QStringList& Row, Rows) - TextRows.append(Row.join(m_CellSeparator)); - } - else if(Rows.size() > (Headder ? 3 : 0)) - { - int Columns = Rows[Headder ? 3 : 0].count(); - QVector ColumnWidths(Columns, 0); - - foreach(const QStringList& Row, Rows) - { - for (int i = 0; i < Min(Row.count(), Columns); i++) - { - int CellWidth = Row[i].length(); - if (ColumnWidths[i] < CellWidth) - ColumnWidths[i] = CellWidth; - } - } - - foreach(const QStringList& Row, Rows) - { - if (m_MaxCellWidth != 0 && RowCount > 1) - { - for (int Pos = 0;;Pos += m_MaxCellWidth) - { - bool More = false; - - QString RowText; - for (int i = 0; i < Min(Row.count(), Columns); i++) - { - if (Row[i].length() > Pos) - RowText.append(Row[i].mid(Pos, m_MaxCellWidth).leftJustified(Min(m_MaxCellWidth, ColumnWidths[i]) + 3)); - else - RowText.append(QString(Min(m_MaxCellWidth, ColumnWidths[i]) + 3, ' ')); - - if (Row[i].length() > Pos + m_MaxCellWidth) - More = true; - } - TextRows.append(RowText); - - if (!More) - break; - } - } - else - { - QString RowText; - for (int i = 0; i < Min(Row.count(), Columns); i++) - RowText.append(Row[i].leftJustified(ColumnWidths[i] + 3)); - TextRows.append(RowText); - } - } - } - QApplication::clipboard()->setText(TextRows.join("\n")); +#include "stdafx.h" +#include "PanelView.h" + +bool CPanelView::m_SimpleFormat = false; +bool CPanelView::m_DarkMode = false; +int CPanelView::m_MaxCellWidth = 0; +QString CPanelView::m_CellSeparator = "\t"; + +QString CPanelView::m_CopyCell = "Copy Cell"; +QString CPanelView::m_CopyRow = "Copy Row"; +QString CPanelView::m_CopyPanel = "Copy Panel"; + +CPanelView::CPanelView(QWidget *parent) + :QWidget(parent) +{ + //m_CopyAll = false; + + m_pMenu = new QMenu(); +} + +CPanelView::~CPanelView() +{ +} + +void CPanelView::AddPanelItemsToMenu(bool bAddSeparator) +{ + if(bAddSeparator) + m_pMenu->addSeparator(); + m_pCopyCell = m_pMenu->addAction(m_CopyCell, this, SLOT(OnCopyCell())); + m_pCopyRow = m_pMenu->addAction(m_CopyRow, this, SLOT(OnCopyRow())); + m_pCopyRow->setShortcut(QKeySequence::Copy); + m_pCopyRow->setShortcutContext(Qt::WidgetWithChildrenShortcut); + this->addAction(m_pCopyRow); + m_pCopyPanel = m_pMenu->addAction(m_CopyPanel, this, SLOT(OnCopyPanel())); +} + +void CPanelView::OnMenu(const QPoint& Point) +{ + QModelIndex Index = GetView()->currentIndex(); + + m_pCopyCell->setEnabled(Index.isValid()); + m_pCopyRow->setEnabled(Index.isValid()); + m_pCopyPanel->setEnabled(true); + + m_pMenu->popup(QCursor::pos()); +} + +void CPanelView::OnCopyCell() +{ + QAbstractItemModel* pModel = GetModel(); + QTreeView * pView = GetView(); + + QModelIndex Index = pView->currentIndex(); + QModelIndex ModelIndex = MapToSource(Index); + int Column = ModelIndex.column(); + + QList Rows; + foreach(const QModelIndex& Index, pView->selectionModel()->selectedIndexes()) + { + if (Index.column() != Column) + continue; + QModelIndex CurIndex = pModel->index(Index.row(), Column, Index.parent()); + QString Cell = pModel->data(CurIndex, Qt::DisplayRole).toString(); + Rows.append(QStringList() << Cell); + } + FormatAndCopy(Rows, false); +} + +void CPanelView::OnCopyRow() +{ + QAbstractItemModel* pModel = GetModel(); + QTreeView * pView = GetView(); + + int Column = 0; // find first not hidden column + for (int i = 0; i < pModel->columnCount(); i++) + { + if (!pView->isColumnHidden(i) || m_ForcedColumns.contains(i)) + { + Column = i; + break; + } + } + + QList Rows; + foreach(const QModelIndex& Index, pView->selectionModel()->selectedIndexes()) + { + if (Index.column() != Column) + continue; + + QModelIndex ModelIndex = MapToSource(Index); + Rows.append(CopyRow(ModelIndex)); + } + FormatAndCopy(Rows); +} + +QStringList CPanelView::CopyHeader() +{ + QAbstractItemModel* pModel = GetModel(); + QTreeView * pView = GetView(); + + QStringList Headder; + for (int i = 0; i < pModel->columnCount(); i++) + { + if (/*!m_CopyAll &&*/ pView->isColumnHidden(i) && !m_ForcedColumns.contains(i)) + continue; + QString Cell = pModel->headerData(i, Qt::Horizontal, Qt::DisplayRole).toString(); + if (!m_SimpleFormat) + Cell = "|" + Cell + "|"; + Headder.append(Cell); + } + return Headder; +} + +QStringList CPanelView::CopyRow(const QModelIndex& ModelIndex, int Level) +{ + QAbstractItemModel* pModel = GetModel(); + QTreeView * pView = GetView(); + + QStringList Cells; + for (int i = 0; i < pModel->columnCount(); i++) + { + if (/*!m_CopyAll &&*/ pView->isColumnHidden(i) && !m_ForcedColumns.contains(i)) + continue; + QModelIndex CellIndex = pModel->index(ModelIndex.row(), i, ModelIndex.parent()); + QString Cell = pModel->data(CellIndex, Qt::DisplayRole).toString(); + if (Level && i == 0) + Cell.prepend(QString(Level, '_') + " "); + Cells.append(Cell); + } + return Cells; +} + +void CPanelView::RecursiveCopyPanel(const QModelIndex& ModelIndex, QList& Rows, int Level) +{ + QAbstractItemModel* pModel = GetModel(); + + Rows.append(CopyRow(ModelIndex, Level)); + + for (int i = 0; i < pModel->rowCount(ModelIndex); i++) + { + QModelIndex SubIndex = pModel->index(i, 0, ModelIndex); + RecursiveCopyPanel(SubIndex, Rows, Level + 1); + } +} + +void CPanelView::OnCopyPanel() +{ + QAbstractItemModel* pModel = GetModel(); + + QList Rows; + for (int i = 0; i < pModel->rowCount(); ++i) + { + QModelIndex ModelIndex = pModel->index(i, 0); + RecursiveCopyPanel(ModelIndex, Rows); + } + FormatAndCopy(Rows); +} + +void CPanelView::FormatAndCopy(QList Rows, bool Headder) +{ + int RowCount = Rows.length(); + + if (Headder) + { + Rows.prepend(QStringList()); + Rows.prepend(CopyHeader()); + Rows.prepend(QStringList()); + } + + QStringList TextRows; + if (m_SimpleFormat || !Headder) + { + foreach(const QStringList& Row, Rows) + TextRows.append(Row.join(m_CellSeparator)); + } + else if(Rows.size() > (Headder ? 3 : 0)) + { + int Columns = Rows[Headder ? 3 : 0].count(); + QVector ColumnWidths(Columns, 0); + + foreach(const QStringList& Row, Rows) + { + for (int i = 0; i < Min(Row.count(), Columns); i++) + { + int CellWidth = Row[i].length(); + if (ColumnWidths[i] < CellWidth) + ColumnWidths[i] = CellWidth; + } + } + + foreach(const QStringList& Row, Rows) + { + if (m_MaxCellWidth != 0 && RowCount > 1) + { + for (int Pos = 0;;Pos += m_MaxCellWidth) + { + bool More = false; + + QString RowText; + for (int i = 0; i < Min(Row.count(), Columns); i++) + { + if (Row[i].length() > Pos) + RowText.append(Row[i].mid(Pos, m_MaxCellWidth).leftJustified(Min(m_MaxCellWidth, ColumnWidths[i]) + 3)); + else + RowText.append(QString(Min(m_MaxCellWidth, ColumnWidths[i]) + 3, ' ')); + + if (Row[i].length() > Pos + m_MaxCellWidth) + More = true; + } + TextRows.append(RowText); + + if (!More) + break; + } + } + else + { + QString RowText; + for (int i = 0; i < Min(Row.count(), Columns); i++) + RowText.append(Row[i].leftJustified(ColumnWidths[i] + 3)); + TextRows.append(RowText); + } + } + } + QApplication::clipboard()->setText(TextRows.join("\n")); } \ No newline at end of file diff --git a/SandboxiePlus/MiscHelpers/Common/PanelView.h b/SandboxiePlus/MiscHelpers/Common/PanelView.h index 3cf3a875..bbbe3cfc 100644 --- a/SandboxiePlus/MiscHelpers/Common/PanelView.h +++ b/SandboxiePlus/MiscHelpers/Common/PanelView.h @@ -1,185 +1,185 @@ -#pragma once - +#pragma once + #include "../mischelpers_global.h" -class MISCHELPERS_EXPORT CPanelView : public QWidget -{ - Q_OBJECT -public: - CPanelView(QWidget *parent = 0); - virtual ~CPanelView(); - - static void SetSimpleFormat(bool bSimple) { m_SimpleFormat = bSimple; } - static void SetDarkMode(bool bDarkMode) { m_DarkMode = bDarkMode; } - static void SetMaxCellWidth(int iMaxWidth) { m_MaxCellWidth = iMaxWidth; } - static void SetCellSeparator(const QString& Sep) { m_CellSeparator = Sep; } - - static QString m_CopyCell; - static QString m_CopyRow; - static QString m_CopyPanel; - -protected slots: - virtual void OnMenu(const QPoint& Point); - - virtual void OnCopyCell(); - virtual void OnCopyRow(); - virtual void OnCopyPanel(); - - - virtual QTreeView* GetView() = 0; - virtual QAbstractItemModel* GetModel() = 0; - virtual QModelIndex MapToSource(const QModelIndex& Model) { return Model; } - static QModelIndexList MapToSource(QModelIndexList Indexes, QSortFilterProxyModel* pProxy) { - for (int i = 0; i < Indexes.count(); i++) - Indexes[i] = pProxy->mapToSource(Indexes[i]); - return Indexes; - } - - virtual void AddPanelItemsToMenu(bool bAddSeparator = true); - - virtual void ForceColumn(int column, bool bSet = true) { if (bSet) m_ForcedColumns.insert(column); else m_ForcedColumns.remove(column); } - - virtual QStringList CopyHeader(); - virtual QStringList CopyRow(const QModelIndex& ModelIndex, int Level = 0); - virtual void RecursiveCopyPanel(const QModelIndex& ModelIndex, QList& Rows, int Level = 0); - -protected: - void FormatAndCopy(QList Rows, bool Headder = true); - - QMenu* m_pMenu; - - QAction* m_pCopyCell; - QAction* m_pCopyRow; - QAction* m_pCopyPanel; - - //bool m_CopyAll; - QSet m_ForcedColumns; - static bool m_SimpleFormat; - static bool m_DarkMode; - static int m_MaxCellWidth; - static QString m_CellSeparator; -}; - -template -class CPanelWidget : public CPanelView -{ -public: - CPanelWidget(QWidget *parent = 0) : CPanelView(parent) - { - m_pMainLayout = new QVBoxLayout(); - m_pMainLayout->setMargin(0); - this->setLayout(m_pMainLayout); - - m_pTreeList = new T(); - m_pTreeList->setContextMenuPolicy(Qt::CustomContextMenu); - connect(m_pTreeList, SIGNAL(customContextMenuRequested( const QPoint& )), this, SLOT(OnMenu(const QPoint &))); - m_pMainLayout->addWidget(m_pTreeList); - m_pTreeList->setMinimumHeight(50); - AddPanelItemsToMenu(); - - m_pLastAction = m_pMenu->actions()[0]; - } - - virtual QMenu* GetMenu() { return m_pMenu; } - virtual void AddAction(QAction* pAction) { m_pMenu->insertAction(m_pLastAction, pAction); } - - virtual T* GetTree() { return m_pTreeList; } - virtual QTreeView* GetView() { return m_pTreeList; } - virtual QAbstractItemModel* GetModel() { return m_pTreeList->model(); } - - virtual QVBoxLayout* GetLayout() { return m_pMainLayout; } - -protected: - QVBoxLayout* m_pMainLayout; - - T* m_pTreeList; - - QAction* m_pLastAction; -}; - -#include "TreeWidgetEx.h" -#include "Finder.h" +class MISCHELPERS_EXPORT CPanelView : public QWidget +{ + Q_OBJECT +public: + CPanelView(QWidget *parent = 0); + virtual ~CPanelView(); -class MISCHELPERS_EXPORT CPanelWidgetEx : public CPanelWidget -{ - Q_OBJECT - -public: - CPanelWidgetEx(QWidget *parent = 0) : CPanelWidget(parent) - { - m_pFinder = new CFinder(NULL, this, false); - m_pMainLayout->addWidget(m_pFinder); - QObject::connect(m_pFinder, SIGNAL(SetFilter(const QRegExp&, bool, int)), this, SLOT(SetFilter(const QRegExp&, bool, int))); - } - - static void ApplyFilter(QTreeWidgetEx* pTree, QTreeWidgetItem* pItem, const QRegExp& Exp/*, bool bHighLight = false, int Col = -1*/) - { - for (int j = 0; j < pTree->columnCount(); j++) { - pItem->setForeground(j, (m_DarkMode && !Exp.isEmpty() && pItem->text(j).contains(Exp)) ? Qt::yellow : pTree->palette().color(QPalette::WindowText)); - pItem->setBackground(j, (!m_DarkMode && !Exp.isEmpty() && pItem->text(j).contains(Exp)) ? Qt::yellow : pTree->palette().color(QPalette::Base)); - } - - for (int i = 0; i < pItem->childCount(); i++) - { - ApplyFilter(pTree, pItem->child(i), Exp/*, bHighLight, Col*/); - } - } - - static void ApplyFilter(QTreeWidgetEx* pTree, const QRegExp& Exp/*, bool bHighLight = false, int Col = -1*/) - { - for (int i = 0; i < pTree->topLevelItemCount(); i++) - ApplyFilter(pTree, pTree->topLevelItem(i), Exp/*, bHighLight, Col*/); - } - -private slots: - void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Col = -1) // -1 = any - { - ApplyFilter(m_pTreeList, Exp); - } - -private: - - CFinder* m_pFinder; -}; - -#include "TreeViewEx.h" -#include "SortFilterProxyModel.h" - -class CPanelViewEx: public CPanelWidget -{ -public: - CPanelViewEx(QAbstractItemModel* pModel, QWidget *parent = 0) : CPanelWidget(parent) - { - m_pModel = pModel; - - m_pSortProxy = new CSortFilterProxyModel(false, this); - m_pSortProxy->setSortRole(Qt::EditRole); - m_pSortProxy->setSourceModel(m_pModel); - m_pSortProxy->setDynamicSortFilter(true); - - m_pTreeList->setModel(m_pSortProxy); - ((CSortFilterProxyModel*)m_pSortProxy)->setView(m_pTreeList); - - - m_pTreeList->setSelectionMode(QAbstractItemView::ExtendedSelection); -#ifdef WIN32 - QStyle* pStyle = QStyleFactory::create("windows"); - m_pTreeList->setStyle(pStyle); -#endif - m_pTreeList->setExpandsOnDoubleClick(false); - m_pTreeList->setSortingEnabled(true); - - m_pTreeList->setContextMenuPolicy(Qt::CustomContextMenu); - connect(m_pTreeList, SIGNAL(customContextMenuRequested(const QPoint&)), this, SLOT(OnMenu(const QPoint &))); - - m_pTreeList->setColumnReset(1); - //connect(m_pTreeList, SIGNAL(ResetColumns()), m_pTreeList, SLOT(OnResetColumns())); - //connect(m_pBoxTree, SIGNAL(ColumnChanged(int, bool)), this, SLOT(OnColumnsChanged())); - - m_pMainLayout->addWidget(CFinder::AddFinder(m_pTreeList, m_pSortProxy)); - } - -protected: - QAbstractItemModel* m_pModel; - QSortFilterProxyModel* m_pSortProxy; + static void SetSimpleFormat(bool bSimple) { m_SimpleFormat = bSimple; } + static void SetDarkMode(bool bDarkMode) { m_DarkMode = bDarkMode; } + static void SetMaxCellWidth(int iMaxWidth) { m_MaxCellWidth = iMaxWidth; } + static void SetCellSeparator(const QString& Sep) { m_CellSeparator = Sep; } + + static QString m_CopyCell; + static QString m_CopyRow; + static QString m_CopyPanel; + +protected slots: + virtual void OnMenu(const QPoint& Point); + + virtual void OnCopyCell(); + virtual void OnCopyRow(); + virtual void OnCopyPanel(); + + + virtual QTreeView* GetView() = 0; + virtual QAbstractItemModel* GetModel() = 0; + virtual QModelIndex MapToSource(const QModelIndex& Model) { return Model; } + static QModelIndexList MapToSource(QModelIndexList Indexes, QSortFilterProxyModel* pProxy) { + for (int i = 0; i < Indexes.count(); i++) + Indexes[i] = pProxy->mapToSource(Indexes[i]); + return Indexes; + } + + virtual void AddPanelItemsToMenu(bool bAddSeparator = true); + + virtual void ForceColumn(int column, bool bSet = true) { if (bSet) m_ForcedColumns.insert(column); else m_ForcedColumns.remove(column); } + + virtual QStringList CopyHeader(); + virtual QStringList CopyRow(const QModelIndex& ModelIndex, int Level = 0); + virtual void RecursiveCopyPanel(const QModelIndex& ModelIndex, QList& Rows, int Level = 0); + +protected: + void FormatAndCopy(QList Rows, bool Headder = true); + + QMenu* m_pMenu; + + QAction* m_pCopyCell; + QAction* m_pCopyRow; + QAction* m_pCopyPanel; + + //bool m_CopyAll; + QSet m_ForcedColumns; + static bool m_SimpleFormat; + static bool m_DarkMode; + static int m_MaxCellWidth; + static QString m_CellSeparator; +}; + +template +class CPanelWidget : public CPanelView +{ +public: + CPanelWidget(QWidget *parent = 0) : CPanelView(parent) + { + m_pMainLayout = new QVBoxLayout(); + m_pMainLayout->setMargin(0); + this->setLayout(m_pMainLayout); + + m_pTreeList = new T(); + m_pTreeList->setContextMenuPolicy(Qt::CustomContextMenu); + connect(m_pTreeList, SIGNAL(customContextMenuRequested( const QPoint& )), this, SLOT(OnMenu(const QPoint &))); + m_pMainLayout->addWidget(m_pTreeList); + m_pTreeList->setMinimumHeight(50); + AddPanelItemsToMenu(); + + m_pLastAction = m_pMenu->actions()[0]; + } + + virtual QMenu* GetMenu() { return m_pMenu; } + virtual void AddAction(QAction* pAction) { m_pMenu->insertAction(m_pLastAction, pAction); } + + virtual T* GetTree() { return m_pTreeList; } + virtual QTreeView* GetView() { return m_pTreeList; } + virtual QAbstractItemModel* GetModel() { return m_pTreeList->model(); } + + virtual QVBoxLayout* GetLayout() { return m_pMainLayout; } + +protected: + QVBoxLayout* m_pMainLayout; + + T* m_pTreeList; + + QAction* m_pLastAction; +}; + +#include "TreeWidgetEx.h" +#include "Finder.h" + +class MISCHELPERS_EXPORT CPanelWidgetEx : public CPanelWidget +{ + Q_OBJECT + +public: + CPanelWidgetEx(QWidget *parent = 0) : CPanelWidget(parent) + { + m_pFinder = new CFinder(NULL, this, false); + m_pMainLayout->addWidget(m_pFinder); + QObject::connect(m_pFinder, SIGNAL(SetFilter(const QRegExp&, bool, int)), this, SLOT(SetFilter(const QRegExp&, bool, int))); + } + + static void ApplyFilter(QTreeWidgetEx* pTree, QTreeWidgetItem* pItem, const QRegExp& Exp/*, bool bHighLight = false, int Col = -1*/) + { + for (int j = 0; j < pTree->columnCount(); j++) { + pItem->setForeground(j, (m_DarkMode && !Exp.isEmpty() && pItem->text(j).contains(Exp)) ? Qt::yellow : pTree->palette().color(QPalette::WindowText)); + pItem->setBackground(j, (!m_DarkMode && !Exp.isEmpty() && pItem->text(j).contains(Exp)) ? Qt::yellow : pTree->palette().color(QPalette::Base)); + } + + for (int i = 0; i < pItem->childCount(); i++) + { + ApplyFilter(pTree, pItem->child(i), Exp/*, bHighLight, Col*/); + } + } + + static void ApplyFilter(QTreeWidgetEx* pTree, const QRegExp& Exp/*, bool bHighLight = false, int Col = -1*/) + { + for (int i = 0; i < pTree->topLevelItemCount(); i++) + ApplyFilter(pTree, pTree->topLevelItem(i), Exp/*, bHighLight, Col*/); + } + +private slots: + void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Col = -1) // -1 = any + { + ApplyFilter(m_pTreeList, Exp); + } + +private: + + CFinder* m_pFinder; +}; + +#include "TreeViewEx.h" +#include "SortFilterProxyModel.h" + +class CPanelViewEx: public CPanelWidget +{ +public: + CPanelViewEx(QAbstractItemModel* pModel, QWidget *parent = 0) : CPanelWidget(parent) + { + m_pModel = pModel; + + m_pSortProxy = new CSortFilterProxyModel(false, this); + m_pSortProxy->setSortRole(Qt::EditRole); + m_pSortProxy->setSourceModel(m_pModel); + m_pSortProxy->setDynamicSortFilter(true); + + m_pTreeList->setModel(m_pSortProxy); + ((CSortFilterProxyModel*)m_pSortProxy)->setView(m_pTreeList); + + + m_pTreeList->setSelectionMode(QAbstractItemView::ExtendedSelection); +#ifdef WIN32 + QStyle* pStyle = QStyleFactory::create("windows"); + m_pTreeList->setStyle(pStyle); +#endif + m_pTreeList->setExpandsOnDoubleClick(false); + m_pTreeList->setSortingEnabled(true); + + m_pTreeList->setContextMenuPolicy(Qt::CustomContextMenu); + connect(m_pTreeList, SIGNAL(customContextMenuRequested(const QPoint&)), this, SLOT(OnMenu(const QPoint &))); + + m_pTreeList->setColumnReset(1); + //connect(m_pTreeList, SIGNAL(ResetColumns()), m_pTreeList, SLOT(OnResetColumns())); + //connect(m_pBoxTree, SIGNAL(ColumnChanged(int, bool)), this, SLOT(OnColumnsChanged())); + + m_pMainLayout->addWidget(CFinder::AddFinder(m_pTreeList, m_pSortProxy)); + } + +protected: + QAbstractItemModel* m_pModel; + QSortFilterProxyModel* m_pSortProxy; }; \ No newline at end of file diff --git a/SandboxiePlus/MiscHelpers/Common/SortFilterProxyModel.h b/SandboxiePlus/MiscHelpers/Common/SortFilterProxyModel.h index 00e5c88b..10f4fc87 100644 --- a/SandboxiePlus/MiscHelpers/Common/SortFilterProxyModel.h +++ b/SandboxiePlus/MiscHelpers/Common/SortFilterProxyModel.h @@ -1,208 +1,208 @@ -#pragma once - +#pragma once + #include "../mischelpers_global.h" #include #include #include "Finder.h" -class MISCHELPERS_EXPORT CSortFilterProxyModel: public QSortFilterProxyModel -{ - Q_OBJECT - -public: - CSortFilterProxyModel(bool bAlternate, QObject* parrent = 0) : QSortFilterProxyModel(parrent) - { - m_bAlternate = bAlternate; - m_bHighLight = false; - m_iColumn = 0; - m_pView = NULL; - - this->setSortCaseSensitivity(Qt::CaseInsensitive); - } - - void setView(QTreeView* pView) - { - m_pView = pView; - } - - bool filterAcceptsRow(int source_row, const QModelIndex & source_parent) const - { - if (m_bHighLight) - return true; - - // allow the item to pass if any of the child items pass - if(!filterRegExp().isEmpty()) - { - // get source-model index for current row - QModelIndex source_index = sourceModel()->index(source_row, 0, source_parent); - if(source_index.isValid()) - { - // if any of children matches the filter, then current index matches the filter as well - int nb = sourceModel()->rowCount(source_index); - for(int i = 0; i < nb; i++) - { - if(filterAcceptsRow(i, source_index)) - return true; - } - // check current index itself - return QSortFilterProxyModel::filterAcceptsRow(source_row, source_parent); - } - } - - // default behavioure - return QSortFilterProxyModel::filterAcceptsRow(source_row, source_parent); - } - - QVariant data(const QModelIndex &index, int role) const - { - QVariant Data = QSortFilterProxyModel::data(index, role); - if (m_bHighLight && role == (CFinder::GetDarkMode() ? Qt::ForegroundRole : Qt::BackgroundRole)) - { - if (!filterRegExp().isEmpty()) - { - QString Key = QSortFilterProxyModel::data(index, filterRole()).toString(); - if (Key.contains(filterRegExp())) - return QColor(Qt::yellow); - } - //return QColor(Qt::white); - } - - if (role == Qt::BackgroundRole) - { - if (m_bAlternate && !Data.isValid()) - { - if (0 == index.row() % 2) - return QColor(226, 237, 253); - else - return QColor(Qt::white); - } - } - return Data; - } - -public slots: - void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Col = -1) // -1 = any - { - QModelIndex idx; - //if (m_pView) idx = m_pView->currentIndex(); - m_iColumn = Col; - m_bHighLight = bHighLight; - setFilterKeyColumn(Col); - setFilterRegExp(Exp); - //if (m_pView) m_pView->setCurrentIndex(idx); - if (m_bHighLight) - emit layoutChanged(); - } - - void SelectNext() - { - if (!m_pView) - return; - - bool next = true; - QModelIndex idx = m_pView->currentIndex(); - if (!(next = idx.isValid())) - idx = index(0, 0); - - //if (QApplication::keyboardModifiers() & Qt::ControlModifier) - if (QApplication::keyboardModifiers() & Qt::ShiftModifier) - idx = FindPrev(idx, next); - else - idx = FindNext(idx, next); - - if (idx.isValid()) - m_pView->setCurrentIndex(idx); - else - QApplication::beep(); - } - -protected: - bool m_bAlternate; - bool m_bHighLight; - int m_iColumn; - QTreeView* m_pView; - - bool MatchCell(QModelIndex idx, int column) - { - QModelIndex tmp = idx.sibling(idx.row(), column); - - QString str = data(tmp, filterRole()).toString(); - if (str.contains(filterRegExp())) - return true; - return false; - } - - bool MatchRow(QModelIndex idx) - { - if (m_iColumn != -1) - return MatchCell(idx, m_iColumn); - - for(int col = 0; col < columnCount(idx); col++) { - if (MatchCell(idx, col)) - return true; - } - return false; - } - - QModelIndex FindNext(QModelIndex idx, bool next = false) - { - if (MatchRow(idx) && !next) - return idx; - - if (hasChildren(idx)) - { - int numRows = rowCount(idx); - for (int count = 0; count < numRows; count++) { - QModelIndex tmp = FindNext(index(count, 0, idx)); - if (tmp.isValid()) - return tmp; - } - } - - do { - QModelIndex par = parent(idx); - - int numRows = rowCount(par); - for (int count = idx.row() + 1; count < numRows; count++) { - QModelIndex tmp = FindNext(index(count, 0, par)); - if (tmp.isValid()) - return tmp; - } - - idx = par; - } while (idx.isValid()); - - return QModelIndex(); - } - - QModelIndex FindPrev(QModelIndex idx, bool next = false) - { - if (MatchRow(idx) && !next) - return idx; - - if (hasChildren(idx)) - { - int numRows = rowCount(idx); - for (int count = numRows-1; count >= 0; count++) { - QModelIndex tmp = FindNext(index(count, 0, idx)); - if (tmp.isValid()) - return tmp; - } - } - - do { - QModelIndex par = parent(idx); - - int numRows = rowCount(par); - for (int count = idx.row() - 1; count >= 0; count--) { - QModelIndex tmp = FindNext(index(count, 0, par)); - if (tmp.isValid()) - return tmp; - } - - idx = par; - } while (idx.isValid()); - - return QModelIndex(); - } +class MISCHELPERS_EXPORT CSortFilterProxyModel: public QSortFilterProxyModel +{ + Q_OBJECT + +public: + CSortFilterProxyModel(bool bAlternate, QObject* parrent = 0) : QSortFilterProxyModel(parrent) + { + m_bAlternate = bAlternate; + m_bHighLight = false; + m_iColumn = 0; + m_pView = NULL; + + this->setSortCaseSensitivity(Qt::CaseInsensitive); + } + + void setView(QTreeView* pView) + { + m_pView = pView; + } + + bool filterAcceptsRow(int source_row, const QModelIndex & source_parent) const + { + if (m_bHighLight) + return true; + + // allow the item to pass if any of the child items pass + if(!filterRegExp().isEmpty()) + { + // get source-model index for current row + QModelIndex source_index = sourceModel()->index(source_row, 0, source_parent); + if(source_index.isValid()) + { + // if any of children matches the filter, then current index matches the filter as well + int nb = sourceModel()->rowCount(source_index); + for(int i = 0; i < nb; i++) + { + if(filterAcceptsRow(i, source_index)) + return true; + } + // check current index itself + return QSortFilterProxyModel::filterAcceptsRow(source_row, source_parent); + } + } + + // default behavioure + return QSortFilterProxyModel::filterAcceptsRow(source_row, source_parent); + } + + QVariant data(const QModelIndex &index, int role) const + { + QVariant Data = QSortFilterProxyModel::data(index, role); + if (m_bHighLight && role == (CFinder::GetDarkMode() ? Qt::ForegroundRole : Qt::BackgroundRole)) + { + if (!filterRegExp().isEmpty()) + { + QString Key = QSortFilterProxyModel::data(index, filterRole()).toString(); + if (Key.contains(filterRegExp())) + return QColor(Qt::yellow); + } + //return QColor(Qt::white); + } + + if (role == Qt::BackgroundRole) + { + if (m_bAlternate && !Data.isValid()) + { + if (0 == index.row() % 2) + return QColor(226, 237, 253); + else + return QColor(Qt::white); + } + } + return Data; + } + +public slots: + void SetFilter(const QRegExp& Exp, bool bHighLight = false, int Col = -1) // -1 = any + { + QModelIndex idx; + //if (m_pView) idx = m_pView->currentIndex(); + m_iColumn = Col; + m_bHighLight = bHighLight; + setFilterKeyColumn(Col); + setFilterRegExp(Exp); + //if (m_pView) m_pView->setCurrentIndex(idx); + if (m_bHighLight) + emit layoutChanged(); + } + + void SelectNext() + { + if (!m_pView) + return; + + bool next = true; + QModelIndex idx = m_pView->currentIndex(); + if (!(next = idx.isValid())) + idx = index(0, 0); + + //if (QApplication::keyboardModifiers() & Qt::ControlModifier) + if (QApplication::keyboardModifiers() & Qt::ShiftModifier) + idx = FindPrev(idx, next); + else + idx = FindNext(idx, next); + + if (idx.isValid()) + m_pView->setCurrentIndex(idx); + else + QApplication::beep(); + } + +protected: + bool m_bAlternate; + bool m_bHighLight; + int m_iColumn; + QTreeView* m_pView; + + bool MatchCell(QModelIndex idx, int column) + { + QModelIndex tmp = idx.sibling(idx.row(), column); + + QString str = data(tmp, filterRole()).toString(); + if (str.contains(filterRegExp())) + return true; + return false; + } + + bool MatchRow(QModelIndex idx) + { + if (m_iColumn != -1) + return MatchCell(idx, m_iColumn); + + for(int col = 0; col < columnCount(idx); col++) { + if (MatchCell(idx, col)) + return true; + } + return false; + } + + QModelIndex FindNext(QModelIndex idx, bool next = false) + { + if (MatchRow(idx) && !next) + return idx; + + if (hasChildren(idx)) + { + int numRows = rowCount(idx); + for (int count = 0; count < numRows; count++) { + QModelIndex tmp = FindNext(index(count, 0, idx)); + if (tmp.isValid()) + return tmp; + } + } + + do { + QModelIndex par = parent(idx); + + int numRows = rowCount(par); + for (int count = idx.row() + 1; count < numRows; count++) { + QModelIndex tmp = FindNext(index(count, 0, par)); + if (tmp.isValid()) + return tmp; + } + + idx = par; + } while (idx.isValid()); + + return QModelIndex(); + } + + QModelIndex FindPrev(QModelIndex idx, bool next = false) + { + if (MatchRow(idx) && !next) + return idx; + + if (hasChildren(idx)) + { + int numRows = rowCount(idx); + for (int count = numRows-1; count >= 0; count++) { + QModelIndex tmp = FindNext(index(count, 0, idx)); + if (tmp.isValid()) + return tmp; + } + } + + do { + QModelIndex par = parent(idx); + + int numRows = rowCount(par); + for (int count = idx.row() - 1; count >= 0; count--) { + QModelIndex tmp = FindNext(index(count, 0, par)); + if (tmp.isValid()) + return tmp; + } + + idx = par; + } while (idx.isValid()); + + return QModelIndex(); + } }; \ No newline at end of file diff --git a/SandboxiePlus/SandMan/SandMan.cpp b/SandboxiePlus/SandMan/SandMan.cpp index cabb4d42..c84ce215 100644 --- a/SandboxiePlus/SandMan/SandMan.cpp +++ b/SandboxiePlus/SandMan/SandMan.cpp @@ -1,2461 +1,2461 @@ -#include "stdafx.h" -#include "SandMan.h" -#include "../MiscHelpers/Common/Common.h" -#include "../MiscHelpers/Common/ExitDialog.h" -#include "../MiscHelpers/Common/SortFilterProxyModel.h" -#include "Views/SbieView.h" -#include "../MiscHelpers/Common/CheckableMessageBox.h" -#include -#include "./Dialogs/MultiErrorDialog.h" -#include "../QSbieAPI/SbieUtils.h" -#include "../QSbieAPI/Sandboxie/BoxBorder.h" -#include "../QSbieAPI/Sandboxie/SbieTemplates.h" -#include "Windows/SettingsWindow.h" -#include "Windows/RecoveryWindow.h" -#include -#include "../MiscHelpers/Common/SettingsWidgets.h" -#include "Windows/OptionsWindow.h" -#include -#include "../MiscHelpers/Common/TreeItemModel.h" -#include "../MiscHelpers/Common/ListItemModel.h" -#include "Views/TraceView.h" -#include "Windows/SelectBoxWindow.h" -#include "../UGlobalHotkey/uglobalhotkeys.h" - -CSbiePlusAPI* theAPI = NULL; - -#if defined(Q_OS_WIN) -#include -#include -#include - -class CNativeEventFilter : public QAbstractNativeEventFilter -{ -public: - virtual bool nativeEventFilter(const QByteArray &eventType, void *message, long *result) - { - if (eventType == "windows_generic_MSG" || eventType == "windows_dispatcher_MSG") - { - MSG *msg = static_cast(message); - - //if(msg->message != 275 && msg->message != 1025) - // qDebug() << msg->message; - - if (msg->message == WM_NOTIFY) - { - //return true; - } - else if (msg->message == WM_DEVICECHANGE) - { - if (msg->wParam == DBT_DEVICEARRIVAL // Drive letter added - || msg->wParam == DBT_DEVICEREMOVECOMPLETE) // Drive letter removed - { - /*DEV_BROADCAST_HDR* deviceBroadcast = (DEV_BROADCAST_HDR*)msg->lParam; - if (deviceBroadcast->dbch_devicetype == DBT_DEVTYP_VOLUME) { - }*/ - if (theAPI) - theAPI->UpdateDriveLetters(); - } - /*else if ((msg->wParam & 0xFF80) == 0xAA00 && msg->lParam == 'xobs') - { - UCHAR driveNumber = (UCHAR)(msg->wParam & 0x1F); - if (driveNumber < 26) { - } - } - else if (msg->wParam == DBT_DEVNODES_CHANGED) // hardware changed - { - }*/ - } - else if (msg->message == WM_DWMCOLORIZATIONCOLORCHANGED) - { - if (theGUI && theConf->GetInt("Options/UseDarkTheme", 2) == 2) - theGUI->UpdateTheme(); - } - } - return false; - } -}; - -HWND MainWndHandle = NULL; -#endif - -CSandMan* theGUI = NULL; - -CSandMan::CSandMan(QWidget *parent) - : QMainWindow(parent) -{ -#if defined(Q_OS_WIN) - MainWndHandle = (HWND)QWidget::winId(); - - QApplication::instance()->installNativeEventFilter(new CNativeEventFilter); -#endif - - theGUI = this; - - QDesktopServices::setUrlHandler("http", this, "OpenUrl"); - QDesktopServices::setUrlHandler("https", this, "OpenUrl"); - QDesktopServices::setUrlHandler("sbie", this, "OpenUrl"); - - m_ThemeUpdatePending = false; - m_DefaultStyle = QApplication::style()->objectName(); - m_DefaultPalett = QApplication::palette(); - - m_LanguageId = 1033; // lang en_us - LoadLanguage(); - SetUITheme(); - - m_bExit = false; - - theAPI = new CSbiePlusAPI(this); - connect(theAPI, SIGNAL(StatusChanged()), this, SLOT(OnStatusChanged())); - connect(theAPI, SIGNAL(BoxClosed(const QString&)), this, SLOT(OnBoxClosed(const QString&))); - - m_RequestManager = NULL; - - QString appTitle = tr("Sandboxie-Plus v%1").arg(GetVersion()); - - if (QFile::exists(QCoreApplication::applicationDirPath() + "\\Certificate.dat")) { - CSettingsWindow::LoadCertificate(); - } - - this->setWindowTitle(appTitle); - - setAcceptDrops(true); - - m_pBoxBorder = new CBoxBorder(theAPI, this); - - m_SbieTemplates = new CSbieTemplates(theAPI, this); - - - m_bConnectPending = false; - m_bStopPending = false; - - QTreeViewEx::m_ResetColumns = tr("Reset Columns"); - CPanelView::m_CopyCell = tr("Copy Cell"); - CPanelView::m_CopyRow = tr("Copy Row"); - CPanelView::m_CopyPanel = tr("Copy Panel"); - - CreateMenus(); - - m_pMainWidget = new QWidget(); - m_pMainLayout = new QVBoxLayout(m_pMainWidget); - m_pMainLayout->setMargin(2); - m_pMainLayout->setSpacing(0); - this->setCentralWidget(m_pMainWidget); - - CreateToolBar(); - - m_pLogSplitter = new QSplitter(); - m_pLogSplitter->setOrientation(Qt::Vertical); - m_pMainLayout->addWidget(m_pLogSplitter); - - m_pPanelSplitter = new QSplitter(); - m_pPanelSplitter->setOrientation(Qt::Horizontal); - m_pLogSplitter->addWidget(m_pPanelSplitter); - - - m_pBoxView = new CSbieView(); - m_pPanelSplitter->addWidget(m_pBoxView); - - connect(m_pBoxView->GetTree()->selectionModel(), SIGNAL(currentChanged(QModelIndex, QModelIndex)), this, SLOT(OnSelectionChanged())); - - //m_pPanelSplitter->addWidget(); - - m_pLogTabs = new QTabWidget(); - m_pLogSplitter->addWidget(m_pLogTabs); - - // Message Log - m_pMessageLog = new CPanelWidgetEx(); - - //m_pMessageLog->GetView()->setItemDelegate(theGUI->GetItemDelegate()); - ((QTreeWidgetEx*)m_pMessageLog->GetView())->setHeaderLabels(tr("Time|Message").split("|")); - - m_pMessageLog->GetMenu()->insertAction(m_pMessageLog->GetMenu()->actions()[0], m_pCleanUpMsgLog); - m_pMessageLog->GetMenu()->insertSeparator(m_pMessageLog->GetMenu()->actions()[0]); - - m_pMessageLog->GetView()->setSelectionMode(QAbstractItemView::ExtendedSelection); - m_pMessageLog->GetView()->setSortingEnabled(false); - - m_pLogTabs->addTab(m_pMessageLog, tr("Sbie Messages")); - // - - m_pTraceView = new CTraceView(this); - - m_pTraceView->GetMenu()->insertAction(m_pTraceView->GetMenu()->actions()[0], m_pCleanUpTrace); - m_pTraceView->GetMenu()->insertSeparator(m_pTraceView->GetMenu()->actions()[0]); - - m_pLogTabs->addTab(m_pTraceView, tr("Trace Log")); - - m_pHotkeyManager = new UGlobalHotkeys(this); - connect(m_pHotkeyManager, SIGNAL(activated(size_t)), SLOT(OnHotKey(size_t))); - SetupHotKeys(); - - for (int i = 0; i < eMaxColor; i++) - m_BoxIcons[(EBoxColors)i] = qMakePair(QIcon(QString(":/Boxes/Empty%1").arg(i)), QIcon(QString(":/Boxes/Full%1").arg(i))); - - // Tray - m_pTrayIcon = new QSystemTrayIcon(GetTrayIconName(), this); - m_pTrayIcon->setToolTip("Sandboxie-Plus"); - connect(m_pTrayIcon, SIGNAL(activated(QSystemTrayIcon::ActivationReason)), this, SLOT(OnSysTray(QSystemTrayIcon::ActivationReason))); - m_bIconEmpty = true; - m_bIconDisabled = false; - - m_pTrayMenu = new QMenu(); - QAction* pShowHide = m_pTrayMenu->addAction(GetIcon("IconFull", false), tr("Show/Hide"), this, SLOT(OnShowHide())); - QFont f = pShowHide->font(); - f.setBold(true); - pShowHide->setFont(f); - m_pTrayMenu->addSeparator(); - - m_pTrayList = new QWidgetAction(m_pTrayMenu); - - QWidget* pWidget = new CActionWidget(); - QHBoxLayout* pLayout = new QHBoxLayout(); - pLayout->setMargin(0); - pWidget->setLayout(pLayout); - - m_pTrayBoxes = new QTreeWidget(); - - m_pTrayBoxes->setSizePolicy(QSizePolicy::Ignored, QSizePolicy::Maximum); - m_pTrayBoxes->setRootIsDecorated(false); - //m_pTrayBoxes->setHeaderLabels(tr(" Sandbox").split("|")); - m_pTrayBoxes->setHeaderHidden(true); - m_pTrayBoxes->setSelectionMode(QAbstractItemView::NoSelection); - //m_pTrayBoxes->setSelectionMode(QAbstractItemView::ExtendedSelection); - - pLayout->insertSpacing(0, 1);// 32); - - /*QFrame* vFrame = new QFrame; - vFrame->setFixedWidth(1); - vFrame->setFrameShape(QFrame::VLine); - vFrame->setFrameShadow(QFrame::Raised); - pLayout->addWidget(vFrame);*/ - - pLayout->addWidget(m_pTrayBoxes); - - m_pTrayList->setDefaultWidget(pWidget); - m_pTrayMenu->addAction(m_pTrayList); - - - m_pTrayBoxes->setContextMenuPolicy(Qt::CustomContextMenu); - connect(m_pTrayBoxes, SIGNAL(customContextMenuRequested( const QPoint& )), this, SLOT(OnBoxMenu(const QPoint &))); - connect(m_pTrayBoxes, SIGNAL(itemDoubleClicked(QTreeWidgetItem*, int)), this, SLOT(OnBoxDblClick(QTreeWidgetItem*))); - //m_pBoxMenu - - m_pTraySeparator = m_pTrayMenu->addSeparator(); - m_pTrayMenu->addAction(m_pEmptyAll); - m_pDisableForce2 = m_pTrayMenu->addAction(tr("Disable Forced Programs"), this, SLOT(OnDisableForce2())); - m_pDisableForce2->setCheckable(true); - m_pTrayMenu->addSeparator(); - - /*QWidgetAction* pBoxWidget = new QWidgetAction(m_pTrayMenu); - - QWidget* pWidget = new QWidget(); - pWidget->setMaximumHeight(200); - QGridLayout* pLayout = new QGridLayout(); - pLayout->addWidget(pBar, 0, 0); - pWidget->setLayout(pLayout); - pBoxWidget->setDefaultWidget(pWidget);*/ - - /*QLabel* pLabel = new QLabel("test"); - pLabel->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); - pLabel->setAlignment(Qt::AlignCenter); - pBoxWidget->setDefaultWidget(pLabel);*/ - - //m_pTrayMenu->addAction(pBoxWidget); - //m_pTrayMenu->addSeparator(); - - m_pTrayMenu->addAction(m_pExit); - - bool bAutoRun = QApplication::arguments().contains("-autorun"); - - m_pTrayIcon->show(); // Note: qt bug; hide does not work if not showing first :/ - if(!bAutoRun && theConf->GetInt("Options/SysTrayIcon", 1) == 0) - m_pTrayIcon->hide(); - // - - LoadState(); - - bool bAdvanced = theConf->GetBool("Options/AdvancedView", true); - foreach(QAction * pAction, m_pViewMode->actions()) - pAction->setChecked(pAction->data().toBool() == bAdvanced); - SetViewMode(bAdvanced); - - - m_pKeepTerminated->setChecked(theConf->GetBool("Options/KeepTerminated")); - m_pShowAllSessions->setChecked(theConf->GetBool("Options/ShowAllSessions")); - - m_pProgressDialog = new CProgressDialog("", this); - m_pProgressDialog->setWindowModality(Qt::ApplicationModal); - connect(m_pProgressDialog, SIGNAL(Cancel()), this, SLOT(OnCancelAsync())); - m_pProgressModal = false; - - m_pPopUpWindow = new CPopUpWindow(); - - bool bAlwaysOnTop = theConf->GetBool("Options/AlwaysOnTop", false); - m_pWndTopMost->setChecked(bAlwaysOnTop); - this->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); - m_pPopUpWindow->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); - - if (!bAutoRun) - show(); - - //connect(theAPI, SIGNAL(LogMessage(const QString&, bool)), this, SLOT(OnLogMessage(const QString&, bool))); - connect(theAPI, SIGNAL(LogSbieMessage(quint32, const QStringList&, quint32)), this, SLOT(OnLogSbieMessage(quint32, const QStringList&, quint32))); - connect(theAPI, SIGNAL(NotAuthorized(bool, bool&)), this, SLOT(OnNotAuthorized(bool, bool&)), Qt::DirectConnection); - connect(theAPI, SIGNAL(QueuedRequest(quint32, quint32, quint32, const QVariantMap&)), this, SLOT(OnQueuedRequest(quint32, quint32, quint32, const QVariantMap&)), Qt::QueuedConnection); - connect(theAPI, SIGNAL(FileToRecover(const QString&, const QString&, const QString&, quint32)), this, SLOT(OnFileToRecover(const QString&, const QString&, const QString&, quint32)), Qt::QueuedConnection); - connect(theAPI, SIGNAL(ConfigReloaded()), this, SLOT(OnIniReloaded())); - - m_uTimerID = startTimer(250); - - OnStatusChanged(); - if (CSbieUtils::IsRunning(CSbieUtils::eAll) || theConf->GetBool("Options/StartIfStopped", true)) - { - SB_STATUS Status = ConnectSbie(); - CheckResults(QList() << Status); - } -} - -CSandMan::~CSandMan() -{ - m_pPopUpWindow->close(); - delete m_pPopUpWindow; - - if(m_pEnableMonitoring->isChecked()) - theAPI->EnableMonitor(false); - - killTimer(m_uTimerID); - - m_pTrayIcon->hide(); - - StoreState(); - - theAPI = NULL; - - theGUI = NULL; -} - -void CSandMan::LoadState() -{ - restoreGeometry(theConf->GetBlob("MainWindow/Window_Geometry")); - //m_pBoxTree->restoreState(theConf->GetBlob("MainWindow/BoxTree_Columns")); - m_pMessageLog->GetView()->header()->restoreState(theConf->GetBlob("MainWindow/LogList_Columns")); - m_pLogSplitter->restoreState(theConf->GetBlob("MainWindow/Log_Splitter")); - m_pPanelSplitter->restoreState(theConf->GetBlob("MainWindow/Panel_Splitter")); - m_pLogTabs->setCurrentIndex(theConf->GetInt("MainWindow/LogTab", 0)); -} - -void CSandMan::StoreState() -{ - theConf->SetBlob("MainWindow/Window_Geometry", saveGeometry()); - //theConf->SetBlob("MainWindow/BoxTree_Columns", m_pBoxTree->saveState()); - theConf->SetBlob("MainWindow/LogList_Columns", m_pMessageLog->GetView()->header()->saveState()); - theConf->SetBlob("MainWindow/Log_Splitter", m_pLogSplitter->saveState()); - theConf->SetBlob("MainWindow/Panel_Splitter", m_pPanelSplitter->saveState()); - theConf->SetValue("MainWindow/LogTab", m_pLogTabs->currentIndex()); -} - -QIcon CSandMan::GetIcon(const QString& Name, bool bAction) -{ - QString Path = QApplication::applicationDirPath() + "/Icons/" + Name + ".png"; - if(QFile::exists(Path)) - return QIcon(Path); - return QIcon((bAction ? ":/Actions/" : ":/") + Name + ".png"); -} - -void CSandMan::CreateMenus() -{ - connect(menuBar(), SIGNAL(hovered(QAction*)), this, SLOT(OnMenuHover(QAction*))); - - m_pMenuFile = menuBar()->addMenu(tr("&Sandbox")); - m_pNewBox = m_pMenuFile->addAction(CSandMan::GetIcon("NewBox"), tr("Create New Box"), this, SLOT(OnNewBox())); - m_pNewGroup = m_pMenuFile->addAction(CSandMan::GetIcon("Group"), tr("Create Box Group"), this, SLOT(OnNewGroupe())); - m_pMenuFile->addSeparator(); - m_pEmptyAll = m_pMenuFile->addAction(CSandMan::GetIcon("EmptyAll"), tr("Terminate All Processes"), this, SLOT(OnEmptyAll())); - m_pWndFinder = m_pMenuFile->addAction(CSandMan::GetIcon("finder"), tr("Window Finder"), this, SLOT(OnWndFinder())); - m_pDisableForce = m_pMenuFile->addAction(tr("Disable Forced Programs"), this, SLOT(OnDisableForce())); - m_pDisableForce->setCheckable(true); - m_pMenuFile->addSeparator(); - m_pMaintenance = m_pMenuFile->addMenu(CSandMan::GetIcon("Maintenance"), tr("&Maintenance")); - m_pConnect = m_pMaintenance->addAction(CSandMan::GetIcon("Connect"), tr("Connect"), this, SLOT(OnMaintenance())); - m_pDisconnect = m_pMaintenance->addAction(CSandMan::GetIcon("Disconnect"), tr("Disconnect"), this, SLOT(OnMaintenance())); - m_pMaintenance->addSeparator(); - m_pStopAll = m_pMaintenance->addAction(CSandMan::GetIcon("Stop"), tr("Stop All"), this, SLOT(OnMaintenance())); - m_pMaintenance->addSeparator(); - m_pMaintenanceItems = m_pMaintenance->addMenu(CSandMan::GetIcon("ManMaintenance"), tr("&Advanced")); - m_pInstallDrv = m_pMaintenanceItems->addAction(tr("Install Driver"), this, SLOT(OnMaintenance())); - m_pStartDrv = m_pMaintenanceItems->addAction(tr("Start Driver"), this, SLOT(OnMaintenance())); - m_pStopDrv = m_pMaintenanceItems->addAction(tr("Stop Driver"), this, SLOT(OnMaintenance())); - m_pUninstallDrv = m_pMaintenanceItems->addAction(tr("Uninstall Driver"), this, SLOT(OnMaintenance())); - m_pMaintenanceItems->addSeparator(); - m_pInstallSvc = m_pMaintenanceItems->addAction(tr("Install Service"), this, SLOT(OnMaintenance())); - m_pStartSvc = m_pMaintenanceItems->addAction(tr("Start Service"), this, SLOT(OnMaintenance())); - m_pStopSvc = m_pMaintenanceItems->addAction(tr("Stop Service"), this, SLOT(OnMaintenance())); - m_pUninstallSvc = m_pMaintenanceItems->addAction(tr("Uninstall Service"), this, SLOT(OnMaintenance())); - - m_pMenuFile->addSeparator(); - m_pExit = m_pMenuFile->addAction(CSandMan::GetIcon("Exit"), tr("Exit"), this, SLOT(OnExit())); - - - m_pMenuView = menuBar()->addMenu(tr("&View")); - - m_pViewMode = new QActionGroup(m_pMenuView); - MakeAction(m_pViewMode, m_pMenuView, tr("Simple View"), false); - MakeAction(m_pViewMode, m_pMenuView, tr("Advanced View"), true); - connect(m_pViewMode, SIGNAL(triggered(QAction*)), this, SLOT(OnViewMode(QAction*))); - - m_pMenuView->addSeparator(); - m_pWndTopMost = m_pMenuView->addAction(tr("Always on Top"), this, SLOT(OnAlwaysTop())); - m_pWndTopMost->setCheckable(true); - - m_iMenuViewPos = m_pMenuView->actions().count(); - m_pMenuView->addSeparator(); - - m_pShowHidden = m_pMenuView->addAction(tr("Show Hidden Boxes")); - m_pShowHidden->setCheckable(true); - m_pShowAllSessions = m_pMenuView->addAction(tr("Show All Sessions"), this, SLOT(OnProcView())); - m_pShowAllSessions->setCheckable(true); - - m_pMenuView->addSeparator(); - - m_pCleanUpMenu = m_pMenuView->addMenu(CSandMan::GetIcon("Clean"), tr("Clean Up")); - m_pCleanUpProcesses = m_pCleanUpMenu->addAction(tr("Cleanup Processes"), this, SLOT(OnCleanUp())); - m_pCleanUpMenu->addSeparator(); - m_pCleanUpMsgLog = m_pCleanUpMenu->addAction(tr("Cleanup Message Log"), this, SLOT(OnCleanUp())); - m_pCleanUpTrace = m_pCleanUpMenu->addAction(tr("Cleanup Trace Log"), this, SLOT(OnCleanUp())); - - m_pKeepTerminated = m_pMenuView->addAction(CSandMan::GetIcon("Keep"), tr("Keep terminated"), this, SLOT(OnProcView())); - m_pKeepTerminated->setCheckable(true); - - - m_pMenuOptions = menuBar()->addMenu(tr("&Options")); - m_pMenuSettings = m_pMenuOptions->addAction(CSandMan::GetIcon("Settings"), tr("Global Settings"), this, SLOT(OnSettings())); - m_pMenuResetMsgs = m_pMenuOptions->addAction(tr("Reset all hidden messages"), this, SLOT(OnResetMsgs())); - m_pMenuOptions->addSeparator(); - m_pEditIni = m_pMenuOptions->addAction(CSandMan::GetIcon("EditIni"), tr("Edit ini file"), this, SLOT(OnEditIni())); - m_pReloadIni = m_pMenuOptions->addAction(CSandMan::GetIcon("ReloadIni"), tr("Reload ini file"), this, SLOT(OnReloadIni())); - m_pMenuOptions->addSeparator(); - m_pEnableMonitoring = m_pMenuOptions->addAction(CSandMan::GetIcon("SetLogging"), tr("Trace Logging"), this, SLOT(OnSetMonitoring())); - m_pEnableMonitoring->setCheckable(true); - - - m_pMenuHelp = menuBar()->addMenu(tr("&Help")); - //m_pMenuHelp->addAction(tr("Support Sandboxie-Plus on Patreon"), this, SLOT(OnHelp())); - m_pSupport = m_pMenuHelp->addAction(tr("Support Sandboxie-Plus with a Donation"), this, SLOT(OnHelp())); - m_pForum = m_pMenuHelp->addAction(tr("Visit Support Forum"), this, SLOT(OnHelp())); - m_pManual = m_pMenuHelp->addAction(tr("Online Documentation"), this, SLOT(OnHelp())); - m_pMenuHelp->addSeparator(); - m_pUpdate = m_pMenuHelp->addAction(tr("Check for Updates"), this, SLOT(CheckForUpdates())); - m_pMenuHelp->addSeparator(); - m_pAboutQt = m_pMenuHelp->addAction(tr("About the Qt Framework"), this, SLOT(OnAbout())); - m_pAbout = m_pMenuHelp->addAction(GetIcon("IconFull", false), tr("About Sandboxie-Plus"), this, SLOT(OnAbout())); -} - -void CSandMan::CreateToolBar() -{ - m_pToolBar = new QToolBar(); - m_pMainLayout->insertWidget(0, m_pToolBar); - - m_pToolBar->addAction(m_pMenuSettings); - m_pToolBar->addSeparator(); - - //m_pToolBar->addAction(m_pMenuNew); - //m_pToolBar->addAction(m_pMenuEmptyAll); - //m_pToolBar->addSeparator(); - m_pToolBar->addAction(m_pKeepTerminated); - //m_pToolBar->addAction(m_pCleanUp); - - m_pCleanUpButton = new QToolButton(); - m_pCleanUpButton->setIcon(CSandMan::GetIcon("Clean")); - m_pCleanUpButton->setToolTip(tr("Cleanup")); - m_pCleanUpButton->setPopupMode(QToolButton::MenuButtonPopup); - m_pCleanUpButton->setMenu(m_pCleanUpMenu); - //QObject::connect(m_pCleanUpButton, SIGNAL(triggered(QAction*)), , SLOT()); - QObject::connect(m_pCleanUpButton, SIGNAL(clicked(bool)), this, SLOT(OnCleanUp())); - m_pToolBar->addWidget(m_pCleanUpButton); - - - m_pToolBar->addSeparator(); - m_pToolBar->addAction(m_pEditIni); - m_pToolBar->addSeparator(); - m_pToolBar->addAction(m_pEnableMonitoring); - //m_pToolBar->addSeparator(); - - - if (!g_Certificate.isEmpty()) - return; - - QWidget* pSpacer = new QWidget(); - pSpacer->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); - m_pToolBar->addWidget(pSpacer); - - //m_pToolBar->addAction(m_pMenuElevate); - - m_pToolBar->addSeparator(); - m_pToolBar->addWidget(new QLabel(" ")); - QLabel* pSupportLbl = new QLabel("Support Sandboxie-Plus on Patreon"); - pSupportLbl->setTextInteractionFlags(Qt::TextBrowserInteraction); - connect(pSupportLbl, SIGNAL(linkActivated(const QString&)), this, SLOT(OnHelp())); - m_pToolBar->addWidget(pSupportLbl); - m_pToolBar->addWidget(new QLabel(" ")); -} - -void CSandMan::OnExit() -{ - m_bExit = true; - close(); -} - -void CSandMan::closeEvent(QCloseEvent *e) -{ - if (!m_bExit)// && !theAPI->IsConnected()) - { - QString OnClose = theConf->GetString("Options/OnClose", "ToTray"); - if (m_pTrayIcon->isVisible() && OnClose.compare("ToTray", Qt::CaseInsensitive) == 0) - { - StoreState(); - hide(); - - if (theAPI->GetGlobalSettings()->GetBool("ForgetPassword", false)) - theAPI->ClearPassword(); - - e->ignore(); - return; - } - else if(OnClose.compare("Prompt", Qt::CaseInsensitive) == 0) - { - CExitDialog ExitDialog(tr("Do you want to close Sandboxie Manager?")); - if (!ExitDialog.exec()) - { - e->ignore(); - return; - } - } - } - - if (IsFullyPortable() && theAPI->IsConnected()) - { - int PortableStop = theConf->GetInt("Options/PortableStop", -1); - if (PortableStop == -1) - { - bool State = false; - auto Ret = CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Sandboxie-Plus was running in portable mode, now it has to clean up the created services. This will prompt for administrative privileges.