Merge pull request #2 from sandboxie-plus/master

Update fork
2020-12-21 18:14:43 +01:00 · 2020-12-21 18:14:43 +01:00 · 828f020b78
parent d8788d491a 2f8d52dae0
commit 828f020b78
444 changed files with 44361 additions and 3063 deletions
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -0,0 +1,38 @@
 name: CI
 on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]
 jobs:
  build:
    strategy:
      matrix:
        platform: [Win32, x64]
    runs-on: windows-2019
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Setup msbuild
        uses: microsoft/setup-msbuild@v1
      - name: Build Sandboxie
        run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=${{ matrix.platform }}
      - name: Upload Sandboxie
        uses: actions/upload-artifact@v2
        with:
          name: Sandboxie (${{ matrix.platform }})
          path: |
            Sandboxie/Bin/${{ matrix.platform }}/SbieRelease
            !**/*.pdb
            !**/*.ipdb
            !**/*.exp
            !**/*.ilk
            !**/*.iobj
            !**/*.lib
            !**/*.cer
            Sandboxie/Bin/${{ matrix.platform }}/SbieRelease/SbieDrv.pdb
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,368 @@
 ## Ignore Visual Studio temporary files, build results, and
 ## files generated by popular Visual Studio add-ons.
 ##
 ## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
 SbieDebug
 SbieRelease
 MsgSbieDebug
 MsgSbieRelease
 Sandboxie/msgs/Text-English-1033.txt
 # User-specific files
 *.rsuser
 *.suo
 *.user
 *.userosscache
 *.sln.docstates
 # User-specific files (MonoDevelop/Xamarin Studio)
 *.userprefs
 # Mono auto generated files
 mono_crash.*
 # Build results
 [Dd]ebug/
 [Dd]ebugPublic/
 [Rr]elease/
 [Rr]eleases/
 x64/
 x86/
 [Ww][Ii][Nn]32/
 [Aa][Rr][Mm]/
 [Aa][Rr][Mm]64/
 bld/
 [Bb]in/
 [Oo]bj/
 [Ll]og/
 [Ll]ogs/
 # Visual Studio 2015/2017 cache/options directory
 .vs/
 # Uncomment if you have tasks that create the project's static files in wwwroot
 #wwwroot/
 # Visual Studio 2017 auto generated files
 Generated\ Files/
 # MSTest test Results
 [Tt]est[Rr]esult*/
 [Bb]uild[Ll]og.*
 # NUnit
 *.VisualState.xml
 TestResult.xml
 nunit-*.xml
 # Build Results of an ATL Project
 [Dd]ebugPS/
 [Rr]eleasePS/
 dlldata.c
 # Benchmark Results
 BenchmarkDotNet.Artifacts/
 # .NET Core
 project.lock.json
 project.fragment.lock.json
 artifacts/
 # ASP.NET Scaffolding
 ScaffoldingReadMe.txt
 # StyleCop
 StyleCopReport.xml
 # Files built by Visual Studio
 *_i.c
 *_p.c
 *_h.h
 *.ilk
 *.meta
 *.obj
 *.iobj
 *.pch
 *.pdb
 *.ipdb
 *.pgc
 *.pgd
 *.rsp
 *.sbr
 *.tlb
 *.tli
 *.tlh
 *.tmp
 *.tmp_proj
 *_wpftmp.csproj
 *.log
 *.vspscc
 *.vssscc
 .builds
 *.pidb
 *.svclog
 *.scc
 # Chutzpah Test files
 _Chutzpah*
 # Visual C++ cache files
 ipch/
 *.aps
 *.ncb
 *.opendb
 *.opensdf
 *.sdf
 *.cachefile
 *.VC.db
 *.VC.VC.opendb
 # Visual Studio profiler
 *.psess
 *.vsp
 *.vspx
 *.sap
 # Visual Studio Trace Files
 *.e2e
 # TFS 2012 Local Workspace
 $tf/
 # Guidance Automation Toolkit
 *.gpState
 # ReSharper is a .NET coding add-in
 _ReSharper*/
 *.[Rr]e[Ss]harper
 *.DotSettings.user
 # TeamCity is a build add-in
 _TeamCity*
 # DotCover is a Code Coverage Tool
 *.dotCover
 # AxoCover is a Code Coverage Tool
 .axoCover/*
 !.axoCover/settings.json
 # Coverlet is a free, cross platform Code Coverage Tool
 coverage*.json
 coverage*.xml
 coverage*.info
 # Visual Studio code coverage results
 *.coverage
 *.coveragexml
 # NCrunch
 _NCrunch_*
 .*crunch*.local.xml
 nCrunchTemp_*
 # MightyMoose
 *.mm.*
 AutoTest.Net/
 # Web workbench (sass)
 .sass-cache/
 # Installshield output folder
 [Ee]xpress/
 # DocProject is a documentation generator add-in
 DocProject/buildhelp/
 DocProject/Help/*.HxT
 DocProject/Help/*.HxC
 DocProject/Help/*.hhc
 DocProject/Help/*.hhk
 DocProject/Help/*.hhp
 DocProject/Help/Html2
 DocProject/Help/html
 # Click-Once directory
 publish/
 # Publish Web Output
 *.[Pp]ublish.xml
 *.azurePubxml
 # Note: Comment the next line if you want to checkin your web deploy settings,
 # but database connection strings (with potential passwords) will be unencrypted
 *.pubxml
 *.publishproj
 # Microsoft Azure Web App publish settings. Comment the next line if you want to
 # checkin your Azure Web App publish settings, but sensitive information contained
 # in these scripts will be unencrypted
 PublishScripts/
 # NuGet Packages
 *.nupkg
 # NuGet Symbol Packages
 *.snupkg
 # The packages folder can be ignored because of Package Restore
 **/[Pp]ackages/*
 # except build/, which is used as an MSBuild target.
 !**/[Pp]ackages/build/
 # Uncomment if necessary however generally it will be regenerated when needed
 #!**/[Pp]ackages/repositories.config
 # NuGet v3's project.json files produces more ignorable files
 *.nuget.props
 *.nuget.targets
 # Microsoft Azure Build Output
 csx/
 *.build.csdef
 # Microsoft Azure Emulator
 ecf/
 rcf/
 # Windows Store app package directories and files
 AppPackages/
 BundleArtifacts/
 Package.StoreAssociation.xml
 _pkginfo.txt
 *.appx
 *.appxbundle
 *.appxupload
 # Visual Studio cache files
 # files ending in .cache can be ignored
 *.[Cc]ache
 # but keep track of directories ending in .cache
 !?*.[Cc]ache/
 # Others
 ClientBin/
 ~$*
 *~
 *.dbmdl
 *.dbproj.schemaview
 *.jfm
 *.pfx
 *.publishsettings
 orleans.codegen.cs
 # Including strong name files can present a security risk
 # (https://github.com/github/gitignore/pull/2483#issue-259490424)
 #*.snk
 # Since there are multiple workflows, uncomment next line to ignore bower_components
 # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
 #bower_components/
 # RIA/Silverlight projects
 Generated_Code/
 # Backup & report files from converting an old project file
 # to a newer Visual Studio version. Backup files are not needed,
 # because we have git ;-)
 _UpgradeReport_Files/
 Backup*/
 UpgradeLog*.XML
 UpgradeLog*.htm
 ServiceFabricBackup/
 *.rptproj.bak
 # SQL Server files
 *.mdf
 *.ldf
 *.ndf
 # Business Intelligence projects
 *.rdl.data
 *.bim.layout
 *.bim_*.settings
 *.rptproj.rsuser
 *- [Bb]ackup.rdl
 *- [Bb]ackup ([0-9]).rdl
 *- [Bb]ackup ([0-9][0-9]).rdl
 # Microsoft Fakes
 FakesAssemblies/
 # GhostDoc plugin setting file
 *.GhostDoc.xml
 # Node.js Tools for Visual Studio
 .ntvs_analysis.dat
 node_modules/
 # Visual Studio 6 build log
 *.plg
 # Visual Studio 6 workspace options file
 *.opt
 # Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
 *.vbw
 # Visual Studio LightSwitch build output
 **/*.HTMLClient/GeneratedArtifacts
 **/*.DesktopClient/GeneratedArtifacts
 **/*.DesktopClient/ModelManifest.xml
 **/*.Server/GeneratedArtifacts
 **/*.Server/ModelManifest.xml
 _Pvt_Extensions
 # Paket dependency manager
 .paket/paket.exe
 paket-files/
 # FAKE - F# Make
 .fake/
 # CodeRush personal settings
 .cr/personal
 # Python Tools for Visual Studio (PTVS)
 __pycache__/
 *.pyc
 # Cake - Uncomment if you are using it
 # tools/**
 # !tools/packages.config
 # Tabs Studio
 *.tss
 # Telerik's JustMock configuration file
 *.jmconfig
 # BizTalk build output
 *.btp.cs
 *.btm.cs
 *.odx.cs
 *.xsd.cs
 # OpenCover UI analysis results
 OpenCover/
 # Azure Stream Analytics local run output
 ASALocalRun/
 # MSBuild Binary and Structured Log
 *.binlog
 # NVidia Nsight GPU debugger configuration file
 *.nvuser
 # MFractors (Xamarin productivity tool) working folder
 .mfractor/
 # Local History for Visual Studio
 .localhistory/
 # BeatPulse healthcheck temp database
 healthchecksdb
 # Backup folder for Package Reference Convert tool in Visual Studio 2017
 MigrationBackup/
 # Ionide (cross platform F# VS Code tools) working folder
 .ionide/
 # Fody - auto-generated XML schema
 FodyWeavers.xsd
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,6 +2,337 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 ## [0.5.1 / 5.45.0] - 2020-12-12
 ### Added
 - Added simple view mode
 ### Changed
 - Updated SandMan UI to use Qt5.15.1
 ### Fixed
 - fixed crash issue with progress dialog
 - fixed progress dialog cancel button not wokong for update checker
 - fixed issue around NtQueryDirectoryFile when deleting sandbox content
 - fixed dark theme in the notification window
 - fixed issue with disable force pograms tray menu
 ## [0.5.0 / 5.45.0] - 2020-12-06
 ### Added
 - added new notification window
 - added user interactive control mechanism when using the new SandMan UI
 -- when a file exeeds the copy limit instead of failing, the user is prompted if the file should be copied or not
 -- when internet access is blocked it now can be exempted in real time by the user
 - added missing file recovery and auto/quick recovery functionality
 - added silent MSG_1399 boxed process start notification to keep track of short lived boxed processes
 - added ability to prvent system wide process starts, sandboxie can now instead of just alerting also block processed on the alert list
 -- set "StartRunAlertDenied=y" to enable prcess blocking
 - the process start alert/block mechanism can now also handle folders use "AlertFolder=..." 
 - added ability to merge snapshots
 - added icons to the sandbox context menu in the new UI
 - added more advanced options to the sandbox options window
 - added file migration progress indicator
 - added more run commands and custom run commands per sandbox
 -- the the box settings users can now speficy programs to be available from the box run menu
 -- also processes can be pinned to that list from the presets menu
 - added more windows 10 specific template presets
 - added ability to create desktop shortcuts to sandboxed items
 - added icons to box option tabs
 - added box grouping
 - added new debug option "DebugTrace=y" to log debug output to the trace log
 - added check for updates to the new SandMan UI
 - added check for updates to the legacy SbieCtrl UI
 ### Changed
 - File migration limit can now be disabled by specifying "CopyLimitKb=-1"
 - improved and refactored mesage logging mechanism, reducing memory usage by factor of 2
 - terminated boxed processes are now kept listed for a coupel of seconds
 - reworked sandbox dletion mechaism ofthe new UI
 - restructured sandbox options window
 - SbieDLL.dll can now be compiled with an up to date ntdll.lib (Thanks to TechLord from Team-IRA for help)
 - improved automated driver self repair
 ### Fixed
 - fixed issues migrating files > 4GB
 - fixed a issue that would allow a maliciosue application to bypass the internet blockade
 - fixed issue when logging messages from a non sandboxed process, added process_id parameter to API_LOG_MESSAGE_ARGS
 - fixed issues with localization
 - fixed issue using file recovery in legacy ui SbieCtrl.exe when "SeparateUserFolders=n" is set
 - when a program is blocked from starting due to restrictions no redundant messages are issues anymore
 - fixed UI not properly displaying async errors
 - fixed issues when a snapshot operation failed
 - fixed some special cases of IpcPath and WinClass in the new UI
 - fixed driver issues with WHQL passing compatybility testing
 - fixed issues with classical installer
 ## [0.4.5 / 5.44.1] - 2020-11-16
 ### Added
 - added "Terminate all processes" and "disable forced programs" commands to tray menu in SandMan ui
 - program start restrictions settings now can be switsched between a white list and a black list
 -- programs can be terminated and blacklisted from the context menu
 - added additional process context menu options, lingering and leader process can be now set from menu
 - added option to view template presets for any given box
 - added text filter to template view
 - added new compatybility templates:
 -- Windows 10 core UI component: OpenIpcPath=\BaseNamedObjects\[CoreUI]-* solving issues with Chinese Input and Emojis
 -- FireFox Quantum, access to windows FontCachePort for compatybility with windows 7
 - added experimental debug option "OriginalToken=y" which lets sandboxed processes retain their original unrestricted token
 -- This option is comparable with "OpenToken=y" and is intended only for testing and debugging, it BREAKS most SECURITY guarantees (!)
 - added debug option "NoSandboxieDesktop=y" it disables the desktop proxy mechanism
 -- Note: without an unrestricted token with this option applications wont be able to start
 - added debug option "NoSysCallHooks=y" it disables the sys call processing by the driver
 -- Note: without an unrestricted token with this option applications wont be able to start
 - added ability to record verbost access tracess to the resource monitor
 -- use ini options "FileTrace=*", "PipeTrace=*", "KeyTrace=*", "IpcTrace=*", "GuiTrace=*" to record all events
 -- replace "*" to log only: "A" - allowed, "D" - denided, or "I" - ignore events
 - added ability to record debug output strings to the resource monitor,
 -- use ini option DebugTrace=y to enable
 ### Changed
 - AppUserModelID sting no longer contains sandboxie version string
 - now by default sbie's application manifest hack is disabled, as it causes problems with version checking on windows 10
 -- to enable old behavioure add "PreferExternalManifest=y" to the global or the box specific ini section
 - the resource log mechanism can now handle multiple strings to reduce on string copy operations
 ### Fixed
 - fixed issue with disabling some restriction settings failed
 - fixed disabling of internet block from the presets menu sometimes failed
 - the software compatybility list in the sandman UI now shows the proper template names
 - fixed use of freed memory in the driver
 - replaced swprintf with snwprintf to prevent potential buffer overflow in SbieDll.dll
 - fixed bad list performance with resource log and api log in SandMan UI
 ## [0.4.4 / 5.44.0] - 2020-11-03
 ### Added
 - added SbieLdr (experimental)
 ### Changed
 - moved code injection mechanism from SbieSvc to SbieDll
 - moved function hooking mechanism from SbieDrv to SbieDll
 - introduced a new driverless method to resolve wow64 ntdll base address
 ### removed
 - removed support for windows vista x64
 ## [0.4.3 / 5.43.7] - 2020-11-03
 ### Added
 - added disable forced programs menu command to the sandman ui
 ### Fixed
 - fixed file rename bug introduced with an earlier driver verifier fix
 - fixed issue saving access lists
 - fixed issue with program groups parsing in the SandMan UI 
 - fixed issue with intrnet access restriction options
 - fixed issue deleting sandbox when located on a drive directly
 ## [0.4.2 / 5.43.6] - 2020-10-10
 ### Added
 - added explore box content menu option
 ### Fixed
 - fixed thread handle leak in SbieSvc and other components
 - msedge.exe is now categorized as a chromium derivate
 - fixed chrome 86+ compatybility bug with chroms own sandbox
 ## [0.4.1 / 5.43.5] - 2020-09-12
 ### Added
 - added core version compatybility check to sandman UI
 - added shell integration options to SbiePlus
 ### Changed
 - SbieCtrl does not longer auto show the tutorian on first start
 - when hooking, the to the trampoline migrated section of the original function is not longer noped out
 -- it caused issues with unity games, will be investigated and re enabled later
 ### Fixed
 - fixed color issue with vertical tabs in dark mode
 - fixed wrong path separators when adding new forced folders
 - fixed directroy listing bug intriduced in 5.43
 - fixed issues with settings window when not being connected to driver
 - fixed issue when starting sandman ui as admin
 - fixed auto content delete not working with sandman ui
 ## [0.4.0 / 5.43] - 2020-09-05
 ### Added
 - added a proper custom installer to the the Plus release
 - added sandbox snapshot functionality to sbie core
 -- filesystem is saved incrementally, the snapshots built upon each other
 -- each snapshot gets a full copy of the box registry for now
 -- each snapshot can have multiple children snapshots
 - added access status to resource monitor
 - added setting to change border width
 - added snapshot manager UI to SandMan
 - added template to enable authentication with an Yubikey or comparable 2FA device
 - added ui for program allert
 - added software compatybility options to teh UI
 ### Changed
 - SandMan UI now handles deletion of sandboxe content on its own
 - no longer adding redundnat resource accesses as new events
 ### Fixed
 - fixed issues when hooking functions from delay loaded libraries
 - fixed issues when hooking an already hooked function 
 - fixed issues with the new box settings editor
 ### Removed
 - removes deprecated workaround in the hooking mechanism for an obsolete antimalware product
 ## [0.3.5 / 5.42.1] - 2020-07-19
 ### Added
 - Added settings window
 - added translationsupport
 - added dark theme
 - added auto start option
 - added sandbox options
 - added debug option "NoAddProcessToJob=y"
 ### Changed
 - improved empty sandbox tray icon
 - improved message parsing
 - updated homepage links
 ### Fixed
 - fixed ini issue with sandman.exe when renaming sandboxes
 - fixed ini auto reload bug introduced in the last build
 - fixed issue when hooking delayd loaded libraries
 ## [0.3 / 5.42] - 2020-07-04
 ### Added
 - API_QUERY_PROCESS_INFO can be now used to get the original process token of sandboxed processes
 -- Note: this capability is used by TaskExplorer to allow inspecting sandbox internal tokens
 - Added option "KeepTokenIntegrity=y" to make the sbie token keep its initial integrity level (debug option)
 -- Note: Do NOT USE Debug Options if you dont know their security implications (!) 