\r\n\r\nDo you want to do the clean up?") - , tr("Don't show this message again."), &State, QDialogButtonBox::Yes | QDialogButtonBox::No | QDialogButtonBox::Cancel, QDialogButtonBox::Yes, QMessageBox::Question); - - if (Ret == QDialogButtonBox::Cancel) - { - e->ignore(); - return; - } - - PortableStop = (Ret == QDialogButtonBox::Yes) ? 1 : 0; - - if (State) - theConf->SetValue("Options/PortableStop", PortableStop); - } - - if(PortableStop == 1) - StopSbie(true); - } - - QApplication::quit(); -} - -QIcon CSandMan::GetBoxIcon(bool inUse, int boxType) -{ - EBoxColors color = eYellow; - switch (boxType) { - case CSandBoxPlus::eHardened: color = eOrang; break; - //case CSandBoxPlus::eHasLogApi: color = eRed; break; - case CSandBoxPlus::eInsecure: color = eMagenta; break; - } - return inUse ? m_BoxIcons[color].second : m_BoxIcons[color].first; -} - -bool CSandMan::IsFullyPortable() -{ - QString SbiePath = theAPI->GetSbiePath(); - QString IniPath = theAPI->GetIniPath(); - if (IniPath.indexOf(SbiePath, 0, Qt::CaseInsensitive) == 0) - return true; - return false; -} - -void CSandMan::OnMessage(const QString& Message) -{ - if (Message == "ShowWnd") - { - if (!isVisible()) - show(); - setWindowState(Qt::WindowActive); - SetForegroundWindow(MainWndHandle); - } - else if (Message.left(4) == "Run:") - { - QString BoxName = "DefaultBox"; - QString CmdLine = Message.mid(4); - - if (CmdLine.contains("\\start.exe", Qt::CaseInsensitive)) { - int pos = CmdLine.indexOf("/box:", 0, Qt::CaseInsensitive); - int pos2 = CmdLine.indexOf(" ", pos); - if (pos != -1 && pos2 != -1) { - BoxName = CmdLine.mid(pos + 5, pos2 - (pos + 5)); - CmdLine = CmdLine.mid(pos2 + 1); - } - } - - if (theConf->GetBool("Options/RunInDefaultBox", false) && (QGuiApplication::queryKeyboardModifiers() & Qt::ControlModifier) == 0) { - theAPI->RunStart("DefaultBox", CmdLine); - } - else - RunSandboxed(QStringList(CmdLine), BoxName); - } - else if (Message.left(3) == "Op:") - { - QString Op = Message.mid(3); - - SB_STATUS Status; - if (Op == "Connect") - Status = ConnectSbie(); - else if (Op == "Disconnect") - Status = DisconnectSbie(); - else if (Op == "Shutdown") - Status = StopSbie(); - else if (Op == "EmptyAll") - Status = theAPI->TerminateAll(); - else - Status = SB_ERR(SB_Message, QVariantList () << (tr("Unknown operation '%1' requested via command line").arg(Op))); - CheckResults(QList() << Status); - } - else if (Message.left(6) == "Status") - { - QString Status = Message.mid(7); - if (Status != "OK") - { - if(m_bStopPending) - QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to stop all Sandboxie components")); - else if(m_bConnectPending) - QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to start required Sandboxie components")); - - OnLogMessage(tr("Maintenance operation %1").arg(Status)); - CheckResults(QList() << SB_ERR(SB_Message, QVariantList() << Status)); - } - else - { - OnLogMessage(tr("Maintenance operation Successful")); - if (m_bConnectPending) { - - QTimer::singleShot(1000, [this]() { - SB_STATUS Status = this->ConnectSbieImpl(); - CheckResults(QList() << Status); - }); - } - } - m_pProgressDialog->hide(); - //statusBar()->showMessage(tr("Maintenance operation completed"), 3000); - m_bConnectPending = false; - m_bStopPending = false; - } -} - -void CSandMan::dragEnterEvent(QDragEnterEvent* e) -{ - if (e->mimeData()->hasUrls()) { - e->acceptProposedAction(); - } -} - -void CSandMan::RunSandboxed(const QStringList& Commands, const QString& BoxName) -{ - CSelectBoxWindow* pSelectBoxWindow = new CSelectBoxWindow(Commands, BoxName); - pSelectBoxWindow->show(); -} - -void CSandMan::dropEvent(QDropEvent* e) -{ - QStringList Commands; - foreach(const QUrl & url, e->mimeData()->urls()) { - if (url.isLocalFile()) - Commands.append(url.toLocalFile().replace("/", "\\")); - } - - RunSandboxed(Commands, "DefaultBox"); -} - -QIcon CSandMan::GetTrayIconName(bool isConnected) -{ - QString IconFile; - if (isConnected) { - if (m_bIconEmpty) - IconFile = "IconEmpty"; - else - IconFile = "IconFull"; - - if (m_bIconDisabled) - IconFile += "D"; - } else - IconFile = "IconOff"; - - if (theConf->GetInt("Options/SysTrayIcon", 1) == 2) - IconFile += "C"; - - return GetIcon(IconFile, false); -} - -void CSandMan::timerEvent(QTimerEvent* pEvent) -{ - if (pEvent->timerId() != m_uTimerID) - return; - - bool bForceProcessDisabled = false; - bool bConnected = false; - - if (theAPI->IsConnected()) - { - SB_STATUS Status = theAPI->ReloadBoxes(); - - theAPI->UpdateProcesses(m_pKeepTerminated->isChecked(), m_pShowAllSessions->isChecked()); - - bForceProcessDisabled = theAPI->AreForceProcessDisabled(); - m_pDisableForce->setChecked(bForceProcessDisabled); - m_pDisableForce2->setChecked(bForceProcessDisabled); - - - bool bIsMonitoring = theAPI->IsMonitoring(); - m_pEnableMonitoring->setChecked(bIsMonitoring); - if (!bIsMonitoring) // don't disable the view as logn as there are entries shown - bIsMonitoring = !theAPI->GetTrace().isEmpty(); - m_pTraceView->setEnabled(bIsMonitoring); - - QMap Processes = theAPI->GetAllProcesses(); - int ActiveProcesses = 0; - if (m_pKeepTerminated->isChecked()) { - foreach(const CBoxedProcessPtr & Process, Processes) { - if (!Process->IsTerminated()) - ActiveProcesses++; - } - } - else - ActiveProcesses = Processes.count(); - - if (m_bIconEmpty != (ActiveProcesses == 0) || m_bIconDisabled != bForceProcessDisabled) - { - m_bIconEmpty = (ActiveProcesses == 0); - m_bIconDisabled = bForceProcessDisabled; - - m_pTrayIcon->setIcon(GetTrayIconName()); - } - } - - if (!isVisible() || windowState().testFlag(Qt::WindowMinimized)) - return; - - theAPI->UpdateWindowMap(); - - m_pBoxView->Refresh(); - m_pTraceView->Refresh(); - - OnSelectionChanged(); - - int iCheckUpdates = theConf->GetInt("Options/CheckForUpdates", 2); - if (iCheckUpdates != 0) - { - time_t NextUpdateCheck = theConf->GetUInt64("Options/NextCheckForUpdates", 0); - if (NextUpdateCheck == 0) - theConf->SetValue("Options/NextCheckForUpdates", QDateTime::currentDateTime().addDays(7).toTime_t()); - else if(QDateTime::currentDateTime().toTime_t() >= NextUpdateCheck) - { - if (iCheckUpdates == 2) - { - bool bCheck = false; - iCheckUpdates = CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Do you want to check if there is a new version of Sandboxie-Plus?") - , tr("Don't show this message again."), &bCheck, QDialogButtonBox::Yes | QDialogButtonBox::No, QDialogButtonBox::Yes, QMessageBox::Information) == QDialogButtonBox::Ok ? 1 : 0; - - if (bCheck) - theConf->SetValue("Options/CheckForUpdates", iCheckUpdates); - } - - if (iCheckUpdates == 0) - theConf->SetValue("Options/NextCheckForUpdates", QDateTime::currentDateTime().addDays(7).toTime_t()); - else - { - theConf->SetValue("Options/NextCheckForUpdates", QDateTime::currentDateTime().addDays(1).toTime_t()); - - CheckForUpdates(false); - } - } - } - - if (!m_pUpdateProgress.isNull() && m_RequestManager != NULL) { - if (m_pUpdateProgress->IsCanceled()) { - m_pUpdateProgress->Finish(SB_OK); - m_pUpdateProgress.clear(); - - m_RequestManager->AbortAll(); - } - } - - if (!m_MissingTemplates.isEmpty()) - { - if (m_MissingTemplates[0] == "") { - m_MissingTemplates.clear(); - return; - } - - int CleanupTemplates = theConf->GetInt("Options/AutoCleanupTemplates", -1); - if (CleanupTemplates == -1) - { - bool State = false; - CleanupTemplates = CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Some compatibility templates (%1) are missing, probably deleted, do you want to remove them from all boxes?") - .arg(m_MissingTemplates.join(", ")) - , tr("Don't show this message again."), &State, QDialogButtonBox::Yes | QDialogButtonBox::No, QDialogButtonBox::Yes, QMessageBox::Information) == QDialogButtonBox::Yes ? 1 : 0; - - if (State) - theConf->SetValue("Options/AutoCleanupTemplates", CleanupTemplates); - } - - if (CleanupTemplates) - { - foreach(const QString& Template, m_MissingTemplates) - { - theAPI->GetGlobalSettings()->DelValue("Template", Template); - foreach(const CSandBoxPtr& pBox, theAPI->GetAllBoxes()) - pBox->DelValue("Template", Template); - } - - OnLogMessage(tr("Cleaned up removed templates...")); - } - m_MissingTemplates.clear(); - - m_MissingTemplates.append(""); - } -} - -void CSandMan::OnBoxClosed(const QString& BoxName) -{ - CSandBoxPtr pBox = theAPI->GetBoxByName(BoxName); - if (!pBox) - return; - - if (!pBox->GetBool("NeverDelete", false) && pBox->GetBool("AutoDelete", false) && !pBox->IsEmpty()) - { - // if this box auto deletes first show the recovry dialog with the option to abort deletion - if(!theGUI->OpenRecovery(pBox, true)) // unless no files are found than continue silently - return; - - SB_PROGRESS Status = pBox->CleanBox(); - if (Status.GetStatus() == OP_ASYNC) - AddAsyncOp(Status.GetValue()); - } -} - -void CSandMan::OnSelectionChanged() -{ - //QList Processes = m_pBoxView->GetSelectedProcesses(); - /*if (Processes.isEmpty()) - { - QListBoxes = m_pBoxView->GetSelectedBoxes(); - foreach(const CSandBoxPtr& pBox, Boxes) - Processes.append(pBox->GetProcessList().values()); - }*/ - - //QSet Pids; - //foreach(const CBoxedProcessPtr& pProcess, Processes) - // Pids.insert(pProcess->GetProcessId()); -} - -void CSandMan::OnStatusChanged() -{ - bool isConnected = theAPI->IsConnected(); - - QString appTitle = tr("Sandboxie-Plus v%1").arg(GetVersion()); - if (isConnected) - { - QString SbiePath = theAPI->GetSbiePath(); - OnLogMessage(tr("Sbie Directory: %1").arg(SbiePath)); - OnLogMessage(tr("Sbie+ Version: %1 (%2)").arg(GetVersion()).arg(theAPI->GetVersion())); - OnLogMessage(tr("Loaded Config: %1").arg(theAPI->GetIniPath())); - - //statusBar()->showMessage(tr("Driver version: %1").arg(theAPI->GetVersion())); - - //appTitle.append(tr(" - Driver: v%1").arg(theAPI->GetVersion())); - if (IsFullyPortable()) - { - appTitle.append(tr(" - Portable")); - - QString BoxPath = QDir::cleanPath(QApplication::applicationDirPath() + "/../Sandbox").replace("/", "\\"); - - int PortableRootDir = theConf->GetInt("Options/PortableRootDir", -1); - if (PortableRootDir == -1) - { - bool State = false; - PortableRootDir = CCheckableMessageBox::question(this, "Sandboxie-Plus", - tr("Sandboxie-Plus was started in portable mode, do you want to put the Sandbox folder into its parent directory?\r\nYes will choose: %1\r\nNo will choose: %2") - .arg(BoxPath) - .arg("C:\\Sandbox") // todo resolve os drive properly - , tr("Don't show this message again."), &State, QDialogButtonBox::Yes | QDialogButtonBox::No, QDialogButtonBox::Yes, QMessageBox::Information) == QDialogButtonBox::Yes ? 1 : 0; - - if (State) - theConf->SetValue("Options/PortableRootDir", PortableRootDir); - } - - if (PortableRootDir) - theAPI->GetGlobalSettings()->SetText("FileRootPath", BoxPath + "\\%SANDBOX%"); - } - - if (theConf->GetBool("Options/AutoRunSoftCompat", true)) - { - if (m_SbieTemplates->RunCheck()) - { - CSettingsWindow* pSettingsWindow = new CSettingsWindow(); - //connect(pSettingsWindow, SIGNAL(OptionsChanged()), this, SLOT(UpdateSettings())); - pSettingsWindow->showCompat(); - } - } - - if (SbiePath.compare(QApplication::applicationDirPath().replace("/", "\\"), Qt::CaseInsensitive) == 0) - { - if (theAPI->GetUserSettings()->GetText("SbieCtrl_AutoStartAgent").isEmpty()) - theAPI->GetUserSettings()->SetText("SbieCtrl_AutoStartAgent", "SandMan.exe"); - - QString cmd = CSbieUtils::GetContextMenuStartCmd(); - if (!cmd.isEmpty() && !cmd.contains("sandman.exe", Qt::CaseInsensitive)) { - CSbieUtils::AddContextMenu(QApplication::applicationDirPath().replace("/", "\\") + "\\SandMan.exe", - QApplication::applicationDirPath().replace("/", "\\") + "\\Start.exe"); - } - } - - m_pBoxView->Clear(); - - OnIniReloaded(); - - if (theConf->GetBool("Options/WatchIni", true)) - theAPI->WatchIni(true); - - if (!theAPI->ReloadCert().IsError()) { - CSettingsWindow::LoadCertificate(); - } - else { - g_Certificate.clear(); - } - - g_FeatureFlags = theAPI->GetFeatureFlags(); - - - SB_STATUS Status = theAPI->ReloadBoxes(); - - if (!Status.IsError() && !theAPI->GetAllBoxes().contains("defaultbox")) { - OnLogMessage(tr("Default sandbox not found; creating: %1").arg("DefaultBox")); - theAPI->CreateBox("DefaultBox"); - } - } - else - { - appTitle.append(tr(" - NOT connected").arg(theAPI->GetVersion())); - - m_pBoxView->Clear(); - - theAPI->WatchIni(false); - } - - m_pSupport->setVisible(g_Certificate.isEmpty()); - - this->setWindowTitle(appTitle); - - m_pTrayIcon->setIcon(GetTrayIconName(isConnected)); - m_bIconEmpty = true; - m_bIconDisabled = false; - - m_pNewBox->setEnabled(isConnected); - m_pNewGroup->setEnabled(isConnected); - m_pEmptyAll->setEnabled(isConnected); - m_pDisableForce->setEnabled(isConnected); - m_pDisableForce2->setEnabled(isConnected); - - //m_pCleanUpMenu->setEnabled(isConnected); - //m_pCleanUpButton->setEnabled(isConnected); - //m_pKeepTerminated->setEnabled(isConnected); - - m_pEditIni->setEnabled(isConnected); - m_pReloadIni->setEnabled(isConnected); - m_pEnableMonitoring->setEnabled(isConnected); -} - -void CSandMan::OnMenuHover(QAction* action) -{ - //if (!menuBar()->actions().contains(action)) - // return; // ignore sub menus - - - if (menuBar()->actions().at(0) == action) - { - bool bConnected = theAPI->IsConnected(); - m_pConnect->setEnabled(!bConnected); - m_pDisconnect->setEnabled(bConnected); - - m_pMaintenanceItems->setEnabled(!bConnected); - - bool DrvInstalled = CSbieUtils::IsInstalled(CSbieUtils::eDriver); - bool DrvLoaded = CSbieUtils::IsRunning(CSbieUtils::eDriver); - m_pInstallDrv->setEnabled(!DrvInstalled); - m_pStartDrv->setEnabled(!DrvLoaded); - m_pStopDrv->setEnabled(DrvLoaded); - m_pUninstallDrv->setEnabled(DrvInstalled); - - bool SvcInstalled = CSbieUtils::IsInstalled(CSbieUtils::eService); - bool SvcStarted = CSbieUtils::IsRunning(CSbieUtils::eService); - m_pInstallSvc->setEnabled(!SvcInstalled); - m_pStartSvc->setEnabled(!SvcStarted && DrvInstalled); - m_pStopSvc->setEnabled(SvcStarted); - m_pUninstallSvc->setEnabled(SvcInstalled); - - //m_pMenuStopAll - always enabled - } -} - -#define HK_PANIC 1 - -void CSandMan::SetupHotKeys() -{ - m_pHotkeyManager->unregisterAllHotkeys(); - - if (theConf->GetBool("Options/EnablePanicKey", false)) - m_pHotkeyManager->registerHotkey(theConf->GetString("Options/PanicKeySequence", "Ctrl+Alt+Cancel"), HK_PANIC); -} - -void CSandMan::OnHotKey(size_t id) -{ - switch (id) - { - case HK_PANIC: - theAPI->TerminateAll(); - break; - } -} - -void CSandMan::OnLogMessage(const QString& Message, bool bNotify) -{ - QTreeWidgetItem* pItem = new QTreeWidgetItem(); // Time|Message - pItem->setText(0, QDateTime::currentDateTime().toString("hh:mm:ss.zzz")); - pItem->setText(1, Message); - m_pMessageLog->GetTree()->addTopLevelItem(pItem); - - m_pMessageLog->GetView()->verticalScrollBar()->setValue(m_pMessageLog->GetView()->verticalScrollBar()->maximum()); - - if (bNotify) { - statusBar()->showMessage(Message); - m_pTrayIcon->showMessage("Sandboxie-Plus", Message); - } -} - -void CSandMan::OnLogSbieMessage(quint32 MsgCode, const QStringList& MsgData, quint32 ProcessId) -{ - if ((MsgCode & 0xFFFF) == 2198) // file migration progress - { - m_pPopUpWindow->ShowProgress(MsgCode, MsgData, ProcessId); - return; - } - - if ((MsgCode & 0xFFFF) == 1411) // removed/missing template - { - if(MsgData.size() >= 3 && !m_MissingTemplates.contains(MsgData[2])) - m_MissingTemplates.append(MsgData[2]); - } - - QString Message = MsgCode != 0 ? theAPI->GetSbieMsgStr(MsgCode, m_LanguageId) : (MsgData.size() > 0 ? MsgData[0] : QString()); - - for (int i = 1; i < MsgData.size(); i++) - Message = Message.arg(MsgData[i]); - - if (ProcessId != 4) // if it's not from the driver, add the pid - { - CBoxedProcessPtr pProcess = theAPI->GetProcessById(ProcessId); - if(pProcess.isNull()) - Message.prepend(tr("PID %1: ").arg(ProcessId)); - else - Message.prepend(tr("%1 (%2): ").arg(pProcess->GetProcessName()).arg(ProcessId)); - } - - OnLogMessage(Message); - - if(MsgCode != 0 && theConf->GetBool("Options/ShowNotifications", true)) - m_pPopUpWindow->AddLogMessage(Message, MsgCode, MsgData, ProcessId); -} - -void CSandMan::OnQueuedRequest(quint32 ClientPid, quint32 ClientTid, quint32 RequestId, const QVariantMap& Data) -{ - m_pPopUpWindow->AddUserPrompt(RequestId, Data, ClientPid); -} - -void CSandMan::OnFileToRecover(const QString& BoxName, const QString& FilePath, const QString& BoxPath, quint32 ProcessId) -{ - CSandBoxPtr pBox = theAPI->GetBoxByName(BoxName); - if (!pBox.isNull() && pBox.objectCast()->IsRecoverySuspended()) - return; - - if (theConf->GetBool("Options/InstantRecovery", true)) - { - CRecoveryWindow* pWnd = ShowRecovery(pBox, false); - - if (!theConf->GetBool("Options/AlwaysOnTop", false)) { - SetWindowPos((HWND)pWnd->winId(), HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOACTIVATE); - QTimer::singleShot(100, this, [pWnd]() { - SetWindowPos((HWND)pWnd->winId(), HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOACTIVATE); - }); - } - - pWnd->AddFile(FilePath, BoxPath); - } - else - m_pPopUpWindow->AddFileToRecover(FilePath, BoxPath, pBox, ProcessId); -} - -bool CSandMan::OpenRecovery(const CSandBoxPtr& pBox, bool bCloseEmpty) -{ - auto pBoxEx = pBox.objectCast(); - if (pBoxEx->m_pRecoveryWnd != NULL) { - pBoxEx->m_pRecoveryWnd->close(); - // todo: resuse window? - } - - CRecoveryWindow* pRecoveryWindow = new CRecoveryWindow(pBox, this); - if (pRecoveryWindow->FindFiles() == 0 && bCloseEmpty) { - delete pRecoveryWindow; - } - else if (pRecoveryWindow->exec() != 1) - return false; - return true; -} - -CRecoveryWindow* CSandMan::ShowRecovery(const CSandBoxPtr& pBox, bool bFind) -{ - auto pBoxEx = pBox.objectCast(); - if (pBoxEx->m_pRecoveryWnd == NULL) { - pBoxEx->m_pRecoveryWnd = new CRecoveryWindow(pBox); - connect(pBoxEx->m_pRecoveryWnd, &CRecoveryWindow::Closed, [pBoxEx]() { - pBoxEx->m_pRecoveryWnd = NULL; - }); - pBoxEx->m_pRecoveryWnd->show(); - } - else { - pBoxEx->m_pRecoveryWnd->setWindowState((pBoxEx->m_pRecoveryWnd->windowState() & ~Qt::WindowMinimized) | Qt::WindowActive); - SetForegroundWindow((HWND)pBoxEx->m_pRecoveryWnd->winId()); - } - if(bFind) - pBoxEx->m_pRecoveryWnd->FindFiles(); - return pBoxEx->m_pRecoveryWnd; -} - -SB_PROGRESS CSandMan::RecoverFiles(const QList>& FileList, int Action) -{ - CSbieProgressPtr pProgress = CSbieProgressPtr(new CSbieProgress()); - QtConcurrent::run(CSandMan::RecoverFilesAsync, pProgress, FileList, Action); - return SB_PROGRESS(OP_ASYNC, pProgress); -} - -void CSandMan::RecoverFilesAsync(const CSbieProgressPtr& pProgress, const QList>& FileList, int Action) -{ - SB_STATUS Status = SB_OK; - - int OverwriteOnExist = -1; - - QStringList Unrecovered; - for (QList>::const_iterator I = FileList.begin(); I != FileList.end(); ++I) - { - QString BoxPath = I->first; - QString RecoveryPath = I->second; - QString FileName = BoxPath.mid(BoxPath.lastIndexOf("\\") + 1); - QString RecoveryFolder = RecoveryPath.left(RecoveryPath.lastIndexOf("\\") + 1); - - pProgress->ShowMessage(tr("Recovering file %1 to %2").arg(FileName).arg(RecoveryFolder)); - - QDir().mkpath(RecoveryFolder); - if (QFile::exists(RecoveryPath)) - { - int Overwrite = OverwriteOnExist; - if (Overwrite == -1) - { - bool forAll = false; - int retVal = 0; - QMetaObject::invokeMethod(theGUI, "ShowQuestion", Qt::BlockingQueuedConnection, // show this question using the GUI thread - Q_RETURN_ARG(int, retVal), - Q_ARG(QString, tr("The file %1 already exists, do you want to overwrite it?").arg(RecoveryPath)), - Q_ARG(QString, tr("Do this for all files!")), - Q_ARG(bool*, &forAll), - Q_ARG(int, QDialogButtonBox::Yes | QDialogButtonBox::No), - Q_ARG(int, QDialogButtonBox::No) - ); - - Overwrite = retVal == QDialogButtonBox::Yes ? 1 : 0; - if (forAll) - OverwriteOnExist = Overwrite; - } - if (Overwrite == 1) - QFile::remove(RecoveryPath); - } - - if (!QFile::rename(BoxPath, RecoveryPath)) - Unrecovered.append(BoxPath); - } - - if (!Unrecovered.isEmpty()) - Status = SB_ERR(SB_Message, QVariantList () << (tr("Failed to recover some files: \n") + Unrecovered.join("\n"))); - else if(FileList.count() == 1 && Action != 0) - { - std::wstring path = FileList.first().second.toStdWString(); - switch (Action) - { - case 1: // open - ShellExecute(NULL, NULL, path.c_str(), NULL, NULL, SW_SHOWNORMAL); - break; - case 2: // explore - ShellExecute(NULL, NULL, L"explorer.exe", (L"/select,\"" + path + L"\"").c_str(), NULL, SW_SHOWNORMAL); - break; - } - } - - - pProgress->Finish(Status); -} - -int CSandMan::ShowQuestion(const QString& question, const QString& checkBoxText, bool* checkBoxSetting, int buttons, int defaultButton) -{ - return CCheckableMessageBox::question(this, "Sandboxie-Plus", question, checkBoxText, checkBoxSetting, (QDialogButtonBox::StandardButtons)buttons, (QDialogButtonBox::StandardButton)defaultButton, QMessageBox::Question); -} - -void CSandMan::OnNotAuthorized(bool bLoginRequired, bool& bRetry) -{ - if (!bLoginRequired) - { - QMessageBox::warning(this, "Sandboxie-Plus", tr("Only Administrators can change the config.")); - return; - } - - static bool LoginOpen = false; - if (LoginOpen) - return; - LoginOpen = true; - for (;;) - { - QString Value = QInputDialog::getText(this, "Sandboxie-Plus", tr("Please enter the configuration password."), QLineEdit::Password); - if (Value.isEmpty()) - break; - SB_STATUS Status = theAPI->UnlockConfig(Value); - if (!Status.IsError()) { - bRetry = true; - break; - } - QMessageBox::warning(this, "Sandboxie-Plus", tr("Login Failed: %1").arg(FormatError(Status))); - } - LoginOpen = false; -} - -void CSandMan::OnBoxMenu(const QPoint & point) -{ - QTreeWidgetItem* pItem = m_pTrayBoxes->currentItem(); - if (!pItem) - return; - - m_pBoxView->PopUpMenu(pItem->data(0, Qt::UserRole).toString()); - - //m_pBoxMenu->popup(QCursor::pos()); -} - -void CSandMan::OnBoxDblClick(QTreeWidgetItem* pItem) -{ - m_pBoxView->ShowOptions(pItem->data(0, Qt::UserRole).toString()); -} - -void CSandMan::OnNewBox() -{ - m_pBoxView->AddNewBox(); -} - -void CSandMan::OnNewGroupe() -{ - m_pBoxView->AddNewGroup(); -} - -void CSandMan::OnEmptyAll() -{ - if (theConf->GetInt("Options/WarnTerminateAll", -1) == -1) - { - bool State = false; - if(CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Do you want to terminate all processes in all sandboxes?") - , tr("Terminate all without asking"), &State, QDialogButtonBox::Yes | QDialogButtonBox::No, QDialogButtonBox::Yes, QMessageBox::Information) != QDialogButtonBox::Yes) - return; - - if (State) - theConf->SetValue("Options/WarnTerminateAll", 1); - } - - theAPI->TerminateAll(); -} - -void CSandMan::OnDisableForce() -{ - bool Status = m_pDisableForce->isChecked(); - int Seconds = 0; - if (Status) - { - int LastValue = theAPI->GetGlobalSettings()->GetNum("ForceDisableSeconds", 60); - - bool bOK = false; - Seconds = QInputDialog::getInt(this, "Sandboxie-Plus", tr("Please enter the duration for disabling forced programs."), LastValue, 0, INT_MAX, 1, &bOK); - if (!bOK) - return; - } - theAPI->DisableForceProcess(Status, Seconds); -} - -void CSandMan::OnDisableForce2() -{ - bool Status = m_pDisableForce2->isChecked(); - theAPI->DisableForceProcess(Status); -} - -SB_STATUS CSandMan::ConnectSbie() -{ - SB_STATUS Status; - bool bJustStarted = false; - if (!CSbieUtils::IsRunning(CSbieUtils::eAll)) - { - if (!CSbieUtils::IsInstalled(CSbieUtils::eAll)) - { - int PortableStart = theConf->GetInt("Options/PortableStart", -1); - if (PortableStart == -1) - { - bool State = false; - PortableStart = CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Sandboxie-Plus was started in portable mode and it needs to create necessary services. This will prompt for administrative privileges.") - , tr("Don't show this message again."), &State, QDialogButtonBox::Ok | QDialogButtonBox::Cancel, QDialogButtonBox::Ok, QMessageBox::Information) == QDialogButtonBox::Ok ? 1 : 0; - - if (State) - theConf->SetValue("Options/PortableStart", PortableStart); - } - - if(!PortableStart) - return SB_OK; - } - - bJustStarted = true; - Status = CSbieUtils::Start(CSbieUtils::eAll); - } - - if (Status.GetStatus() == OP_ASYNC) { - m_bConnectPending = true; - return SB_OK; - } - if (Status.IsError()) - return Status; - if (bJustStarted) { - QTimer::singleShot(1000, [this]() { - SB_STATUS Status = this->ConnectSbieImpl(); - CheckResults(QList() << Status); - }); - return SB_OK; - } - - return ConnectSbieImpl(); -} - -SB_STATUS CSandMan::ConnectSbieImpl() -{ - SB_STATUS Status = theAPI->Connect(theConf->GetBool("Options/UseInteractiveQueue", true)); - - if (Status.GetStatus() == 0xC0000038L /*STATUS_DEVICE_ALREADY_ATTACHED*/) { - OnLogMessage(tr("CAUTION: Another agent (probably SbieCtrl.exe) is already managing this Sandboxie session, please close it first and reconnect to take over.")); - return SB_OK; - } - - return Status; -} - -SB_STATUS CSandMan::DisconnectSbie() -{ - return theAPI->Disconnect(); -} - -SB_STATUS CSandMan::StopSbie(bool andRemove) -{ - SB_STATUS Status; - - if (theAPI->IsConnected()) { - Status = theAPI->TerminateAll(); - theAPI->Disconnect(); - } - if (!Status.IsError()) { - if(andRemove) - Status = CSbieUtils::Uninstall(CSbieUtils::eAll); // it stops it first of course - else - Status = CSbieUtils::Stop(CSbieUtils::eAll); - if (Status.GetStatus() == OP_ASYNC) - m_bStopPending = true; - } - - return Status; -} - -void CSandMan::OnMaintenance() -{ - SB_STATUS Status; - if (sender() == m_pConnect) - Status = ConnectSbie(); - else if (sender() == m_pDisconnect) - Status = DisconnectSbie(); - else if (sender() == m_pStopAll) - Status = StopSbie(); - - // advanced - else if (sender() == m_pInstallDrv) - Status = CSbieUtils::Install(CSbieUtils::eDriver); - else if (sender() == m_pStartDrv) - Status = CSbieUtils::Start(CSbieUtils::eDriver); - else if (sender() == m_pStopDrv) - Status = CSbieUtils::Stop(CSbieUtils::eDriver); - else if (sender() == m_pUninstallDrv) - Status = CSbieUtils::Uninstall(CSbieUtils::eDriver); - - else if (sender() == m_pInstallSvc) - Status = CSbieUtils::Install(CSbieUtils::eService); - else if(sender() == m_pStartSvc) - Status = CSbieUtils::Start(CSbieUtils::eService); - else if(sender() == m_pStopSvc) - Status = CSbieUtils::Stop(CSbieUtils::eService); - else if (sender() == m_pUninstallSvc) - Status = CSbieUtils::Uninstall(CSbieUtils::eService); - - if (Status.GetStatus() == OP_ASYNC) { - //statusBar()->showMessage(tr("Executing maintenance operation, please wait...")); - m_pProgressDialog->OnStatusMessage(tr("Executing maintenance operation, please wait...")); - m_pProgressDialog->show(); - return; - } - - CheckResults(QList() << Status); -} - -void CSandMan::OnViewMode(QAction* pAction) -{ - bool bAdvanced = pAction->data().toBool(); - theConf->SetValue("Options/AdvancedView", bAdvanced); - SetViewMode(bAdvanced); -} - -void CSandMan::OnAlwaysTop() -{ - bool bAlwaysOnTop = m_pWndTopMost->isChecked(); - theConf->SetValue("Options/AlwaysOnTop", bAlwaysOnTop); - this->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); - this->show(); // why is this needed? - m_pPopUpWindow->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); -} - -void CSandMan::SetViewMode(bool bAdvanced) -{ - if (bAdvanced) - { - for (int i = m_iMenuViewPos; i < m_pMenuView->actions().count(); i++) - m_pMenuView->actions().at(i)->setVisible(true); - - if (m_pMenuHelp->actions().first() != m_pSupport) { - m_pMenuHelp->insertAction(m_pMenuHelp->actions().first(), m_pSupport); - menuBar()->removeAction(m_pSupport); - } - - m_pToolBar->show(); - m_pLogTabs->show(); - if (theConf->GetBool("Options/NoStatusBar", false)) - statusBar()->hide(); - else { - statusBar()->show(); - //if (theConf->GetBool("Options/NoSizeGrip", false)) - // statusBar()->setSizeGripEnabled(false); - } - } - else - { - for (int i = m_iMenuViewPos; i < m_pMenuView->actions().count(); i++) - m_pMenuView->actions().at(i)->setVisible(false); - - m_pMenuHelp->removeAction(m_pSupport); - menuBar()->addAction(m_pSupport); - - m_pToolBar->hide(); - m_pLogTabs->hide(); - statusBar()->hide(); - } -} - -void CSandMan::OnCleanUp() -{ - if (sender() == m_pCleanUpMsgLog || sender() == m_pCleanUpButton) - m_pMessageLog->GetTree()->clear(); - - if (sender() == m_pCleanUpTrace || sender() == m_pCleanUpButton) - m_pTraceView->Clear(); - - if (sender() == m_pCleanUpProcesses || sender() == m_pCleanUpButton) - theAPI->UpdateProcesses(false, m_pShowAllSessions->isChecked()); -} - -void CSandMan::OnProcView() -{ - theConf->SetValue("Options/KeepTerminated", m_pKeepTerminated->isChecked()); - theConf->SetValue("Options/ShowAllSessions", m_pShowAllSessions->isChecked()); -} - -void CSandMan::OnSettings() -{ - static CSettingsWindow* pSettingsWindow = NULL; - if (pSettingsWindow == NULL) - { - pSettingsWindow = new CSettingsWindow(); - connect(pSettingsWindow, SIGNAL(OptionsChanged()), this, SLOT(UpdateSettings())); - connect(pSettingsWindow, &CSettingsWindow::Closed, [this]() { - pSettingsWindow = NULL; - }); - pSettingsWindow->show(); - } -} - -void CSandMan::UpdateSettings() -{ - SetUITheme(); - - //m_pBoxView->UpdateRunMenu(); - - SetupHotKeys(); - - if (theConf->GetInt("Options/SysTrayIcon", 1)) - m_pTrayIcon->show(); - else - m_pTrayIcon->hide(); -} - -void CSandMan::OnResetMsgs() -{ - auto Ret = QMessageBox("Sandboxie-Plus", tr("Do you also want to reset hidden message boxes (yes), or only all log messages (no)?"), - QMessageBox::Question, QMessageBox::Yes | QMessageBox::Default, QMessageBox::No, QMessageBox::Cancel | QMessageBox::Escape, this).exec(); - if (Ret == QMessageBox::Cancel) - return; - - if (Ret == QMessageBox::Yes) - { - theConf->SetValue("Options/PortableStop", -1); - theConf->SetValue("Options/PortableStart", -1); - theConf->SetValue("Options/PortableRootDir", -1); - - theConf->SetValue("Options/CheckForUpdates", 2); - - theConf->SetValue("Options/NoEditInfo", true); - - theConf->SetValue("Options/BoxedExplorerInfo", true); - theConf->SetValue("Options/ExplorerInfo", true); - - theConf->SetValue("Options/OpenUrlsSandboxed", 2); - - theConf->SetValue("Options/AutoCleanupTemplates", -1); - theConf->SetValue("Options/WarnTerminateAll", -1); - theConf->SetValue("Options/WarnTerminate", -1); - } - - theAPI->GetUserSettings()->UpdateTextList("SbieCtrl_HideMessage", QStringList(), true); - m_pPopUpWindow->ReloadHiddenMessages(); -} - -void CSandMan::OnEditIni() -{ - if (theConf->GetBool("Options/NoEditInfo", true)) - { - bool State = false; - CCheckableMessageBox::question(this, "Sandboxie-Plus", - theConf->GetBool("Options/WatchIni", true) - ? tr("The changes will be applied automatically whenever the file gets saved.") - : tr("The changes will be applied automatically as soon as the editor is closed.") - , tr("Don't show this message again."), &State, QDialogButtonBox::Ok, QDialogButtonBox::Ok, QMessageBox::Information); - - if (State) - theConf->SetValue("Options/NoEditInfo", false); - } - - wstring IniPath = theAPI->GetIniPath().toStdWString(); - - SHELLEXECUTEINFO si = { 0 }; - si.cbSize = sizeof(SHELLEXECUTEINFO); - si.fMask = SEE_MASK_NOCLOSEPROCESS; - si.hwnd = NULL; - si.lpVerb = L"runas"; - si.lpFile = L"notepad.exe"; - si.lpParameters = IniPath.c_str(); - si.lpDirectory = NULL; - si.nShow = SW_SHOW; - si.hInstApp = NULL; - ShellExecuteEx(&si); - //WaitForSingleObject(si.hProcess, INFINITE); - //CloseHandle(si.hProcess); - - if (theConf->GetBool("Options/WatchIni", true)) - return; // if the ini is watched don't double reload - - QWinEventNotifier* processFinishedNotifier = new QWinEventNotifier(si.hProcess); - processFinishedNotifier->setEnabled(true); - connect(processFinishedNotifier, &QWinEventNotifier::activated, this, [processFinishedNotifier, this, si]() { - processFinishedNotifier->setEnabled(false); - processFinishedNotifier->deleteLater(); - this->OnReloadIni(); - CloseHandle(si.hProcess); - }); -} - -void CSandMan::OnReloadIni() -{ - theAPI->ReloadConfig(); -} - -void CSandMan::OnIniReloaded() -{ - m_pBoxView->ReloadGroups(); - m_pPopUpWindow->ReloadHiddenMessages(); -} - -void CSandMan::OnSetMonitoring() -{ - theAPI->EnableMonitor(m_pEnableMonitoring->isChecked()); - - if(m_pEnableMonitoring->isChecked() && !m_pToolBar->isVisible()) - m_pLogTabs->show(); - - //m_pTraceView->setEnabled(m_pEnableMonitoring->isChecked()); -} - -bool CSandMan::AddAsyncOp(const CSbieProgressPtr& pProgress, bool bWait) -{ - m_pAsyncProgress.insert(pProgress.data(), pProgress); - connect(pProgress.data(), SIGNAL(Message(const QString&)), this, SLOT(OnAsyncMessage(const QString&))); - connect(pProgress.data(), SIGNAL(Progress(int)), this, SLOT(OnAsyncProgress(int))); - connect(pProgress.data(), SIGNAL(Finished()), this, SLOT(OnAsyncFinished())); - - m_pProgressDialog->OnStatusMessage(""); - if (bWait) { - m_pProgressModal = true; - m_pProgressDialog->exec(); - m_pProgressModal = false; - } - else - m_pProgressDialog->show(); - - if (pProgress->IsFinished()) // Note: since the operation runs asynchronously, it may have already finished, so we need to test for that - OnAsyncFinished(pProgress.data()); - - return !pProgress->IsCanceled(); -} - -void CSandMan::OnAsyncFinished() -{ - OnAsyncFinished(qobject_cast(sender())); -} - -void CSandMan::OnAsyncFinished(CSbieProgress* pSender) -{ - CSbieProgressPtr pProgress = m_pAsyncProgress.take(pSender); - if (pProgress.isNull()) - return; - disconnect(pProgress.data() , SIGNAL(Finished()), this, SLOT(OnAsyncFinished())); - - SB_STATUS Status = pProgress->GetStatus(); - if(Status.IsError()) - CSandMan::CheckResults(QList() << Status); - - if (m_pAsyncProgress.isEmpty()) { - if(m_pProgressModal) - m_pProgressDialog->close(); - else - m_pProgressDialog->hide(); - } -} - -void CSandMan::OnAsyncMessage(const QString& Text) -{ - m_pProgressDialog->OnStatusMessage(Text); -} - -void CSandMan::OnAsyncProgress(int Progress) -{ - m_pProgressDialog->OnProgressMessage("", Progress); -} - -void CSandMan::OnCancelAsync() -{ - foreach(const CSbieProgressPtr& pProgress, m_pAsyncProgress) - pProgress->Cancel(); -} - -QString CSandMan::FormatError(const SB_STATUS& Error) -{ - //QString Text = Error.GetText(); - //if (!Text.isEmpty()) - // return Text; - - QString Message; - switch (Error.GetMsgCode()) - { - case SB_Generic: return tr("Error Status: 0x%1 (%2)").arg((quint32)Error.GetStatus(), 8, 16, QChar('0')).arg( - (Error.GetArgs().isEmpty() || Error.GetArgs().first().toString().isEmpty()) ? tr("Unknown") : Error.GetArgs().first().toString().trimmed()); - case SB_Message: Message = "%1"; break; - case SB_NeedAdmin: Message = tr("Administrator rights are required for this operation."); break; - case SB_ExecFail: Message = tr("Failed to execute: %1"); break; - case SB_DriverFail: Message = tr("Failed to connect to the driver"); break; - case SB_ServiceFail: Message = tr("Failed to communicate with Sandboxie Service: %1"); break; - case SB_Incompatible: Message = tr("An incompatible Sandboxie %1 was found. Compatible versions: %2"); break; - case SB_PathFail: Message = tr("Can't find Sandboxie installation path."); break; - case SB_FailedCopyConf: Message = tr("Failed to copy configuration from sandbox %1: %2"); break; - case SB_AlreadyExists: Message = tr("A sandbox of the name %1 already exists"); break; - case SB_DeleteFailed: Message = tr("Failed to delete sandbox %1: %2"); break; - case SB_NameLenLimit: Message = tr("The sandbox name can not be longer than 32 characters."); break; - case SB_BadNameDev: Message = tr("The sandbox name can not be a device name."); break; - case SB_BadNameChar: Message = tr("The sandbox name can contain only letters, digits and underscores which are displayed as spaces."); break; - case SB_FailedKillAll: Message = tr("Failed to terminate all processes"); break; - case SB_DeleteProtect: Message = tr("Delete protection is enabled for the sandbox"); break; - case SB_DeleteError: Message = tr("Error deleting sandbox folder: %1"); break; - //case SB_RemNotEmpty: Message = tr("A sandbox must be emptied before it can be renamed."); break; - //case SB_DelNotEmpty: Message = tr("A sandbox must be emptied before it can be deleted."); break; - case SB_FailedMoveDir: Message = tr("Failed to move directory '%1' to '%2'"); break; - case SB_SnapIsRunning: Message = tr("This Snapshot operation can not be performed while processes are still running in the box."); break; - case SB_SnapMkDirFail: Message = tr("Failed to create directory for new snapshot"); break; - case SB_SnapCopyRegFail:Message = tr("Failed to copy RegHive"); break; - case SB_SnapNotFound: Message = tr("Snapshot not found"); break; - case SB_SnapMergeFail: Message = tr("Error merging snapshot directories '%1' with '%2', the snapshot has not been fully merged."); break; - case SB_SnapRmDirFail: Message = tr("Failed to remove old snapshot directory '%1'"); break; - case SB_SnapIsShared: Message = tr("Can't remove a snapshot that is shared by multiple later snapshots"); break; - case SB_SnapDelRegFail: Message = tr("Failed to remove old RegHive"); break; - case SB_NotAuthorized: Message = tr("You are not authorized to update configuration in section '%1'"); break; - case SB_ConfigFailed: Message = tr("Failed to set configuration setting %1 in section %2: %3"); break; - case SB_SnapIsEmpty: Message = tr("Can not create snapshot of an empty sandbox"); break; - case SB_NameExists: Message = tr("A sandbox with that name already exists"); break; - case SB_PasswordBad: Message = tr("The config password must not be longer than 64 characters"); break; - default: return tr("Unknown Error Status: 0x%1").arg((quint32)Error.GetStatus(), 8, 16, QChar('0')); - } - - foreach(const QVariant& Arg, Error.GetArgs()) - Message = Message.arg(Arg.toString()); // todo: make quint32 hex and so on - - return Message; -} - -void CSandMan::CheckResults(QList Results) -{ - QStringList Errors; - for (QList::iterator I = Results.begin(); I != Results.end(); ++I) { - if (I->IsError() && I->GetStatus() != OP_CANCELED) - Errors.append(FormatError(*I)); - } - - if (Errors.count() == 1) - QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), Errors.first()); - else if (Errors.count() > 1) { - CMultiErrorDialog Dialog(tr("Operation failed for %1 item(s).").arg(Errors.size()), Errors); - Dialog.exec(); - } -} - -void CSandMan::OnShowHide() -{ - if (isVisible()) { - StoreState(); - hide(); - } else - show(); -} - -void CSandMan::OnSysTray(QSystemTrayIcon::ActivationReason Reason) -{ - static bool TriggerSet = false; - static bool NullifyTrigger = false; - switch(Reason) - { - case QSystemTrayIcon::Context: - { - QMap Boxes = theAPI->GetAllBoxes(); - - bool bAdded = false; - - QMap OldBoxes; - for(int i = 0; i < m_pTrayBoxes->topLevelItemCount(); ++i) - { - QTreeWidgetItem* pItem = m_pTrayBoxes->topLevelItem(i); - QString Name = pItem->data(0, Qt::UserRole).toString(); - OldBoxes.insert(Name,pItem); - } - - foreach(const CSandBoxPtr & pBox, Boxes) - { - if (!pBox->IsEnabled()) - continue; - - CSandBoxPlus* pBoxEx = qobject_cast(pBox.data()); - - QTreeWidgetItem* pItem = OldBoxes.take(pBox->GetName()); - if(!pItem) - { - pItem = new QTreeWidgetItem(); - pItem->setData(0, Qt::UserRole, pBox->GetName()); - pItem->setText(0, " " + pBox->GetName().replace("_", " ")); - m_pTrayBoxes->addTopLevelItem(pItem); - - bAdded = true; - } - - pItem->setData(0, Qt::DecorationRole, theGUI->GetBoxIcon(pBox->GetActiveProcessCount() != 0, pBoxEx->GetType())); - } - - foreach(QTreeWidgetItem* pItem, OldBoxes) - delete pItem; - - if (!OldBoxes.isEmpty() || bAdded) - { - auto palette = m_pTrayBoxes->palette(); - palette.setColor(QPalette::Base, m_pTrayMenu->palette().color(QPalette::Window)); - m_pTrayBoxes->setPalette(palette); - m_pTrayBoxes->setFrameShape(QFrame::NoFrame); - - //const int FrameWidth = m_pTrayBoxes->style()->pixelMetric(QStyle::PM_DefaultFrameWidth); - int Height = 0; //m_pTrayBoxes->header()->height() + (2 * FrameWidth); - - for (QTreeWidgetItemIterator AllIterator(m_pTrayBoxes, QTreeWidgetItemIterator::All); *AllIterator; ++AllIterator) - Height += m_pTrayBoxes->visualItemRect(*AllIterator).height(); - - QRect scrRect = this->screen()->availableGeometry(); - int MaxHeight = scrRect.height() / 2; - if (Height > MaxHeight) { - Height = MaxHeight; - if (Height < 64) - Height = 64; - } - - m_pTrayBoxes->setFixedHeight(Height); - - m_pTrayMenu->removeAction(m_pTrayList); - m_pTrayMenu->insertAction(m_pTraySeparator, m_pTrayList); - } - - m_pTrayMenu->popup(QCursor::pos()); - break; - } - case QSystemTrayIcon::DoubleClick: - if (isVisible()) - { - if(TriggerSet) - NullifyTrigger = true; - - StoreState(); - hide(); - - if (theAPI->GetGlobalSettings()->GetBool("ForgetPassword", false)) - theAPI->ClearPassword(); - - break; - } - show(); - case QSystemTrayIcon::Trigger: - if (isVisible() && !TriggerSet) - { - TriggerSet = true; - QTimer::singleShot(100, [this]() { - TriggerSet = false; - if (NullifyTrigger) { - NullifyTrigger = false; - return; - } - this->setWindowState((this->windowState() & ~Qt::WindowMinimized) | Qt::WindowActive); - SetForegroundWindow(MainWndHandle); - } ); - } - m_pPopUpWindow->Poke(); - break; - } -} - -void CSandMan::OpenUrl(const QUrl& url) -{ - if (url.scheme() == "sbie") - return OpenUrl("https://sandboxie-plus.com/sandboxie" + url.path()); - - int iSandboxed = theConf->GetInt("Options/OpenUrlsSandboxed", 2); - - if (iSandboxed == 2) - { - bool bCheck = false; - QString Message = tr("Do you want to open %1 in a sandboxed (yes) or unsandboxed (no) Web browser?").arg(url.toString()); - QDialogButtonBox::StandardButton Ret = CCheckableMessageBox::question(this, "Sandboxie-Plus", Message , tr("Remember choice for later."), - &bCheck, QDialogButtonBox::Yes | QDialogButtonBox::No | QDialogButtonBox::Cancel, QDialogButtonBox::Yes, QMessageBox::Question); - if (Ret == QDialogButtonBox::Cancel) return; - iSandboxed = Ret == QDialogButtonBox::Yes ? 1 : 0; - if(bCheck) theConf->SetValue("Options/OpenUrlsSandboxed", iSandboxed); - } - - if (iSandboxed) RunSandboxed(QStringList(url.toString()), "DefaultBox"); - else ShellExecute(MainWndHandle, NULL, url.toString().toStdWString().c_str(), NULL, NULL, SW_SHOWNORMAL); -} - -QString CSandMan::GetVersion() -{ - QString Version = QString::number(VERSION_MJR) + "." + QString::number(VERSION_MIN) //.rightJustified(2, '0') -#if VERSION_REV > 0 || VERSION_MJR == 0 - + "." + QString::number(VERSION_REV) -#endif -#if VERSION_UPD > 0 - + QString('a' + VERSION_UPD - 1) -#endif - ; - return Version; -} - -void CSandMan::CheckForUpdates(bool bManual) -{ - if (!m_pUpdateProgress.isNull()) - return; - - m_pUpdateProgress = CSbieProgressPtr(new CSbieProgress()); - AddAsyncOp(m_pUpdateProgress); - m_pUpdateProgress->ShowMessage(tr("Checking for updates...")); - - if (m_RequestManager == NULL) - m_RequestManager = new CNetworkAccessManager(30 * 1000, this); - - - QUrlQuery Query; - Query.addQueryItem("software", "sandboxie-plus"); - //QString Branche = theConf->GetString("Options/ReleaseBranche"); - //if (!Branche.isEmpty()) - // Query.addQueryItem("branche", Branche); - //Query.addQueryItem("version", GetVersion()); - Query.addQueryItem("version", QString::number(VERSION_MJR) + "." + QString::number(VERSION_MIN) + "." + QString::number(VERSION_REV) + "." + QString::number(VERSION_UPD)); - Query.addQueryItem("system", "windows-" + QSysInfo::kernelVersion() + "-" + QSysInfo::currentCpuArchitecture()); - Query.addQueryItem("language", QString::number(m_LanguageId)); - QString UpdateKey = theAPI->GetGlobalSettings()->GetText("UpdateKey"); // theConf->GetString("Options/UpdateKey"); - if (!UpdateKey.isEmpty()) - Query.addQueryItem("update_key", UpdateKey); - Query.addQueryItem("auto", bManual ? "0" : "1"); - - QUrl Url("https://sandboxie-plus.com/update.php"); - Url.setQuery(Query); - - QNetworkRequest Request = QNetworkRequest(Url); - Request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true); - //Request.setRawHeader("Accept-Encoding", "gzip"); - QNetworkReply* pReply = m_RequestManager->get(Request); - pReply->setProperty("manual", bManual); - connect(pReply, SIGNAL(finished()), this, SLOT(OnUpdateCheck())); -} - -void CSandMan::OnUpdateCheck() -{ - if (m_pUpdateProgress.isNull()) - return; - - QNetworkReply* pReply = qobject_cast(sender()); - QByteArray Reply = pReply->readAll(); - bool bManual = pReply->property("manual").toBool(); - pReply->deleteLater(); - - m_pUpdateProgress->Finish(SB_OK); - m_pUpdateProgress.clear(); - - QVariantMap Data = QJsonDocument::fromJson(Reply).toVariant().toMap(); - if (Data.isEmpty() || Data["error"].toBool()) - { - QString Error = Data.isEmpty() ? tr("server not reachable") : Data["errorMsg"].toString(); - OnLogMessage(tr("Failed to check for updates, error: %1").arg(Error), !bManual); - if (bManual) - QMessageBox::critical(this, "Sandboxie-Plus", tr("Failed to check for updates, error: %1").arg(Error)); - return; - } - - bool bNothing = true; - - QStringList IgnoredUpdates = theConf->GetStringList("Options/IgnoredUpdates"); - - QString UserMsg = Data["userMsg"].toString(); - if (!UserMsg.isEmpty()) - { - QString MsgHash = QCryptographicHash::hash(Data["userMsg"].toByteArray(), QCryptographicHash::Md5).toHex().left(8); - if (!IgnoredUpdates.contains(MsgHash)) - { - QString FullMessage = UserMsg; - QString InfoUrl = Data["infoUrl"].toString(); - if (!InfoUrl.isEmpty()) - FullMessage += tr("

Do you want to go to the info page?

").arg(InfoUrl); - - CCheckableMessageBox mb(this); - mb.setWindowTitle("Sandboxie-Plus"); - QIcon ico(QLatin1String(":/SandMan.png")); - mb.setIconPixmap(ico.pixmap(64, 64)); - //mb.setTextFormat(Qt::RichText); - mb.setText(UserMsg); - mb.setCheckBoxText(tr("Don't show this announcement in the future.")); - - if (!InfoUrl.isEmpty()) { - mb.setStandardButtons(QDialogButtonBox::Yes | QDialogButtonBox::No); - mb.setDefaultButton(QDialogButtonBox::Yes); - } - else - mb.setStandardButtons(QDialogButtonBox::Ok); - - mb.exec(); - - if (mb.isChecked()) - theConf->SetValue("Options/IgnoredUpdates", IgnoredUpdates << MsgHash); - - if (mb.clickedStandardButton() == QDialogButtonBox::Yes) - { - QDesktopServices::openUrl(InfoUrl); - } - - bNothing = false; - } - } - - QString VersionStr = Data["version"].toString(); - if (!VersionStr.isEmpty()) //&& VersionStr != GetVersion()) - { - UCHAR myVersion[4] = { VERSION_UPD, VERSION_REV, VERSION_MIN, VERSION_MJR }; // ntohl - ULONG MyVersion = *(ULONG*)&myVersion; - - ULONG Version = 0; - QStringList Nums = VersionStr.split("."); - for (int i = 0, Bits = 24; i < Nums.count() && Bits >= 0; i++, Bits -= 8) - Version |= (Nums[i].toInt() & 0xFF) << Bits; - - if (Version > MyVersion) - if (bManual || !IgnoredUpdates.contains(VersionStr)) // when checked manually always show result - { - bNothing = false; - //QDateTime Updated = QDateTime::fromTime_t(Data["updated"].toULongLong()); - - QString UpdateMsg = Data["updateMsg"].toString(); - QString UpdateUrl = Data["updateUrl"].toString(); - - QString DownloadUrl = Data["downloadUrl"].toString(); - // 'sha256' - // 'signature' - - QString FullMessage = UpdateMsg.isEmpty() ? tr("