 - Added process id to log messages very usefull for debugging
 - Added finder to resource log
 - Added option to hide host processes "HideHostProcess=[name]"
 -- Note: Sbie hides by default processes from other boxes, this behavioure can now be controlled with "HideOtherBoxes=n"
 - Sandboxed RpcSs and DcomLaunch can now be run as system with the option "ProtectRpcSs=y" howeever tht breaks sandboxed explorer and other
 - BuiltIn Clsid whitelist can now be disabled with "OpenDefaultClsid=n"
 - Processes can be now terminated with the del key, and require a confirmation
 - Added sandboxed window border display to SandMan.exe
 - Added notification for sbie log messages
 - Added Sandbox Presets sub menu allowing to quickly change some settings
 -- Enable/Disable API logging, logapi_dll's are now distributed with SbiePlus 
 -- And other: Drop admin rights; Block/Allow internet access; Block/Allow access to files on te network
 - Added more info to the sandbox status column
 - Added path column to SbieModel
 - Added info tooltips in SbieView
 ### Changed
 - Reworked ApiLog, added pid and pid filter
 - Auto config reload on in change is now delayed by 500ms to not reload multiple times on incremental changes
 - Sandbox names now replace "_" witn " " for display allowing to use names that are build of separated words
 ### Fixed
 - added mising PreferExternalManifest itialization to portable mode
 - fixed permission issues with sandboxed system processes
 -- Note: you can use "ExposeBoxedSystem=y" for the old behaviour (debug option)
 - fixed missing SCM access check for sandboxed services
 -- Note: to disable the access check use "UnrestrictedSCM=y" (debug option)
 - fixed missing initialization in serviceserver that caused sandboxed programs to crash when querying service status
 - fixed many bugs that caused the SbieDrv.sys to BSOD when run with MSFT Driver Verifier active
 -- 0xF6 in GetThreadTokenOwnerPid and File_Api_Rename
 -- missing non optional parameter for FltGetFileNameInformation in File_PreOperation
 -- 0xE3 in Key_StoreValue and Key_PreDataInject
 ## [0.2.2 / 5.41.2] - 2020-06-19
 ### Added
 - added option SeparateUserFolders=n to no longer have the user profile files stored separately in the sandbox
 - added SandboxieLogon=y it makes processes run under the SID of the "Sandboxie" user instead of the Anonymous user
 -- Note: the global option AllowSandboxieLogon=y must be enabled, the "Sandboxie" user account must be manually created first and the driver reloaded, else process start will fail
 - improved debugging around process creation errors in the driver
 ### Fixed
 - fixed some log messages going lost after driver reload
 - found a workable fix for the MSI installer issue, see Proc_CreateProcessInternalW_RS5
 ## [0.2.1 / 5.41.1] - 2020-06-18
 ### Added
 - added different sandbox icons for different types
 -- Red LogAPI/BSA enabled
 -- More to come :D
 - Added progress window for async operations that take time
 - added DPI awareness
 - the driver file is now obfuscated to avoid false positives
 - additional debug options to sandboxie.ini OpenToken=y that combines UnrestrictedToken=y and UnfilteredToken=y
 -- Note: using these options weekens the sandboxing, they are intended for debugging and may be used for better application virtualization later
 ### Changed
 - SbieDll.dll when processinh InjectDll now looks in the SbieHome folder for the Dll's if the entered path starts with a backslash
 -- i.e. "InjectDll=\LogAPI\i386\logapi32v.dll" or "InjectDll64=\LogAPI\amd64\logapi64v.dll"
 ### Fixed
 - IniWatcher did not work in portable mode
 - service path fix broke other services, now properly fixed, may be
 - found workaround for the msi installer issue
 ## [0.2 / 5.41.0] - 2020-06-08
 ### Added
 - IniWatcher, no more clicking reload, the ini is now reloaded automatically every time it changes
 - Added Mainanance menu to the Sandbox menu, allowing to install/uninstall and start/stop sandboxie driver, service
 - SandMan.exe now is packed with Sbie files and when no sbie is installed acts as a portable instalation
 - Added option to clean up logs
 ### Changed
 - sbie driver now first checks the home path for the sbie ini before checking SystemRoot
 ### Fixed
 - Fixed a resource leak when running sandboxed
 - Fixed issue boxed services not starting when the path contained a space
 - NtQueryInformationProcess now returns the proper sandboxed path for sandboxed processes
 ## [0.1 / 5.40.2] - 2020-06-01
 ### Added
 - Created a new Qt based UI names SandMan (Sandboxie Manager)
 - Resource monitor now shows the PID
 - Added basic API call log using updated BSA LogApiDll
 ### Changed
 - reworked resource monitor to work with multiple event consumers
 - reworked log to work with multiple event consumers
 ## [5.40.1] - 2020-04-10
 ### Added
--- a/README.md
+++ b/README.md
@ -15,3 +15,6 @@ In September 2019, Sophos switched to a new license.
 In 2020 Sophos has released Sandboxie as Open Source under the GPLv3 licence to the community for further developement and maintanance.
 ## Support
 If you like the tool please consider supporting it on Patreon: https://www.patreon.com/DavidXanatos
--- a/Sandboxie/ReadMe.txt
+++ b/Sandboxie/ReadMe.txt
@ -3,10 +3,9 @@ SANDBOXIE BUILD INSTRUCTIONS
 Please note: there is another ReadMe.txt in the \install\ folder that explains how to create the Sandboxie installers.
-1) Sandboxie builds under MS Visual Studio 2015.
+1) Sandboxie builds under MS Visual Studio 2019.
-2) Install the MS Windows Device Driver Kit (DDK) 7.1.0.
+2) Install the Windows Driver Kit (WDK) for Windows 10, version 2004.
-	https://www.microsoft.com/en-us/download/details.aspx?id=11800
+	https://go.microsoft.com/fwlink/?linkid=2128854
 	In the DDK setup, all you need to check is "Build Environments"
 3) The VS Solution File, Sandbox.sln, is in the source code root. Open this SLN in Visual Studio.
 Source Projects (in aplhabetical order)
--- a/Sandboxie/Sandbox.sln
+++ b/Sandboxie/Sandbox.sln
@ -1,7 +1,7 @@
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio 14
+# Visual Studio 15
-VisualStudioVersion = 14.0.25420.1
+VisualStudioVersion = 15.0.28307.960
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxSvc", "core\svc\SboxSvc.vcxproj", "{2D3DBCAE-883E-54A6-F8F6-11228D989033}"
 	ProjectSection(ProjectDependencies) = postProject
@ -32,9 +32,9 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SandboxBITS", "apps\com\BIT
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxDll", "core\dll\SboxDll.vcxproj", "{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}"
 	ProjectSection(ProjectDependencies) = postProject
 		{67579365-ED6A-C1E4-E0A3-4A7C9F14072D} = {67579365-ED6A-C1E4-E0A3-4A7C9F14072D}
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3} = {63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}
 		{255002EC-9FC7-422E-B497-BE2CC5012B2D} = {255002EC-9FC7-422E-B497-BE2CC5012B2D}
 		{67579365-ED6A-C1E4-E0A3-4A7C9F14072D} = {67579365-ED6A-C1E4-E0A3-4A7C9F14072D}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SandboxCrypto", "apps\com\Crypto\SandboxCrypto.vcxproj", "{41453A79-CA9B-ABCA-981C-5242AFC72DDF}"
@ -66,10 +66,16 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxDrv", "core\drv\SboxDrv
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SbieControl", "apps\control\Control.vcxproj", "{D16E291A-1F8A-4B19-AE07-0AF8CB7CCBD0}"
 	ProjectSection(ProjectDependencies) = postProject
 		{42DB5510-0268-4655-B483-B9D6E4E48D62} = {42DB5510-0268-4655-B483-B9D6E4E48D62}
 		{E40CC819-6990-DA28-3E1F-6708BC98E37B} = {E40CC819-6990-DA28-3E1F-6708BC98E37B}
 		{8055A629-631E-84F5-8F3C-1908F264C81D} = {8055A629-631E-84F5-8F3C-1908F264C81D}
 		{5410C534-4858-C748-86AD-0567A2451FDE} = {5410C534-4858-C748-86AD-0567A2451FDE}
 		{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4} = {8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}
 		{41453A79-CA9B-ABCA-981C-5242AFC72DDF} = {41453A79-CA9B-ABCA-981C-5242AFC72DDF}
 		{2D3DBCAE-883E-54A6-F8F6-11228D989033} = {2D3DBCAE-883E-54A6-F8F6-11228D989033}
 	EndProjectSection
 EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "KmdUtil", "install\kmdutil\KmdUtil.vcxproj", "{0BF4988E-2325-4426-8CDC-BD221E4FB68C}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "kmdutil", "install\kmdutil\KmdUtil.vcxproj", "{0BF4988E-2325-4426-8CDC-BD221E4FB68C}"
 	ProjectSection(ProjectDependencies) = postProject
 		{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4} = {8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}
 	EndProjectSection
@ -79,8 +85,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SbieIni", "apps\ini\SbieIni
 		{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4} = {8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SandboxieInstall", "install\release\SandboxieInstall.vcxproj", "{08A656D9-CDD0-4C9F-AB3F-D98F8E5B6EC6}"
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Parse", "msgs\Parse.vcxproj", "{7BA01954-12F1-4CEE-BA97-FAD3250D9776}"
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxHostDll", "SboxHostDll\SboxHostDll.vcxproj", "{3A42A9F3-E0C7-4633-9570-381802D6647D}"
@ -88,6 +92,22 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxHostDll", "SboxHostDll\
 		{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4} = {8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}
 	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Docs", "Docs", "{666D2193-3CF6-4358-8312-67A0C2B09E35}"
 	ProjectSection(SolutionItems) = preProject
 		..\CHANGELOG.md = ..\CHANGELOG.md
 	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "com", "com", "{7495BFF6-A576-4B96-9071-10CF956368FC}"
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "core", "core", "{E9D1318A-FAF0-4EF8-8561-FCB03862AC99}"
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "apps", "apps", "{0301861F-98D8-4767-BA7D-E146DE2E0C92}"
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SbieLdr", "apps\ldr\SbieLdr.vcxproj", "{352AA425-D224-4F23-AF1D-D54AFADDDB22}"
 	ProjectSection(ProjectDependencies) = postProject
 		{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4} = {8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}
 	EndProjectSection
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		SbieDebug|Win32 = SbieDebug|Win32
@ -216,11 +236,6 @@ Global
 		{B8D7002B-0468-44E7-93A7-94327A5D7C7A}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
 		{B8D7002B-0468-44E7-93A7-94327A5D7C7A}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
 		{B8D7002B-0468-44E7-93A7-94327A5D7C7A}.SbieRelease|x64.Build.0 = SbieRelease|x64
 		{08A656D9-CDD0-4C9F-AB3F-D98F8E5B6EC6}.SbieDebug|Win32.ActiveCfg = SbieRelease|Win32
 		{08A656D9-CDD0-4C9F-AB3F-D98F8E5B6EC6}.SbieDebug|Win32.Build.0 = SbieRelease|Win32
 		{08A656D9-CDD0-4C9F-AB3F-D98F8E5B6EC6}.SbieDebug|x64.ActiveCfg = SbieRelease|Win32
 		{08A656D9-CDD0-4C9F-AB3F-D98F8E5B6EC6}.SbieRelease|Win32.ActiveCfg = SbieRelease|Win32
 		{08A656D9-CDD0-4C9F-AB3F-D98F8E5B6EC6}.SbieRelease|x64.ActiveCfg = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|Win32.ActiveCfg = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|Win32.Build.0 = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|x64.ActiveCfg = SbieRelease|Win32
@ -236,8 +251,36 @@ Global
 		{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
 		{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
 		{3A42A9F3-E0C7-4633-9570-381802D6647D}.SbieRelease|x64.Build.0 = SbieRelease|x64
 		{352AA425-D224-4F23-AF1D-D54AFADDDB22}.SbieDebug|Win32.ActiveCfg = SbieDebug|Win32
 		{352AA425-D224-4F23-AF1D-D54AFADDDB22}.SbieDebug|Win32.Build.0 = SbieDebug|Win32
 		{352AA425-D224-4F23-AF1D-D54AFADDDB22}.SbieDebug|x64.ActiveCfg = SbieDebug|x64
 		{352AA425-D224-4F23-AF1D-D54AFADDDB22}.SbieDebug|x64.Build.0 = SbieDebug|x64
 		{352AA425-D224-4F23-AF1D-D54AFADDDB22}.SbieRelease|Win32.ActiveCfg = SbieRelease|Win32
 		{352AA425-D224-4F23-AF1D-D54AFADDDB22}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
 		{352AA425-D224-4F23-AF1D-D54AFADDDB22}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
 		{352AA425-D224-4F23-AF1D-D54AFADDDB22}.SbieRelease|x64.Build.0 = SbieRelease|x64
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
 	GlobalSection(NestedProjects) = preSolution
 		{2D3DBCAE-883E-54A6-F8F6-11228D989033} = {E9D1318A-FAF0-4EF8-8561-FCB03862AC99}
 		{8B9E1B9D-FB3C-3009-9196-4315871BCD73} = {0301861F-98D8-4767-BA7D-E146DE2E0C92}
 		{E40CC819-6990-DA28-3E1F-6708BC98E37B} = {7495BFF6-A576-4B96-9071-10CF956368FC}
 		{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4} = {E9D1318A-FAF0-4EF8-8561-FCB03862AC99}
 		{41453A79-CA9B-ABCA-981C-5242AFC72DDF} = {7495BFF6-A576-4B96-9071-10CF956368FC}
 		{5410C534-4858-C748-86AD-0567A2451FDE} = {7495BFF6-A576-4B96-9071-10CF956368FC}
 		{8055A629-631E-84F5-8F3C-1908F264C81D} = {7495BFF6-A576-4B96-9071-10CF956368FC}
 		{42DB5510-0268-4655-B483-B9D6E4E48D62} = {7495BFF6-A576-4B96-9071-10CF956368FC}
 		{255002EC-9FC7-422E-B497-BE2CC5012B2D} = {E9D1318A-FAF0-4EF8-8561-FCB03862AC99}
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288} = {E9D1318A-FAF0-4EF8-8561-FCB03862AC99}
 		{D16E291A-1F8A-4B19-AE07-0AF8CB7CCBD0} = {0301861F-98D8-4767-BA7D-E146DE2E0C92}
 		{0BF4988E-2325-4426-8CDC-BD221E4FB68C} = {0301861F-98D8-4767-BA7D-E146DE2E0C92}
 		{B8D7002B-0468-44E7-93A7-94327A5D7C7A} = {0301861F-98D8-4767-BA7D-E146DE2E0C92}
 		{3A42A9F3-E0C7-4633-9570-381802D6647D} = {E9D1318A-FAF0-4EF8-8561-FCB03862AC99}
 		{352AA425-D224-4F23-AF1D-D54AFADDDB22} = {0301861F-98D8-4767-BA7D-E146DE2E0C92}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {8CC68B2E-A32E-409D-8D3F-F68AF524E29C}
 	EndGlobalSection
 EndGlobal
--- a/Sandboxie/SandboxDrv.sln
+++ b/Sandboxie/SandboxDrv.sln
@ -1,7 +1,7 @@
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio 14
+# Visual Studio 15
-VisualStudioVersion = 14.0.25420.1
+VisualStudioVersion = 15.0.28307.1022
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SboxDrv", "core\drv\SboxDrv.vcxproj", "{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}"
 	ProjectSection(ProjectDependencies) = postProject
@ -27,6 +27,14 @@ Global
 		SbieRelease|x64 = SbieRelease|x64
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.Debug|Win32.ActiveCfg = SbieDebug|Win32
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.Debug|Win32.Build.0 = SbieDebug|Win32
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.Debug|x64.ActiveCfg = SbieDebug|x64
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.Debug|x64.Build.0 = SbieDebug|x64
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.Release|Win32.ActiveCfg = SbieRelease|Win32
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.Release|Win32.Build.0 = SbieRelease|Win32
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.Release|x64.ActiveCfg = SbieRelease|x64
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.Release|x64.Build.0 = SbieRelease|x64
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.SbieDebug|Win32.ActiveCfg = SbieDebug|Win32
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.SbieDebug|Win32.Build.0 = SbieDebug|Win32
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.SbieDebug|x64.ActiveCfg = SbieDebug|x64
@ -35,6 +43,14 @@ Global
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
 		{4019C5EB-8D1E-40E4-B7D1-5601B4B27288}.SbieRelease|x64.Build.0 = SbieRelease|x64
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.Debug|Win32.ActiveCfg = SbieRelease|Win32
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.Debug|Win32.Build.0 = SbieRelease|Win32
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.Debug|x64.ActiveCfg = SbieRelease|x64
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.Debug|x64.Build.0 = SbieRelease|x64
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.Release|Win32.ActiveCfg = SbieRelease|Win32
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.Release|Win32.Build.0 = SbieRelease|Win32
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.Release|x64.ActiveCfg = SbieRelease|x64
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.Release|x64.Build.0 = SbieRelease|x64
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|Win32.ActiveCfg = SbieRelease|Win32
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|Win32.Build.0 = SbieRelease|Win32
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieDebug|x64.ActiveCfg = SbieRelease|x64
@ -43,6 +59,14 @@ Global
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|Win32.Build.0 = SbieRelease|Win32
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|x64.ActiveCfg = SbieRelease|x64
 		{63B0DDD2-5E3B-EF38-F711-9652D2EB73B3}.SbieRelease|x64.Build.0 = SbieRelease|x64
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.Debug|Win32.ActiveCfg = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.Debug|Win32.Build.0 = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.Debug|x64.ActiveCfg = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.Debug|x64.Build.0 = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.Release|Win32.ActiveCfg = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.Release|Win32.Build.0 = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.Release|x64.ActiveCfg = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.Release|x64.Build.0 = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|Win32.ActiveCfg = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|Win32.Build.0 = SbieRelease|Win32
 		{7BA01954-12F1-4CEE-BA97-FAD3250D9776}.SbieDebug|x64.ActiveCfg = SbieRelease|Win32
@ -55,4 +79,7 @@ Global
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {806E7BFC-90B6-4D60-A232-3321EA1A60BA}
 	EndGlobalSection
 EndGlobal
--- a/Sandboxie/SboxHostDll/SboxHostDll.rc
+++ b/Sandboxie/SboxHostDll/SboxHostDll.rc
--- a/Sandboxie/SboxHostDll/SboxHostDll.vcxproj
+++ b/Sandboxie/SboxHostDll/SboxHostDll.vcxproj
@ -22,34 +22,34 @@
    <ProjectGuid>{3A42A9F3-E0C7-4633-9570-381802D6647D}</ProjectGuid>
    <Keyword>Win32Proj</Keyword>
    <RootNamespace>SboxHostDll</RootNamespace>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
@ -130,9 +130,6 @@
      <IgnoreSpecificDefaultLibraries>msvcprt.lib;%(IgnoreSpecificDefaultLibraries)</IgnoreSpecificDefaultLibraries>
    </Link>
  </ItemDefinitionGroup>
  <ItemGroup>
    <None Include="ReadMe.txt" />
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="resource.h" />
    <ClInclude Include="SboxHostDll.h" />
--- a/Sandboxie/apps/com/BITS/SandboxBITS.vcxproj
+++ b/Sandboxie/apps/com/BITS/SandboxBITS.vcxproj
@ -21,28 +21,28 @@
  <PropertyGroup Label="Globals">
    <Keyword>Win32Proj</Keyword>
    <ProjectGuid>{E40CC819-6990-DA28-3E1F-6708BC98E37B}</ProjectGuid>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
--- a/Sandboxie/apps/com/BITS/resource.rc
+++ b/Sandboxie/apps/com/BITS/resource.rc
@ -1,19 +1,3 @@
 // Copyright 2004-2020 Sandboxie Holdings, LLC 
 //
 // This program is free software: you can redistribute it and/or modify
 //   it under the terms of the GNU General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
 //
 //   This program is distributed in the hope that it will be useful,
 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 //   GNU General Public License for more details.