There is a new version of Sandboxie-Plus available.
New version: %1

").arg(VersionStr) : UpdateMsg; - if (!DownloadUrl.isEmpty()) - FullMessage += tr("

Do you want to download the latest version?

"); - else if (!UpdateUrl.isEmpty()) - FullMessage += tr("

Do you want to go to the download page?

").arg(UpdateUrl); - - CCheckableMessageBox mb(this); - mb.setWindowTitle("Sandboxie-Plus"); - QIcon ico(QLatin1String(":/SandMan.png")); - mb.setIconPixmap(ico.pixmap(64, 64)); - //mb.setTextFormat(Qt::RichText); - mb.setText(FullMessage); - mb.setCheckBoxText(tr("Don't show this message anymore.")); - mb.setCheckBoxVisible(!bManual); - - if (!UpdateUrl.isEmpty() || !DownloadUrl.isEmpty()) { - mb.setStandardButtons(QDialogButtonBox::Yes | QDialogButtonBox::No); - mb.setDefaultButton(QDialogButtonBox::Yes); - } - else - mb.setStandardButtons(QDialogButtonBox::Ok); - - mb.exec(); - - if (mb.isChecked()) - theConf->SetValue("Options/IgnoredUpdates", IgnoredUpdates << VersionStr); - - if (mb.clickedStandardButton() == QDialogButtonBox::Yes) - { - if (!DownloadUrl.isEmpty()) - { - QNetworkRequest Request = QNetworkRequest(DownloadUrl); - Request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true); - //Request.setRawHeader("Accept-Encoding", "gzip"); - QNetworkReply* pReply = m_RequestManager->get(Request); - connect(pReply, SIGNAL(finished()), this, SLOT(OnUpdateDownload())); - connect(pReply, SIGNAL(downloadProgress(qint64, qint64)), this, SLOT(OnUpdateProgress(qint64, qint64))); - - m_pUpdateProgress = CSbieProgressPtr(new CSbieProgress()); - AddAsyncOp(m_pUpdateProgress); - m_pUpdateProgress->ShowMessage(tr("Downloading new version...")); - } - else - QDesktopServices::openUrl(UpdateUrl); - } - } - } - - if (bNothing) - { - theConf->SetValue("Options/NextCheckForUpdates", QDateTime::currentDateTime().addDays(7).toTime_t()); - - if (bManual) - QMessageBox::information(this, "Sandboxie-Plus", tr("No new updates found, your Sandboxie-Plus is up-to-date.")); - } -} - -void CSandMan::OnUpdateProgress(qint64 bytes, qint64 bytesTotal) -{ - if (bytesTotal != 0 && !m_pUpdateProgress.isNull()) - m_pUpdateProgress->Progress(100 * bytes / bytesTotal); -} - -void CSandMan::OnUpdateDownload() -{ - if (m_pUpdateProgress.isNull()) - return; - - QString TempDir = QStandardPaths::writableLocation(QStandardPaths::TempLocation); - if (TempDir.right(1) != "/") - TempDir += "/"; - - m_pUpdateProgress->Progress(-1); - - QNetworkReply* pReply = qobject_cast(sender()); - quint64 Size = pReply->bytesAvailable(); - QString Name = pReply->request().url().fileName(); - if (Name.isEmpty() || Name.right(4).compare(".exe", Qt::CaseInsensitive) != 0) - Name = "Sandboxie-Plus-Install.exe"; - - QString FilePath = TempDir + Name; - - QFile File(FilePath); - if (File.open(QFile::WriteOnly)) { - while (pReply->bytesAvailable() > 0) - File.write(pReply->read(4096)); - File.close(); - } - - pReply->deleteLater(); - - m_pUpdateProgress->Finish(SB_OK); - m_pUpdateProgress.clear(); - - if (File.size() != Size) { - QMessageBox::critical(this, "Sandboxie-Plus", tr("Failed to download update from: %1").arg(pReply->request().url().toString())); - return; - } - - QString Message = tr("

New Sandboxie-Plus has been downloaded to the following location:

%1

Do you want to begin the installation? If any programs are running sandboxed, they will be terminated.

") - .arg(FilePath).arg("File:///" + TempDir); - if (QMessageBox("Sandboxie-Plus", Message, QMessageBox::Information, QMessageBox::Yes | QMessageBox::Default, QMessageBox::No | QMessageBox::Escape, QMessageBox::NoButton, this).exec() == QMessageBox::Yes) - QProcess::startDetached(FilePath); -} - -void CSandMan::OnHelp() -{ - if (sender() == m_pSupport) - QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=donate")); - else if (sender() == m_pForum) - QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=sbie-forum")); - else if (sender() == m_pManual) - QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=sbie-docs")); - else - QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=patreon")); -} - -void CSandMan::OnAbout() -{ - if (sender() == m_pAbout) - { - QString AboutCaption = tr( - "

About Sandboxie-Plus

" - "

Version %1

" - "

Copyright (c) 2020-2021 by DavidXanatos

" - ).arg(GetVersion()); - QString AboutText = tr( - "

Sandboxie-Plus is an open source continuation of Sandboxie.

" - "

" - "

Visit sandboxie-plus.com for more information.

" - "

" - "

" - "

" - "

Icons from icons8.com

" - "

" - ); - QMessageBox *msgBox = new QMessageBox(this); - msgBox->setAttribute(Qt::WA_DeleteOnClose); - msgBox->setWindowTitle(tr("About Sandboxie-Plus")); - msgBox->setText(AboutCaption); - msgBox->setInformativeText(AboutText); - - QIcon ico(QLatin1String(":/SandMan.png")); - msgBox->setIconPixmap(ico.pixmap(128, 128)); - - msgBox->exec(); - } - else if (sender() == m_pAboutQt) - QMessageBox::aboutQt(this); -} - -void CSandMan::SetUITheme() -{ - m_ThemeUpdatePending = false; - - bool bDark; - int iDark = theConf->GetInt("Options/UseDarkTheme", 2); - if (iDark == 2) { - QSettings settings("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Themes\\Personalize", QSettings::NativeFormat); - bDark = (settings.value("AppsUseLightTheme") == 0); - } else - bDark = (iDark == 1); - - if (bDark) - { - QApplication::setStyle(QStyleFactory::create("Fusion")); - QPalette palette; - palette.setColor(QPalette::Window, QColor(53, 53, 53)); - palette.setColor(QPalette::WindowText, Qt::white); - palette.setColor(QPalette::Base, QColor(25, 25, 25)); - palette.setColor(QPalette::AlternateBase, QColor(53, 53, 53)); - palette.setColor(QPalette::ToolTipBase, Qt::white); - palette.setColor(QPalette::ToolTipText, Qt::white); - palette.setColor(QPalette::Text, Qt::white); - palette.setColor(QPalette::Button, QColor(53, 53, 53)); - palette.setColor(QPalette::ButtonText, Qt::white); - palette.setColor(QPalette::BrightText, Qt::red); - palette.setColor(QPalette::Link, QColor(218, 130, 42)); - palette.setColor(QPalette::Highlight, QColor(42, 130, 218)); - palette.setColor(QPalette::HighlightedText, Qt::black); - palette.setColor(QPalette::Disabled, QPalette::WindowText, Qt::darkGray); - palette.setColor(QPalette::Disabled, QPalette::Text, Qt::darkGray); - palette.setColor(QPalette::Disabled, QPalette::Light, Qt::black); - palette.setColor(QPalette::Disabled, QPalette::ButtonText, Qt::darkGray); - QApplication::setPalette(palette); - } - else - { - QApplication::setStyle(QStyleFactory::create(m_DefaultStyle)); - QApplication::setPalette(m_DefaultPalett); - } - - m_DarkTheme = bDark; - CTreeItemModel::SetDarkMode(bDark); - CListItemModel::SetDarkMode(bDark); - CPopUpWindow::SetDarkMode(bDark); - CPanelView::SetDarkMode(bDark); - CFinder::SetDarkMode(bDark); -} - -void CSandMan::UpdateTheme() -{ - if (!m_ThemeUpdatePending) - { - m_ThemeUpdatePending = true; - QTimer::singleShot(500, this, SLOT(SetUITheme())); - } -} - -void CSandMan::LoadLanguage() -{ - qApp->removeTranslator(&m_Translator); - m_Translation.clear(); - m_LanguageId = 0; - - QString Lang = theConf->GetString("Options/UiLanguage"); - if(Lang.isEmpty()) - Lang = QLocale::system().name(); - - if (!Lang.isEmpty()) - { - m_LanguageId = LocaleNameToLCID(Lang.toStdWString().c_str(), 0); - - QString LangAux = Lang; // Short version as fallback - LangAux.truncate(LangAux.lastIndexOf('_')); - - QString LangPath = QApplication::applicationDirPath() + "/translations/sandman_"; - bool bAux = false; - if (QFile::exists(LangPath + Lang + ".qm") || (bAux = QFile::exists(LangPath + LangAux + ".qm"))) - { - QFile File(LangPath + (bAux ? LangAux : Lang) + ".qm"); - File.open(QFile::ReadOnly); - m_Translation = File.readAll(); - } - - if (!m_Translation.isEmpty() && m_Translator.load((const uchar*)m_Translation.data(), m_Translation.size())) - qApp->installTranslator(&m_Translator); - } - - if (!m_LanguageId) - m_LanguageId = 1033; // default to English -} - -// Make sure that QPlatformTheme strings won't be marked as vanished in all .ts files, even after running lupdate - -static const char* platform_strings[] = { -QT_TRANSLATE_NOOP("QPlatformTheme", "OK"), -QT_TRANSLATE_NOOP("QPlatformTheme", "Apply"), -QT_TRANSLATE_NOOP("QPlatformTheme", "Cancel"), -QT_TRANSLATE_NOOP("QPlatformTheme", "&Yes"), -QT_TRANSLATE_NOOP("QPlatformTheme", "&No"), -}; - - -////////////////////////////////////////////////////////////////////////////////////////// -// WinSpy based window finder -// - -#include -#include "Helpers/FindTool.h" - -#define IDD_FINDER_TOOL 111 -#define ID_FINDER_TARGET 112 -#define ID_FINDER_EXPLAIN 113 -#define ID_FINDER_RESULT 114 - -UINT CALLBACK FindProc(HWND hwndTool, UINT uCode, HWND hwnd) -{ - ULONG pid; - if (uCode == WFN_END) - GetWindowThreadProcessId(hwnd, &pid); - else - pid = 0; - - hwndTool = GetParent(hwndTool); - - if (pid && pid != GetCurrentProcessId()) - { - RECT rc; - GetWindowRect(hwndTool, &rc); - if (rc.bottom - rc.top <= 150) - SetWindowPos(hwndTool, NULL, 0, 0, rc.right - rc.left, rc.bottom - rc.top + 70, SWP_SHOWWINDOW | SWP_NOMOVE); - - CBoxedProcessPtr pProcess = theAPI->GetProcessById(pid); - if (!pProcess.isNull()) - { - wstring result = CSandMan::tr("The selected window is running as part of program %1 in sandbox %2").arg(pProcess->GetProcessName()).arg(pProcess->GetBoxName()).toStdWString(); - - SetWindowText(GetDlgItem(hwndTool, ID_FINDER_RESULT), result.c_str()); - //::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_YES_BOXED), SW_SHOW); - } - else - { - wstring result = CSandMan::tr("The selected window is not running as part of any sandboxed program.").toStdWString(); - - SetWindowText(GetDlgItem(hwndTool, ID_FINDER_RESULT), result.c_str()); - //::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_NOT_BOXED), SW_SHOW); - } - ::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_RESULT), SW_SHOW); - } - else - { - RECT rc; - GetWindowRect(hwndTool, &rc); - if (rc.bottom - rc.top > 150) - SetWindowPos(hwndTool, NULL, 0, 0, rc.right - rc.left, rc.bottom - rc.top - 70, SWP_SHOWWINDOW | SWP_NOMOVE); - - //::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_YES_BOXED), SW_HIDE); - //::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_NOT_BOXED), SW_HIDE); - ::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_RESULT), SW_HIDE); - } - - return 0; -} - -// hwnd: All window processes are passed the handle of the window -// that they belong to in hwnd. -// msg: Current message (e.g., WM_*) from the OS. -// wParam: First message parameter, note that these are more or less -// integers, but they are really just "data chunks" that -// you are expected to memcpy as raw data to float, etc. -// lParam: Second message parameter, same deal as above. -LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam) -{ - switch (msg) - { - case WM_CREATE: - { - wstring info = CSandMan::tr("Drag the Finder Tool over a window to select it, then release the mouse to check if the window is sandboxed.").toStdWString(); - - CreateWindow(L"Static", L"", SS_BITMAP | SS_NOTIFY | WS_VISIBLE | WS_CHILD, 10, 10, 32, 32, hwnd, (HMENU)ID_FINDER_TARGET, NULL, NULL); - CreateWindow(L"Static", info.c_str(), WS_VISIBLE | WS_CHILD, 60, 10, 180, 65, hwnd, (HMENU)ID_FINDER_EXPLAIN, NULL, NULL); - CreateWindow(L"Static", L"", WS_CHILD, 60, 80, 180, 50, hwnd, (HMENU)ID_FINDER_RESULT, NULL, NULL); - - MakeFinderTool(GetDlgItem(hwnd, ID_FINDER_TARGET), FindProc); - - break; - } - - case WM_CLOSE: - //DestroyWindow(hwnd); - PostQuitMessage(0); - break; - } - - return DefWindowProc(hwnd, msg, wParam, lParam); -} - -DWORD WINAPI FinderThreadFunc(LPVOID lpParam) -{ - MSG msg; - WNDCLASS mainWindowClass = { 0 }; - - HINSTANCE hInstance = NULL; - - // You can set the main window name to anything, but - // typically you should prefix custom window classes - // with something that makes it unique. - mainWindowClass.lpszClassName = TEXT("SBp.WndFinder"); - - mainWindowClass.hInstance = hInstance; - mainWindowClass.hbrBackground = GetSysColorBrush(COLOR_3DFACE); - mainWindowClass.lpfnWndProc = WndProc; - mainWindowClass.hCursor = LoadCursor(0, IDC_ARROW); - - RegisterClass(&mainWindowClass); - - // Notes: - // - The classname identifies the TYPE of the window. Not a C type. - // This is a (TCHAR*) ID that Windows uses internally. - // - The window name is really just the window text, this is - // commonly used for captions, including the title - // bar of the window itself. - // - parentHandle is considered the "owner" of this - // window. MessageBoxes can use HWND_MESSAGE to - // free them of any window. - // - menuHandle: hMenu specifies the child-window identifier, - // an integer value used by a dialog box - // control to notify its parent about events. - // The application determines the child-window - // identifier; it must be unique for all - // child windows with the same parent window. - - HWND hwnd = CreateWindow(mainWindowClass.lpszClassName, CSandMan::tr("Sandboxie-Plus - Window Finder").toStdWString().c_str() - , WS_SYSMENU | WS_CAPTION | WS_VISIBLE, CW_USEDEFAULT, CW_USEDEFAULT, 275, 115, NULL, 0, hInstance, NULL); - - HFONT hFont = CreateFont(13, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")); - - SendMessage(GetDlgItem(hwnd, ID_FINDER_EXPLAIN), WM_SETFONT, (WPARAM)hFont, TRUE); - SendMessage(GetDlgItem(hwnd, ID_FINDER_RESULT), WM_SETFONT, (WPARAM)hFont, TRUE); - - while (GetMessage(&msg, NULL, 0, 0)) - { - TranslateMessage(&msg); - DispatchMessage(&msg); - } - - DeleteObject(hFont); - - return (int)msg.wParam; -} - -void CSandMan::OnWndFinder() -{ - m_pWndFinder->setEnabled(false); - - HANDLE hThread = CreateThread(NULL, 0, FinderThreadFunc, NULL, 0, NULL); - - QWinEventNotifier* finishedNotifier = new QWinEventNotifier(hThread); - finishedNotifier->setEnabled(true); - connect(finishedNotifier, &QWinEventNotifier::activated, this, [finishedNotifier, this, hThread]() { - CloseHandle(hThread); - - m_pWndFinder->setEnabled(true); - - finishedNotifier->setEnabled(false); - finishedNotifier->deleteLater(); - }); -} +#include "stdafx.h" +#include "SandMan.h" +#include "../MiscHelpers/Common/Common.h" +#include "../MiscHelpers/Common/ExitDialog.h" +#include "../MiscHelpers/Common/SortFilterProxyModel.h" +#include "Views/SbieView.h" +#include "../MiscHelpers/Common/CheckableMessageBox.h" +#include +#include "./Dialogs/MultiErrorDialog.h" +#include "../QSbieAPI/SbieUtils.h" +#include "../QSbieAPI/Sandboxie/BoxBorder.h" +#include "../QSbieAPI/Sandboxie/SbieTemplates.h" +#include "Windows/SettingsWindow.h" +#include "Windows/RecoveryWindow.h" +#include +#include "../MiscHelpers/Common/SettingsWidgets.h" +#include "Windows/OptionsWindow.h" +#include +#include "../MiscHelpers/Common/TreeItemModel.h" +#include "../MiscHelpers/Common/ListItemModel.h" +#include "Views/TraceView.h" +#include "Windows/SelectBoxWindow.h" +#include "../UGlobalHotkey/uglobalhotkeys.h" + +CSbiePlusAPI* theAPI = NULL; + +#if defined(Q_OS_WIN) +#include +#include +#include + +class CNativeEventFilter : public QAbstractNativeEventFilter +{ +public: + virtual bool nativeEventFilter(const QByteArray &eventType, void *message, long *result) + { + if (eventType == "windows_generic_MSG" || eventType == "windows_dispatcher_MSG") + { + MSG *msg = static_cast(message); + + //if(msg->message != 275 && msg->message != 1025) + // qDebug() << msg->message; + + if (msg->message == WM_NOTIFY) + { + //return true; + } + else if (msg->message == WM_DEVICECHANGE) + { + if (msg->wParam == DBT_DEVICEARRIVAL // Drive letter added + || msg->wParam == DBT_DEVICEREMOVECOMPLETE) // Drive letter removed + { + /*DEV_BROADCAST_HDR* deviceBroadcast = (DEV_BROADCAST_HDR*)msg->lParam; + if (deviceBroadcast->dbch_devicetype == DBT_DEVTYP_VOLUME) { + }*/ + if (theAPI) + theAPI->UpdateDriveLetters(); + } + /*else if ((msg->wParam & 0xFF80) == 0xAA00 && msg->lParam == 'xobs') + { + UCHAR driveNumber = (UCHAR)(msg->wParam & 0x1F); + if (driveNumber < 26) { + } + } + else if (msg->wParam == DBT_DEVNODES_CHANGED) // hardware changed + { + }*/ + } + else if (msg->message == WM_DWMCOLORIZATIONCOLORCHANGED) + { + if (theGUI && theConf->GetInt("Options/UseDarkTheme", 2) == 2) + theGUI->UpdateTheme(); + } + } + return false; + } +}; + +HWND MainWndHandle = NULL; +#endif + +CSandMan* theGUI = NULL; + +CSandMan::CSandMan(QWidget *parent) + : QMainWindow(parent) +{ +#if defined(Q_OS_WIN) + MainWndHandle = (HWND)QWidget::winId(); + + QApplication::instance()->installNativeEventFilter(new CNativeEventFilter); +#endif + + theGUI = this; + + QDesktopServices::setUrlHandler("http", this, "OpenUrl"); + QDesktopServices::setUrlHandler("https", this, "OpenUrl"); + QDesktopServices::setUrlHandler("sbie", this, "OpenUrl"); + + m_ThemeUpdatePending = false; + m_DefaultStyle = QApplication::style()->objectName(); + m_DefaultPalett = QApplication::palette(); + + m_LanguageId = 1033; // lang en_us + LoadLanguage(); + SetUITheme(); + + m_bExit = false; + + theAPI = new CSbiePlusAPI(this); + connect(theAPI, SIGNAL(StatusChanged()), this, SLOT(OnStatusChanged())); + connect(theAPI, SIGNAL(BoxClosed(const QString&)), this, SLOT(OnBoxClosed(const QString&))); + + m_RequestManager = NULL; + + QString appTitle = tr("Sandboxie-Plus v%1").arg(GetVersion()); + + if (QFile::exists(QCoreApplication::applicationDirPath() + "\\Certificate.dat")) { + CSettingsWindow::LoadCertificate(); + } + + this->setWindowTitle(appTitle); + + setAcceptDrops(true); + + m_pBoxBorder = new CBoxBorder(theAPI, this); + + m_SbieTemplates = new CSbieTemplates(theAPI, this); + + + m_bConnectPending = false; + m_bStopPending = false; + + QTreeViewEx::m_ResetColumns = tr("Reset Columns"); + CPanelView::m_CopyCell = tr("Copy Cell"); + CPanelView::m_CopyRow = tr("Copy Row"); + CPanelView::m_CopyPanel = tr("Copy Panel"); + + CreateMenus(); + + m_pMainWidget = new QWidget(); + m_pMainLayout = new QVBoxLayout(m_pMainWidget); + m_pMainLayout->setMargin(2); + m_pMainLayout->setSpacing(0); + this->setCentralWidget(m_pMainWidget); + + CreateToolBar(); + + m_pLogSplitter = new QSplitter(); + m_pLogSplitter->setOrientation(Qt::Vertical); + m_pMainLayout->addWidget(m_pLogSplitter); + + m_pPanelSplitter = new QSplitter(); + m_pPanelSplitter->setOrientation(Qt::Horizontal); + m_pLogSplitter->addWidget(m_pPanelSplitter); + + + m_pBoxView = new CSbieView(); + m_pPanelSplitter->addWidget(m_pBoxView); + + connect(m_pBoxView->GetTree()->selectionModel(), SIGNAL(currentChanged(QModelIndex, QModelIndex)), this, SLOT(OnSelectionChanged())); + + //m_pPanelSplitter->addWidget(); + + m_pLogTabs = new QTabWidget(); + m_pLogSplitter->addWidget(m_pLogTabs); + + // Message Log + m_pMessageLog = new CPanelWidgetEx(); + + //m_pMessageLog->GetView()->setItemDelegate(theGUI->GetItemDelegate()); + ((QTreeWidgetEx*)m_pMessageLog->GetView())->setHeaderLabels(tr("Time|Message").split("|")); + + m_pMessageLog->GetMenu()->insertAction(m_pMessageLog->GetMenu()->actions()[0], m_pCleanUpMsgLog); + m_pMessageLog->GetMenu()->insertSeparator(m_pMessageLog->GetMenu()->actions()[0]); + + m_pMessageLog->GetView()->setSelectionMode(QAbstractItemView::ExtendedSelection); + m_pMessageLog->GetView()->setSortingEnabled(false); + + m_pLogTabs->addTab(m_pMessageLog, tr("Sbie Messages")); + // + + m_pTraceView = new CTraceView(this); + + m_pTraceView->GetMenu()->insertAction(m_pTraceView->GetMenu()->actions()[0], m_pCleanUpTrace); + m_pTraceView->GetMenu()->insertSeparator(m_pTraceView->GetMenu()->actions()[0]); + + m_pLogTabs->addTab(m_pTraceView, tr("Trace Log")); + + m_pHotkeyManager = new UGlobalHotkeys(this); + connect(m_pHotkeyManager, SIGNAL(activated(size_t)), SLOT(OnHotKey(size_t))); + SetupHotKeys(); + + for (int i = 0; i < eMaxColor; i++) + m_BoxIcons[(EBoxColors)i] = qMakePair(QIcon(QString(":/Boxes/Empty%1").arg(i)), QIcon(QString(":/Boxes/Full%1").arg(i))); + + // Tray + m_pTrayIcon = new QSystemTrayIcon(GetTrayIconName(), this); + m_pTrayIcon->setToolTip("Sandboxie-Plus"); + connect(m_pTrayIcon, SIGNAL(activated(QSystemTrayIcon::ActivationReason)), this, SLOT(OnSysTray(QSystemTrayIcon::ActivationReason))); + m_bIconEmpty = true; + m_bIconDisabled = false; + + m_pTrayMenu = new QMenu(); + QAction* pShowHide = m_pTrayMenu->addAction(GetIcon("IconFull", false), tr("Show/Hide"), this, SLOT(OnShowHide())); + QFont f = pShowHide->font(); + f.setBold(true); + pShowHide->setFont(f); + m_pTrayMenu->addSeparator(); + + m_pTrayList = new QWidgetAction(m_pTrayMenu); + + QWidget* pWidget = new CActionWidget(); + QHBoxLayout* pLayout = new QHBoxLayout(); + pLayout->setMargin(0); + pWidget->setLayout(pLayout); + + m_pTrayBoxes = new QTreeWidget(); + + m_pTrayBoxes->setSizePolicy(QSizePolicy::Ignored, QSizePolicy::Maximum); + m_pTrayBoxes->setRootIsDecorated(false); + //m_pTrayBoxes->setHeaderLabels(tr(" Sandbox").split("|")); + m_pTrayBoxes->setHeaderHidden(true); + m_pTrayBoxes->setSelectionMode(QAbstractItemView::NoSelection); + //m_pTrayBoxes->setSelectionMode(QAbstractItemView::ExtendedSelection); + + pLayout->insertSpacing(0, 1);// 32); + + /*QFrame* vFrame = new QFrame; + vFrame->setFixedWidth(1); + vFrame->setFrameShape(QFrame::VLine); + vFrame->setFrameShadow(QFrame::Raised); + pLayout->addWidget(vFrame);*/ + + pLayout->addWidget(m_pTrayBoxes); + + m_pTrayList->setDefaultWidget(pWidget); + m_pTrayMenu->addAction(m_pTrayList); + + + m_pTrayBoxes->setContextMenuPolicy(Qt::CustomContextMenu); + connect(m_pTrayBoxes, SIGNAL(customContextMenuRequested( const QPoint& )), this, SLOT(OnBoxMenu(const QPoint &))); + connect(m_pTrayBoxes, SIGNAL(itemDoubleClicked(QTreeWidgetItem*, int)), this, SLOT(OnBoxDblClick(QTreeWidgetItem*))); + //m_pBoxMenu + + m_pTraySeparator = m_pTrayMenu->addSeparator(); + m_pTrayMenu->addAction(m_pEmptyAll); + m_pDisableForce2 = m_pTrayMenu->addAction(tr("Disable Forced Programs"), this, SLOT(OnDisableForce2())); + m_pDisableForce2->setCheckable(true); + m_pTrayMenu->addSeparator(); + + /*QWidgetAction* pBoxWidget = new QWidgetAction(m_pTrayMenu); + + QWidget* pWidget = new QWidget(); + pWidget->setMaximumHeight(200); + QGridLayout* pLayout = new QGridLayout(); + pLayout->addWidget(pBar, 0, 0); + pWidget->setLayout(pLayout); + pBoxWidget->setDefaultWidget(pWidget);*/ + + /*QLabel* pLabel = new QLabel("test"); + pLabel->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); + pLabel->setAlignment(Qt::AlignCenter); + pBoxWidget->setDefaultWidget(pLabel);*/ + + //m_pTrayMenu->addAction(pBoxWidget); + //m_pTrayMenu->addSeparator(); + + m_pTrayMenu->addAction(m_pExit); + + bool bAutoRun = QApplication::arguments().contains("-autorun"); + + m_pTrayIcon->show(); // Note: qt bug; hide does not work if not showing first :/ + if(!bAutoRun && theConf->GetInt("Options/SysTrayIcon", 1) == 0) + m_pTrayIcon->hide(); + // + + LoadState(); + + bool bAdvanced = theConf->GetBool("Options/AdvancedView", true); + foreach(QAction * pAction, m_pViewMode->actions()) + pAction->setChecked(pAction->data().toBool() == bAdvanced); + SetViewMode(bAdvanced); + + + m_pKeepTerminated->setChecked(theConf->GetBool("Options/KeepTerminated")); + m_pShowAllSessions->setChecked(theConf->GetBool("Options/ShowAllSessions")); + + m_pProgressDialog = new CProgressDialog("", this); + m_pProgressDialog->setWindowModality(Qt::ApplicationModal); + connect(m_pProgressDialog, SIGNAL(Cancel()), this, SLOT(OnCancelAsync())); + m_pProgressModal = false; + + m_pPopUpWindow = new CPopUpWindow(); + + bool bAlwaysOnTop = theConf->GetBool("Options/AlwaysOnTop", false); + m_pWndTopMost->setChecked(bAlwaysOnTop); + this->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); + m_pPopUpWindow->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); + + if (!bAutoRun) + show(); + + //connect(theAPI, SIGNAL(LogMessage(const QString&, bool)), this, SLOT(OnLogMessage(const QString&, bool))); + connect(theAPI, SIGNAL(LogSbieMessage(quint32, const QStringList&, quint32)), this, SLOT(OnLogSbieMessage(quint32, const QStringList&, quint32))); + connect(theAPI, SIGNAL(NotAuthorized(bool, bool&)), this, SLOT(OnNotAuthorized(bool, bool&)), Qt::DirectConnection); + connect(theAPI, SIGNAL(QueuedRequest(quint32, quint32, quint32, const QVariantMap&)), this, SLOT(OnQueuedRequest(quint32, quint32, quint32, const QVariantMap&)), Qt::QueuedConnection); + connect(theAPI, SIGNAL(FileToRecover(const QString&, const QString&, const QString&, quint32)), this, SLOT(OnFileToRecover(const QString&, const QString&, const QString&, quint32)), Qt::QueuedConnection); + connect(theAPI, SIGNAL(ConfigReloaded()), this, SLOT(OnIniReloaded())); + + m_uTimerID = startTimer(250); + + OnStatusChanged(); + if (CSbieUtils::IsRunning(CSbieUtils::eAll) || theConf->GetBool("Options/StartIfStopped", true)) + { + SB_STATUS Status = ConnectSbie(); + CheckResults(QList() << Status); + } +} + +CSandMan::~CSandMan() +{ + m_pPopUpWindow->close(); + delete m_pPopUpWindow; + + if(m_pEnableMonitoring->isChecked()) + theAPI->EnableMonitor(false); + + killTimer(m_uTimerID); + + m_pTrayIcon->hide(); + + StoreState(); + + theAPI = NULL; + + theGUI = NULL; +} + +void CSandMan::LoadState() +{ + restoreGeometry(theConf->GetBlob("MainWindow/Window_Geometry")); + //m_pBoxTree->restoreState(theConf->GetBlob("MainWindow/BoxTree_Columns")); + m_pMessageLog->GetView()->header()->restoreState(theConf->GetBlob("MainWindow/LogList_Columns")); + m_pLogSplitter->restoreState(theConf->GetBlob("MainWindow/Log_Splitter")); + m_pPanelSplitter->restoreState(theConf->GetBlob("MainWindow/Panel_Splitter")); + m_pLogTabs->setCurrentIndex(theConf->GetInt("MainWindow/LogTab", 0)); +} + +void CSandMan::StoreState() +{ + theConf->SetBlob("MainWindow/Window_Geometry", saveGeometry()); + //theConf->SetBlob("MainWindow/BoxTree_Columns", m_pBoxTree->saveState()); + theConf->SetBlob("MainWindow/LogList_Columns", m_pMessageLog->GetView()->header()->saveState()); + theConf->SetBlob("MainWindow/Log_Splitter", m_pLogSplitter->saveState()); + theConf->SetBlob("MainWindow/Panel_Splitter", m_pPanelSplitter->saveState()); + theConf->SetValue("MainWindow/LogTab", m_pLogTabs->currentIndex()); +} + +QIcon CSandMan::GetIcon(const QString& Name, bool bAction) +{ + QString Path = QApplication::applicationDirPath() + "/Icons/" + Name + ".png"; + if(QFile::exists(Path)) + return QIcon(Path); + return QIcon((bAction ? ":/Actions/" : ":/") + Name + ".png"); +} + +void CSandMan::CreateMenus() +{ + connect(menuBar(), SIGNAL(hovered(QAction*)), this, SLOT(OnMenuHover(QAction*))); + + m_pMenuFile = menuBar()->addMenu(tr("&Sandbox")); + m_pNewBox = m_pMenuFile->addAction(CSandMan::GetIcon("NewBox"), tr("Create New Box"), this, SLOT(OnNewBox())); + m_pNewGroup = m_pMenuFile->addAction(CSandMan::GetIcon("Group"), tr("Create Box Group"), this, SLOT(OnNewGroupe())); + m_pMenuFile->addSeparator(); + m_pEmptyAll = m_pMenuFile->addAction(CSandMan::GetIcon("EmptyAll"), tr("Terminate All Processes"), this, SLOT(OnEmptyAll())); + m_pWndFinder = m_pMenuFile->addAction(CSandMan::GetIcon("finder"), tr("Window Finder"), this, SLOT(OnWndFinder())); + m_pDisableForce = m_pMenuFile->addAction(tr("Disable Forced Programs"), this, SLOT(OnDisableForce())); + m_pDisableForce->setCheckable(true); + m_pMenuFile->addSeparator(); + m_pMaintenance = m_pMenuFile->addMenu(CSandMan::GetIcon("Maintenance"), tr("&Maintenance")); + m_pConnect = m_pMaintenance->addAction(CSandMan::GetIcon("Connect"), tr("Connect"), this, SLOT(OnMaintenance())); + m_pDisconnect = m_pMaintenance->addAction(CSandMan::GetIcon("Disconnect"), tr("Disconnect"), this, SLOT(OnMaintenance())); + m_pMaintenance->addSeparator(); + m_pStopAll = m_pMaintenance->addAction(CSandMan::GetIcon("Stop"), tr("Stop All"), this, SLOT(OnMaintenance())); + m_pMaintenance->addSeparator(); + m_pMaintenanceItems = m_pMaintenance->addMenu(CSandMan::GetIcon("ManMaintenance"), tr("&Advanced")); + m_pInstallDrv = m_pMaintenanceItems->addAction(tr("Install Driver"), this, SLOT(OnMaintenance())); + m_pStartDrv = m_pMaintenanceItems->addAction(tr("Start Driver"), this, SLOT(OnMaintenance())); + m_pStopDrv = m_pMaintenanceItems->addAction(tr("Stop Driver"), this, SLOT(OnMaintenance())); + m_pUninstallDrv = m_pMaintenanceItems->addAction(tr("Uninstall Driver"), this, SLOT(OnMaintenance())); + m_pMaintenanceItems->addSeparator(); + m_pInstallSvc = m_pMaintenanceItems->addAction(tr("Install Service"), this, SLOT(OnMaintenance())); + m_pStartSvc = m_pMaintenanceItems->addAction(tr("Start Service"), this, SLOT(OnMaintenance())); + m_pStopSvc = m_pMaintenanceItems->addAction(tr("Stop Service"), this, SLOT(OnMaintenance())); + m_pUninstallSvc = m_pMaintenanceItems->addAction(tr("Uninstall Service"), this, SLOT(OnMaintenance())); + + m_pMenuFile->addSeparator(); + m_pExit = m_pMenuFile->addAction(CSandMan::GetIcon("Exit"), tr("Exit"), this, SLOT(OnExit())); + + + m_pMenuView = menuBar()->addMenu(tr("&View")); + + m_pViewMode = new QActionGroup(m_pMenuView); + MakeAction(m_pViewMode, m_pMenuView, tr("Simple View"), false); + MakeAction(m_pViewMode, m_pMenuView, tr("Advanced View"), true); + connect(m_pViewMode, SIGNAL(triggered(QAction*)), this, SLOT(OnViewMode(QAction*))); + + m_pMenuView->addSeparator(); + m_pWndTopMost = m_pMenuView->addAction(tr("Always on Top"), this, SLOT(OnAlwaysTop())); + m_pWndTopMost->setCheckable(true); + + m_iMenuViewPos = m_pMenuView->actions().count(); + m_pMenuView->addSeparator(); + + m_pShowHidden = m_pMenuView->addAction(tr("Show Hidden Boxes")); + m_pShowHidden->setCheckable(true); + m_pShowAllSessions = m_pMenuView->addAction(tr("Show All Sessions"), this, SLOT(OnProcView())); + m_pShowAllSessions->setCheckable(true); + + m_pMenuView->addSeparator(); + + m_pCleanUpMenu = m_pMenuView->addMenu(CSandMan::GetIcon("Clean"), tr("Clean Up")); + m_pCleanUpProcesses = m_pCleanUpMenu->addAction(tr("Cleanup Processes"), this, SLOT(OnCleanUp())); + m_pCleanUpMenu->addSeparator(); + m_pCleanUpMsgLog = m_pCleanUpMenu->addAction(tr("Cleanup Message Log"), this, SLOT(OnCleanUp())); + m_pCleanUpTrace = m_pCleanUpMenu->addAction(tr("Cleanup Trace Log"), this, SLOT(OnCleanUp())); + + m_pKeepTerminated = m_pMenuView->addAction(CSandMan::GetIcon("Keep"), tr("Keep terminated"), this, SLOT(OnProcView())); + m_pKeepTerminated->setCheckable(true); + + + m_pMenuOptions = menuBar()->addMenu(tr("&Options")); + m_pMenuSettings = m_pMenuOptions->addAction(CSandMan::GetIcon("Settings"), tr("Global Settings"), this, SLOT(OnSettings())); + m_pMenuResetMsgs = m_pMenuOptions->addAction(tr("Reset all hidden messages"), this, SLOT(OnResetMsgs())); + m_pMenuOptions->addSeparator(); + m_pEditIni = m_pMenuOptions->addAction(CSandMan::GetIcon("EditIni"), tr("Edit ini file"), this, SLOT(OnEditIni())); + m_pReloadIni = m_pMenuOptions->addAction(CSandMan::GetIcon("ReloadIni"), tr("Reload ini file"), this, SLOT(OnReloadIni())); + m_pMenuOptions->addSeparator(); + m_pEnableMonitoring = m_pMenuOptions->addAction(CSandMan::GetIcon("SetLogging"), tr("Trace Logging"), this, SLOT(OnSetMonitoring())); + m_pEnableMonitoring->setCheckable(true); + + + m_pMenuHelp = menuBar()->addMenu(tr("&Help")); + //m_pMenuHelp->addAction(tr("Support Sandboxie-Plus on Patreon"), this, SLOT(OnHelp())); + m_pSupport = m_pMenuHelp->addAction(tr("Support Sandboxie-Plus with a Donation"), this, SLOT(OnHelp())); + m_pForum = m_pMenuHelp->addAction(tr("Visit Support Forum"), this, SLOT(OnHelp())); + m_pManual = m_pMenuHelp->addAction(tr("Online Documentation"), this, SLOT(OnHelp())); + m_pMenuHelp->addSeparator(); + m_pUpdate = m_pMenuHelp->addAction(tr("Check for Updates"), this, SLOT(CheckForUpdates())); + m_pMenuHelp->addSeparator(); + m_pAboutQt = m_pMenuHelp->addAction(tr("About the Qt Framework"), this, SLOT(OnAbout())); + m_pAbout = m_pMenuHelp->addAction(GetIcon("IconFull", false), tr("About Sandboxie-Plus"), this, SLOT(OnAbout())); +} + +void CSandMan::CreateToolBar() +{ + m_pToolBar = new QToolBar(); + m_pMainLayout->insertWidget(0, m_pToolBar); + + m_pToolBar->addAction(m_pMenuSettings); + m_pToolBar->addSeparator(); + + //m_pToolBar->addAction(m_pMenuNew); + //m_pToolBar->addAction(m_pMenuEmptyAll); + //m_pToolBar->addSeparator(); + m_pToolBar->addAction(m_pKeepTerminated); + //m_pToolBar->addAction(m_pCleanUp); + + m_pCleanUpButton = new QToolButton(); + m_pCleanUpButton->setIcon(CSandMan::GetIcon("Clean")); + m_pCleanUpButton->setToolTip(tr("Cleanup")); + m_pCleanUpButton->setPopupMode(QToolButton::MenuButtonPopup); + m_pCleanUpButton->setMenu(m_pCleanUpMenu); + //QObject::connect(m_pCleanUpButton, SIGNAL(triggered(QAction*)), , SLOT()); + QObject::connect(m_pCleanUpButton, SIGNAL(clicked(bool)), this, SLOT(OnCleanUp())); + m_pToolBar->addWidget(m_pCleanUpButton); + + + m_pToolBar->addSeparator(); + m_pToolBar->addAction(m_pEditIni); + m_pToolBar->addSeparator(); + m_pToolBar->addAction(m_pEnableMonitoring); + //m_pToolBar->addSeparator(); + + + if (!g_Certificate.isEmpty()) + return; + + QWidget* pSpacer = new QWidget(); + pSpacer->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); + m_pToolBar->addWidget(pSpacer); + + //m_pToolBar->addAction(m_pMenuElevate); + + m_pToolBar->addSeparator(); + m_pToolBar->addWidget(new QLabel(" ")); + QLabel* pSupportLbl = new QLabel("Support Sandboxie-Plus on Patreon"); + pSupportLbl->setTextInteractionFlags(Qt::TextBrowserInteraction); + connect(pSupportLbl, SIGNAL(linkActivated(const QString&)), this, SLOT(OnHelp())); + m_pToolBar->addWidget(pSupportLbl); + m_pToolBar->addWidget(new QLabel(" ")); +} + +void CSandMan::OnExit() +{ + m_bExit = true; + close(); +} + +void CSandMan::closeEvent(QCloseEvent *e) +{ + if (!m_bExit)// && !theAPI->IsConnected()) + { + QString OnClose = theConf->GetString("Options/OnClose", "ToTray"); + if (m_pTrayIcon->isVisible() && OnClose.compare("ToTray", Qt::CaseInsensitive) == 0) + { + StoreState(); + hide(); + + if (theAPI->GetGlobalSettings()->GetBool("ForgetPassword", false)) + theAPI->ClearPassword(); + + e->ignore(); + return; + } + else if(OnClose.compare("Prompt", Qt::CaseInsensitive) == 0) + { + CExitDialog ExitDialog(tr("Do you want to close Sandboxie Manager?")); + if (!ExitDialog.exec()) + { + e->ignore(); + return; + } + } + } + + if (IsFullyPortable() && theAPI->IsConnected()) + { + int PortableStop = theConf->GetInt("Options/PortableStop", -1); + if (PortableStop == -1) + { + bool State = false; + auto Ret = CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Sandboxie-Plus was running in portable mode, now it has to clean up the created services. This will prompt for administrative privileges.\r\n\r\nDo you want to do the clean up?") + , tr("Don't show this message again."), &State, QDialogButtonBox::Yes | QDialogButtonBox::No | QDialogButtonBox::Cancel, QDialogButtonBox::Yes, QMessageBox::Question); + + if (Ret == QDialogButtonBox::Cancel) + { + e->ignore(); + return; + } + + PortableStop = (Ret == QDialogButtonBox::Yes) ? 1 : 0; + + if (State) + theConf->SetValue("Options/PortableStop", PortableStop); + } + + if(PortableStop == 1) + StopSbie(true); + } + + QApplication::quit(); +} + +QIcon CSandMan::GetBoxIcon(bool inUse, int boxType) +{ + EBoxColors color = eYellow; + switch (boxType) { + case CSandBoxPlus::eHardened: color = eOrang; break; + //case CSandBoxPlus::eHasLogApi: color = eRed; break; + case CSandBoxPlus::eInsecure: color = eMagenta; break; + } + return inUse ? m_BoxIcons[color].second : m_BoxIcons[color].first; +} + +bool CSandMan::IsFullyPortable() +{ + QString SbiePath = theAPI->GetSbiePath(); + QString IniPath = theAPI->GetIniPath(); + if (IniPath.indexOf(SbiePath, 0, Qt::CaseInsensitive) == 0) + return true; + return false; +} + +void CSandMan::OnMessage(const QString& Message) +{ + if (Message == "ShowWnd") + { + if (!isVisible()) + show(); + setWindowState(Qt::WindowActive); + SetForegroundWindow(MainWndHandle); + } + else if (Message.left(4) == "Run:") + { + QString BoxName = "DefaultBox"; + QString CmdLine = Message.mid(4); + + if (CmdLine.contains("\\start.exe", Qt::CaseInsensitive)) { + int pos = CmdLine.indexOf("/box:", 0, Qt::CaseInsensitive); + int pos2 = CmdLine.indexOf(" ", pos); + if (pos != -1 && pos2 != -1) { + BoxName = CmdLine.mid(pos + 5, pos2 - (pos + 5)); + CmdLine = CmdLine.mid(pos2 + 1); + } + } + + if (theConf->GetBool("Options/RunInDefaultBox", false) && (QGuiApplication::queryKeyboardModifiers() & Qt::ControlModifier) == 0) { + theAPI->RunStart("DefaultBox", CmdLine); + } + else + RunSandboxed(QStringList(CmdLine), BoxName); + } + else if (Message.left(3) == "Op:") + { + QString Op = Message.mid(3); + + SB_STATUS Status; + if (Op == "Connect") + Status = ConnectSbie(); + else if (Op == "Disconnect") + Status = DisconnectSbie(); + else if (Op == "Shutdown") + Status = StopSbie(); + else if (Op == "EmptyAll") + Status = theAPI->TerminateAll(); + else + Status = SB_ERR(SB_Message, QVariantList () << (tr("Unknown operation '%1' requested via command line").arg(Op))); + CheckResults(QList() << Status); + } + else if (Message.left(6) == "Status") + { + QString Status = Message.mid(7); + if (Status != "OK") + { + if(m_bStopPending) + QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to stop all Sandboxie components")); + else if(m_bConnectPending) + QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), tr("Failed to start required Sandboxie components")); + + OnLogMessage(tr("Maintenance operation %1").arg(Status)); + CheckResults(QList() << SB_ERR(SB_Message, QVariantList() << Status)); + } + else + { + OnLogMessage(tr("Maintenance operation Successful")); + if (m_bConnectPending) { + + QTimer::singleShot(1000, [this]() { + SB_STATUS Status = this->ConnectSbieImpl(); + CheckResults(QList() << Status); + }); + } + } + m_pProgressDialog->hide(); + //statusBar()->showMessage(tr("Maintenance operation completed"), 3000); + m_bConnectPending = false; + m_bStopPending = false; + } +} + +void CSandMan::dragEnterEvent(QDragEnterEvent* e) +{ + if (e->mimeData()->hasUrls()) { + e->acceptProposedAction(); + } +} + +void CSandMan::RunSandboxed(const QStringList& Commands, const QString& BoxName) +{ + CSelectBoxWindow* pSelectBoxWindow = new CSelectBoxWindow(Commands, BoxName); + pSelectBoxWindow->show(); +} + +void CSandMan::dropEvent(QDropEvent* e) +{ + QStringList Commands; + foreach(const QUrl & url, e->mimeData()->urls()) { + if (url.isLocalFile()) + Commands.append(url.toLocalFile().replace("/", "\\")); + } + + RunSandboxed(Commands, "DefaultBox"); +} + +QIcon CSandMan::GetTrayIconName(bool isConnected) +{ + QString IconFile; + if (isConnected) { + if (m_bIconEmpty) + IconFile = "IconEmpty"; + else + IconFile = "IconFull"; + + if (m_bIconDisabled) + IconFile += "D"; + } else + IconFile = "IconOff"; + + if (theConf->GetInt("Options/SysTrayIcon", 1) == 2) + IconFile += "C"; + + return GetIcon(IconFile, false); +} + +void CSandMan::timerEvent(QTimerEvent* pEvent) +{ + if (pEvent->timerId() != m_uTimerID) + return; + + bool bForceProcessDisabled = false; + bool bConnected = false; + + if (theAPI->IsConnected()) + { + SB_STATUS Status = theAPI->ReloadBoxes(); + + theAPI->UpdateProcesses(m_pKeepTerminated->isChecked(), m_pShowAllSessions->isChecked()); + + bForceProcessDisabled = theAPI->AreForceProcessDisabled(); + m_pDisableForce->setChecked(bForceProcessDisabled); + m_pDisableForce2->setChecked(bForceProcessDisabled); + + + bool bIsMonitoring = theAPI->IsMonitoring(); + m_pEnableMonitoring->setChecked(bIsMonitoring); + if (!bIsMonitoring) // don't disable the view as logn as there are entries shown + bIsMonitoring = !theAPI->GetTrace().isEmpty(); + m_pTraceView->setEnabled(bIsMonitoring); + + QMap Processes = theAPI->GetAllProcesses(); + int ActiveProcesses = 0; + if (m_pKeepTerminated->isChecked()) { + foreach(const CBoxedProcessPtr & Process, Processes) { + if (!Process->IsTerminated()) + ActiveProcesses++; + } + } + else + ActiveProcesses = Processes.count(); + + if (m_bIconEmpty != (ActiveProcesses == 0) || m_bIconDisabled != bForceProcessDisabled) + { + m_bIconEmpty = (ActiveProcesses == 0); + m_bIconDisabled = bForceProcessDisabled; + + m_pTrayIcon->setIcon(GetTrayIconName()); + } + } + + if (!isVisible() || windowState().testFlag(Qt::WindowMinimized)) + return; + + theAPI->UpdateWindowMap(); + + m_pBoxView->Refresh(); + m_pTraceView->Refresh(); + + OnSelectionChanged(); + + int iCheckUpdates = theConf->GetInt("Options/CheckForUpdates", 2); + if (iCheckUpdates != 0) + { + time_t NextUpdateCheck = theConf->GetUInt64("Options/NextCheckForUpdates", 0); + if (NextUpdateCheck == 0) + theConf->SetValue("Options/NextCheckForUpdates", QDateTime::currentDateTime().addDays(7).toTime_t()); + else if(QDateTime::currentDateTime().toTime_t() >= NextUpdateCheck) + { + if (iCheckUpdates == 2) + { + bool bCheck = false; + iCheckUpdates = CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Do you want to check if there is a new version of Sandboxie-Plus?") + , tr("Don't show this message again."), &bCheck, QDialogButtonBox::Yes | QDialogButtonBox::No, QDialogButtonBox::Yes, QMessageBox::Information) == QDialogButtonBox::Ok ? 1 : 0; + + if (bCheck) + theConf->SetValue("Options/CheckForUpdates", iCheckUpdates); + } + + if (iCheckUpdates == 0) + theConf->SetValue("Options/NextCheckForUpdates", QDateTime::currentDateTime().addDays(7).toTime_t()); + else + { + theConf->SetValue("Options/NextCheckForUpdates", QDateTime::currentDateTime().addDays(1).toTime_t()); + + CheckForUpdates(false); + } + } + } + + if (!m_pUpdateProgress.isNull() && m_RequestManager != NULL) { + if (m_pUpdateProgress->IsCanceled()) { + m_pUpdateProgress->Finish(SB_OK); + m_pUpdateProgress.clear(); + + m_RequestManager->AbortAll(); + } + } + + if (!m_MissingTemplates.isEmpty()) + { + if (m_MissingTemplates[0] == "") { + m_MissingTemplates.clear(); + return; + } + + int CleanupTemplates = theConf->GetInt("Options/AutoCleanupTemplates", -1); + if (CleanupTemplates == -1) + { + bool State = false; + CleanupTemplates = CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Some compatibility templates (%1) are missing, probably deleted, do you want to remove them from all boxes?") + .arg(m_MissingTemplates.join(", ")) + , tr("Don't show this message again."), &State, QDialogButtonBox::Yes | QDialogButtonBox::No, QDialogButtonBox::Yes, QMessageBox::Information) == QDialogButtonBox::Yes ? 