 //
 //   You should have received a copy of the GNU General Public License
 //   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 //
 //Microsoft Developer Studio generated resource script.
 //
--- a/Sandboxie/apps/com/Crypto/SandboxCrypto.vcxproj
+++ b/Sandboxie/apps/com/Crypto/SandboxCrypto.vcxproj
@ -21,28 +21,28 @@
  <PropertyGroup Label="Globals">
    <Keyword>Win32Proj</Keyword>
    <ProjectGuid>{41453A79-CA9B-ABCA-981C-5242AFC72DDF}</ProjectGuid>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
--- a/Sandboxie/apps/com/Crypto/resource.rc
+++ b/Sandboxie/apps/com/Crypto/resource.rc
@ -1,19 +1,3 @@
 // Copyright 2004-2020 Sandboxie Holdings, LLC 
 //
 // This program is free software: you can redistribute it and/or modify
 //   it under the terms of the GNU General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
 //
 //   This program is distributed in the hope that it will be useful,
 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 //   GNU General Public License for more details.
 //
 //   You should have received a copy of the GNU General Public License
 //   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 //
 //Microsoft Developer Studio generated resource script.
 //
--- a/Sandboxie/apps/com/DcomLaunch/SboxDcomLaunch.vcxproj
+++ b/Sandboxie/apps/com/DcomLaunch/SboxDcomLaunch.vcxproj
@ -21,28 +21,28 @@
  <PropertyGroup Label="Globals">
    <Keyword>Win32Proj</Keyword>
    <ProjectGuid>{8055A629-631E-84F5-8F3C-1908F264C81D}</ProjectGuid>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
--- a/Sandboxie/apps/com/DcomLaunch/dcomlaunch.c
+++ b/Sandboxie/apps/com/DcomLaunch/dcomlaunch.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -143,8 +144,10 @@ int __stdcall WinMain(
    // start dcom launcher service
    wcscpy(ServiceName, L"DCOMLAUNCH");
    ok = Service_Start_ServiceMain( ServiceName, L"rpcss.dll", "ServiceMain", TRUE);
 	if (ok)
 		WaitForSingleObject(hThreadEvent, INFINITE);
 	CloseHandle(hThreadEvent);
    if (! ok)
        return EXIT_FAILURE;
    WaitForSingleObject(hThreadEvent, INFINITE);
    return 0;
 }
--- a/Sandboxie/apps/com/DcomLaunch/resource.rc
+++ b/Sandboxie/apps/com/DcomLaunch/resource.rc
@ -1,19 +1,3 @@
 // Copyright 2004-2020 Sandboxie Holdings, LLC 
 //
 // This program is free software: you can redistribute it and/or modify
 //   it under the terms of the GNU General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
 //
 //   This program is distributed in the hope that it will be useful,
 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 //   GNU General Public License for more details.
 //
 //   You should have received a copy of the GNU General Public License
 //   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 //
 //Microsoft Developer Studio generated resource script.
 //
--- a/Sandboxie/apps/com/RpcSs/SandboxRpcSs.vcxproj
+++ b/Sandboxie/apps/com/RpcSs/SandboxRpcSs.vcxproj
@ -21,28 +21,28 @@
  <PropertyGroup Label="Globals">
    <Keyword>Win32Proj</Keyword>
    <ProjectGuid>{5410C534-4858-C748-86AD-0567A2451FDE}</ProjectGuid>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
--- a/Sandboxie/apps/com/RpcSs/linger.c
+++ b/Sandboxie/apps/com/RpcSs/linger.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -303,7 +304,9 @@ int DoLingerLeader(void)
    InitializeCriticalSection(&ProcessCritSec);
    heventRpcSs = CreateEvent(0, FALSE, FALSE, NULL);
-    CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ProcessStartMonitor, NULL, 0, NULL);
+	HANDLE ThreadHandle = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ProcessStartMonitor, NULL, 0, NULL);
 	if (ThreadHandle)
 		CloseHandle(ThreadHandle);
    if (1) {
        //
--- a/Sandboxie/apps/com/RpcSs/resource.rc
+++ b/Sandboxie/apps/com/RpcSs/resource.rc
@ -1,19 +1,3 @@
 // Copyright 2004-2020 Sandboxie Holdings, LLC 
 //
 // This program is free software: you can redistribute it and/or modify
 //   it under the terms of the GNU General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
 //
 //   This program is distributed in the hope that it will be useful,
 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 //   GNU General Public License for more details.
 //
 //   You should have received a copy of the GNU General Public License
 //   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 //
 //Microsoft Developer Studio generated resource script.
 //
--- a/Sandboxie/apps/com/WUAU/SandboxWUAU.vcxproj
+++ b/Sandboxie/apps/com/WUAU/SandboxWUAU.vcxproj
@ -21,34 +21,34 @@
  <PropertyGroup Label="Globals">
    <ProjectGuid>{42DB5510-0268-4655-B483-B9D6E4E48D62}</ProjectGuid>
    <RootNamespace>SandboxWUAU</RootNamespace>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <CharacterSet>MultiByte</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <CharacterSet>MultiByte</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>MultiByte</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>MultiByte</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
--- a/Sandboxie/apps/com/WUAU/resource.rc
+++ b/Sandboxie/apps/com/WUAU/resource.rc
@ -1,19 +1,3 @@
 // Copyright 2004-2020 Sandboxie Holdings, LLC 
 //
 // This program is free software: you can redistribute it and/or modify
 //   it under the terms of the GNU General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
 //
 //   This program is distributed in the hope that it will be useful,
 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 //   GNU General Public License for more details.
 //
 //   You should have received a copy of the GNU General Public License
 //   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 //
 //Microsoft Developer Studio generated resource script.
 //
--- a/Sandboxie/apps/common/Common.vcxproj
+++ b/Sandboxie/apps/common/Common.vcxproj
@ -20,28 +20,28 @@
  </ItemGroup>
  <PropertyGroup Label="Globals">
    <ProjectGuid>{67579365-ED6A-C1E4-E0A3-4A7C9F14072D}</ProjectGuid>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>StaticLibrary</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>StaticLibrary</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>StaticLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>StaticLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
@ -106,6 +106,7 @@
    <ClCompile Include="MyMsgBox.c" />
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="..\..\common\my_version.h" />
    <ClInclude Include="BoxOrder.h" />
    <ClInclude Include="CommonUtils.h" />
    <ClInclude Include="MyGdi.h" />
--- a/Sandboxie/apps/common/RunBrowser.cpp
+++ b/Sandboxie/apps/common/RunBrowser.cpp
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -134,7 +135,7 @@ void CRunBrowser::OnNo()
 CString CRunBrowser::GetTopicUrl(const CString &topic)
 {
-    return L"https://www.sandboxie.com/index.php?" + topic;
+    return L"https://xanasoft.com/Sandboxie/" + topic;
 }
@ -155,5 +156,5 @@ void CRunBrowser::OpenHelp(CWnd *pParentWnd, const CString &topic)
 void CRunBrowser::OpenForum(CWnd *pParentWnd)
 {
-    CRunBrowser x(pParentWnd, L"http://forums.sandboxie.com/phpBB3/");
+    CRunBrowser x(pParentWnd, L"https://forum.xanasoft.com/");
 }
--- a/Sandboxie/apps/control/AboutDialog.cpp
+++ b/Sandboxie/apps/control/AboutDialog.cpp
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -143,7 +144,7 @@ BOOL CAboutDialog::OnInitDialog()
        U_PDF = L' ';
    }
    text.Format(L"%S %c(%d-bit)%c",
-        MY_VERSION_STRING_EX, U_LRO, _bitness, U_PDF);
+        MY_VERSION_STRING, U_LRO, _bitness, U_PDF);
    CString ver = CMyMsg(MSG_3302, text);
    GetDlgItem(ID_ABOUT_VERSION)->SetWindowText(ver);
@ -152,7 +153,7 @@ BOOL CAboutDialog::OnInitDialog()
    //
    //
-    text.Format(L"%S", MY_COPYRIGHT_STRING);
+    text.Format(L"%S\r\n%S", MY_COPYRIGHT_STRING, MY_COPYRIGHT_STRING_OLD);
    GetDlgItem(ID_ABOUT_COPYRIGHT)->SetWindowText(text);
    GetDlgItem(IDOK)->SetWindowText(CMyMsg(MSG_3001));
--- a/Sandboxie/apps/control/BoxFile.cpp
+++ b/Sandboxie/apps/control/BoxFile.cpp
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -358,17 +359,19 @@ CString CBoxFile::GetCopyPathForTruePath(const WCHAR *TruePath) const
 {
    ULONG TruePath_len = wcslen(TruePath);
-    for (int index = -4; index < 26; ++index) {
+	BOOLEAN SeparateUserFolders = SbieApi_QueryConfBool(m_name, L"SeparateUserFolders", TRUE);
    for (int index = SeparateUserFolders ? -4 : -1; index < 26; ++index) {
        const WCHAR *prefix = NULL;
        if (index == -4)
-            prefix = L"\\device\\mup";
+			prefix = SbieDll_GetUserPathEx(L'p');
        else if (index == -3)
            prefix = SbieDll_GetUserPathEx(L'a');
        else if (index == -2)
            prefix = SbieDll_GetUserPathEx(L'c');
        else if (index == -1)
-            prefix = SbieDll_GetUserPathEx(L'p');
+			prefix = L"\\device\\mup"; 
        else
            prefix = SbieDll_GetDrivePath(index);
        if (! prefix)
@ -381,13 +384,13 @@ CString CBoxFile::GetCopyPathForTruePath(const WCHAR *TruePath) const
            CString CopyPath(m_FilePath);
            if (index == -4)
-                CopyPath += L"\\share";
+				CopyPath += L"\\user\\public";
            else if (index == -3)
                CopyPath += L"\\user\\all";
            else if (index == -2)
                CopyPath += L"\\user\\current";
            else if (index == -1)
-                CopyPath += L"\\user\\public";
+				CopyPath += L"\\share"; 
            else {
                WCHAR letter = L'a' + index;
                CopyPath += L"\\drive\\";
--- a/Sandboxie/apps/control/Control.vcxproj
+++ b/Sandboxie/apps/control/Control.vcxproj
@ -22,7 +22,7 @@
    <ProjectGuid>{D16E291A-1F8A-4B19-AE07-0AF8CB7CCBD0}</ProjectGuid>
    <RootNamespace>Control</RootNamespace>
    <ProjectName>SbieControl</ProjectName>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
@ -32,7 +32,7 @@
    <UseOfMfc>Static</UseOfMfc>
    <UseOfAtl>false</UseOfAtl>
    <WholeProgramOptimization>false</WholeProgramOptimization>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
@ -41,7 +41,7 @@
    <UseOfMfc>Static</UseOfMfc>
    <UseOfAtl>false</UseOfAtl>
    <WholeProgramOptimization>false</WholeProgramOptimization>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
@ -50,7 +50,7 @@
    <CharacterSet>Unicode</CharacterSet>
    <UseOfMfc>Static</UseOfMfc>
    <UseOfAtl>false</UseOfAtl>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
@ -59,7 +59,7 @@
    <CharacterSet>Unicode</CharacterSet>
    <UseOfMfc>Static</UseOfMfc>
    <UseOfAtl>false</UseOfAtl>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
@ -108,7 +108,7 @@
      <PrecompiledHeader>Use</PrecompiledHeader>
    </ClCompile>
    <Link>
-      <AdditionalDependencies>uafxcw.lib;common.lib;SbieDll.lib;ntdll.lib;psapi.lib;wininet.lib</AdditionalDependencies>
+      <AdditionalDependencies>uafxcw.lib;common.lib;SbieDll.lib;ntdll.lib;psapi.lib;wininet.lib;winhttp.lib</AdditionalDependencies>
      <EntryPointSymbol>
      </EntryPointSymbol>
      <IgnoreSpecificDefaultLibraries>uafxcw.lib</IgnoreSpecificDefaultLibraries>
@ -126,7 +126,7 @@
      <PrecompiledHeader>Use</PrecompiledHeader>
    </ClCompile>
    <Link>
-      <AdditionalDependencies>uafxcw.lib;common.lib;SbieDll.lib;ntdll.lib;psapi.lib;wininet.lib</AdditionalDependencies>
+      <AdditionalDependencies>uafxcw.lib;common.lib;SbieDll.lib;ntdll.lib;psapi.lib;wininet.lib;winhttp.lib</AdditionalDependencies>
      <EntryPointSymbol>
      </EntryPointSymbol>
      <IgnoreSpecificDefaultLibraries>uafxcw.lib</IgnoreSpecificDefaultLibraries>
@ -143,7 +143,7 @@
      <PrecompiledHeader>Use</PrecompiledHeader>
    </ClCompile>
    <Link>
-      <AdditionalDependencies>uafxcw.lib;common.lib;SbieDll.lib;ntdll.lib;psapi.lib;wininet.lib</AdditionalDependencies>
+      <AdditionalDependencies>uafxcw.lib;common.lib;SbieDll.lib;ntdll.lib;psapi.lib;wininet.lib;winhttp.lib</AdditionalDependencies>
      <EntryPointSymbol>
      </EntryPointSymbol>
      <IgnoreSpecificDefaultLibraries>uafxcw.lib</IgnoreSpecificDefaultLibraries>
@ -158,7 +158,7 @@
      <PrecompiledHeader>Use</PrecompiledHeader>
    </ClCompile>
    <Link>
-      <AdditionalDependencies>uafxcw.lib;common.lib;SbieDll.lib;ntdll.lib;psapi.lib;wininet.lib</AdditionalDependencies>
+      <AdditionalDependencies>uafxcw.lib;common.lib;SbieDll.lib;ntdll.lib;psapi.lib;wininet.lib;winhttp.lib</AdditionalDependencies>
      <EntryPointSymbol>
      </EntryPointSymbol>
      <IgnoreSpecificDefaultLibraries>uafxcw.lib</IgnoreSpecificDefaultLibraries>
@ -167,6 +167,18 @@
    </Link>
  </ItemDefinitionGroup>
  <ItemGroup>
    <ClCompile Include="..\..\common\json\JSON.cpp">
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">NotUsing</PrecompiledHeader>
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">NotUsing</PrecompiledHeader>
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">NotUsing</PrecompiledHeader>
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">NotUsing</PrecompiledHeader>
    </ClCompile>
    <ClCompile Include="..\..\common\json\JSONValue.cpp">
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">NotUsing</PrecompiledHeader>
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">NotUsing</PrecompiledHeader>
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">NotUsing</PrecompiledHeader>
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">NotUsing</PrecompiledHeader>
    </ClCompile>
    <ClCompile Include="..\common\BoxOrder.c">
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">NotUsing</PrecompiledHeader>
      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">NotUsing</PrecompiledHeader>
@ -271,11 +283,16 @@
    <ClCompile Include="ThirdPartyDialog.cpp" />
    <ClCompile Include="ToolTipButton.cpp" />
    <ClCompile Include="TreePropSheet.cpp" />
    <ClCompile Include="UpdateDialog.cpp" />
    <ClCompile Include="Updater.cpp" />
    <ClCompile Include="UserSettings.cpp" />
    <ClCompile Include="ViewTemplateDialog.cpp" />
    <ClCompile Include="WindowTitleMap.cpp" />
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="..\..\common\json\JSON.h" />
    <ClInclude Include="..\..\common\json\JSONValue.h" />
    <ClInclude Include="..\..\common\my_version.h" />
    <ClInclude Include="..\common\BoxOrder.h" />
    <ClInclude Include="..\common\FontStore.h" />
    <ClInclude Include="..\common\Layout.h" />
@ -331,6 +348,8 @@
    <ClInclude Include="ThirdPartyDialog.h" />
    <ClInclude Include="ToolTipButton.h" />
    <ClInclude Include="TreePropSheet.h" />
    <ClInclude Include="UpdateDialog.h" />
    <ClInclude Include="Updater.h" />
    <ClInclude Include="UserSettings.h" />
    <ClInclude Include="ViewTemplateDialog.h" />
    <ClInclude Include="WindowTitleMap.h" />
@ -339,7 +358,6 @@
    <ResourceCompile Include="SbieControl.rc" />
  </ItemGroup>
  <ItemGroup>
    <None Include="..\..\..\sbieweb\web\img\FrontPage\FrontPageAnimation.gif" />
    <None Include="..\res\background.png" />
    <None Include="..\res\bigex.ico" />
    <None Include="..\res\checkmark.png" />
--- a/Sandboxie/apps/control/Control.vcxproj.filters
+++ b/Sandboxie/apps/control/Control.vcxproj.filters
@ -0,0 +1,210 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <ItemGroup>
    <Manifest Include="..\res\xptheme.manifest" />
  </ItemGroup>
  <ItemGroup>
    <ClCompile Include="AboutDialog.cpp" />
    <ClCompile Include="AlertDialog.cpp" />
    <ClCompile Include="AnimatedBitmap.cpp" />
    <ClCompile Include="AppPage.cpp" />
    <ClCompile Include="AutoPlay.cpp" />
    <ClCompile Include="BaseDialog.cpp" />
    <ClCompile Include="BorderGuard.cpp" />
    <ClCompile Include="Box.cpp" />
    <ClCompile Include="Boxes.cpp" />
    <ClCompile Include="BoxFile.cpp" />
    <ClCompile Include="BoxPage.cpp" />
    <ClCompile Include="BoxProc.cpp" />
    <ClCompile Include="CreateDialog.cpp" />
    <ClCompile Include="DeleteDialog.cpp" />
    <ClCompile Include="DisableForceDialog.cpp" />
    <ClCompile Include="FileListCtrl.cpp" />
    <ClCompile Include="FinderDialog.cpp" />
    <ClCompile Include="FindTool.c" />