1 : 0; + + if (State) + theConf->SetValue("Options/AutoCleanupTemplates", CleanupTemplates); + } + + if (CleanupTemplates) + { + foreach(const QString& Template, m_MissingTemplates) + { + theAPI->GetGlobalSettings()->DelValue("Template", Template); + foreach(const CSandBoxPtr& pBox, theAPI->GetAllBoxes()) + pBox->DelValue("Template", Template); + } + + OnLogMessage(tr("Cleaned up removed templates...")); + } + m_MissingTemplates.clear(); + + m_MissingTemplates.append(""); + } +} + +void CSandMan::OnBoxClosed(const QString& BoxName) +{ + CSandBoxPtr pBox = theAPI->GetBoxByName(BoxName); + if (!pBox) + return; + + if (!pBox->GetBool("NeverDelete", false) && pBox->GetBool("AutoDelete", false) && !pBox->IsEmpty()) + { + // if this box auto deletes first show the recovry dialog with the option to abort deletion + if(!theGUI->OpenRecovery(pBox, true)) // unless no files are found than continue silently + return; + + SB_PROGRESS Status = pBox->CleanBox(); + if (Status.GetStatus() == OP_ASYNC) + AddAsyncOp(Status.GetValue()); + } +} + +void CSandMan::OnSelectionChanged() +{ + //QList Processes = m_pBoxView->GetSelectedProcesses(); + /*if (Processes.isEmpty()) + { + QListBoxes = m_pBoxView->GetSelectedBoxes(); + foreach(const CSandBoxPtr& pBox, Boxes) + Processes.append(pBox->GetProcessList().values()); + }*/ + + //QSet Pids; + //foreach(const CBoxedProcessPtr& pProcess, Processes) + // Pids.insert(pProcess->GetProcessId()); +} + +void CSandMan::OnStatusChanged() +{ + bool isConnected = theAPI->IsConnected(); + + QString appTitle = tr("Sandboxie-Plus v%1").arg(GetVersion()); + if (isConnected) + { + QString SbiePath = theAPI->GetSbiePath(); + OnLogMessage(tr("Sbie Directory: %1").arg(SbiePath)); + OnLogMessage(tr("Sbie+ Version: %1 (%2)").arg(GetVersion()).arg(theAPI->GetVersion())); + OnLogMessage(tr("Loaded Config: %1").arg(theAPI->GetIniPath())); + + //statusBar()->showMessage(tr("Driver version: %1").arg(theAPI->GetVersion())); + + //appTitle.append(tr(" - Driver: v%1").arg(theAPI->GetVersion())); + if (IsFullyPortable()) + { + appTitle.append(tr(" - Portable")); + + QString BoxPath = QDir::cleanPath(QApplication::applicationDirPath() + "/../Sandbox").replace("/", "\\"); + + int PortableRootDir = theConf->GetInt("Options/PortableRootDir", -1); + if (PortableRootDir == -1) + { + bool State = false; + PortableRootDir = CCheckableMessageBox::question(this, "Sandboxie-Plus", + tr("Sandboxie-Plus was started in portable mode, do you want to put the Sandbox folder into its parent directory?\r\nYes will choose: %1\r\nNo will choose: %2") + .arg(BoxPath) + .arg("C:\\Sandbox") // todo resolve os drive properly + , tr("Don't show this message again."), &State, QDialogButtonBox::Yes | QDialogButtonBox::No, QDialogButtonBox::Yes, QMessageBox::Information) == QDialogButtonBox::Yes ? 1 : 0; + + if (State) + theConf->SetValue("Options/PortableRootDir", PortableRootDir); + } + + if (PortableRootDir) + theAPI->GetGlobalSettings()->SetText("FileRootPath", BoxPath + "\\%SANDBOX%"); + } + + if (theConf->GetBool("Options/AutoRunSoftCompat", true)) + { + if (m_SbieTemplates->RunCheck()) + { + CSettingsWindow* pSettingsWindow = new CSettingsWindow(); + //connect(pSettingsWindow, SIGNAL(OptionsChanged()), this, SLOT(UpdateSettings())); + pSettingsWindow->showCompat(); + } + } + + if (SbiePath.compare(QApplication::applicationDirPath().replace("/", "\\"), Qt::CaseInsensitive) == 0) + { + if (theAPI->GetUserSettings()->GetText("SbieCtrl_AutoStartAgent").isEmpty()) + theAPI->GetUserSettings()->SetText("SbieCtrl_AutoStartAgent", "SandMan.exe"); + + QString cmd = CSbieUtils::GetContextMenuStartCmd(); + if (!cmd.isEmpty() && !cmd.contains("sandman.exe", Qt::CaseInsensitive)) { + CSbieUtils::AddContextMenu(QApplication::applicationDirPath().replace("/", "\\") + "\\SandMan.exe", + QApplication::applicationDirPath().replace("/", "\\") + "\\Start.exe"); + } + } + + m_pBoxView->Clear(); + + OnIniReloaded(); + + if (theConf->GetBool("Options/WatchIni", true)) + theAPI->WatchIni(true); + + if (!theAPI->ReloadCert().IsError()) { + CSettingsWindow::LoadCertificate(); + } + else { + g_Certificate.clear(); + } + + g_FeatureFlags = theAPI->GetFeatureFlags(); + + + SB_STATUS Status = theAPI->ReloadBoxes(); + + if (!Status.IsError() && !theAPI->GetAllBoxes().contains("defaultbox")) { + OnLogMessage(tr("Default sandbox not found; creating: %1").arg("DefaultBox")); + theAPI->CreateBox("DefaultBox"); + } + } + else + { + appTitle.append(tr(" - NOT connected").arg(theAPI->GetVersion())); + + m_pBoxView->Clear(); + + theAPI->WatchIni(false); + } + + m_pSupport->setVisible(g_Certificate.isEmpty()); + + this->setWindowTitle(appTitle); + + m_pTrayIcon->setIcon(GetTrayIconName(isConnected)); + m_bIconEmpty = true; + m_bIconDisabled = false; + + m_pNewBox->setEnabled(isConnected); + m_pNewGroup->setEnabled(isConnected); + m_pEmptyAll->setEnabled(isConnected); + m_pDisableForce->setEnabled(isConnected); + m_pDisableForce2->setEnabled(isConnected); + + //m_pCleanUpMenu->setEnabled(isConnected); + //m_pCleanUpButton->setEnabled(isConnected); + //m_pKeepTerminated->setEnabled(isConnected); + + m_pEditIni->setEnabled(isConnected); + m_pReloadIni->setEnabled(isConnected); + m_pEnableMonitoring->setEnabled(isConnected); +} + +void CSandMan::OnMenuHover(QAction* action) +{ + //if (!menuBar()->actions().contains(action)) + // return; // ignore sub menus + + + if (menuBar()->actions().at(0) == action) + { + bool bConnected = theAPI->IsConnected(); + m_pConnect->setEnabled(!bConnected); + m_pDisconnect->setEnabled(bConnected); + + m_pMaintenanceItems->setEnabled(!bConnected); + + bool DrvInstalled = CSbieUtils::IsInstalled(CSbieUtils::eDriver); + bool DrvLoaded = CSbieUtils::IsRunning(CSbieUtils::eDriver); + m_pInstallDrv->setEnabled(!DrvInstalled); + m_pStartDrv->setEnabled(!DrvLoaded); + m_pStopDrv->setEnabled(DrvLoaded); + m_pUninstallDrv->setEnabled(DrvInstalled); + + bool SvcInstalled = CSbieUtils::IsInstalled(CSbieUtils::eService); + bool SvcStarted = CSbieUtils::IsRunning(CSbieUtils::eService); + m_pInstallSvc->setEnabled(!SvcInstalled); + m_pStartSvc->setEnabled(!SvcStarted && DrvInstalled); + m_pStopSvc->setEnabled(SvcStarted); + m_pUninstallSvc->setEnabled(SvcInstalled); + + //m_pMenuStopAll - always enabled + } +} + +#define HK_PANIC 1 + +void CSandMan::SetupHotKeys() +{ + m_pHotkeyManager->unregisterAllHotkeys(); + + if (theConf->GetBool("Options/EnablePanicKey", false)) + m_pHotkeyManager->registerHotkey(theConf->GetString("Options/PanicKeySequence", "Ctrl+Alt+Cancel"), HK_PANIC); +} + +void CSandMan::OnHotKey(size_t id) +{ + switch (id) + { + case HK_PANIC: + theAPI->TerminateAll(); + break; + } +} + +void CSandMan::OnLogMessage(const QString& Message, bool bNotify) +{ + QTreeWidgetItem* pItem = new QTreeWidgetItem(); // Time|Message + pItem->setText(0, QDateTime::currentDateTime().toString("hh:mm:ss.zzz")); + pItem->setText(1, Message); + m_pMessageLog->GetTree()->addTopLevelItem(pItem); + + m_pMessageLog->GetView()->verticalScrollBar()->setValue(m_pMessageLog->GetView()->verticalScrollBar()->maximum()); + + if (bNotify) { + statusBar()->showMessage(Message); + m_pTrayIcon->showMessage("Sandboxie-Plus", Message); + } +} + +void CSandMan::OnLogSbieMessage(quint32 MsgCode, const QStringList& MsgData, quint32 ProcessId) +{ + if ((MsgCode & 0xFFFF) == 2198) // file migration progress + { + m_pPopUpWindow->ShowProgress(MsgCode, MsgData, ProcessId); + return; + } + + if ((MsgCode & 0xFFFF) == 1411) // removed/missing template + { + if(MsgData.size() >= 3 && !m_MissingTemplates.contains(MsgData[2])) + m_MissingTemplates.append(MsgData[2]); + } + + QString Message = MsgCode != 0 ? theAPI->GetSbieMsgStr(MsgCode, m_LanguageId) : (MsgData.size() > 0 ? MsgData[0] : QString()); + + for (int i = 1; i < MsgData.size(); i++) + Message = Message.arg(MsgData[i]); + + if (ProcessId != 4) // if it's not from the driver, add the pid + { + CBoxedProcessPtr pProcess = theAPI->GetProcessById(ProcessId); + if(pProcess.isNull()) + Message.prepend(tr("PID %1: ").arg(ProcessId)); + else + Message.prepend(tr("%1 (%2): ").arg(pProcess->GetProcessName()).arg(ProcessId)); + } + + OnLogMessage(Message); + + if(MsgCode != 0 && theConf->GetBool("Options/ShowNotifications", true)) + m_pPopUpWindow->AddLogMessage(Message, MsgCode, MsgData, ProcessId); +} + +void CSandMan::OnQueuedRequest(quint32 ClientPid, quint32 ClientTid, quint32 RequestId, const QVariantMap& Data) +{ + m_pPopUpWindow->AddUserPrompt(RequestId, Data, ClientPid); +} + +void CSandMan::OnFileToRecover(const QString& BoxName, const QString& FilePath, const QString& BoxPath, quint32 ProcessId) +{ + CSandBoxPtr pBox = theAPI->GetBoxByName(BoxName); + if (!pBox.isNull() && pBox.objectCast()->IsRecoverySuspended()) + return; + + if (theConf->GetBool("Options/InstantRecovery", true)) + { + CRecoveryWindow* pWnd = ShowRecovery(pBox, false); + + if (!theConf->GetBool("Options/AlwaysOnTop", false)) { + SetWindowPos((HWND)pWnd->winId(), HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOACTIVATE); + QTimer::singleShot(100, this, [pWnd]() { + SetWindowPos((HWND)pWnd->winId(), HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOACTIVATE); + }); + } + + pWnd->AddFile(FilePath, BoxPath); + } + else + m_pPopUpWindow->AddFileToRecover(FilePath, BoxPath, pBox, ProcessId); +} + +bool CSandMan::OpenRecovery(const CSandBoxPtr& pBox, bool bCloseEmpty) +{ + auto pBoxEx = pBox.objectCast(); + if (pBoxEx->m_pRecoveryWnd != NULL) { + pBoxEx->m_pRecoveryWnd->close(); + // todo: resuse window? + } + + CRecoveryWindow* pRecoveryWindow = new CRecoveryWindow(pBox, this); + if (pRecoveryWindow->FindFiles() == 0 && bCloseEmpty) { + delete pRecoveryWindow; + } + else if (pRecoveryWindow->exec() != 1) + return false; + return true; +} + +CRecoveryWindow* CSandMan::ShowRecovery(const CSandBoxPtr& pBox, bool bFind) +{ + auto pBoxEx = pBox.objectCast(); + if (pBoxEx->m_pRecoveryWnd == NULL) { + pBoxEx->m_pRecoveryWnd = new CRecoveryWindow(pBox); + connect(pBoxEx->m_pRecoveryWnd, &CRecoveryWindow::Closed, [pBoxEx]() { + pBoxEx->m_pRecoveryWnd = NULL; + }); + pBoxEx->m_pRecoveryWnd->show(); + } + else { + pBoxEx->m_pRecoveryWnd->setWindowState((pBoxEx->m_pRecoveryWnd->windowState() & ~Qt::WindowMinimized) | Qt::WindowActive); + SetForegroundWindow((HWND)pBoxEx->m_pRecoveryWnd->winId()); + } + if(bFind) + pBoxEx->m_pRecoveryWnd->FindFiles(); + return pBoxEx->m_pRecoveryWnd; +} + +SB_PROGRESS CSandMan::RecoverFiles(const QList>& FileList, int Action) +{ + CSbieProgressPtr pProgress = CSbieProgressPtr(new CSbieProgress()); + QtConcurrent::run(CSandMan::RecoverFilesAsync, pProgress, FileList, Action); + return SB_PROGRESS(OP_ASYNC, pProgress); +} + +void CSandMan::RecoverFilesAsync(const CSbieProgressPtr& pProgress, const QList>& FileList, int Action) +{ + SB_STATUS Status = SB_OK; + + int OverwriteOnExist = -1; + + QStringList Unrecovered; + for (QList>::const_iterator I = FileList.begin(); I != FileList.end(); ++I) + { + QString BoxPath = I->first; + QString RecoveryPath = I->second; + QString FileName = BoxPath.mid(BoxPath.lastIndexOf("\\") + 1); + QString RecoveryFolder = RecoveryPath.left(RecoveryPath.lastIndexOf("\\") + 1); + + pProgress->ShowMessage(tr("Recovering file %1 to %2").arg(FileName).arg(RecoveryFolder)); + + QDir().mkpath(RecoveryFolder); + if (QFile::exists(RecoveryPath)) + { + int Overwrite = OverwriteOnExist; + if (Overwrite == -1) + { + bool forAll = false; + int retVal = 0; + QMetaObject::invokeMethod(theGUI, "ShowQuestion", Qt::BlockingQueuedConnection, // show this question using the GUI thread + Q_RETURN_ARG(int, retVal), + Q_ARG(QString, tr("The file %1 already exists, do you want to overwrite it?").arg(RecoveryPath)), + Q_ARG(QString, tr("Do this for all files!")), + Q_ARG(bool*, &forAll), + Q_ARG(int, QDialogButtonBox::Yes | QDialogButtonBox::No), + Q_ARG(int, QDialogButtonBox::No) + ); + + Overwrite = retVal == QDialogButtonBox::Yes ? 1 : 0; + if (forAll) + OverwriteOnExist = Overwrite; + } + if (Overwrite == 1) + QFile::remove(RecoveryPath); + } + + if (!QFile::rename(BoxPath, RecoveryPath)) + Unrecovered.append(BoxPath); + } + + if (!Unrecovered.isEmpty()) + Status = SB_ERR(SB_Message, QVariantList () << (tr("Failed to recover some files: \n") + Unrecovered.join("\n"))); + else if(FileList.count() == 1 && Action != 0) + { + std::wstring path = FileList.first().second.toStdWString(); + switch (Action) + { + case 1: // open + ShellExecute(NULL, NULL, path.c_str(), NULL, NULL, SW_SHOWNORMAL); + break; + case 2: // explore + ShellExecute(NULL, NULL, L"explorer.exe", (L"/select,\"" + path + L"\"").c_str(), NULL, SW_SHOWNORMAL); + break; + } + } + + + pProgress->Finish(Status); +} + +int CSandMan::ShowQuestion(const QString& question, const QString& checkBoxText, bool* checkBoxSetting, int buttons, int defaultButton) +{ + return CCheckableMessageBox::question(this, "Sandboxie-Plus", question, checkBoxText, checkBoxSetting, (QDialogButtonBox::StandardButtons)buttons, (QDialogButtonBox::StandardButton)defaultButton, QMessageBox::Question); +} + +void CSandMan::OnNotAuthorized(bool bLoginRequired, bool& bRetry) +{ + if (!bLoginRequired) + { + QMessageBox::warning(this, "Sandboxie-Plus", tr("Only Administrators can change the config.")); + return; + } + + static bool LoginOpen = false; + if (LoginOpen) + return; + LoginOpen = true; + for (;;) + { + QString Value = QInputDialog::getText(this, "Sandboxie-Plus", tr("Please enter the configuration password."), QLineEdit::Password); + if (Value.isEmpty()) + break; + SB_STATUS Status = theAPI->UnlockConfig(Value); + if (!Status.IsError()) { + bRetry = true; + break; + } + QMessageBox::warning(this, "Sandboxie-Plus", tr("Login Failed: %1").arg(FormatError(Status))); + } + LoginOpen = false; +} + +void CSandMan::OnBoxMenu(const QPoint & point) +{ + QTreeWidgetItem* pItem = m_pTrayBoxes->currentItem(); + if (!pItem) + return; + + m_pBoxView->PopUpMenu(pItem->data(0, Qt::UserRole).toString()); + + //m_pBoxMenu->popup(QCursor::pos()); +} + +void CSandMan::OnBoxDblClick(QTreeWidgetItem* pItem) +{ + m_pBoxView->ShowOptions(pItem->data(0, Qt::UserRole).toString()); +} + +void CSandMan::OnNewBox() +{ + m_pBoxView->AddNewBox(); +} + +void CSandMan::OnNewGroupe() +{ + m_pBoxView->AddNewGroup(); +} + +void CSandMan::OnEmptyAll() +{ + if (theConf->GetInt("Options/WarnTerminateAll", -1) == -1) + { + bool State = false; + if(CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Do you want to terminate all processes in all sandboxes?") + , tr("Terminate all without asking"), &State, QDialogButtonBox::Yes | QDialogButtonBox::No, QDialogButtonBox::Yes, QMessageBox::Information) != QDialogButtonBox::Yes) + return; + + if (State) + theConf->SetValue("Options/WarnTerminateAll", 1); + } + + theAPI->TerminateAll(); +} + +void CSandMan::OnDisableForce() +{ + bool Status = m_pDisableForce->isChecked(); + int Seconds = 0; + if (Status) + { + int LastValue = theAPI->GetGlobalSettings()->GetNum("ForceDisableSeconds", 60); + + bool bOK = false; + Seconds = QInputDialog::getInt(this, "Sandboxie-Plus", tr("Please enter the duration for disabling forced programs."), LastValue, 0, INT_MAX, 1, &bOK); + if (!bOK) + return; + } + theAPI->DisableForceProcess(Status, Seconds); +} + +void CSandMan::OnDisableForce2() +{ + bool Status = m_pDisableForce2->isChecked(); + theAPI->DisableForceProcess(Status); +} + +SB_STATUS CSandMan::ConnectSbie() +{ + SB_STATUS Status; + bool bJustStarted = false; + if (!CSbieUtils::IsRunning(CSbieUtils::eAll)) + { + if (!CSbieUtils::IsInstalled(CSbieUtils::eAll)) + { + int PortableStart = theConf->GetInt("Options/PortableStart", -1); + if (PortableStart == -1) + { + bool State = false; + PortableStart = CCheckableMessageBox::question(this, "Sandboxie-Plus", tr("Sandboxie-Plus was started in portable mode and it needs to create necessary services. This will prompt for administrative privileges.") + , tr("Don't show this message again."), &State, QDialogButtonBox::Ok | QDialogButtonBox::Cancel, QDialogButtonBox::Ok, QMessageBox::Information) == QDialogButtonBox::Ok ? 1 : 0; + + if (State) + theConf->SetValue("Options/PortableStart", PortableStart); + } + + if(!PortableStart) + return SB_OK; + } + + bJustStarted = true; + Status = CSbieUtils::Start(CSbieUtils::eAll); + } + + if (Status.GetStatus() == OP_ASYNC) { + m_bConnectPending = true; + return SB_OK; + } + if (Status.IsError()) + return Status; + if (bJustStarted) { + QTimer::singleShot(1000, [this]() { + SB_STATUS Status = this->ConnectSbieImpl(); + CheckResults(QList() << Status); + }); + return SB_OK; + } + + return ConnectSbieImpl(); +} + +SB_STATUS CSandMan::ConnectSbieImpl() +{ + SB_STATUS Status = theAPI->Connect(theConf->GetBool("Options/UseInteractiveQueue", true)); + + if (Status.GetStatus() == 0xC0000038L /*STATUS_DEVICE_ALREADY_ATTACHED*/) { + OnLogMessage(tr("CAUTION: Another agent (probably SbieCtrl.exe) is already managing this Sandboxie session, please close it first and reconnect to take over.")); + return SB_OK; + } + + return Status; +} + +SB_STATUS CSandMan::DisconnectSbie() +{ + return theAPI->Disconnect(); +} + +SB_STATUS CSandMan::StopSbie(bool andRemove) +{ + SB_STATUS Status; + + if (theAPI->IsConnected()) { + Status = theAPI->TerminateAll(); + theAPI->Disconnect(); + } + if (!Status.IsError()) { + if(andRemove) + Status = CSbieUtils::Uninstall(CSbieUtils::eAll); // it stops it first of course + else + Status = CSbieUtils::Stop(CSbieUtils::eAll); + if (Status.GetStatus() == OP_ASYNC) + m_bStopPending = true; + } + + return Status; +} + +void CSandMan::OnMaintenance() +{ + SB_STATUS Status; + if (sender() == m_pConnect) + Status = ConnectSbie(); + else if (sender() == m_pDisconnect) + Status = DisconnectSbie(); + else if (sender() == m_pStopAll) + Status = StopSbie(); + + // advanced + else if (sender() == m_pInstallDrv) + Status = CSbieUtils::Install(CSbieUtils::eDriver); + else if (sender() == m_pStartDrv) + Status = CSbieUtils::Start(CSbieUtils::eDriver); + else if (sender() == m_pStopDrv) + Status = CSbieUtils::Stop(CSbieUtils::eDriver); + else if (sender() == m_pUninstallDrv) + Status = CSbieUtils::Uninstall(CSbieUtils::eDriver); + + else if (sender() == m_pInstallSvc) + Status = CSbieUtils::Install(CSbieUtils::eService); + else if(sender() == m_pStartSvc) + Status = CSbieUtils::Start(CSbieUtils::eService); + else if(sender() == m_pStopSvc) + Status = CSbieUtils::Stop(CSbieUtils::eService); + else if (sender() == m_pUninstallSvc) + Status = CSbieUtils::Uninstall(CSbieUtils::eService); + + if (Status.GetStatus() == OP_ASYNC) { + //statusBar()->showMessage(tr("Executing maintenance operation, please wait...")); + m_pProgressDialog->OnStatusMessage(tr("Executing maintenance operation, please wait...")); + m_pProgressDialog->show(); + return; + } + + CheckResults(QList() << Status); +} + +void CSandMan::OnViewMode(QAction* pAction) +{ + bool bAdvanced = pAction->data().toBool(); + theConf->SetValue("Options/AdvancedView", bAdvanced); + SetViewMode(bAdvanced); +} + +void CSandMan::OnAlwaysTop() +{ + bool bAlwaysOnTop = m_pWndTopMost->isChecked(); + theConf->SetValue("Options/AlwaysOnTop", bAlwaysOnTop); + this->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); + this->show(); // why is this needed? + m_pPopUpWindow->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); +} + +void CSandMan::SetViewMode(bool bAdvanced) +{ + if (bAdvanced) + { + for (int i = m_iMenuViewPos; i < m_pMenuView->actions().count(); i++) + m_pMenuView->actions().at(i)->setVisible(true); + + if (m_pMenuHelp->actions().first() != m_pSupport) { + m_pMenuHelp->insertAction(m_pMenuHelp->actions().first(), m_pSupport); + menuBar()->removeAction(m_pSupport); + } + + m_pToolBar->show(); + m_pLogTabs->show(); + if (theConf->GetBool("Options/NoStatusBar", false)) + statusBar()->hide(); + else { + statusBar()->show(); + //if (theConf->GetBool("Options/NoSizeGrip", false)) + // statusBar()->setSizeGripEnabled(false); + } + } + else + { + for (int i = m_iMenuViewPos; i < m_pMenuView->actions().count(); i++) + m_pMenuView->actions().at(i)->setVisible(false); + + m_pMenuHelp->removeAction(m_pSupport); + menuBar()->addAction(m_pSupport); + + m_pToolBar->hide(); + m_pLogTabs->hide(); + statusBar()->hide(); + } +} + +void CSandMan::OnCleanUp() +{ + if (sender() == m_pCleanUpMsgLog || sender() == m_pCleanUpButton) + m_pMessageLog->GetTree()->clear(); + + if (sender() == m_pCleanUpTrace || sender() == m_pCleanUpButton) + m_pTraceView->Clear(); + + if (sender() == m_pCleanUpProcesses || sender() == m_pCleanUpButton) + theAPI->UpdateProcesses(false, m_pShowAllSessions->isChecked()); +} + +void CSandMan::OnProcView() +{ + theConf->SetValue("Options/KeepTerminated", m_pKeepTerminated->isChecked()); + theConf->SetValue("Options/ShowAllSessions", m_pShowAllSessions->isChecked()); +} + +void CSandMan::OnSettings() +{ + static CSettingsWindow* pSettingsWindow = NULL; + if (pSettingsWindow == NULL) + { + pSettingsWindow = new CSettingsWindow(); + connect(pSettingsWindow, SIGNAL(OptionsChanged()), this, SLOT(UpdateSettings())); + connect(pSettingsWindow, &CSettingsWindow::Closed, [this]() { + pSettingsWindow = NULL; + }); + pSettingsWindow->show(); + } +} + +void CSandMan::UpdateSettings() +{ + SetUITheme(); + + //m_pBoxView->UpdateRunMenu(); + + SetupHotKeys(); + + if (theConf->GetInt("Options/SysTrayIcon", 1)) + m_pTrayIcon->show(); + else + m_pTrayIcon->hide(); +} + +void CSandMan::OnResetMsgs() +{ + auto Ret = QMessageBox("Sandboxie-Plus", tr("Do you also want to reset hidden message boxes (yes), or only all log messages (no)?"), + QMessageBox::Question, QMessageBox::Yes | QMessageBox::Default, QMessageBox::No, QMessageBox::Cancel | QMessageBox::Escape, this).exec(); + if (Ret == QMessageBox::Cancel) + return; + + if (Ret == QMessageBox::Yes) + { + theConf->SetValue("Options/PortableStop", -1); + theConf->SetValue("Options/PortableStart", -1); + theConf->SetValue("Options/PortableRootDir", -1); + + theConf->SetValue("Options/CheckForUpdates", 2); + + theConf->SetValue("Options/NoEditInfo", true); + + theConf->SetValue("Options/BoxedExplorerInfo", true); + theConf->SetValue("Options/ExplorerInfo", true); + + theConf->SetValue("Options/OpenUrlsSandboxed", 2); + + theConf->SetValue("Options/AutoCleanupTemplates", -1); + theConf->SetValue("Options/WarnTerminateAll", -1); + theConf->SetValue("Options/WarnTerminate", -1); + } + + theAPI->GetUserSettings()->UpdateTextList("SbieCtrl_HideMessage", QStringList(), true); + m_pPopUpWindow->ReloadHiddenMessages(); +} + +void CSandMan::OnEditIni() +{ + if (theConf->GetBool("Options/NoEditInfo", true)) + { + bool State = false; + CCheckableMessageBox::question(this, "Sandboxie-Plus", + theConf->GetBool("Options/WatchIni", true) + ? tr("The changes will be applied automatically whenever the file gets saved.") + : tr("The changes will be applied automatically as soon as the editor is closed.") + , tr("Don't show this message again."), &State, QDialogButtonBox::Ok, QDialogButtonBox::Ok, QMessageBox::Information); + + if (State) + theConf->SetValue("Options/NoEditInfo", false); + } + + wstring IniPath = theAPI->GetIniPath().toStdWString(); + + SHELLEXECUTEINFO si = { 0 }; + si.cbSize = sizeof(SHELLEXECUTEINFO); + si.fMask = SEE_MASK_NOCLOSEPROCESS; + si.hwnd = NULL; + si.lpVerb = L"runas"; + si.lpFile = L"notepad.exe"; + si.lpParameters = IniPath.c_str(); + si.lpDirectory = NULL; + si.nShow = SW_SHOW; + si.hInstApp = NULL; + ShellExecuteEx(&si); + //WaitForSingleObject(si.hProcess, INFINITE); + //CloseHandle(si.hProcess); + + if (theConf->GetBool("Options/WatchIni", true)) + return; // if the ini is watched don't double reload + + QWinEventNotifier* processFinishedNotifier = new QWinEventNotifier(si.hProcess); + processFinishedNotifier->setEnabled(true); + connect(processFinishedNotifier, &QWinEventNotifier::activated, this, [processFinishedNotifier, this, si]() { + processFinishedNotifier->setEnabled(false); + processFinishedNotifier->deleteLater(); + this->OnReloadIni(); + CloseHandle(si.hProcess); + }); +} + +void CSandMan::OnReloadIni() +{ + theAPI->ReloadConfig(); +} + +void CSandMan::OnIniReloaded() +{ + m_pBoxView->ReloadGroups(); + m_pPopUpWindow->ReloadHiddenMessages(); +} + +void CSandMan::OnSetMonitoring() +{ + theAPI->EnableMonitor(m_pEnableMonitoring->isChecked()); + + if(m_pEnableMonitoring->isChecked() && !m_pToolBar->isVisible()) + m_pLogTabs->show(); + + //m_pTraceView->setEnabled(m_pEnableMonitoring->isChecked()); +} + +bool CSandMan::AddAsyncOp(const CSbieProgressPtr& pProgress, bool bWait) +{ + m_pAsyncProgress.insert(pProgress.data(), pProgress); + connect(pProgress.data(), SIGNAL(Message(const QString&)), this, SLOT(OnAsyncMessage(const QString&))); + connect(pProgress.data(), SIGNAL(Progress(int)), this, SLOT(OnAsyncProgress(int))); + connect(pProgress.data(), SIGNAL(Finished()), this, SLOT(OnAsyncFinished())); + + m_pProgressDialog->OnStatusMessage(""); + if (bWait) { + m_pProgressModal = true; + m_pProgressDialog->exec(); + m_pProgressModal = false; + } + else + m_pProgressDialog->show(); + + if (pProgress->IsFinished()) // Note: since the operation runs asynchronously, it may have already finished, so we need to test for that + OnAsyncFinished(pProgress.data()); + + return !pProgress->IsCanceled(); +} + +void CSandMan::OnAsyncFinished() +{ + OnAsyncFinished(qobject_cast(sender())); +} + +void CSandMan::OnAsyncFinished(CSbieProgress* pSender) +{ + CSbieProgressPtr pProgress = m_pAsyncProgress.take(pSender); + if (pProgress.isNull()) + return; + disconnect(pProgress.data() , SIGNAL(Finished()), this, SLOT(OnAsyncFinished())); + + SB_STATUS Status = pProgress->GetStatus(); + if(Status.IsError()) + CSandMan::CheckResults(QList() << Status); + + if (m_pAsyncProgress.isEmpty()) { + if(m_pProgressModal) + m_pProgressDialog->close(); + else + m_pProgressDialog->hide(); + } +} + +void CSandMan::OnAsyncMessage(const QString& Text) +{ + m_pProgressDialog->OnStatusMessage(Text); +} + +void CSandMan::OnAsyncProgress(int Progress) +{ + m_pProgressDialog->OnProgressMessage("", Progress); +} + +void CSandMan::OnCancelAsync() +{ + foreach(const CSbieProgressPtr& pProgress, m_pAsyncProgress) + pProgress->Cancel(); +} + +QString CSandMan::FormatError(const SB_STATUS& Error) +{ + //QString Text = Error.GetText(); + //if (!Text.isEmpty()) + // return Text; + + QString Message; + switch (Error.GetMsgCode()) + { + case SB_Generic: return tr("Error Status: 0x%1 (%2)").arg((quint32)Error.GetStatus(), 8, 16, QChar('0')).arg( + (Error.GetArgs().isEmpty() || Error.GetArgs().first().toString().isEmpty()) ? tr("Unknown") : Error.GetArgs().first().toString().trimmed()); + case SB_Message: Message = "%1"; break; + case SB_NeedAdmin: Message = tr("Administrator rights are required for this operation."); break; + case SB_ExecFail: Message = tr("Failed to execute: %1"); break; + case SB_DriverFail: Message = tr("Failed to connect to the driver"); break; + case SB_ServiceFail: Message = tr("Failed to communicate with Sandboxie Service: %1"); break; + case SB_Incompatible: Message = tr("An incompatible Sandboxie %1 was found. Compatible versions: %2"); break; + case SB_PathFail: Message = tr("Can't find Sandboxie installation path."); break; + case SB_FailedCopyConf: Message = tr("Failed to copy configuration from sandbox %1: %2"); break; + case SB_AlreadyExists: Message = tr("A sandbox of the name %1 already exists"); break; + case SB_DeleteFailed: Message = tr("Failed to delete sandbox %1: %2"); break; + case SB_NameLenLimit: Message = tr("The sandbox name can not be longer than 32 characters."); break; + case SB_BadNameDev: Message = tr("The sandbox name can not be a device name."); break; + case SB_BadNameChar: Message = tr("The sandbox name can contain only letters, digits and underscores which are displayed as spaces."); break; + case SB_FailedKillAll: Message = tr("Failed to terminate all processes"); break; + case SB_DeleteProtect: Message = tr("Delete protection is enabled for the sandbox"); break; + case SB_DeleteError: Message = tr("Error deleting sandbox folder: %1"); break; + //case SB_RemNotEmpty: Message = tr("A sandbox must be emptied before it can be renamed."); break; + //case SB_DelNotEmpty: Message = tr("A sandbox must be emptied before it can be deleted."); break; + case SB_FailedMoveDir: Message = tr("Failed to move directory '%1' to '%2'"); break; + case SB_SnapIsRunning: Message = tr("This Snapshot operation can not be performed while processes are still running in the box."); break; + case SB_SnapMkDirFail: Message = tr("Failed to create directory for new snapshot"); break; + case SB_SnapCopyRegFail:Message = tr("Failed to copy RegHive"); break; + case SB_SnapNotFound: Message = tr("Snapshot not found"); break; + case SB_SnapMergeFail: Message = tr("Error merging snapshot directories '%1' with '%2', the snapshot has not been fully merged."); break; + case SB_SnapRmDirFail: Message = tr("Failed to remove old snapshot directory '%1'"); break; + case SB_SnapIsShared: Message = tr("Can't remove a snapshot that is shared by multiple later snapshots"); break; + case SB_SnapDelRegFail: Message = tr("Failed to remove old RegHive"); break; + case SB_NotAuthorized: Message = tr("You are not authorized to update configuration in section '%1'"); break; + case SB_ConfigFailed: Message = tr("Failed to set configuration setting %1 in section %2: %3"); break; + case SB_SnapIsEmpty: Message = tr("Can not create snapshot of an empty sandbox"); break; + case SB_NameExists: Message = tr("A sandbox with that name already exists"); break; + case SB_PasswordBad: Message = tr("The config password must not be longer than 64 characters"); break; + default: return tr("Unknown Error Status: 0x%1").arg((quint32)Error.GetStatus(), 8, 16, QChar('0')); + } + + foreach(const QVariant& Arg, Error.GetArgs()) + Message = Message.arg(Arg.toString()); // todo: make quint32 hex and so on + + return Message; +} + +void CSandMan::CheckResults(QList Results) +{ + QStringList Errors; + for (QList::iterator I = Results.begin(); I != Results.end(); ++I) { + if (I->IsError() && I->GetStatus() != OP_CANCELED) + Errors.append(FormatError(*I)); + } + + if (Errors.count() == 1) + QMessageBox::warning(NULL, tr("Sandboxie-Plus - Error"), Errors.first()); + else if (Errors.count() > 1) { + CMultiErrorDialog Dialog(tr("Operation failed for %1 item(s).").arg(Errors.size()), Errors); + Dialog.exec(); + } +} + +void CSandMan::OnShowHide() +{ + if (isVisible()) { + StoreState(); + hide(); + } else + show(); +} + +void CSandMan::OnSysTray(QSystemTrayIcon::ActivationReason Reason) +{ + static bool TriggerSet = false; + static bool NullifyTrigger = false; + switch(Reason) + { + case QSystemTrayIcon::Context: + { + QMap Boxes = theAPI->GetAllBoxes(); + + bool bAdded = false; + + QMap OldBoxes; + for(int i = 0; i < m_pTrayBoxes->topLevelItemCount(); ++i) + { + QTreeWidgetItem* pItem = m_pTrayBoxes->topLevelItem(i); + QString Name = pItem->data(0, Qt::UserRole).toString(); + OldBoxes.insert(Name,pItem); + } + + foreach(const CSandBoxPtr & pBox, Boxes) + { + if (!pBox->IsEnabled()) + continue; + + CSandBoxPlus* pBoxEx = qobject_cast(pBox.data()); + + QTreeWidgetItem* pItem = OldBoxes.take(pBox->GetName()); + if(!pItem) + { + pItem = new QTreeWidgetItem(); + pItem->setData(0, Qt::UserRole, pBox->GetName()); + pItem->setText(0, " " + pBox->GetName().replace("_", " ")); + m_pTrayBoxes->addTopLevelItem(pItem); + + bAdded = true; + } + + pItem->setData(0, Qt::DecorationRole, theGUI->GetBoxIcon(pBox->GetActiveProcessCount() != 0, pBoxEx->GetType())); + } + + foreach(QTreeWidgetItem* pItem, OldBoxes) + delete pItem; + + if (!OldBoxes.isEmpty() || bAdded) + { + auto palette = m_pTrayBoxes->palette(); + palette.setColor(QPalette::Base, m_pTrayMenu->palette().color(QPalette::Window)); + m_pTrayBoxes->setPalette(palette); + m_pTrayBoxes->setFrameShape(QFrame::NoFrame); + + //const int FrameWidth = m_pTrayBoxes->style()->pixelMetric(QStyle::PM_DefaultFrameWidth); + int Height = 0; //m_pTrayBoxes->header()->height() + (2 * FrameWidth); + + for (QTreeWidgetItemIterator AllIterator(m_pTrayBoxes, QTreeWidgetItemIterator::All); *AllIterator; ++AllIterator) + Height += m_pTrayBoxes->visualItemRect(*AllIterator).height(); + + QRect scrRect = this->screen()->availableGeometry(); + int MaxHeight = scrRect.height() / 2; + if (Height > MaxHeight) { + Height = MaxHeight; + if (Height < 64) + Height = 64; + } + + m_pTrayBoxes->setFixedHeight(Height); + + m_pTrayMenu->removeAction(m_pTrayList); + m_pTrayMenu->insertAction(m_pTraySeparator, m_pTrayList); + } + + m_pTrayMenu->popup(QCursor::pos()); + break; + } + case QSystemTrayIcon::DoubleClick: + if (isVisible()) + { + if(TriggerSet) + NullifyTrigger = true; + + StoreState(); + hide(); + + if (theAPI->GetGlobalSettings()->GetBool("ForgetPassword", false)) + theAPI->ClearPassword(); + + break; + } + show(); + case QSystemTrayIcon::Trigger: + if (isVisible() && !TriggerSet) + { + TriggerSet = true; + QTimer::singleShot(100, [this]() { + TriggerSet = false; + if (NullifyTrigger) { + NullifyTrigger = false; + return; + } + this->setWindowState((this->windowState() & ~Qt::WindowMinimized) | Qt::WindowActive); + SetForegroundWindow(MainWndHandle); + } ); + } + m_pPopUpWindow->Poke(); + break; + } +} + +void CSandMan::OpenUrl(const QUrl& url) +{ + if (url.scheme() == "sbie") + return OpenUrl("https://sandboxie-plus.com/sandboxie" + url.path()); + + int iSandboxed = theConf->GetInt("Options/OpenUrlsSandboxed", 2); + + if (iSandboxed == 2) + { + bool bCheck = false; + QString Message = tr("Do you want to open %1 in a sandboxed (yes) or unsandboxed (no) Web browser?").arg(url.toString()); + QDialogButtonBox::StandardButton Ret = CCheckableMessageBox::question(this, "Sandboxie-Plus", Message , tr("Remember choice for later."), + &bCheck, QDialogButtonBox::Yes | QDialogButtonBox::No | QDialogButtonBox::Cancel, QDialogButtonBox::Yes, QMessageBox::Question); + if (Ret == QDialogButtonBox::Cancel) return; + iSandboxed = Ret == QDialogButtonBox::Yes ? 1 : 0; + if(bCheck) theConf->SetValue("Options/OpenUrlsSandboxed", iSandboxed); + } + + if (iSandboxed) RunSandboxed(QStringList(url.toString()), "DefaultBox"); + else ShellExecute(MainWndHandle, NULL, url.toString().toStdWString().c_str(), NULL, NULL, SW_SHOWNORMAL); +} + +QString CSandMan::GetVersion() +{ + QString Version = QString::number(VERSION_MJR) + "." + QString::number(VERSION_MIN) //.rightJustified(2, '0') +#if VERSION_REV > 0 || VERSION_MJR == 0 + + "." + QString::number(VERSION_REV) +#endif +#if VERSION_UPD > 0 + + QString('a' + VERSION_UPD - 1) +#endif + ; + return Version; +} + +void CSandMan::CheckForUpdates(bool bManual) +{ + if (!m_pUpdateProgress.isNull()) + return; + + m_pUpdateProgress = CSbieProgressPtr(new CSbieProgress()); + AddAsyncOp(m_pUpdateProgress); + m_pUpdateProgress->ShowMessage(tr("Checking for updates...")); + + if (m_RequestManager == NULL) + m_RequestManager = new CNetworkAccessManager(30 * 1000, this); + + + QUrlQuery Query; + Query.addQueryItem("software", "sandboxie-plus"); + //QString Branche = theConf->GetString("Options/ReleaseBranche"); + //if (!Branche.isEmpty()) + // Query.addQueryItem("branche", Branche); + //Query.addQueryItem("version", GetVersion()); + Query.addQueryItem("version", QString::number(VERSION_MJR) + "." + QString::number(VERSION_MIN) + "." + QString::number(VERSION_REV) + "." + QString::number(VERSION_UPD)); + Query.addQueryItem("system", "windows-" + QSysInfo::kernelVersion() + "-" + QSysInfo::currentCpuArchitecture()); + Query.addQueryItem("language", QString::number(m_LanguageId)); + QString UpdateKey = theAPI->GetGlobalSettings()->GetText("UpdateKey"); // theConf->GetString("Options/UpdateKey"); + if (!UpdateKey.isEmpty()) + Query.addQueryItem("update_key", UpdateKey); + Query.addQueryItem("auto", bManual ? "0" : "1"); + + QUrl Url("https://sandboxie-plus.com/update.php"); + Url.setQuery(Query); + + QNetworkRequest Request = QNetworkRequest(Url); + Request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true); + //Request.setRawHeader("Accept-Encoding", "gzip"); + QNetworkReply* pReply = m_RequestManager->get(Request); + pReply->setProperty("manual", bManual); + connect(pReply, SIGNAL(finished()), this, SLOT(OnUpdateCheck())); +} + +void CSandMan::OnUpdateCheck() +{ + if (m_pUpdateProgress.isNull()) + return; + + QNetworkReply* pReply = qobject_cast(sender()); + QByteArray Reply = pReply->readAll(); + bool bManual = pReply->property("manual").toBool(); + pReply->deleteLater(); + + m_pUpdateProgress->Finish(SB_OK); + m_pUpdateProgress.clear(); + + QVariantMap Data = QJsonDocument::fromJson(Reply).toVariant().toMap(); + if (Data.isEmpty() || Data["error"].toBool()) + { + QString Error = Data.isEmpty() ? tr("server not reachable") : Data["errorMsg"].toString(); + OnLogMessage(tr("Failed to check for updates, error: %1").arg(Error), !bManual); + if (bManual) + QMessageBox::critical(this, "Sandboxie-Plus", tr("Failed to check for updates, error: %1").arg(Error)); + return; + } + + bool bNothing = true; + + QStringList IgnoredUpdates = theConf->GetStringList("Options/IgnoredUpdates"); + + QString UserMsg = Data["userMsg"].toString(); + if (!UserMsg.isEmpty()) + { + QString MsgHash = QCryptographicHash::hash(Data["userMsg"].toByteArray(), QCryptographicHash::Md5).toHex().left(8); + if (!IgnoredUpdates.contains(MsgHash)) + { + QString FullMessage = UserMsg; + QString InfoUrl = Data["infoUrl"].toString(); + if (!InfoUrl.isEmpty()) + FullMessage += tr("