    <ClCompile Include="FlashingButton.cpp" />
    <ClCompile Include="GettingStartedWizard.cpp" />
    <ClCompile Include="InitWait.cpp" />
    <ClCompile Include="LockConfigDialog.cpp" />
    <ClCompile Include="MenuXP.cpp" />
    <ClCompile Include="MenuXP_Draw.cpp" />
    <ClCompile Include="MessageDialog.cpp" />
    <ClCompile Include="MonitorDialog.cpp" />
    <ClCompile Include="MyApp.cpp" />
    <ClCompile Include="MyFrame.cpp" />
    <ClCompile Include="MyListCtrl.cpp" />
    <ClCompile Include="MyWizard.cpp" />
    <ClCompile Include="ProcListCtrl.cpp" />
    <ClCompile Include="ProcSettingsDialog.cpp" />
    <ClCompile Include="ProgramSelector.cpp" />
    <ClCompile Include="PropPageFrame.cpp" />
    <ClCompile Include="PropPageFrameDefault.cpp" />
    <ClCompile Include="QuickRecover.cpp" />
    <ClCompile Include="RevealDialog.cpp" />
    <ClCompile Include="SbieIni.cpp" />
    <ClCompile Include="SetFolderDialog.cpp" />
    <ClCompile Include="SetLayoutDialog.cpp" />
    <ClCompile Include="ShellDialog.cpp" />
    <ClCompile Include="stdafx.cpp" />
    <ClCompile Include="TabbingComboBox.cpp" />
    <ClCompile Include="TemplateListBox.cpp" />
    <ClCompile Include="ThirdPartyDialog.cpp" />
    <ClCompile Include="ToolTipButton.cpp" />
    <ClCompile Include="TreePropSheet.cpp" />
    <ClCompile Include="UserSettings.cpp" />
    <ClCompile Include="ViewTemplateDialog.cpp" />
    <ClCompile Include="WindowTitleMap.cpp" />
    <ClCompile Include="..\common\BoxOrder.c">
      <Filter>common</Filter>
    </ClCompile>
    <ClCompile Include="..\common\FontStore.cpp">
      <Filter>common</Filter>
    </ClCompile>
    <ClCompile Include="..\common\Layout.cpp">
      <Filter>common</Filter>
    </ClCompile>
    <ClCompile Include="..\common\MyGdi.c">
      <Filter>common</Filter>
    </ClCompile>
    <ClCompile Include="..\common\MyMsg.cpp">
      <Filter>common</Filter>
    </ClCompile>
    <ClCompile Include="..\common\RunBrowser.cpp">
      <Filter>common</Filter>
    </ClCompile>
    <ClCompile Include="..\common\RunStartExe.cpp">
      <Filter>common</Filter>
    </ClCompile>
    <ClCompile Include="..\..\common\json\JSON.cpp">
      <Filter>common\json</Filter>
    </ClCompile>
    <ClCompile Include="..\..\common\json\JSONValue.cpp">
      <Filter>common\json</Filter>
    </ClCompile>
    <ClCompile Include="UpdateDialog.cpp" />
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="AboutDialog.h" />
    <ClInclude Include="AlertDialog.h" />
    <ClInclude Include="AnimatedBitmap.h" />
    <ClInclude Include="AppPage.h" />
    <ClInclude Include="AutoPlay.h" />
    <ClInclude Include="BaseDialog.h" />
    <ClInclude Include="BorderGuard.h" />
    <ClInclude Include="Box.h" />
    <ClInclude Include="Boxes.h" />
    <ClInclude Include="BoxFile.h" />
    <ClInclude Include="BoxPage.h" />
    <ClInclude Include="BoxProc.h" />
    <ClInclude Include="CreateDialog.h" />
    <ClInclude Include="DeleteDialog.h" />
    <ClInclude Include="DisableForceDialog.h" />
    <ClInclude Include="FileListCtrl.h" />
    <ClInclude Include="FinderDialog.h" />
    <ClInclude Include="FindTool.h" />
    <ClInclude Include="FlashingButton.h" />
    <ClInclude Include="GettingStartedWizard.h" />
    <ClInclude Include="InitWait.h" />
    <ClInclude Include="LockConfigDialog.h" />
    <ClInclude Include="MenuXP.h" />
    <ClInclude Include="MenuXP_Draw.h" />
    <ClInclude Include="MenuXP_Tools.h" />
    <ClInclude Include="MessageDialog.h" />
    <ClInclude Include="MonitorDialog.h" />
    <ClInclude Include="MyApp.h" />
    <ClInclude Include="MyFrame.h" />
    <ClInclude Include="MyListCtrl.h" />
    <ClInclude Include="MyWizard.h" />
    <ClInclude Include="ProcListCtrl.h" />
    <ClInclude Include="ProcSettingsDialog.h" />
    <ClInclude Include="ProgramSelector.h" />
    <ClInclude Include="PropPageFrame.h" />
    <ClInclude Include="PropPageFrameDefault.h" />
    <ClInclude Include="QuickRecover.h" />
    <ClInclude Include="resource.h" />
    <ClInclude Include="RevealDialog.h" />
    <ClInclude Include="SbieIni.h" />
    <ClInclude Include="SetFolderDialog.h" />
    <ClInclude Include="SetLayoutDialog.h" />
    <ClInclude Include="ShellDialog.h" />
    <ClInclude Include="stdafx.h" />
    <ClInclude Include="TabbingComboBox.h" />
    <ClInclude Include="TemplateListBox.h" />
    <ClInclude Include="ThirdPartyDialog.h" />
    <ClInclude Include="ToolTipButton.h" />
    <ClInclude Include="TreePropSheet.h" />
    <ClInclude Include="UserSettings.h" />
    <ClInclude Include="ViewTemplateDialog.h" />
    <ClInclude Include="WindowTitleMap.h" />
    <ClInclude Include="..\common\BoxOrder.h">
      <Filter>common</Filter>
    </ClInclude>
    <ClInclude Include="..\common\FontStore.h">
      <Filter>common</Filter>
    </ClInclude>
    <ClInclude Include="..\common\Layout.h">
      <Filter>common</Filter>
    </ClInclude>
    <ClInclude Include="..\common\MyGdi.h">
      <Filter>common</Filter>
    </ClInclude>
    <ClInclude Include="..\common\MyMsg.h">
      <Filter>common</Filter>
    </ClInclude>
    <ClInclude Include="..\common\RunBrowser.h">
      <Filter>common</Filter>
    </ClInclude>
    <ClInclude Include="..\..\common\my_version.h">
      <Filter>common</Filter>
    </ClInclude>
    <ClInclude Include="..\..\common\json\JSON.h">
      <Filter>common\json</Filter>
    </ClInclude>
    <ClInclude Include="..\..\common\json\JSONValue.h">
      <Filter>common\json</Filter>
    </ClInclude>
    <ClInclude Include="UpdateDialog.h" />
  </ItemGroup>
  <ItemGroup>
    <ResourceCompile Include="SbieControl.rc" />
  </ItemGroup>
  <ItemGroup>
    <Image Include="..\res\FrontPageAnimation.gif" />
  </ItemGroup>
  <ItemGroup>
    <None Include="..\res\background.png" />
    <None Include="..\res\bigex.ico" />
    <None Include="..\res\checkmark.png" />
    <None Include="..\res\controlwin.ico" />
    <None Include="..\res\cycle.png" />
    <None Include="..\res\exclamation.png" />
    <None Include="..\res\finder-empty.bmp" />
    <None Include="..\res\finder-full.bmp" />
    <None Include="..\res\finder.cur" />
    <None Include="..\res\folder-minus.ico" />
    <None Include="..\res\folder-plus.ico" />
    <None Include="..\res\GettingStartedLegend.png" />
    <None Include="..\res\initwait1.ico" />
    <None Include="..\res\initwait2.ico" />
    <None Include="..\res\MastheadLogo.jpg" />
    <None Include="..\res\none.ico" />
    <None Include="..\res\proc-empty.ico" />
    <None Include="..\res\proc-full-minus.ico" />
    <None Include="..\res\proc-full-plus.ico" />
    <None Include="..\res\questionmark.png" />
    <None Include="..\res\sandbox-delete.ico" />
    <None Include="..\res\sandbox-empty-dfp.ico" />
    <None Include="..\res\sandbox-empty.ico" />
    <None Include="..\res\sandbox-full-dfp.ico" />
    <None Include="..\res\sandbox-full.ico" />
    <None Include="SbieControl.rc2" />
  </ItemGroup>
  <ItemGroup>
    <Filter Include="common">
      <UniqueIdentifier>{be66dba5-2f3c-4325-abc0-4283750262a2}</UniqueIdentifier>
    </Filter>
    <Filter Include="common\json">
      <UniqueIdentifier>{1eb5d258-3c21-4ed6-9384-57dd80c51c36}</UniqueIdentifier>
    </Filter>
  </ItemGroup>
 </Project>
--- a/Sandboxie/apps/control/InitWait.cpp
+++ b/Sandboxie/apps/control/InitWait.cpp
@ -73,7 +73,7 @@ CInitWait::CInitWait(CWinApp *myApp)
    m_pMenu = NULL;
-    m_app_ver.Format(L"%S", MY_VERSION_STRING);
+    m_app_ver.Format(L"%S", MY_VERSION_COMPAT);
    m_svc_ver = L"?";
    m_drv_ver = L"?";
--- a/Sandboxie/apps/control/LockConfigDialog.cpp
+++ b/Sandboxie/apps/control/LockConfigDialog.cpp
@ -246,11 +246,11 @@ void CLockConfigDialog::OnOK()
    ini.SetRestrictions(
        isEditAdminOnly, isForceDisableAdminOnly, isForgetPassword);
-    if ((*m_NewPassword) || isEditAdminOnly) {
+    //if ((*m_NewPassword) || isEditAdminOnly) {
-        int rv = CMyApp::MsgBox(this, MSG_4269, MB_YESNO);
+    //    int rv = CMyApp::MsgBox(this, MSG_4269, MB_YESNO);
-        if (rv == IDYES)
+    //    if (rv == IDYES)
-            CRunBrowser::OpenHelp(this, L"ConfigurationProtection");
+    //        CRunBrowser::OpenHelp(this, L"ConfigurationProtection");
-    }
+    //}
    EndDialog(0);
 }
--- a/Sandboxie/apps/control/MessageDialog.cpp
+++ b/Sandboxie/apps/control/MessageDialog.cpp
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -29,6 +30,7 @@
 #include "common/win32_ntddk.h"
 #include "common/my_version.h"
 #include "core/drv/api_defs.h"
 #include "core/svc/InteractiveWire.h"
 //---------------------------------------------------------------------------
@ -94,6 +96,8 @@ CMessageDialog::CMessageDialog(CWnd *pParentWnd, int mode)
    m_buf_len = (8 * 1024);
    m_buf = malloc_WCHAR(m_buf_len);
 	m_last_message_number = 0;
    if (mode == MSGDLG_NORMAL)
        ReloadConf();
@ -250,23 +254,39 @@ void CMessageDialog::OnTimer()
    while (1) {
        ULONG len = m_buf_len;
-        LONG status = SbieApi_GetWork(CMyApp::m_session_id, m_buf, &len);
+		ULONG message_number = m_last_message_number;
-        if (status != 0)
+		ULONG code = -1;
-            break;
+		ULONG pid = 0;
        ULONG status = SbieApi_GetMessage(&message_number, CMyApp::m_session_id, &code, &pid, m_buf, len);
 		if (status != 0)
 			break; // error or no more entries
 		m_last_message_number = message_number;
-        ULONG *type = (ULONG *)m_buf;
+        if (/*code == MSG_2199 &&*/ m_firsttime)
        if (*type != API_LOG_MESSAGE)
            continue;
-        ULONG code = type[1];
+		//
-        if (code == MSG_2199 && m_firsttime)
+		// ignore file migration progress notifications
-            continue;
+		if (code == MSG_2198)
 			continue;
-        WCHAR *str1 = (WCHAR *)&type[2];
+		//
 		// ignore boxed process start notification
 		if (code == MSG_1399)
 			continue;
        WCHAR *str1 = m_buf;
        ULONG str1_len = wcslen(str1);
        WCHAR *str2 = str1 + str1_len + 1;
        ULONG str2_len = wcslen(str2);
 		//
 		// ignore MANPROXY errors the legacy UI does not support interactive prompts
 		if (code == MSG_2203 && wcsncmp(str1, L"*" INTERACTIVE_QUEUE_NAME L"_", 10) == 0)
 			continue;
        if (IsHiddenMessage(code, str1, str2))
            continue;
@ -688,7 +708,8 @@ void CMessageDialog::OnListDoubleClick()
                DWORD process_id = _wtoi(sPid.GetString());
                // tell driver to allow spooler print to file for this process
-                LONG rc = SbieApi_CallOne(API_ALLOW_SPOOLER_PRINT_TO_FILE, (ULONG_PTR)(process_id));
+				ULONG NewState = TRUE;
 				LONG rc = SbieApi_ProcessExemptionControl((HANDLE)process_id, 'splr', &NewState, NULL);
                sbie.Format(SBIE_IN_MSGS L"%04d", 1319);
                DiscardMessages(sbie, detail);
                sbie.Format(SBIE_IN_MSGS L"%04d", 1320);
@ -870,14 +891,6 @@ void CMessageDialog::DoRecovery()
        msg = (MsgEntry *)m_queue.RemoveHead();
        WCHAR *space = wcschr(msg->str1, L' ');
        if (! space) {
            delete msg;
            return;
        }
        *space = L'\0';
        ++space;
        CBox &box = CBoxes::GetInstance().GetBox(msg->str1);
        if (box.GetName().IsEmpty()) {
@ -885,8 +898,8 @@ void CMessageDialog::DoRecovery()
            return;
        }
-        if (wcsncmp(space, L"*AUTOPLAY*", 10) == 0) {
+        if (wcsncmp(msg->str2, L"*AUTOPLAY*", 10) == 0) {
-            DoAutoPlay(box, space[10]);
+            DoAutoPlay(box, msg->str2[10]);
            delete msg;
            return;
        }
@ -897,7 +910,7 @@ void CMessageDialog::DoRecovery()
        }
        m_qr_box = box.GetName();
-        m_qr = new CQuickRecover(m_pParentWnd, m_qr_box, space, QR_AUTO);
+        m_qr = new CQuickRecover(m_pParentWnd, m_qr_box, msg->str2, QR_AUTO);
        MyDoModal(m_qr);
        delete m_qr;
--- a/Sandboxie/apps/control/MessageDialog.h
+++ b/Sandboxie/apps/control/MessageDialog.h
@ -55,6 +55,8 @@ class CMessageDialog : public CBaseDialog
    CPtrArray m_hidden;
 	ULONG m_last_message_number;
    BOOL IsHiddenMessage(
        ULONG code, const WCHAR *detail_1, const WCHAR *detail_2);
--- a/Sandboxie/apps/control/MonitorDialog.cpp
+++ b/Sandboxie/apps/control/MonitorDialog.cpp
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -41,6 +42,8 @@ CMonitorDialog::CMonitorDialog(CWnd *pParentWnd)
        m_username[0] = L'\0';
    m_username[255] = L'\0';
    m_username_len = wcslen(m_username);
 	m_last_entry_seq_num = 0;
 }
@ -105,15 +108,25 @@ void CMonitorDialog::OnIdle()
    static const WCHAR *_Separator  = L"   -------------------------------";
    CListBox *listbox = (CListBox *)GetDlgItem(ID_MESSAGE_LIST);
-    WCHAR name[280];
+    WCHAR name[300];
    while (1) {
 		ULONG seq_num = m_last_entry_seq_num;
        USHORT type;
-        SbieApi_MonitorGet(&type, &name[12]);
+		ULONG64 pid;
-        if ((! type) || (! name[12]))
+        ULONG status = SbieApi_MonitorGetEx(&seq_num, &type, &pid, &name[12]);
-            break;
+		if (status != 0)
 			break; // error or no more entries
 		if(seq_num != m_last_entry_seq_num + 1)
 			SbieApi_Log(MSG_1242, NULL); // MSG_MONITOR_OVERFLOW
 		m_last_entry_seq_num = seq_num;
 		if ((!type) || (!name[12]))
 			break;
 		// privacy protection, hide username
        while (m_username_len) {
            WCHAR *username_ptr = wcsstr(&name[12], m_username);
            if (! username_ptr)
@ -126,12 +139,11 @@ void CMonitorDialog::OnIdle()
        name[10] = L' ';
        name[9] = L' ';
        if (type & MONITOR_OPEN) {
            type &= ~MONITOR_OPEN;
            name[9] = L'O';
        } else if (type & MONITOR_DENY) {
            type &= ~MONITOR_DENY;
            name[9] = L'X';
        }
 		type &= 0x0FFF;
        const WCHAR *PrefixPtr = _Unknown;
        if (type == MONITOR_PIPE)
@ -152,6 +164,8 @@ void CMonitorDialog::OnIdle()
            PrefixPtr = _Other;
        wcsncpy(name, PrefixPtr, 9);
 		wsprintf(&name[wcslen(name)], L"; PID: %I64u", pid);
        int index = listbox->AddString(name);
        WCHAR oldname[280];
--- a/Sandboxie/apps/control/MonitorDialog.h
+++ b/Sandboxie/apps/control/MonitorDialog.h
@ -30,6 +30,7 @@ class CMonitorDialog : public CBaseDialog
    WCHAR m_username[256];
    ULONG m_username_len;
 	ULONG m_last_entry_seq_num;
    virtual BOOL OnInitDialog();
--- a/Sandboxie/apps/control/MyFrame.cpp
+++ b/Sandboxie/apps/control/MyFrame.cpp
@ -45,7 +45,8 @@
 #include "apps/common/RunBrowser.h"
 #include "apps/common/BoxOrder.h"
 #include "common/my_version.h"
-
+#include "Updater.h"
 #include "UpdateDialog.h"
 //---------------------------------------------------------------------------
 // Defines
@ -87,6 +88,8 @@ static const WCHAR *_HideWindowNotify           = L"HideWindowNotify";
       const WCHAR *_UpdateCheckNotify          = L"UpdateCheckNotify";
 static const WCHAR *_ShouldDeleteNotify         = L"ShouldDeleteNotify";
 	   const WCHAR *_NextUpdateCheck            = L"NextUpdateCheck";
 BOOL CMyFrame::m_inTimer   = FALSE;
 BOOL CMyFrame::m_destroyed = FALSE;
@ -135,11 +138,15 @@ BEGIN_MESSAGE_MAP(CMyFrame, CFrameWnd)
    ON_COMMAND(ID_CONF_EDIT,                    OnCmdConfEdit)
    ON_COMMAND(ID_CONF_RELOAD,                  OnCmdConfReload)
 	ON_COMMAND(ID_HELP_SUPPORT,                 OnCmdHelpSupport)
    ON_COMMAND(ID_HELP_TOPICS,                  OnCmdHelpTopics)
    ON_COMMAND(ID_HELP_TUTORIAL,                OnCmdHelpTutorial)
    ON_COMMAND(ID_HELP_FORUM,                   OnCmdHelpForum)
 	ON_COMMAND(ID_HELP_UPDATE,                  OnCmdHelpUpdate)
    ON_COMMAND(ID_HELP_ABOUT,                   OnCmdHelpAbout)
 	//ON_MESSAGE(WM_UPDATERESULT,					OnUpdateResult)
    ON_COMMAND(ID_PROCESS_TERMINATE,            OnCmdTerminateProcess)
    ON_UPDATE_COMMAND_UI(ID_DISABLE_FORCE,      OnUpdDisableForce)
@ -190,7 +197,7 @@ CMyFrame::CMyFrame(BOOL ForceVisible, BOOL ForceSync)
    m_view = m_view_old = 0;
    m_hidden = FALSE;
-    CUserSettings::GetInstance().GetBool(_ShowWelcome, m_ShowWelcome, TRUE);
+    //CUserSettings::GetInstance().GetBool(_ShowWelcome, m_ShowWelcome, TRUE);
    CUserSettings::GetInstance().GetBool(_AlwaysOnTop, m_AlwaysOnTop, FALSE);
    m_ReSyncShortcuts = ForceSync;
@ -223,7 +230,8 @@ CMyFrame::CMyFrame(BOOL ForceVisible, BOOL ForceSync)
    AdjustSizePosition(left, top, width, height);
    ULONG exStyle = (CMyApp::m_LayoutRTL) ? WS_EX_LAYOUTRTL : 0;
-    CreateEx(   exStyle, (LPCTSTR)CMyApp::m_atom, CMyApp::m_appTitle,
+	CString strTitle = CMyApp::m_appTitle + " - xanasoft.com";
    CreateEx(   exStyle, (LPCTSTR)CMyApp::m_atom, strTitle,
                WS_OVERLAPPEDWINDOW | WS_CAPTION | WS_SYSMENU,
                left, top, width, height,
                NULL, NULL, NULL);
@ -961,6 +969,17 @@ void CMyFrame::OnCmdConfReload()
 }
 //---------------------------------------------------------------------------
 // OnCmdHelpSupport
 //---------------------------------------------------------------------------
 void CMyFrame::OnCmdHelpSupport()
 {
 	CRunBrowser x(this, L"https://xanasoft.com/go.php?to=donate");
 }
 //---------------------------------------------------------------------------
 // OnCmdHelpTopics
 //---------------------------------------------------------------------------
@ -996,8 +1015,17 @@ void CMyFrame::OnCmdHelpForum()
    CRunBrowser::OpenForum(this);
 }
 //---------------------------------------------------------------------------
 // OnCmdHelpUpdate
 //---------------------------------------------------------------------------
 void CMyFrame::OnCmdHelpUpdate()
 {
 	CUpdateDialog dlg(this);
 	dlg.DoModal();
 }
 //---------------------------------------------------------------------------
 // OnCmdHelpAbout
 //---------------------------------------------------------------------------
@ -1974,7 +2002,7 @@ void CMyFrame::OnTimer(UINT_PTR nIDEvent)
        // first time?
        //
-        if (m_ShowWelcome && (! inModalState)) {
+        /*if (m_ShowWelcome && (! inModalState)) {
            m_ShowWelcome = FALSE;
            CUserSettings::GetInstance().SetBool(_ShowWelcome, FALSE);
@ -1984,7 +2012,7 @@ void CMyFrame::OnTimer(UINT_PTR nIDEvent)
            CGettingStartedWizard wizard(this);
            return;
-        }
+        }*/
        //
        // resync shortcuts?  usually Sandboxie Control does not resync
@ -2006,6 +2034,39 @@ void CMyFrame::OnTimer(UINT_PTR nIDEvent)
        if ((_counter % 600) == 0)
            SaveSettings();
 		//
 		// update check
 		//
 		if (! m_hidden)
 		{
 			__int64 NextUpdateCheck;
 			CUserSettings::GetInstance().GetNum64(_NextUpdateCheck, NextUpdateCheck, 0);
 			if(NextUpdateCheck == 0)
 				CUserSettings::GetInstance().SetNum64(_NextUpdateCheck, time(NULL) + 7 * 24 * 60 * 60);
 			else if(NextUpdateCheck != -1 && time(NULL) >= NextUpdateCheck)
 			{
 				BOOL UpdateCheckNotify;
 				CUserSettings::GetInstance().GetBool(_UpdateCheckNotify, UpdateCheckNotify, TRUE);
 				if (UpdateCheckNotify)
 				{
 					static BOOLEAN update_dlg_open = FALSE;
 					if (!update_dlg_open) {
 						update_dlg_open = TRUE;
 						CUpdateDialog dlg(this);
 						if(dlg.DoModal() == 0)
 							CUserSettings::GetInstance().SetNum64(_NextUpdateCheck, time(NULL) + 1 * 24 * 60 * 60);
 						update_dlg_open = FALSE;
 					}
 				}
 				else
 				{
 					CUserSettings::GetInstance().SetNum64(_NextUpdateCheck, time(NULL) + 1 * 24 * 60 * 60);
 					CUpdater::GetInstance().CheckUpdates(this, false);
 				}
 			}
 		}
        //
        // refresh processes
        //
@ -2330,3 +2391,9 @@ void CMyFrame::CheckShouldDelete(CBox &box)
        }
    }
 }
 /*LRESULT CMyFrame::OnUpdateResult(WPARAM wParam, LPARAM lParam)
 {
 	return 0;
 }*/
--- a/Sandboxie/apps/control/MyFrame.h
+++ b/Sandboxie/apps/control/MyFrame.h
@ -55,7 +55,7 @@ class CMyFrame : public CFrameWnd
    CPoint m_TrayPoint;
    BOOL m_hidden;
-    BOOL m_ShowWelcome;
+    //BOOL m_ShowWelcome;
    BOOL m_ReSyncShortcuts;
    BOOL m_AutoRunSoftCompat;
    BOOL m_AlwaysOnTop;
@ -119,10 +119,13 @@ class CMyFrame : public CFrameWnd
    afx_msg void OnCmdConfLock();
    afx_msg void OnCmdConfEdit();
    afx_msg void OnCmdConfReload();
 	afx_msg void OnCmdHelpSupport();
    afx_msg void OnCmdHelpTopics();
    afx_msg void OnCmdHelpTutorial();
    afx_msg void OnCmdHelpForum();
 	afx_msg void OnCmdHelpUpdate();
    afx_msg void OnCmdHelpAbout();
 	//afx_msg LRESULT OnUpdateResult(WPARAM wParam, LPARAM lParam);
    afx_msg void OnCmdTerminateProcess();
    afx_msg void OnUpdViewMenu(CCmdUI *pCmdUI);
--- a/Sandboxie/apps/control/SbieControl.rc
+++ b/Sandboxie/apps/control/SbieControl.rc
--- a/Sandboxie/apps/control/ShellDialog.cpp
+++ b/Sandboxie/apps/control/ShellDialog.cpp
@ -142,7 +142,7 @@ BOOL CShellDialog::OnInitDialog()
    CUserSettings &user = CUserSettings::GetInstance();
    user.GetBool(_EnableLogonStart,     logonstart,     TRUE);
-    user.GetBool(_EnableAutoStart,      autostart,      TRUE);
+    user.GetBool(_EnableAutoStart,      autostart,      FALSE);
    user.GetBool(_AddDesktopIcon,       desktop,        TRUE);
    user.GetBool(_AddQuickLaunchIcon,   quicklaunch,    TRUE);
    user.GetBool(_AddContextMenu,       contextmenu,    TRUE);
--- a/Sandboxie/apps/control/ThirdPartyDialog.cpp
+++ b/Sandboxie/apps/control/ThirdPartyDialog.cpp
@ -816,6 +816,7 @@ void CThirdPartyDialog::CollectTemplates()
    ini.GetTemplateNames(L"Desktop", names);
    ini.GetTemplateNames(L"Download", names);
    ini.GetTemplateNames(L"Misc", names);
 	ini.GetTemplateNames(L"WebBrowser", names);
    m_templates.RemoveAll();
    while (! names.IsEmpty()) {
--- a/Sandboxie/apps/control/UpdateDialog.cpp
+++ b/Sandboxie/apps/control/UpdateDialog.cpp
@ -0,0 +1,171 @@
 /*
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 //---------------------------------------------------------------------------
 // Run Browser Dialog
 //---------------------------------------------------------------------------
 #include "stdafx.h"
 #include "UpdateDialog.h"
 #include "Updater.h"
 #include "common/CommonUtils.h"
 #include "common/MyMsg.h"
 #include "core/dll/sbiedll.h"
 #include "UserSettings.h"
 //---------------------------------------------------------------------------
 // Message Map
 //---------------------------------------------------------------------------
 BEGIN_MESSAGE_MAP(CUpdateDialog, CDialog)
    ON_COMMAND(IDOK,			OnNow)
 	ON_COMMAND(ID_UPDATE_LATER,	OnLater)
 	ON_COMMAND(ID_UPDATE_NEVER,	OnNever)
    ON_COMMAND(IDCANCEL,		OnCancel)
 END_MESSAGE_MAP()
 //---------------------------------------------------------------------------
 // Constructor
 //---------------------------------------------------------------------------
 CUpdateDialog::CUpdateDialog(CWnd *pParentWnd)
    : CDialog((UINT)0, pParentWnd)
 {
    m_lpszTemplateName = L"UPDATE_DIALOG";
    BOOLEAN LayoutRTL;
    SbieDll_GetLanguage(&LayoutRTL);
    if (LayoutRTL) {
        m_DlgTmplCopy =
            Common_DlgTmplRtl(AfxGetInstanceHandle(), m_lpszTemplateName);
        if (m_DlgTmplCopy) {
            m_lpszTemplateName = NULL;
            InitModalIndirect((LPCDLGTEMPLATE)m_DlgTmplCopy, m_pParentWnd);
        }
    } else
        m_DlgTmplCopy = NULL;
 }
 //---------------------------------------------------------------------------
 // Destructor
 //---------------------------------------------------------------------------
 CUpdateDialog::~CUpdateDialog()
 {
    if (m_DlgTmplCopy) {
        HeapFree(GetProcessHeap(), 0, m_DlgTmplCopy);
        m_DlgTmplCopy = NULL;
    }
 }
 //---------------------------------------------------------------------------
 // OnInitDialog
 //---------------------------------------------------------------------------
 BOOL CUpdateDialog::OnInitDialog()
 {
    SetWindowText(CMyMsg(MSG_3621));
    GetDlgItem(ID_UPDATE_EXPLAIN_1)->SetWindowText(CMyMsg(MSG_3622));
 	GetDlgItem(IDOK)->SetWindowText(CMyMsg(MSG_3623));
    GetDlgItem(ID_UPDATE_LATER)->SetWindowText(CMyMsg(MSG_3624));
 	GetDlgItem(ID_UPDATE_NEVER)->SetWindowText(CMyMsg(MSG_3625));
    GetDlgItem(IDCANCEL)->SetWindowText(CMyMsg(MSG_3002));
 	GetDlgItem(ID_UPDATE_SILENT)->SetWindowText(CMyMsg(MSG_3626));
 	GetDlgItem(ID_UPDATE_EXPLAIN_2)->SetWindowText(CMyMsg(MSG_3627));
 	BOOL UpdateCheckNotify;
 	CUserSettings::GetInstance().GetBool(_UpdateCheckNotify, UpdateCheckNotify, FALSE);
 	CButton *pCheckBox1 = (CButton *)GetDlgItem(ID_UPDATE_SILENT);
 	pCheckBox1->SetCheck(!UpdateCheckNotify ? BST_CHECKED : BST_UNCHECKED);
    return TRUE;
 }
 //---------------------------------------------------------------------------
 // OnNow
 //---------------------------------------------------------------------------
 void CUpdateDialog::OnNow()
 {
 	if(!CUpdater::GetInstance().CheckUpdates(GetParent()))
 		CMyApp::MsgBox(NULL, MSG_3628, MB_OK);
 	CloseDialog();
 }
 //---------------------------------------------------------------------------
 // OnLater
 //---------------------------------------------------------------------------
 void CUpdateDialog::OnLater()
 {
 	CUserSettings::GetInstance().SetNum64(_NextUpdateCheck, time(NULL) + 7 * 24 * 60 * 60);
 	CloseDialog();
 }
 //---------------------------------------------------------------------------
 // OnNever
 //---------------------------------------------------------------------------
 void CUpdateDialog::OnNever()
 {
 	CUserSettings::GetInstance().SetNum64(_NextUpdateCheck, -1);
 	CloseDialog();
 }
 //---------------------------------------------------------------------------
 // OnCancel
 //---------------------------------------------------------------------------
 void CUpdateDialog::OnCancel()
 {
 	EndDialog(0);
 }
 //---------------------------------------------------------------------------
 // EndDialog
 //---------------------------------------------------------------------------
 void CUpdateDialog::CloseDialog()
 {
 	CButton *pCheckBox1 = (CButton *)GetDlgItem(ID_UPDATE_SILENT);
 	CUserSettings::GetInstance().SetBool(_UpdateCheckNotify, !pCheckBox1->GetCheck() == BST_CHECKED);
 	EndDialog(1);
 }
--- a/Sandboxie/apps/control/UpdateDialog.h
+++ b/Sandboxie/apps/control/UpdateDialog.h
@ -0,0 +1,71 @@
 /*
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 //---------------------------------------------------------------------------
 // Run Browser Dialog Box
 //---------------------------------------------------------------------------
 #ifndef _MY_UPDATEDIALOG_H
 #define _MY_UPDATEDIALOG_H
 //---------------------------------------------------------------------------
 // Defines
 //---------------------------------------------------------------------------
 #define ID_RUN_BROWSER_EXPLAIN  10111
 #define ID_RUN_BROWSER_URL      10222
 //---------------------------------------------------------------------------
 // CUpdateDialog Class
 //---------------------------------------------------------------------------
 #ifndef RC_INVOKED
 #include <afxcmn.h>
 class CUpdateDialog : public CDialog
 {
    DECLARE_MESSAGE_MAP()
    void *m_DlgTmplCopy;
    virtual BOOL OnInitDialog();
    afx_msg void OnNow();
    afx_msg void OnLater();
 	afx_msg void OnNever();
 	afx_msg void OnCancel();
 	void CloseDialog();
 public:
    CUpdateDialog(CWnd *pParentWnd);
    ~CUpdateDialog();
 };
 #endif // ! RC_INVOKED
 #endif // _MY_UPDATEDIALOG_H
--- a/Sandboxie/apps/control/Updater.cpp
+++ b/Sandboxie/apps/control/Updater.cpp
@ -0,0 +1,487 @@
 /*
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 //---------------------------------------------------------------------------
 // Updater
 //---------------------------------------------------------------------------
 #include "stdafx.h"
 #include <winhttp.h>
 #include "Updater.h"
 #include "UpdateDialog.h"
 #include "common/RunBrowser.h"
 #include "SbieIni.h"
 #include "UserSettings.h"
 #define CRC_WITH_ADLER32
 #include "common/crc.c"
 #include "common/my_version.h"
 #include "common/json/JSON.h"
 #include "common/win32_ntddk.h"
 //---------------------------------------------------------------------------
 // Variables
 //---------------------------------------------------------------------------
 CUpdater *CUpdater::m_instance = NULL;
 //---------------------------------------------------------------------------
 // Constructor
 //---------------------------------------------------------------------------
 CUpdater::CUpdater()
 {
 	m_update_pending = false;
 	//OSVERSIONINFOW m_osvi = { 0 };
 	m_osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOW);
 	NTSTATUS(WINAPI *RtlGetVersion)(LPOSVERSIONINFOW);
 	*(FARPROC*)&RtlGetVersion = GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlGetVersion");
 	if (RtlGetVersion == NULL || !NT_SUCCESS(RtlGetVersion(&m_osvi)))
 		GetVersionExW(&m_osvi);
 }
 //---------------------------------------------------------------------------
 // Destructor
 //---------------------------------------------------------------------------
 CUpdater::~CUpdater()
 {
 }
 //---------------------------------------------------------------------------
 // GetInstance
 //---------------------------------------------------------------------------
 CUpdater &CUpdater::GetInstance()
 {
 	if (!m_instance)
 		m_instance = new CUpdater();
 	return *m_instance;
 }
 //---------------------------------------------------------------------------
 // CheckUpdates
 //---------------------------------------------------------------------------
 bool CUpdater::CheckUpdates(CWnd *pParentWnd, bool bManual)
 {
 	if (m_update_pending)
 		return false;
 	ULONG ThreadId;
 	ULONG_PTR *ThreadArgs = new ULONG_PTR[2];
 	ThreadArgs[0] = (ULONG_PTR)pParentWnd->m_hWnd;
 	ThreadArgs[1] = bManual ? 1 : 0;
 	CreateThread(NULL, 0, UpdaterServiceThread, ThreadArgs, 0, &ThreadId);
 	return true;
 }
 //---------------------------------------------------------------------------
 // DownloadUpdateData
 //---------------------------------------------------------------------------
 BOOLEAN CUpdater::DownloadUpdateData(const WCHAR* Host, const WCHAR* Path, PSTR* pData, ULONG* pDataLength)
 {
 	BOOLEAN success = FALSE;
 	PVOID SessionHandle = NULL;
 	PVOID ConnectionHandle = NULL;
 	PVOID RequestHandle = NULL;
 	{
 		SessionHandle = WinHttpOpen(NULL,
 			m_osvi.dwMajorVersion >= 8 ? WINHTTP_ACCESS_TYPE_AUTOMATIC_PROXY : WINHTTP_ACCESS_TYPE_DEFAULT_PROXY,
 			WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0);
 		if (!SessionHandle)
 			goto CleanupExit;
 		if (m_osvi.dwMajorVersion >= 8) {
 			ULONG Options = WINHTTP_DECOMPRESSION_FLAG_GZIP | WINHTTP_DECOMPRESSION_FLAG_DEFLATE;
 			WinHttpSetOption(SessionHandle, WINHTTP_OPTION_DECOMPRESSION, &Options, sizeof(Options));
 		}
 	}
 	{
 		ConnectionHandle = WinHttpConnect(SessionHandle, Host, 443, 0); // ssl port
 		if (!ConnectionHandle)
 			goto CleanupExit;
 	}
 	{
 		ULONG httpFlags = WINHTTP_FLAG_SECURE | WINHTTP_FLAG_REFRESH;
 		RequestHandle = WinHttpOpenRequest(ConnectionHandle,
 			NULL, Path, NULL, WINHTTP_NO_REFERER, WINHTTP_DEFAULT_ACCEPT_TYPES, httpFlags);
 		if (!RequestHandle)
 			goto CleanupExit;
 		ULONG Options = WINHTTP_DISABLE_KEEP_ALIVE;
 		WinHttpSetOption(RequestHandle, WINHTTP_OPTION_DISABLE_FEATURE, &Options, sizeof(Options));
 	}
 	if (!WinHttpSendRequest(RequestHandle, WINHTTP_NO_ADDITIONAL_HEADERS, 0, NULL, 0, 0, 0))
 		goto CleanupExit;
 	if (!WinHttpReceiveResponse(RequestHandle, NULL))
 		goto CleanupExit;
 	{
 		PVOID result = NULL;
 		ULONG allocatedLength;
 		ULONG dataLength;
 		ULONG returnLength;
 		BYTE buffer[PAGE_SIZE];
 		if (pData == NULL)
 			goto CleanupExit;
 		allocatedLength = sizeof(buffer);
 		*pData = (PSTR)malloc(allocatedLength);
 		dataLength = 0;
 		while (WinHttpReadData(RequestHandle, buffer, PAGE_SIZE, &returnLength))
 		{
 			if (returnLength == 0)
 				break;
 			if (allocatedLength < dataLength + returnLength)
 			{
 				allocatedLength *= 2;
 				*pData = (PSTR)realloc(*pData, allocatedLength);
 			}
 			memcpy(*pData + dataLength, buffer, returnLength);
 			dataLength += returnLength;
 		}
 		if (allocatedLength < dataLength + 1)
 		{
 			allocatedLength++;
 			*pData = (PSTR)realloc(*pData, allocatedLength);
 		}
 		// Ensure that the buffer is null-terminated.