Do you want to go to the info page?

").arg(InfoUrl); + + CCheckableMessageBox mb(this); + mb.setWindowTitle("Sandboxie-Plus"); + QIcon ico(QLatin1String(":/SandMan.png")); + mb.setIconPixmap(ico.pixmap(64, 64)); + //mb.setTextFormat(Qt::RichText); + mb.setText(UserMsg); + mb.setCheckBoxText(tr("Don't show this announcement in the future.")); + + if (!InfoUrl.isEmpty()) { + mb.setStandardButtons(QDialogButtonBox::Yes | QDialogButtonBox::No); + mb.setDefaultButton(QDialogButtonBox::Yes); + } + else + mb.setStandardButtons(QDialogButtonBox::Ok); + + mb.exec(); + + if (mb.isChecked()) + theConf->SetValue("Options/IgnoredUpdates", IgnoredUpdates << MsgHash); + + if (mb.clickedStandardButton() == QDialogButtonBox::Yes) + { + QDesktopServices::openUrl(InfoUrl); + } + + bNothing = false; + } + } + + QString VersionStr = Data["version"].toString(); + if (!VersionStr.isEmpty()) //&& VersionStr != GetVersion()) + { + UCHAR myVersion[4] = { VERSION_UPD, VERSION_REV, VERSION_MIN, VERSION_MJR }; // ntohl + ULONG MyVersion = *(ULONG*)&myVersion; + + ULONG Version = 0; + QStringList Nums = VersionStr.split("."); + for (int i = 0, Bits = 24; i < Nums.count() && Bits >= 0; i++, Bits -= 8) + Version |= (Nums[i].toInt() & 0xFF) << Bits; + + if (Version > MyVersion) + if (bManual || !IgnoredUpdates.contains(VersionStr)) // when checked manually always show result + { + bNothing = false; + //QDateTime Updated = QDateTime::fromTime_t(Data["updated"].toULongLong()); + + QString UpdateMsg = Data["updateMsg"].toString(); + QString UpdateUrl = Data["updateUrl"].toString(); + + QString DownloadUrl = Data["downloadUrl"].toString(); + // 'sha256' + // 'signature' + + QString FullMessage = UpdateMsg.isEmpty() ? tr("

There is a new version of Sandboxie-Plus available.
New version: %1

").arg(VersionStr) : UpdateMsg; + if (!DownloadUrl.isEmpty()) + FullMessage += tr("

Do you want to download the latest version?

"); + else if (!UpdateUrl.isEmpty()) + FullMessage += tr("

Do you want to go to the download page?

").arg(UpdateUrl); + + CCheckableMessageBox mb(this); + mb.setWindowTitle("Sandboxie-Plus"); + QIcon ico(QLatin1String(":/SandMan.png")); + mb.setIconPixmap(ico.pixmap(64, 64)); + //mb.setTextFormat(Qt::RichText); + mb.setText(FullMessage); + mb.setCheckBoxText(tr("Don't show this message anymore.")); + mb.setCheckBoxVisible(!bManual); + + if (!UpdateUrl.isEmpty() || !DownloadUrl.isEmpty()) { + mb.setStandardButtons(QDialogButtonBox::Yes | QDialogButtonBox::No); + mb.setDefaultButton(QDialogButtonBox::Yes); + } + else + mb.setStandardButtons(QDialogButtonBox::Ok); + + mb.exec(); + + if (mb.isChecked()) + theConf->SetValue("Options/IgnoredUpdates", IgnoredUpdates << VersionStr); + + if (mb.clickedStandardButton() == QDialogButtonBox::Yes) + { + if (!DownloadUrl.isEmpty()) + { + QNetworkRequest Request = QNetworkRequest(DownloadUrl); + Request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true); + //Request.setRawHeader("Accept-Encoding", "gzip"); + QNetworkReply* pReply = m_RequestManager->get(Request); + connect(pReply, SIGNAL(finished()), this, SLOT(OnUpdateDownload())); + connect(pReply, SIGNAL(downloadProgress(qint64, qint64)), this, SLOT(OnUpdateProgress(qint64, qint64))); + + m_pUpdateProgress = CSbieProgressPtr(new CSbieProgress()); + AddAsyncOp(m_pUpdateProgress); + m_pUpdateProgress->ShowMessage(tr("Downloading new version...")); + } + else + QDesktopServices::openUrl(UpdateUrl); + } + } + } + + if (bNothing) + { + theConf->SetValue("Options/NextCheckForUpdates", QDateTime::currentDateTime().addDays(7).toTime_t()); + + if (bManual) + QMessageBox::information(this, "Sandboxie-Plus", tr("No new updates found, your Sandboxie-Plus is up-to-date.")); + } +} + +void CSandMan::OnUpdateProgress(qint64 bytes, qint64 bytesTotal) +{ + if (bytesTotal != 0 && !m_pUpdateProgress.isNull()) + m_pUpdateProgress->Progress(100 * bytes / bytesTotal); +} + +void CSandMan::OnUpdateDownload() +{ + if (m_pUpdateProgress.isNull()) + return; + + QString TempDir = QStandardPaths::writableLocation(QStandardPaths::TempLocation); + if (TempDir.right(1) != "/") + TempDir += "/"; + + m_pUpdateProgress->Progress(-1); + + QNetworkReply* pReply = qobject_cast(sender()); + quint64 Size = pReply->bytesAvailable(); + QString Name = pReply->request().url().fileName(); + if (Name.isEmpty() || Name.right(4).compare(".exe", Qt::CaseInsensitive) != 0) + Name = "Sandboxie-Plus-Install.exe"; + + QString FilePath = TempDir + Name; + + QFile File(FilePath); + if (File.open(QFile::WriteOnly)) { + while (pReply->bytesAvailable() > 0) + File.write(pReply->read(4096)); + File.close(); + } + + pReply->deleteLater(); + + m_pUpdateProgress->Finish(SB_OK); + m_pUpdateProgress.clear(); + + if (File.size() != Size) { + QMessageBox::critical(this, "Sandboxie-Plus", tr("Failed to download update from: %1").arg(pReply->request().url().toString())); + return; + } + + QString Message = tr("

New Sandboxie-Plus has been downloaded to the following location:

%1

Do you want to begin the installation? If any programs are running sandboxed, they will be terminated.

") + .arg(FilePath).arg("File:///" + TempDir); + if (QMessageBox("Sandboxie-Plus", Message, QMessageBox::Information, QMessageBox::Yes | QMessageBox::Default, QMessageBox::No | QMessageBox::Escape, QMessageBox::NoButton, this).exec() == QMessageBox::Yes) + QProcess::startDetached(FilePath); +} + +void CSandMan::OnHelp() +{ + if (sender() == m_pSupport) + QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=donate")); + else if (sender() == m_pForum) + QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=sbie-forum")); + else if (sender() == m_pManual) + QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=sbie-docs")); + else + QDesktopServices::openUrl(QUrl("https://sandboxie-plus.com/go.php?to=patreon")); +} + +void CSandMan::OnAbout() +{ + if (sender() == m_pAbout) + { + QString AboutCaption = tr( + "

About Sandboxie-Plus

" + "

Version %1

" + "

Copyright (c) 2020-2021 by DavidXanatos

" + ).arg(GetVersion()); + QString AboutText = tr( + "

Sandboxie-Plus is an open source continuation of Sandboxie.

" + "

" + "

Visit sandboxie-plus.com for more information.

" + "

" + "

" + "

" + "

Icons from icons8.com

" + "

" + ); + QMessageBox *msgBox = new QMessageBox(this); + msgBox->setAttribute(Qt::WA_DeleteOnClose); + msgBox->setWindowTitle(tr("About Sandboxie-Plus")); + msgBox->setText(AboutCaption); + msgBox->setInformativeText(AboutText); + + QIcon ico(QLatin1String(":/SandMan.png")); + msgBox->setIconPixmap(ico.pixmap(128, 128)); + + msgBox->exec(); + } + else if (sender() == m_pAboutQt) + QMessageBox::aboutQt(this); +} + +void CSandMan::SetUITheme() +{ + m_ThemeUpdatePending = false; + + bool bDark; + int iDark = theConf->GetInt("Options/UseDarkTheme", 2); + if (iDark == 2) { + QSettings settings("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Themes\\Personalize", QSettings::NativeFormat); + bDark = (settings.value("AppsUseLightTheme") == 0); + } else + bDark = (iDark == 1); + + if (bDark) + { + QApplication::setStyle(QStyleFactory::create("Fusion")); + QPalette palette; + palette.setColor(QPalette::Window, QColor(53, 53, 53)); + palette.setColor(QPalette::WindowText, Qt::white); + palette.setColor(QPalette::Base, QColor(25, 25, 25)); + palette.setColor(QPalette::AlternateBase, QColor(53, 53, 53)); + palette.setColor(QPalette::ToolTipBase, Qt::white); + palette.setColor(QPalette::ToolTipText, Qt::white); + palette.setColor(QPalette::Text, Qt::white); + palette.setColor(QPalette::Button, QColor(53, 53, 53)); + palette.setColor(QPalette::ButtonText, Qt::white); + palette.setColor(QPalette::BrightText, Qt::red); + palette.setColor(QPalette::Link, QColor(218, 130, 42)); + palette.setColor(QPalette::Highlight, QColor(42, 130, 218)); + palette.setColor(QPalette::HighlightedText, Qt::black); + palette.setColor(QPalette::Disabled, QPalette::WindowText, Qt::darkGray); + palette.setColor(QPalette::Disabled, QPalette::Text, Qt::darkGray); + palette.setColor(QPalette::Disabled, QPalette::Light, Qt::black); + palette.setColor(QPalette::Disabled, QPalette::ButtonText, Qt::darkGray); + QApplication::setPalette(palette); + } + else + { + QApplication::setStyle(QStyleFactory::create(m_DefaultStyle)); + QApplication::setPalette(m_DefaultPalett); + } + + m_DarkTheme = bDark; + CTreeItemModel::SetDarkMode(bDark); + CListItemModel::SetDarkMode(bDark); + CPopUpWindow::SetDarkMode(bDark); + CPanelView::SetDarkMode(bDark); + CFinder::SetDarkMode(bDark); +} + +void CSandMan::UpdateTheme() +{ + if (!m_ThemeUpdatePending) + { + m_ThemeUpdatePending = true; + QTimer::singleShot(500, this, SLOT(SetUITheme())); + } +} + +void CSandMan::LoadLanguage() +{ + qApp->removeTranslator(&m_Translator); + m_Translation.clear(); + m_LanguageId = 0; + + QString Lang = theConf->GetString("Options/UiLanguage"); + if(Lang.isEmpty()) + Lang = QLocale::system().name(); + + if (!Lang.isEmpty()) + { + m_LanguageId = LocaleNameToLCID(Lang.toStdWString().c_str(), 0); + + QString LangAux = Lang; // Short version as fallback + LangAux.truncate(LangAux.lastIndexOf('_')); + + QString LangPath = QApplication::applicationDirPath() + "/translations/sandman_"; + bool bAux = false; + if (QFile::exists(LangPath + Lang + ".qm") || (bAux = QFile::exists(LangPath + LangAux + ".qm"))) + { + QFile File(LangPath + (bAux ? LangAux : Lang) + ".qm"); + File.open(QFile::ReadOnly); + m_Translation = File.readAll(); + } + + if (!m_Translation.isEmpty() && m_Translator.load((const uchar*)m_Translation.data(), m_Translation.size())) + qApp->installTranslator(&m_Translator); + } + + if (!m_LanguageId) + m_LanguageId = 1033; // default to English +} + +// Make sure that QPlatformTheme strings won't be marked as vanished in all .ts files, even after running lupdate + +static const char* platform_strings[] = { +QT_TRANSLATE_NOOP("QPlatformTheme", "OK"), +QT_TRANSLATE_NOOP("QPlatformTheme", "Apply"), +QT_TRANSLATE_NOOP("QPlatformTheme", "Cancel"), +QT_TRANSLATE_NOOP("QPlatformTheme", "&Yes"), +QT_TRANSLATE_NOOP("QPlatformTheme", "&No"), +}; + + +////////////////////////////////////////////////////////////////////////////////////////// +// WinSpy based window finder +// + +#include +#include "Helpers/FindTool.h" + +#define IDD_FINDER_TOOL 111 +#define ID_FINDER_TARGET 112 +#define ID_FINDER_EXPLAIN 113 +#define ID_FINDER_RESULT 114 + +UINT CALLBACK FindProc(HWND hwndTool, UINT uCode, HWND hwnd) +{ + ULONG pid; + if (uCode == WFN_END) + GetWindowThreadProcessId(hwnd, &pid); + else + pid = 0; + + hwndTool = GetParent(hwndTool); + + if (pid && pid != GetCurrentProcessId()) + { + RECT rc; + GetWindowRect(hwndTool, &rc); + if (rc.bottom - rc.top <= 150) + SetWindowPos(hwndTool, NULL, 0, 0, rc.right - rc.left, rc.bottom - rc.top + 70, SWP_SHOWWINDOW | SWP_NOMOVE); + + CBoxedProcessPtr pProcess = theAPI->GetProcessById(pid); + if (!pProcess.isNull()) + { + wstring result = CSandMan::tr("The selected window is running as part of program %1 in sandbox %2").arg(pProcess->GetProcessName()).arg(pProcess->GetBoxName()).toStdWString(); + + SetWindowText(GetDlgItem(hwndTool, ID_FINDER_RESULT), result.c_str()); + //::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_YES_BOXED), SW_SHOW); + } + else + { + wstring result = CSandMan::tr("The selected window is not running as part of any sandboxed program.").toStdWString(); + + SetWindowText(GetDlgItem(hwndTool, ID_FINDER_RESULT), result.c_str()); + //::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_NOT_BOXED), SW_SHOW); + } + ::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_RESULT), SW_SHOW); + } + else + { + RECT rc; + GetWindowRect(hwndTool, &rc); + if (rc.bottom - rc.top > 150) + SetWindowPos(hwndTool, NULL, 0, 0, rc.right - rc.left, rc.bottom - rc.top - 70, SWP_SHOWWINDOW | SWP_NOMOVE); + + //::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_YES_BOXED), SW_HIDE); + //::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_NOT_BOXED), SW_HIDE); + ::ShowWindow(GetDlgItem(hwndTool, ID_FINDER_RESULT), SW_HIDE); + } + + return 0; +} + +// hwnd: All window processes are passed the handle of the window +// that they belong to in hwnd. +// msg: Current message (e.g., WM_*) from the OS. +// wParam: First message parameter, note that these are more or less +// integers, but they are really just "data chunks" that +// you are expected to memcpy as raw data to float, etc. +// lParam: Second message parameter, same deal as above. +LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam) +{ + switch (msg) + { + case WM_CREATE: + { + wstring info = CSandMan::tr("Drag the Finder Tool over a window to select it, then release the mouse to check if the window is sandboxed.").toStdWString(); + + CreateWindow(L"Static", L"", SS_BITMAP | SS_NOTIFY | WS_VISIBLE | WS_CHILD, 10, 10, 32, 32, hwnd, (HMENU)ID_FINDER_TARGET, NULL, NULL); + CreateWindow(L"Static", info.c_str(), WS_VISIBLE | WS_CHILD, 60, 10, 180, 65, hwnd, (HMENU)ID_FINDER_EXPLAIN, NULL, NULL); + CreateWindow(L"Static", L"", WS_CHILD, 60, 80, 180, 50, hwnd, (HMENU)ID_FINDER_RESULT, NULL, NULL); + + MakeFinderTool(GetDlgItem(hwnd, ID_FINDER_TARGET), FindProc); + + break; + } + + case WM_CLOSE: + //DestroyWindow(hwnd); + PostQuitMessage(0); + break; + } + + return DefWindowProc(hwnd, msg, wParam, lParam); +} + +DWORD WINAPI FinderThreadFunc(LPVOID lpParam) +{ + MSG msg; + WNDCLASS mainWindowClass = { 0 }; + + HINSTANCE hInstance = NULL; + + // You can set the main window name to anything, but + // typically you should prefix custom window classes + // with something that makes it unique. + mainWindowClass.lpszClassName = TEXT("SBp.WndFinder"); + + mainWindowClass.hInstance = hInstance; + mainWindowClass.hbrBackground = GetSysColorBrush(COLOR_3DFACE); + mainWindowClass.lpfnWndProc = WndProc; + mainWindowClass.hCursor = LoadCursor(0, IDC_ARROW); + + RegisterClass(&mainWindowClass); + + // Notes: + // - The classname identifies the TYPE of the window. Not a C type. + // This is a (TCHAR*) ID that Windows uses internally. + // - The window name is really just the window text, this is + // commonly used for captions, including the title + // bar of the window itself. + // - parentHandle is considered the "owner" of this + // window. MessageBoxes can use HWND_MESSAGE to + // free them of any window. + // - menuHandle: hMenu specifies the child-window identifier, + // an integer value used by a dialog box + // control to notify its parent about events. + // The application determines the child-window + // identifier; it must be unique for all + // child windows with the same parent window. + + HWND hwnd = CreateWindow(mainWindowClass.lpszClassName, CSandMan::tr("Sandboxie-Plus - Window Finder").toStdWString().c_str() + , WS_SYSMENU | WS_CAPTION | WS_VISIBLE, CW_USEDEFAULT, CW_USEDEFAULT, 275, 115, NULL, 0, hInstance, NULL); + + HFONT hFont = CreateFont(13, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")); + + SendMessage(GetDlgItem(hwnd, ID_FINDER_EXPLAIN), WM_SETFONT, (WPARAM)hFont, TRUE); + SendMessage(GetDlgItem(hwnd, ID_FINDER_RESULT), WM_SETFONT, (WPARAM)hFont, TRUE); + + while (GetMessage(&msg, NULL, 0, 0)) + { + TranslateMessage(&msg); + DispatchMessage(&msg); + } + + DeleteObject(hFont); + + return (int)msg.wParam; +} + +void CSandMan::OnWndFinder() +{ + m_pWndFinder->setEnabled(false); + + HANDLE hThread = CreateThread(NULL, 0, FinderThreadFunc, NULL, 0, NULL); + + QWinEventNotifier* finishedNotifier = new QWinEventNotifier(hThread); + finishedNotifier->setEnabled(true); + connect(finishedNotifier, &QWinEventNotifier::activated, this, [finishedNotifier, this, hThread]() { + CloseHandle(hThread); + + m_pWndFinder->setEnabled(true); + + finishedNotifier->setEnabled(false); + finishedNotifier->deleteLater(); + }); +} diff --git a/SandboxiePlus/SandMan/Windows/SelectBoxWindow.cpp b/SandboxiePlus/SandMan/Windows/SelectBoxWindow.cpp index af727074..004de9cc 100644 --- a/SandboxiePlus/SandMan/Windows/SelectBoxWindow.cpp +++ b/SandboxiePlus/SandMan/Windows/SelectBoxWindow.cpp @@ -1,187 +1,187 @@ -#include "stdafx.h" -#include "SelectBoxWindow.h" -#include "SandMan.h" -#include "../MiscHelpers/Common/Settings.h" -#include "../SbiePlusAPI.h" -#include "../Views/SbieView.h" - -#if defined(Q_OS_WIN) -#include -#include -#include -#endif - -QTreeWidgetItem* CSelectBoxWindow__GetBoxParent(const QMap& Groups, QMap& GroupItems, QTreeWidget* treeBoxes, const QString& Name, int Depth = 0) -{ - if (Depth > 100) - return NULL; - for (auto I = Groups.constBegin(); I != Groups.constEnd(); ++I) { - if (I->contains(Name)) { - if (I.key().isEmpty()) - return NULL; // global group - QTreeWidgetItem*& pParent = GroupItems[I.key()]; - if (!pParent) { - pParent = new QTreeWidgetItem(); - pParent->setText(0, I.key()); - QFont fnt = pParent->font(0); - fnt.setBold(true); - pParent->setFont(0, fnt); - if (QTreeWidgetItem* pParent2 = CSelectBoxWindow__GetBoxParent(Groups, GroupItems, treeBoxes, I.key(), ++Depth)) - pParent2->addChild(pParent); - else - treeBoxes->addTopLevelItem(pParent); - } - return pParent; - } - } - return NULL; -} - -double CSelectBoxWindow__GetBoxOrder(const QMap& Groups, const QString& Name, double value = 0.0, int Depth = 0) -{ - if (Depth > 100) - return 1000000000; - for (auto I = Groups.constBegin(); I != Groups.constEnd(); ++I) { - int Pos = I->indexOf(Name); - if (Pos != -1) { - value = double(Pos) + value / 10.0; - if (I.key().isEmpty()) - return value; - return CSelectBoxWindow__GetBoxOrder(Groups, I.key(), value, ++Depth); - } - } - return 1000000000; -} - -CSelectBoxWindow::CSelectBoxWindow(const QStringList& Commands, const QString& BoxName, QWidget *parent) - : QDialog(parent) -{ - m_Commands = Commands; - - Qt::WindowFlags flags = windowFlags(); - flags |= Qt::CustomizeWindowHint; - //flags &= ~Qt::WindowContextHelpButtonHint; - //flags &= ~Qt::WindowSystemMenuHint; - //flags &= ~Qt::WindowMinMaxButtonsHint; - //flags |= Qt::WindowMinimizeButtonHint; - //flags &= ~Qt::WindowCloseButtonHint; - flags &= ~Qt::WindowContextHelpButtonHint; - //flags &= ~Qt::WindowSystemMenuHint; - setWindowFlags(flags); - - //setWindowState(Qt::WindowActive); - SetForegroundWindow((HWND)QWidget::winId()); - - bool bAlwaysOnTop = theConf->GetBool("Options/AlwaysOnTop", false); - this->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); - - if (!bAlwaysOnTop) { - HWND hWnd = (HWND)this->winId(); - SetWindowPos(hWnd, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOACTIVATE); - QTimer::singleShot(100, this, [hWnd]() { - SetWindowPos(hWnd, HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOACTIVATE); - }); - } - - ui.setupUi(this); - this->setWindowTitle(tr("Sandboxie-Plus - Run Sandboxed")); - - - connect(ui.radBoxed, SIGNAL(clicked(bool)), this, SLOT(OnBoxType())); - connect(ui.radUnBoxed, SIGNAL(clicked(bool)), this, SLOT(OnBoxType())); - - connect(ui.buttonBox, SIGNAL(accepted()), SLOT(OnRun())); - connect(ui.buttonBox, SIGNAL(rejected()), SLOT(reject())); - - connect(ui.treeBoxes, SIGNAL(itemDoubleClicked(QTreeWidgetItem*, int)), this, SLOT(OnBoxDblClick(QTreeWidgetItem*))); - - QList Boxes = theAPI->GetAllBoxes().values(); // map is sorted by key (box name) - QMap Groups = theGUI->GetBoxView()->GetGroups(); - - if (theConf->GetBool("MainWindow/BoxTree_UseOrder", false)) { - QMultiMap Boxes2; - foreach(const CSandBoxPtr &pBox, Boxes) { - Boxes2.insertMulti(CSelectBoxWindow__GetBoxOrder(Groups, pBox->GetName()), pBox); - } - Boxes = Boxes2.values(); - } - - QMap GroupItems; - foreach(const CSandBoxPtr &pBox, Boxes) - { - if (!pBox->IsEnabled() || !pBox->GetBool("ShowForRunIn", true)) - continue; - - CSandBoxPlus* pBoxEx = qobject_cast(pBox.data()); - - QTreeWidgetItem* pParent = CSelectBoxWindow__GetBoxParent(Groups, GroupItems, ui.treeBoxes, pBox->GetName()); - - QTreeWidgetItem* pItem = new QTreeWidgetItem(); - pItem->setText(0, pBox->GetName().replace("_", " ")); - pItem->setData(0, Qt::UserRole, pBox->GetName()); - pItem->setData(0, Qt::DecorationRole, theGUI->GetBoxIcon(pBox->GetActiveProcessCount() > 0, pBoxEx->GetType())); - if (pParent) - pParent->addChild(pItem); - else - ui.treeBoxes->addTopLevelItem(pItem); - - if (pBox->GetName().compare(BoxName, Qt::CaseInsensitive) == 0) - ui.treeBoxes->setCurrentItem(pItem); - } - - ui.treeBoxes->expandAll(); - - //ui.treeBoxes->sortByColumn(0, Qt::AscendingOrder); - - //restoreGeometry(theConf->GetBlob("SelectBoxWindow/Window_Geometry")); -} - -CSelectBoxWindow::~CSelectBoxWindow() -{ - //theConf->SetBlob("SelectBoxWindow/Window_Geometry", saveGeometry()); -} - -void CSelectBoxWindow::closeEvent(QCloseEvent *e) -{ - //emit Closed(); - this->deleteLater(); -} - -void CSelectBoxWindow::OnBoxType() -{ - ui.treeBoxes->setEnabled(!ui.radUnBoxed->isChecked()); -} - -void CSelectBoxWindow::OnBoxDblClick(QTreeWidgetItem*) -{ - OnRun(); -} - -void CSelectBoxWindow::OnRun() -{ - QTreeWidgetItem* pItem = ui.treeBoxes->currentItem(); - - QString BoxName; - if (ui.radUnBoxed->isChecked()) - { - if (QMessageBox("Sandboxie-Plus", tr("Are you sure you want to run the program outside the sandbox?"), QMessageBox::Question, QMessageBox::Yes, QMessageBox::No | QMessageBox::Default | QMessageBox::Escape, QMessageBox::NoButton, this).exec() != QMessageBox::Yes) - return; - pItem = NULL; - } - else if (pItem == NULL) { - QMessageBox("Sandboxie-Plus", tr("Please select a sandbox."), QMessageBox::Information, QMessageBox::Ok, QMessageBox::NoButton, QMessageBox::NoButton, this).exec(); - return; - } - else { - BoxName = pItem->data(0, Qt::UserRole).toString(); - } - - - //QList Results; - foreach(const QString & Command, m_Commands) { - theAPI->RunStart(BoxName, Command, NULL, ui.chkAdmin->isChecked()); - } - //CSandMan::CheckResults(Results); - - close(); +#include "stdafx.h" +#include "SelectBoxWindow.h" +#include "SandMan.h" +#include "../MiscHelpers/Common/Settings.h" +#include "../SbiePlusAPI.h" +#include "../Views/SbieView.h" + +#if defined(Q_OS_WIN) +#include +#include +#include +#endif + +QTreeWidgetItem* CSelectBoxWindow__GetBoxParent(const QMap& Groups, QMap& GroupItems, QTreeWidget* treeBoxes, const QString& Name, int Depth = 0) +{ + if (Depth > 100) + return NULL; + for (auto I = Groups.constBegin(); I != Groups.constEnd(); ++I) { + if (I->contains(Name)) { + if (I.key().isEmpty()) + return NULL; // global group + QTreeWidgetItem*& pParent = GroupItems[I.key()]; + if (!pParent) { + pParent = new QTreeWidgetItem(); + pParent->setText(0, I.key()); + QFont fnt = pParent->font(0); + fnt.setBold(true); + pParent->setFont(0, fnt); + if (QTreeWidgetItem* pParent2 = CSelectBoxWindow__GetBoxParent(Groups, GroupItems, treeBoxes, I.key(), ++Depth)) + pParent2->addChild(pParent); + else + treeBoxes->addTopLevelItem(pParent); + } + return pParent; + } + } + return NULL; +} + +double CSelectBoxWindow__GetBoxOrder(const QMap& Groups, const QString& Name, double value = 0.0, int Depth = 0) +{ + if (Depth > 100) + return 1000000000; + for (auto I = Groups.constBegin(); I != Groups.constEnd(); ++I) { + int Pos = I->indexOf(Name); + if (Pos != -1) { + value = double(Pos) + value / 10.0; + if (I.key().isEmpty()) + return value; + return CSelectBoxWindow__GetBoxOrder(Groups, I.key(), value, ++Depth); + } + } + return 1000000000; +} + +CSelectBoxWindow::CSelectBoxWindow(const QStringList& Commands, const QString& BoxName, QWidget *parent) + : QDialog(parent) +{ + m_Commands = Commands; + + Qt::WindowFlags flags = windowFlags(); + flags |= Qt::CustomizeWindowHint; + //flags &= ~Qt::WindowContextHelpButtonHint; + //flags &= ~Qt::WindowSystemMenuHint; + //flags &= ~Qt::WindowMinMaxButtonsHint; + //flags |= Qt::WindowMinimizeButtonHint; + //flags &= ~Qt::WindowCloseButtonHint; + flags &= ~Qt::WindowContextHelpButtonHint; + //flags &= ~Qt::WindowSystemMenuHint; + setWindowFlags(flags); + + //setWindowState(Qt::WindowActive); + SetForegroundWindow((HWND)QWidget::winId()); + + bool bAlwaysOnTop = theConf->GetBool("Options/AlwaysOnTop", false); + this->setWindowFlag(Qt::WindowStaysOnTopHint, bAlwaysOnTop); + + if (!bAlwaysOnTop) { + HWND hWnd = (HWND)this->winId(); + SetWindowPos(hWnd, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOACTIVATE); + QTimer::singleShot(100, this, [hWnd]() { + SetWindowPos(hWnd, HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOACTIVATE); + }); + } + + ui.setupUi(this); + this->setWindowTitle(tr("Sandboxie-Plus - Run Sandboxed")); + + + connect(ui.radBoxed, SIGNAL(clicked(bool)), this, SLOT(OnBoxType())); + connect(ui.radUnBoxed, SIGNAL(clicked(bool)), this, SLOT(OnBoxType())); + + connect(ui.buttonBox, SIGNAL(accepted()), SLOT(OnRun())); + connect(ui.buttonBox, SIGNAL(rejected()), SLOT(reject())); + + connect(ui.treeBoxes, SIGNAL(itemDoubleClicked(QTreeWidgetItem*, int)), this, SLOT(OnBoxDblClick(QTreeWidgetItem*))); + + QList Boxes = theAPI->GetAllBoxes().values(); // map is sorted by key (box name) + QMap Groups = theGUI->GetBoxView()->GetGroups(); + + if (theConf->GetBool("MainWindow/BoxTree_UseOrder", false)) { + QMultiMap Boxes2; + foreach(const CSandBoxPtr &pBox, Boxes) { + Boxes2.insertMulti(CSelectBoxWindow__GetBoxOrder(Groups, pBox->GetName()), pBox); + } + Boxes = Boxes2.values(); + } + + QMap GroupItems; + foreach(const CSandBoxPtr &pBox, Boxes) + { + if (!pBox->IsEnabled() || !pBox->GetBool("ShowForRunIn", true)) + continue; + + CSandBoxPlus* pBoxEx = qobject_cast(pBox.data()); + + QTreeWidgetItem* pParent = CSelectBoxWindow__GetBoxParent(Groups, GroupItems, ui.treeBoxes, pBox->GetName()); + + QTreeWidgetItem* pItem = new QTreeWidgetItem(); + pItem->setText(0, pBox->GetName().replace("_", " ")); + pItem->setData(0, Qt::UserRole, pBox->GetName()); + pItem->setData(0, Qt::DecorationRole, theGUI->GetBoxIcon(pBox->GetActiveProcessCount() > 0, pBoxEx->GetType())); + if (pParent) + pParent->addChild(pItem); + else + ui.treeBoxes->addTopLevelItem(pItem); + + if (pBox->GetName().compare(BoxName, Qt::CaseInsensitive) == 0) + ui.treeBoxes->setCurrentItem(pItem); + } + + ui.treeBoxes->expandAll(); + + //ui.treeBoxes->sortByColumn(0, Qt::AscendingOrder); + + //restoreGeometry(theConf->GetBlob("SelectBoxWindow/Window_Geometry")); +} + +CSelectBoxWindow::~CSelectBoxWindow() +{ + //theConf->SetBlob("SelectBoxWindow/Window_Geometry", saveGeometry()); +} + +void CSelectBoxWindow::closeEvent(QCloseEvent *e) +{ + //emit Closed(); + this->deleteLater(); +} + +void CSelectBoxWindow::OnBoxType() +{ + ui.treeBoxes->setEnabled(!ui.radUnBoxed->isChecked()); +} + +void CSelectBoxWindow::OnBoxDblClick(QTreeWidgetItem*) +{ + OnRun(); +} + +void CSelectBoxWindow::OnRun() +{ + QTreeWidgetItem* pItem = ui.treeBoxes->currentItem(); + + QString BoxName; + if (ui.radUnBoxed->isChecked()) + { + if (QMessageBox("Sandboxie-Plus", tr("Are you sure you want to run the program outside the sandbox?"), QMessageBox::Question, QMessageBox::Yes, QMessageBox::No | QMessageBox::Default | QMessageBox::Escape, QMessageBox::NoButton, this).exec() != QMessageBox::Yes) + return; + pItem = NULL; + } + else if (pItem == NULL) { + QMessageBox("Sandboxie-Plus", tr("Please select a sandbox."), QMessageBox::Information, QMessageBox::Ok, QMessageBox::NoButton, QMessageBox::NoButton, this).exec(); + return; + } + else { + BoxName = pItem->data(0, Qt::UserRole).toString(); + } + + + //QList Results; + foreach(const QString & Command, m_Commands) { + theAPI->RunStart(BoxName, Command, NULL, ui.chkAdmin->isChecked()); + } + //CSandMan::CheckResults(Results); + + close(); } \ No newline at end of file