 		(*pData)[dataLength] = 0;
 		if (pDataLength != NULL)
 			*pDataLength = dataLength;
 	}
 	success = TRUE;
 CleanupExit:
 	if (RequestHandle)
 		WinHttpCloseHandle(RequestHandle);
 	if (ConnectionHandle)
 		WinHttpCloseHandle(ConnectionHandle);
 	if (SessionHandle)
 		WinHttpCloseHandle(SessionHandle);
 	return success;
 }
 //---------------------------------------------------------------------------
 // GetJSONStringSafe
 //---------------------------------------------------------------------------
 std::wstring GetJSONStringSafe(const JSONObject& root, const std::wstring& key, const std::wstring& default = L"")
 {
 	auto I = root.find(key);
 	if (I == root.end() || !I->second->IsString())
 		return default;
 	return I->second->AsString();
 }
 //---------------------------------------------------------------------------
 // QueryUpdateData
 //---------------------------------------------------------------------------
 BOOLEAN CUpdater::QueryUpdateData(UPDATER_DATA* Context)
 {
 	BOOLEAN success = FALSE;
 	CString Path;
 	char* jsonString = NULL;
 	JSONValue* jsonObject = NULL;
 	JSONObject jsonRoot;
 	Path.Format(L"/update.php?software=sandboxie&version=%S&system=windows-%d.%d.%d-%s&language=%d&auto=%s", MY_VERSION_STRING, 
 #ifdef _WIN64
 		m_osvi.dwMajorVersion, m_osvi.dwMinorVersion, m_osvi.dwBuildNumber, L"x86_64",
 #else
 		m_osvi.dwMajorVersion, m_osvi.dwMinorVersion, m_osvi.dwBuildNumber, L"i386",
 #endif
 		SbieDll_GetLanguage(NULL), Context->Manual ? L"0" : L"1");
 	CString update_key;
 	CSbieIni::GetInstance().GetText(_GlobalSettings, L"UpdateKey", update_key);
 	if (!update_key.IsEmpty())
 		Path += L"&update_key=" + update_key;
 	if (!DownloadUpdateData(L"xanasoft.com", Path, &jsonString, NULL)) {
 		Context->ErrorCode = GetLastError();
 		goto CleanupExit;
 	}
 	jsonObject = JSON::Parse((const char*)jsonString);
 	if (jsonObject == NULL || !jsonObject->IsObject()) {
 		Context->ErrorCode = WEB_E_INVALID_JSON_STRING;
 		goto CleanupExit;
 	}
 	jsonRoot = jsonObject->AsObject();
 	Context->userMsg = GetJSONStringSafe(jsonRoot, L"userMsg").c_str();
 	Context->infoUrl = GetJSONStringSafe(jsonRoot, L"infoUrl").c_str();
 	Context->version = GetJSONStringSafe(jsonRoot, L"version").c_str();
 	//Context->updated = (uint64_t)jsonRoot[L"updated"]->AsNumber();
 	Context->updateMsg = GetJSONStringSafe(jsonRoot, L"updateMsg").c_str();
 	Context->updateUrl = GetJSONStringSafe(jsonRoot, L"updateUrl").c_str();
 	Context->downloadUrl = GetJSONStringSafe(jsonRoot, L"downloadUrl").c_str();
 	success = TRUE;
 CleanupExit:
 	if (jsonString)
 		free(jsonString);
 	if (jsonObject)
 		delete jsonObject;
 	return success;
 }
 //---------------------------------------------------------------------------
 // DownloadUpdate
 //---------------------------------------------------------------------------
 CString CUpdater::DownloadUpdate(const CString& downloadUrl)
 {
 	WCHAR TempDir[MAX_PATH + 1];
 	if (GetTempPath(MAX_PATH, (LPWSTR)&TempDir) == 0)
 		return L"";
 	int hostPos = downloadUrl.Find(L"://") + 3;
 	if(hostPos < 3)
 		return L"";
 	int pathPos = downloadUrl.Find(L"/", hostPos);
 	if (pathPos < 0)
 		return L"";
 	CString Host = downloadUrl.Mid(hostPos, pathPos - hostPos);
 	CString Path = downloadUrl.Mid(pathPos);
 	int queryPos = downloadUrl.Find(L"?", pathPos);
 	if (queryPos < 0)
 		queryPos = downloadUrl.GetLength();
 	CString Name = downloadUrl.Left(queryPos);
 	Name = Name.Mid(Name.ReverseFind(L'/') + 1);
 	if (Name.IsEmpty() || Name.Right(4).CompareNoCase(L".exe") != 0)
 		Name = L"SandboxieInstall.exe";
 	char* data = NULL;
 	ULONG size = 0;
 	if (!DownloadUpdateData(Host, Path, &data, &size)) 
 		return L"";
 	CString FilePath = TempDir + Name;
 	ULONG bytesWriten = 0;
 	HANDLE hFile = CreateFile(FilePath, FILE_GENERIC_WRITE, FILE_SHARE_READ, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
 	if (hFile != INVALID_HANDLE_VALUE)
 	{
 		//SetFilePointer(hFile, 0, NULL, FILE_BEGIN);
 		WriteFile(hFile, data, size, &bytesWriten, NULL);
 		CloseHandle(hFile);
 	}
 	free(data);
 	if(bytesWriten != size)
 		return L"";
 	return FilePath;
 }
 //---------------------------------------------------------------------------
 // UpdaterServiceThread
 //---------------------------------------------------------------------------
 ULONG CUpdater::UpdaterServiceThread(void *lpParameter)
 {
 	m_instance->m_update_pending = true;
 	ULONG_PTR *ThreadArgs = (ULONG_PTR *)lpParameter;
 	HWND parent = (HWND)ThreadArgs[0];
 	PUPDATER_DATA pContext = new UPDATER_DATA;
 	pContext->Manual = ThreadArgs[1] ? TRUE : FALSE;
 	pContext->ErrorCode = 0;
 	BOOLEAN Ret = m_instance->QueryUpdateData(pContext);
 	if (Ret)
 	{
 		bool bNothing = true;
 		CStringList IgnoredUpdates;
 		CUserSettings::GetInstance().GetTextList(L"_IgnoreUpdate", IgnoredUpdates);
 		if (!pContext->userMsg.IsEmpty())
 		{
 			WCHAR MsgHash[9];
 			ULONG crc = CRC_Adler32((UCHAR *)(const WCHAR*)pContext->userMsg, pContext->userMsg.GetLength() * sizeof(WCHAR));
 			wsprintf(MsgHash, L"%08X", crc);
 			if (IgnoredUpdates.Find(MsgHash) == NULL)
 			{
 				bNothing = false;
 				CString Msg = pContext->userMsg;
 				int rv;
 				if (pContext->infoUrl.IsEmpty())
 					rv = CMyApp::MsgCheckBox(NULL, Msg, 0, MB_OK);
 				else
 				{
 					Msg += "\n \n";
 					Msg += CMyMsg(MSG_3641) + L"?";
 					rv = CMyApp::MsgCheckBox(NULL, Msg, 0, MB_YESNO);
 				}
 				if (rv < 0) {
 					rv = -rv;
 					CUserSettings::GetInstance().AppendText(L"_IgnoreUpdate", MsgHash);
 				}
 				if (rv == IDYES)
 					CRunBrowser dlg(NULL, pContext->infoUrl);
 			}
 		}
 		if (!pContext->version.IsEmpty() && pContext->version.Compare(_T(MY_VERSION_STRING)) != 0)
 		{
 			if (pContext->Manual || IgnoredUpdates.Find(pContext->version) == NULL)
 			{
 				bNothing = false;
 				CString Msg = pContext->updateMsg;
 				if (Msg.IsEmpty())
 					Msg = CMyMsg(MSG_3630, pContext->version);
 				int rv;
 				if (pContext->updateUrl.IsEmpty() && pContext->downloadUrl.IsEmpty())
 					rv = CMyApp::MsgCheckBox(NULL, Msg, 0, MB_OK);
 				else
 				{
 					Msg += "\n \n";
 					if (!pContext->downloadUrl.IsEmpty())
 						Msg += CMyMsg(MSG_3631);
 					else
 						Msg += CMyMsg(MSG_3641) + L"?"; // MSG_3631
 					rv = CMyApp::MsgCheckBox(NULL, Msg, 0, MB_YESNO);
 				}
 				if (rv < 0) {
 					rv = -rv;
 					CUserSettings::GetInstance().AppendText(L"_IgnoreUpdate", pContext->version);
 				}
 				if (rv == IDYES)
 				{
 					if (!pContext->downloadUrl.IsEmpty())
 					{
 						CString downloadPath = m_instance->DownloadUpdate(pContext->downloadUrl);
 						if (downloadPath.IsEmpty())
 							CMyApp::MsgBox(NULL, MSG_3634, MB_OK);
 						else
 						{
 							rv = CMyApp::MsgBox(NULL, CMyMsg(MSG_3633, pContext->version, downloadPath), MB_YESNO);
 							if (rv == IDYES)
 							{
 								SHELLEXECUTEINFO shex;
 								memzero(&shex, sizeof(SHELLEXECUTEINFO));
 								shex.cbSize = sizeof(SHELLEXECUTEINFO);
 								shex.fMask = SEE_MASK_NOCLOSEPROCESS | SEE_MASK_FLAG_NO_UI;
 								shex.hwnd = parent;
 								shex.lpFile = downloadPath;
 								shex.lpParameters = NULL;
 								shex.nShow = SW_SHOWNORMAL;
 								shex.lpVerb = L"runas";
 								if (ShellExecuteEx(&shex))
 									CloseHandle(shex.hProcess);
 							}
 						}
 					}
 					else
 						CRunBrowser dlg(NULL, pContext->updateUrl);
 				}
 			}
 		}
 		if (bNothing)
 		{
 			// schedule next theck for in a week, except when the user choose never
 			__int64 NextUpdateCheck;
 			CUserSettings::GetInstance().GetNum64(_NextUpdateCheck, NextUpdateCheck, 0);
 			if (NextUpdateCheck != -1)
 				CUserSettings::GetInstance().SetNum64(_NextUpdateCheck, time(NULL) + 7 * 24 * 60 * 60);
 			if (pContext->Manual)
 				CMyApp::MsgBox(NULL, MSG_3629, MB_OK);
 		}
 	}
 	else if (pContext->Manual)
 		CMyApp::MsgBox(NULL, MSG_3634, MB_OK);
 	//::PostMessage(parent, WM_UPDATERESULT, Ret, (LPARAM)pContext);
 	delete pContext;
 	m_instance->m_update_pending = false;
 	return 0;
 }
--- a/Sandboxie/apps/control/Updater.h
+++ b/Sandboxie/apps/control/Updater.h
@ -0,0 +1,74 @@
 /*
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 //---------------------------------------------------------------------------
 // Updater
 //---------------------------------------------------------------------------
 #ifndef _MY_UPDATER_H
 #define _MY_UPDATER_H
 //#define WM_UPDATERESULT     (WM_APP + 10)
 typedef struct _UPDATER_DATA
 {
 	CString userMsg;
 	CString infoUrl;
 	CString version;
 	//unsigned __int64 updated;
 	CString updateMsg;
 	CString updateUrl;
 	CString downloadUrl;
 	BOOLEAN Manual;
 	ULONG ErrorCode;
 } UPDATER_DATA, *PUPDATER_DATA;
 extern const WCHAR *_UpdateCheckNotify;
 extern const WCHAR *_NextUpdateCheck;
 class CUpdater
 {
 	static CUpdater *m_instance;
 	bool m_update_pending;
 	OSVERSIONINFOW m_osvi;
 	CUpdater();
 	BOOLEAN DownloadUpdateData(const WCHAR* Host, const WCHAR* Path, PSTR* pData, ULONG* dataLength);
 	BOOLEAN QueryUpdateData(UPDATER_DATA* Context);
 	CString DownloadUpdate(const CString& downloadUrl);
 	static ULONG UpdaterServiceThread(void *lpParameter);
 public:
 	~CUpdater();
 	static CUpdater &GetInstance();
 	bool CheckUpdates(CWnd *pParentWnd, bool bManual = true);
 };
 #endif // _MY_UPDATER_H
--- a/Sandboxie/apps/control/resource.h
+++ b/Sandboxie/apps/control/resource.h
@ -1,20 +1,3 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 //{{NO_DEPENDENCIES}}
 // Microsoft Visual C++ generated include file.
 // Used by SbieControl.rc
@ -63,9 +46,11 @@
 #define ID_CONF_RELOAD                  40037
 #define ID_CONF_THIRD_PARTY             40038
 #define ID_CONF_LOCK                    40039
 #define ID_HELP_SUPPORT                 40040
 #define ID_HELP_TOPICS                  40041
 #define ID_HELP_TUTORIAL                40042
 #define ID_HELP_FORUM                   40043
 #define ID_HELP_UPDATE                  40044
 #define ID_HELP_ABOUT                   40045
 #define ID_PROCESS_TERMINATE            40051
 #define ID_PROCESS_SETTINGS             40052
@ -264,7 +249,7 @@
 // 
 #ifdef APSTUDIO_INVOKED
 #ifndef APSTUDIO_READONLY_SYMBOLS
-#define _APS_NEXT_RESOURCE_VALUE        103
+#define _APS_NEXT_RESOURCE_VALUE        104
 #define _APS_NEXT_COMMAND_VALUE         40013
 #define _APS_NEXT_CONTROL_VALUE         1001
 #define _APS_NEXT_SYMED_VALUE           103
--- a/Sandboxie/apps/ini/SbieIni.vcxproj
+++ b/Sandboxie/apps/ini/SbieIni.vcxproj
@ -34,34 +34,34 @@
    <ProjectGuid>{B8D7002B-0468-44E7-93A7-94327A5D7C7A}</ProjectGuid>
    <Keyword>Win32Proj</Keyword>
    <RootNamespace>SbieIni</RootNamespace>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
--- a/Sandboxie/apps/ini/resource1.rc
+++ b/Sandboxie/apps/ini/resource1.rc
@ -1,19 +1,3 @@
 // Copyright 2004-2020 Sandboxie Holdings, LLC 
 //
 // This program is free software: you can redistribute it and/or modify
 //   it under the terms of the GNU General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
 //
 //   This program is distributed in the hope that it will be useful,
 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 //   GNU General Public License for more details.
 //
 //   You should have received a copy of the GNU General Public License
 //   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 //
 //---------------------------------------------------------------------------
 // SbieIni scripting utility
 //---------------------------------------------------------------------------
--- a/Sandboxie/apps/ldr/SbieLdr.vcxproj
+++ b/Sandboxie/apps/ldr/SbieLdr.vcxproj
@ -0,0 +1,152 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <ItemGroup Label="ProjectConfigurations">
    <ProjectConfiguration Include="SbieDebug|Win32">
      <Configuration>SbieDebug</Configuration>
      <Platform>Win32</Platform>
    </ProjectConfiguration>
    <ProjectConfiguration Include="SbieDebug|x64">
      <Configuration>SbieDebug</Configuration>
      <Platform>x64</Platform>
    </ProjectConfiguration>
    <ProjectConfiguration Include="SbieRelease|Win32">
      <Configuration>SbieRelease</Configuration>
      <Platform>Win32</Platform>
    </ProjectConfiguration>
    <ProjectConfiguration Include="SbieRelease|x64">
      <Configuration>SbieRelease</Configuration>
      <Platform>x64</Platform>
    </ProjectConfiguration>
  </ItemGroup>
  <ItemGroup>
    <ClCompile Include="main.c" />
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="global.h" />
  </ItemGroup>
  <ItemGroup>
    <ResourceCompile Include="resource1.rc" />
  </ItemGroup>
  <PropertyGroup Label="Globals">
    <ProjectGuid>{352AA425-D224-4F23-AF1D-D54AFADDDB22}</ProjectGuid>
    <Keyword>Win32Proj</Keyword>
    <RootNamespace>SbieLdr</RootNamespace>
    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <CharacterSet>Unicode</CharacterSet>
    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <CharacterSet>Unicode</CharacterSet>
    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>Unicode</CharacterSet>
    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>Unicode</CharacterSet>
    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
  </ImportGroup>
  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">
    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
    <Import Project="..\..\Sandbox32.props" />
  </ImportGroup>
  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="PropertySheets">
    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
    <Import Project="..\..\Sandbox64.props" />
  </ImportGroup>
  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">
    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
    <Import Project="..\..\Sandbox32.props" />
  </ImportGroup>
  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="PropertySheets">
    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
    <Import Project="..\..\Sandbox64.props" />
  </ImportGroup>
  <PropertyGroup Label="UserMacros" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">
    <TargetName>SbieLdr</TargetName>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">
    <TargetName>SbieLdr</TargetName>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">
    <TargetName>SbieLdr</TargetName>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">
    <TargetName>SbieLdr</TargetName>
  </PropertyGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">
    <ClCompile>
      <PrecompiledHeader>
      </PrecompiledHeader>
      <Optimization>Disabled</Optimization>
      <MinimalRebuild />
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <AdditionalDependencies>SbieDll.lib;ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
    <ResourceCompile />
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">
    <ClCompile>
      <PrecompiledHeader>
      </PrecompiledHeader>
      <Optimization>Disabled</Optimization>
      <MinimalRebuild />
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <AdditionalDependencies>SbieDll.lib;ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
    <ResourceCompile />
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">
    <ClCompile>
      <PrecompiledHeader>
      </PrecompiledHeader>
      <FunctionLevelLinking>
      </FunctionLevelLinking>
      <MinimalRebuild />
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <AdditionalDependencies>SbieDll.lib;ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
    <ResourceCompile />
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">
    <ClCompile>
      <PrecompiledHeader>
      </PrecompiledHeader>
      <FunctionLevelLinking>
      </FunctionLevelLinking>
      <MinimalRebuild />
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <AdditionalDependencies>SbieDll.lib;ntdll.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
    <ResourceCompile />
  </ItemDefinitionGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
  <ImportGroup Label="ExtensionTargets">
  </ImportGroup>
 </Project>
--- a/Sandboxie/apps/ldr/global.h
+++ b/Sandboxie/apps/ldr/global.h
@ -0,0 +1,26 @@
 /*
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 #include <ntstatus.h>
 #define WIN32_NO_STATUS
 typedef long NTSTATUS;
 #include <windows.h>
 #include <stdio.h>
 #include "core/dll/sbiedll.h"
 #include "common/win32_ntddk.h"
--- a/Sandboxie/apps/ldr/main.c
+++ b/Sandboxie/apps/ldr/main.c
@ -0,0 +1,83 @@
 /*
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 #include "global.h"
 #include "common/my_version.h"
 #include "msgs/msgs.h"
 int __cdecl wmain(int argc, wchar_t **argv)
 {
 	STARTUPINFOW si = { 0 };
 	PROCESS_INFORMATION pi = { 0 };
 	BOOLEAN isWow64 = FALSE;
 	ULONG errlvl;
 	if (argc < 2) {
 		fprintf(stderr, "Usage: SbieLdr EXE\n");
 		fprintf(stderr, "Inject a SbieDll.dll into a process during start up.\n");
 		return 1;
 	}
 	errlvl = SbieDll_InjectLow_InitHelper();
 	if (errlvl) {
 		fprintf(stderr, "Failed to initialize helper 0x%08X.\n", errlvl);
 		return errlvl;
 	}
 	errlvl = SbieDll_InjectLow_InitSyscalls(FALSE);
 	if (errlvl) {
 		fprintf(stderr, "Failed to initialize syscalls 0x%08X.\n", errlvl);
 		return errlvl;
 	}
 	si.cb = sizeof(STARTUPINFO);
 	if (!CreateProcessW(NULL, argv[1], NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi)) {
 		fprintf(stderr, "CreateProcess(\"%S\") failed; error code = 0x%08X\n", argv[1], GetLastError());
 		return 1;
 	}
 #ifdef _WIN64
 	ULONG_PTR peb32;
 	if (!NT_SUCCESS(NtQueryInformationProcess(pi.hProcess, ProcessWow64Information, &peb32, sizeof(ULONG_PTR), NULL))) {
 		fprintf(stderr, "NtQueryInformationProcess failed; error code = 0x%08X\n", GetLastError());
 		errlvl = 1;
 		goto finish;
 	}
 	isWow64 = !!peb32;
 #endif
 	errlvl = SbieDll_InjectLow(pi.hProcess, isWow64, 2, FALSE);
 	if (errlvl) {
 		fprintf(stderr, "inject failed 0x%08X, prcess terminate.\n", errlvl);
 		goto finish;
 	}
 	if (ResumeThread(pi.hThread) == -1) {
 		fprintf(stderr, "ResumeThread failed; error code = 0x%08X\n", GetLastError());
 		errlvl = 1;
 		goto finish;
 	}
 finish:
 	if(errlvl)
 		TerminateProcess(pi.hProcess, -1);
 	CloseHandle(pi.hProcess);
 	return errlvl;
 }
--- a/Sandboxie/apps/ldr/resource1.rc
+++ b/Sandboxie/apps/ldr/resource1.rc
@ -0,0 +1,55 @@
 //---------------------------------------------------------------------------
 // SbieLdr scripting utility
 //---------------------------------------------------------------------------
 #include <windows.h>
 LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
 #pragma code_page(1252)
 #include "common/my_version.h"
 //---------------------------------------------------------------------------
 // Version
 //---------------------------------------------------------------------------
 VS_VERSION_INFO VERSIONINFO
 FILEVERSION MY_VERSION_BINARY
 PRODUCTVERSION MY_VERSION_BINARY
 FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
 FILEFLAGS 0x1L
 #else
 FILEFLAGS 0x0L
 #endif
 FILEOS 0x40004L
 FILETYPE 0x2L
 FILESUBTYPE 0x0L
 BEGIN
    BLOCK "StringFileInfo"
    BEGIN
        BLOCK "040904b0"
        BEGIN
            VALUE "Comments", "\0"
            VALUE "CompanyName", MY_COMPANY_NAME_STRING "\0"
            VALUE "FileDescription", MY_PRODUCT_NAME_STRING " configuration file utility\0"
            VALUE "FileVersion", MY_VERSION_STRING "\0"
   OPTIONAL_VALUE("InternalName", "SbieLdr\0")
            VALUE "LegalCopyright", MY_COPYRIGHT_STRING "\0"
            VALUE "LegalTrademarks", "\0"
   OPTIONAL_VALUE("OriginalFilename", "SbieLdr.exe\0")
            VALUE "PrivateBuild", "\0"
            VALUE "ProductName", MY_PRODUCT_NAME_STRING "\0"
            VALUE "ProductVersion", MY_VERSION_STRING "\0"
            VALUE "SpecialBuild", "\0"
        END
    END
    BLOCK "VarFileInfo"
    BEGIN
        VALUE "Translation", 0x409, 1200
    END
 END
--- a/Sandboxie/apps/start/Start.vcxproj
+++ b/Sandboxie/apps/start/Start.vcxproj
@ -21,32 +21,32 @@
  <PropertyGroup Label="Globals">
    <Keyword>Win32Proj</Keyword>
    <ProjectGuid>{8B9E1B9D-FB3C-3009-9196-4315871BCD73}</ProjectGuid>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <UseOfMfc>Static</UseOfMfc>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <UseOfMfc>Static</UseOfMfc>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <UseOfMfc>Static</UseOfMfc>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <UseOfMfc>Static</UseOfMfc>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
--- a/Sandboxie/apps/start/resource.rc
+++ b/Sandboxie/apps/start/resource.rc
@ -1,19 +1,3 @@
 // Copyright 2004-2020 Sandboxie Holdings, LLC 
 //
 // This program is free software: you can redistribute it and/or modify
 //   it under the terms of the GNU General Public License as published by
 //   the Free Software Foundation, either version 3 of the License, or
 //   (at your option) any later version.
 //
 //   This program is distributed in the hope that it will be useful,
 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 //   GNU General Public License for more details.
 //
 //   You should have received a copy of the GNU General Public License
 //   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 //
 //Microsoft Developer Studio generated resource script.
 //
--- a/Sandboxie/apps/start/start.cpp
+++ b/Sandboxie/apps/start/start.cpp
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -925,6 +926,17 @@ int Program_Start(void)
        expanded = MyHeapAlloc(8192 * sizeof(WCHAR));
        ExpandEnvironmentStrings(cmdline, expanded, 8192);
 		//
 		// If the comman contains a space but no ", try to fix it
 		//
 		if (wcsstr(expanded, L" ") && !wcsstr(expanded, L"\"") && _waccess(expanded, 0) != -1)
 		{
 			wmemmove(expanded + 1, expanded, wcslen(expanded) + 1);
 			expanded[0] = L'\"';
 			wcscat(expanded, L"\"");
 		}
        ok = CreateProcess(
            NULL, expanded, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
--- a/Sandboxie/common/NtCRT/x64/ntdll.def
+++ b/Sandboxie/common/NtCRT/x64/ntdll.def
@ -0,0 +1,171 @@
 EXPORTS
 __C_specific_handler
 __chkstk
 __isascii
 __iscsym
 __iscsymf
 __misaligned_access
 __toascii
 _atoi64
 _fltused
 _i64toa
 _i64toa_s
 _i64tow
 _i64tow_s
 _itoa
 _itoa_s
 _itow
 _itow_s
 _lfind
 _local_unwind
 _ltoa
 _ltoa_s
 _ltow
 _ltow_s
 _makepath_s
 _memccpy
 _memicmp
 _setjmp
 _setjmpex
 _snprintf
 _snprintf_s
 _snscanf_s
 _snwprintf
 _snwprintf_s
 _snwscanf_s
 _splitpath
 _splitpath_s
 _strcmpi
 _stricmp
 _strlwr
 _strnicmp
 _strnset_s
 _strset_s
 _strupr
 _swprintf
 _ui64toa
 _ui64toa_s
 _ui64tow
 _ui64tow_s
 _ultoa
 _ultoa_s
 _ultow
 _ultow_s
 _vscwprintf
 _vsnprintf
 _vsnprintf_s
 _vsnwprintf
 _vsnwprintf_s
 _vswprintf
 _wcsicmp
 _wcslwr
 _wcsnicmp
 _wcsnset_s
 _wcsset_s
 _wcstoui64
 _wcsupr
 _wmakepath_s
 _wsplitpath_s
 _wtoi
 _wtoi64
 _wtol
 abs
 atan
 atoi
 atol
 bsearch
 ceil
 cos
 fabs
 floor
 isalnum
 isalpha
 iscntrl
 isdigit
 isgraph
 islower
 isprint
 ispunct
 isspace
 isupper
 iswalpha
 iswctype
 iswdigit
 iswlower
 iswspace
 iswxdigit
 isxdigit
 labs
 log
 longjmp
 mbstowcs
 memchr
 memcmp
 memcpy
 memcpy_s
 memmove
 memmove_s
 memset
 pow
 qsort
 sin
 sprintf
 sprintf_s
 sqrt
 sscanf
 sscanf_s
 strcat
 strcat_s
 strchr
 strcmp
 strcpy
 strcpy_s
 strcspn
 strlen
 strncat
 strncat_s
 strncmp
 strncpy
 strncpy_s
 strnlen
 strpbrk
 strrchr
 strspn
 strstr
 strtok_s
 strtol
 strtoul
 swprintf
 swprintf_s
 swscanf_s
 tan
 tolower
 toupper
 towlower
 towupper
 vDbgPrintEx
 vDbgPrintExWithPrefix
 vsprintf
 vsprintf_s
 vswprintf_s
 wcscat
 wcscat_s
 wcschr
 wcscmp
 wcscpy
 wcscpy_s
 wcscspn
 wcslen
 wcsncat
 wcsncat_s
 wcsncmp
 wcsncpy
 wcsncpy_s
 wcsnlen
 wcspbrk
 wcsrchr
 wcsspn
 wcsstr
 wcstol
 wcstombs
 wcstoul
--- a/Sandboxie/common/NtCRT/x86/except_handler3.asm
+++ b/Sandboxie/common/NtCRT/x86/except_handler3.asm
@ -0,0 +1,552 @@
 ;----------------------------------------------------------------------------
 ; __except_handler3 support routine is not longer available on ntdll.lib 
 ;
 ; this is a copy of __except_handler3 procedure and required procedures from 
 ; the c:\WinDDK\7600.16385.1\lib\wnet\i386\ntdll.lib 
 ;
 ;----------------------------------------------------------------------------
 .386
 _TEXT         segment use32 para public 'CODE'
 public  __except_handler3
 ;__except_handler3        proc    near
  push        esi
  inc         ebx
  xor         dh,byte ptr [eax]
  pop         eax
  inc         ebx
  xor         byte ptr [eax],dh
 __except_handler3:
  push        ebp
  mov         ebp,esp
  sub         esp,8
  push        ebx
  push        esi
  push        edi
  push        ebp
  cld
  mov         ebx,dword ptr [ebp+0Ch]
  mov         eax,dword ptr [ebp+8]
  test        dword ptr [eax+4],6
  nop ; 00
  jne         _lh_unwinding
  mov         dword ptr [ebp-8],eax
  mov         eax,dword ptr [ebp+10h]
  mov         dword ptr [ebp-4],eax
  lea         eax,[ebp-8]
  mov         dword ptr [ebx-4],eax
  mov         esi,dword ptr [ebx+0Ch]
  mov         edi,dword ptr [ebx+8]
  push        ebx
  call        __ValidateEH3RN
  add         esp,4
  or          eax,eax
  je          _lh_abort
 _lh_top:
  cmp         esi,0FFFFFFFFh
  je          _lh_bagit
  lea         ecx,[esi+esi*2]
  mov         eax,dword ptr [edi+ecx*4+4]
  or          eax,eax
  je          _lh_continue
  push        esi
  push        ebp
  lea         ebp,[ebx+10h]
  xor         ebx,ebx
  xor         ecx,ecx
  xor         edx,edx
  xor         esi,esi
  xor         edi,edi
  call        eax
  pop         ebp
  pop         esi
  mov         ebx,dword ptr [ebp+0Ch]
  or          eax,eax
  je          _lh_continue
  js          _lh_dismiss
  mov         edi,dword ptr [ebx+8]
  push        ebx
  call        __global_unwind2
  add         esp,4
  lea         ebp,[ebx+10h]
  push        esi
  push        ebx
  call        __local_unwind2
  add         esp,8
  lea         ecx,[esi+esi*2]
  push        1
  mov         eax,dword ptr [edi+ecx*4+8]
  call        __NLG_Notify
  mov         eax,dword ptr [edi+ecx*4]
  mov         dword ptr [ebx+0Ch],eax
  mov         eax,dword ptr [edi+ecx*4+8]
  xor         ebx,ebx
  xor         ecx,ecx
  xor         edx,edx
  xor         esi,esi
  xor         edi,edi
  call        eax
 _lh_continue:
  mov         edi,dword ptr [ebx+8]
  lea         ecx,[esi+esi*2]
  mov         esi,dword ptr [edi+ecx*4]
  jmp         _lh_top
 _lh_dismiss:
  mov         eax,0
  jmp         _lh_return
 _lh_abort:
  mov         eax,dword ptr [ebp+8]
  or          dword ptr [eax+4],8
 _lh_bagit:
  mov         eax,1
  jmp         _lh_return
 _lh_unwinding:
  push        ebp
  lea         ebp,[ebx+10h]
  push        0FFFFFFFFh
  push        ebx
  call        __local_unwind2
  add         esp,8
  pop         ebp
  mov         eax,1
 _lh_return:
  pop         ebp
  pop         edi
  pop         esi
  pop         ebx
  mov         esp,ebp
  pop         ebp
  ret
 __seh_longjmp_unwind@4:
  push        ebp
  mov         ecx,dword ptr [esp+8]
  mov         ebp,dword ptr [ecx]
  mov         eax,dword ptr [ecx+1Ch]
  push        eax
  mov         eax,dword ptr [ecx+18h]
  push        eax
  call        __local_unwind2
  add         esp,8
  pop         ebp
  ret         4
 ;__except_handler3        endp
 EXTERN _RtlUnwind@16 	  : PROC
 ;__global_unwind2        proc    near
 __global_unwind2:
  push        ebp
  mov         ebp,esp
  push        ebx
  push        esi
  push        edi
  push        ebp
  push        0
  push        0
  push        offset _gu_return
  push        dword ptr [ebp+8]
  ;call        P_RtlUnwind
  call        _RtlUnwind@16 ; call it from ntdll.lib
 _gu_return:
  pop         ebp
  pop         edi
  pop         esi
  pop         ebx
  mov         esp,ebp
  pop         ebp
  ret
 __unwind_handler:
  mov         ecx,dword ptr [esp+4]
  test        dword ptr [ecx+4],6
  nop ; 00
  mov         eax,1
  je          _uh_return
  mov         eax,dword ptr [esp+14h]
  push        ebp
  mov         ebp,dword ptr [eax+10h]
  mov         edx,dword ptr [eax+28h]
  push        edx
  mov         edx,dword ptr [eax+24h]
  push        edx
  call        __local_unwind2
 add         esp,8
  pop         ebp
  mov         eax,dword ptr [esp+8]
  mov         edx,dword ptr [esp+10h]
  mov         dword ptr [edx],eax
  mov         eax,3
 _uh_return:
  ret
 __local_unwind2:
  push        ebx
  push        esi
  push        edi
  mov         eax,dword ptr [esp+10h]
  push        ebp
  push        eax
  push        0FFFFFFFEh
  push        offset __unwind_handler
  push        dword ptr fs:[0]
  nop ; 00
  mov         dword ptr fs:[0],esp
  nop ; 00
 _lu_top:
  mov         eax,dword ptr [esp+24h]
  mov         ebx,dword ptr [eax+8]
  mov         esi,dword ptr [eax+0Ch]
  cmp         esi,0FFFFFFFFh
  je          _lu_done
  cmp         dword ptr [esp+28h],0FFFFFFFFh
  je          _continue_
  cmp         esi,dword ptr [esp+28h]
  jbe         _lu_done
 _continue_:
  lea         esi,[esi+esi*2]
  mov         ecx,dword ptr [ebx+esi*4]
  mov         dword ptr [esp+8],ecx
  mov         dword ptr [eax+0Ch],ecx
  cmp         dword ptr [ebx+esi*4+4],0
  jne         __NLG_Return2
  push        101h
  mov         eax,dword ptr [ebx+esi*4+8]
  call        __NLG_Notify
  call        dword ptr [ebx+esi*4+8]
 __NLG_Return2:
  jmp         _lu_top
 _lu_done:
  pop         dword ptr fs:[0]
  nop ; 00
  add         esp,10h
  pop         edi
  pop         esi
  pop         ebx
  ret
 __abnormal_termination:
  xor         eax,eax
  mov         ecx,dword ptr fs:[0]
  nop ; 00
  cmp         dword ptr [ecx+4],offset __unwind_handler
  nop ; 00
  jne         _at_done
  mov         edx,dword ptr [ecx+0Ch]
  mov         edx,dword ptr [edx+0Ch]
  cmp         dword ptr [ecx+8],edx
  jne         _at_done
  mov         eax,1
 _at_done:
  ret
 __NLG_Notify1:
  push        ebx
  push        ecx
  mov         ebx,offset __NLG_Destination
  jmp         __NLG_Go
 __NLG_Notify:
  push        ebx
  push        ecx
  mov         ebx,offset __NLG_Destination
  mov         ecx,dword ptr [ebp+8]
 __NLG_Go:
  mov         dword ptr [ebx+8],ecx
  mov         dword ptr [ebx+4],eax
  mov         dword ptr [ebx+0Ch],ebp
  push        ebp
  push        ecx
  push        eax
 __NLG_Dispatch:
  pop         eax
  pop         ecx
  pop         ebp
  pop         ecx
  pop         ebx
  ret         4
 ;__global_unwind2        endp
 EXTERN _NtQueryVirtualMemory@24: PROC
 ;__ValidateEH3RN        proc    near
 __ValidateEH3RN:
  mov         edi,edi
  push        ebp
  mov         ebp,esp
  sub         esp,20h
  push        ebx
  push        esi
  mov         esi,dword ptr [ebp+8]
  mov         ebx,dword ptr [esi+8]
  test        bl,3
  jne         label01
  mov         eax,dword ptr fs:[00000004h]
  mov         dword ptr [ebp+8],eax
  mov         eax,dword ptr fs:[00000008h]
  mov         dword ptr [ebp-4],eax
  cmp         ebx,dword ptr [ebp-4]
  jb          label02
  cmp         ebx,dword ptr [ebp+8]
  jae         label02
 label01:
  xor         eax,eax
  jmp         label03
 label02:
  push        edi
  mov         edi,dword ptr [esi+0Ch]
  cmp         edi,0FFFFFFFFh
  jne         label04
  xor         eax,eax
  inc         eax
  jmp         label05
 label04:
  xor         edx,edx
  mov         dword ptr [ebp+8],edx
  mov         eax,ebx
 label30:
  mov         ecx,dword ptr [eax]
  cmp         ecx,0FFFFFFFFh
  je          label06
  cmp         ecx,edx
  jae         label07
 label06:
  cmp         dword ptr [eax+4],0
  je          label10
  inc         dword ptr [ebp+8]
 label10:
  inc         edx
  add         eax,0Ch
  cmp         edx,edi
  jbe         label30
  cmp         dword ptr [ebp+8],0
  je          label11
  mov         eax,dword ptr [esi-8]
  cmp         eax,dword ptr [ebp-4]
  jb          label07
  cmp         eax,esi
  jae         label07
 label11:
  mov         ecx,dword ptr [_nValidPages]
  mov         esi,ebx
  and         esi,0FFFFF000h
  xor         eax,eax
  test        ecx,ecx
  jle         label08
 label12:
  cmp         dword ptr _rgValidPages[eax*4],esi
  nop ; 00
  je          label09
  inc         eax
  cmp         eax,ecx
  jl          label12
 label08:
  lea         eax,[ebp+8]
  push        eax
  push        1Ch
  lea         eax,[ebp-20h]
  push        eax
  push        0
  push        ebx
  or          edi,0FFFFFFFFh
  push        edi
  ;call        _NtQueryVirtualMemory
  call        _NtQueryVirtualMemory@24 ; call it from ntdll.lib
  test        eax,eax
  jl          label13
  mov         eax,dword ptr [ebp+8]
  jmp         label14
  xor         eax,eax
 label07:
  jmp         label05
  test        eax,eax
 label09:
  jle         label15
  xor         edx,edx
  mov         ebx,offset _lModifying
  inc         edx
  mov         edi,ebx
  xchg        edx,dword ptr [edi]
  test        edx,edx
  jne         label15
  cmp         dword ptr _rgValidPages[eax*4],esi
  nop ; 00
  je          label15
  lea         eax,[ecx-1]
  test        eax,eax
  jl          label16
 label18:
  cmp         dword ptr _rgValidPages[eax*4],esi
  nop ; 00
  je          label17
  dec         eax
  jns         label18
 label17:
  test        eax,eax
  jge         label19
  cmp         ecx,10h
 label16:
  jge         label20
  inc         ecx
  mov         dword ptr [_nValidPages],ecx
 label20:
  lea         eax,[ecx-1]
  jmp         label15
 label19:
  je          label21
 label15:
  xor         edx,edx
  test        eax,eax
  jl          label21
 label22:
  lea         ecx,_rgValidPages[edx*4]
  nop ; 00
  mov         edi,dword ptr [ecx]
  inc         edx
  cmp         edx,eax
  mov         dword ptr [ecx],esi
  mov         esi,edi
  jle         label22
 label21:
  xor         eax,eax
  xchg        eax,dword ptr [ebx]
  jmp         label15
 label13:
  xor         eax,eax
 label14:
  test        eax,eax
  je          label23
  cmp         dword ptr [ebp-8],1000000h
  nop ; 01
  jne         label23
  test        byte ptr [ebp-0Ch],0CCh
  je          label0
  mov         ecx,dword ptr [ebp-1Ch]
  cmp         word ptr [ecx],5A4Dh
  jne         label23
  mov         eax,dword ptr [ecx+3Ch]
  add         eax,ecx
  cmp         dword ptr [eax],4550h
  jne         label23
  cmp         word ptr [eax+18h],10Bh
  jne         label23
  sub         ebx,ecx
  cmp         word ptr [eax+6],0
  movzx       ecx,word ptr [eax+14h]
  lea         ecx,[ecx+eax+18h]
  jbe         label23
  mov         eax,dword ptr [ecx+0Ch]
  cmp         ebx,eax
  jb          label0
  mov         edx,dword ptr [ecx+8]
  add         edx,eax
  cmp         ebx,edx
  jae         label0
  test        byte ptr [ecx+27h],80h
  jne         label07
 label0:
  xor         eax,eax
  inc         eax
  mov         ecx,eax
  mov         edx,offset _lModifying
  xchg        ecx,dword ptr [edx]
  test        ecx,ecx
  jne         label05
  mov         ecx,dword ptr [_nValidPages]
  test        ecx,ecx
  mov         edx,ecx
  jle         label24
  lea         eax,_rgValidPages[ecx*4+0FFFFFFFCh]
  nop ; FF
 label25:
  cmp         dword ptr [eax],esi
  je          label24
  dec         edx
  sub         eax,4
  test        edx,edx
  jg          label25
 label24:
  test        edx,edx
  jne         label26
  push        0Fh
  pop         ebx
  cmp         ecx,ebx
  jg          label27
  mov         ebx,ecx
 label27:
  xor         edx,edx
  test        ebx,ebx
  jl          label28
 label29:
  lea         eax,_rgValidPages[edx*4]
  nop ; 00
  mov         edi,dword ptr [eax]
  inc         edx
  cmp         edx,ebx
  mov         dword ptr [eax],esi
  mov         esi,edi
  jle         label29
 label28:
  cmp         ecx,10h
  jge         label26
  inc         ecx
  mov         dword ptr [_nValidPages],ecx
 label26:
  xor         eax,eax
  mov         ecx,offset _lModifying
  xchg        eax,dword ptr [ecx]
  jmp         label15
 label23:
  mov         eax,edi
 label05:
  pop         edi
 label03:
  pop         esi
  pop         ebx
  leave
  ret
 ;__ValidateEH3RN        endp
 _TEXT           ends
 .model flat
 .data
 ; Global variables for  __NLG_Destination
 ;typedef struct {
 ;	unsigned long dwSig;
 ;	unsigned long uoffDestination;
 ;	unsigned long dwCode;
 ;	unsigned long uoffFramePointer;
 ;} _NLG_INFO;
 ;_NLG_INFO _NLG_Destination = { 0x019930520, 0, 0, 0 };
 __NLG_Destination LABEL DWORD
 	dd	1 dup (019930520h) ; MAGIC_NUMBER1
 	dd	1 dup (0)
 	dd	1 dup (0)
 	dd	1 dup (0)
 	public  __NLG_Destination
 ; Global variables for  __ValidateEH3RN
 ;INT		_nValidPages = 0;
 _nValidPages LABEL DWORD
 	dd	1 dup (0)
 	public  _nValidPages
 ;PVOID	_rgValidPages[0x10] = { NULL };
 _rgValidPages LABEL DWORD
 	dd	16 dup (0)
 	public  _rgValidPages
 ;BOOL	_lModifying = FALSE;
 _lModifying LABEL DWORD
 	dd	1 dup (0)
 	public  _lModifying
 end
--- a/Sandboxie/common/NtCRT/x86/ntdll.def
+++ b/Sandboxie/common/NtCRT/x86/ntdll.def
@ -0,0 +1,184 @@
 EXPORTS
 _CIcos
 _CIlog
 _CIpow
 _CIsin
 _CIsqrt
 __isascii
 __iscsym
 __iscsymf
 __toascii
 _alldiv
 _alldvrm
 _allmul
 _alloca_probe
 _alloca_probe_16
 _alloca_probe_8
 _allrem
 _allshl
 _allshr
 _atoi64
 _aulldiv
 _aulldvrm
 _aullrem
 _aullshr
 _chkstk
 _fltused
 _ftol
 _i64toa
 _i64toa_s
 _i64tow
 _i64tow_s
 _itoa
 _itoa_s
 _itow
 _itow_s
 _lfind
 _ltoa
 _ltoa_s
 _ltow
 _ltow_s
 _makepath_s
 _memccpy
 _memicmp
 _snprintf
 _snprintf_s
 _snscanf_s
 _snwprintf
 _snwprintf_s
 _snwscanf_s
 _splitpath
 _splitpath_s
 _strcmpi
 _stricmp
 _strlwr
 _strnicmp
 _strnset_s
 _strset_s
 _strupr
 _swprintf
 _ui64toa
 _ui64toa_s
 _ui64tow
 _ui64tow_s
 _ultoa
 _ultoa_s
 _ultow
 _ultow_s
 _vscwprintf
 _vsnprintf
 _vsnprintf_s
 _vsnwprintf
 _vsnwprintf_s
 _vswprintf
 _wcsicmp
 _wcslwr
 _wcsnicmp
 _wcsnset_s
 _wcsset_s
 _wcstoui64
 _wcsupr
 _wmakepath_s
 _wsplitpath_s
 _wtoi
 _wtoi64
 _wtol
 abs
 atan
 atoi
 atol
 bsearch
 ceil
 cos
 fabs
 floor
 isalnum
 isalpha
 iscntrl
 isdigit
 isgraph
 islower
 isprint
 ispunct
 isspace
 isupper
 iswalpha
 iswctype
 iswdigit
 iswlower
 iswspace
 iswxdigit
 isxdigit
 labs
 log
 mbstowcs
 memchr
 memcmp
 memcpy
 memcpy_s
 memmove
 memmove_s
 memset
 pow
 qsort
 sin
 sprintf
 sprintf_s
 sqrt
 sscanf
 sscanf_s
 strcat
 strcat_s
 strchr
 strcmp
 strcpy
 strcpy_s
 strcspn
 strlen
 strncat
 strncat_s
 strncmp
 strncpy
 strncpy_s
 strnlen
 strpbrk
 strrchr
 strspn
 strstr
 strtok_s
 strtol
 strtoul
 swprintf
 swprintf_s
 swscanf_s
 tan
 tolower
 toupper
 towlower
 towupper
 vDbgPrintEx
 vDbgPrintExWithPrefix
 vsprintf
 vsprintf_s
 vswprintf_s
 wcscat
 wcscat_s
 wcschr
 wcscmp
 wcscpy
 wcscpy_s
 wcscspn
 wcslen
 wcsncat
 wcsncat_s
 wcsncmp
 wcsncpy
 wcsncpy_s
 wcsnlen
 wcspbrk
 wcsrchr
 wcsspn
 wcsstr
 wcstol
 wcstombs
 wcstoul
--- a/Sandboxie/common/crc.c
+++ b/Sandboxie/common/crc.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -35,7 +36,7 @@ extern "C" {
 ULONG CRC_Adler32(const UCHAR *data, int len);
 ULONG CRC_Tzuk32(const UCHAR *data, int len);
-ULONG64 CRC_AdlerTzuk64(const UCHAR *data, int len);
+//ULONG64 CRC_AdlerTzuk64(const UCHAR *data, int len);
 #ifdef __cplusplus
@ -147,19 +148,57 @@ _FX ULONG CRC_Tzuk32(const UCHAR *data, int len)
 #ifdef CRC_WITH_ADLERTZUK64
-_FX ULONG64 CRC_AdlerTzuk64(const UCHAR *data, int len)
+/*_FX ULONG64 CRC_AdlerTzuk64(const UCHAR *data, int len)
 {
    ULONG a = CRC_Adler32(data, len);
    ULONG b = CRC_Tzuk32(data, len);
    ULONG64 ab = (ULONG64)a;
    ab = (ab << 32) | b;
    return ab;
-}
+}*/
 #endif CRC_WITH_ADLERTZUK64
 ULONG CRC32(const char *buf, size_t len)
 {
 	ULONG crc = 0;
 	static ULONG table[256];
 	static int have_table = 0;
 	ULONG rem;
 	ULONG octet;
 	int i, j;
 	const char *p, *q;
 	/* This check is not thread safe; there is no mutex. */
 	if (have_table == 0) {
 		/* Calculate CRC table. */
 		for (i = 0; i < 256; i++) {
 			rem = i;  /* remainder from polynomial division */
 			for (j = 0; j < 8; j++) {
 				if (rem & 1) {
 					rem >>= 1;
 					rem ^= 0xedb88320;
 				}
 				else
 					rem >>= 1;
 			}
 			table[i] = rem;
 		}
 		have_table = 1;
 	}
 	crc = ~crc;
 	q = buf + len;
 	for (p = buf; p < q; p++) {
 		octet = *p;  /* Cast to unsigned octet. */
 		crc = (crc >> 8) ^ table[(crc & 0xff) ^ octet];
 	}
 	return ~crc;
 }
 //---------------------------------------------------------------------------
 // End
 //---------------------------------------------------------------------------
--- a/Sandboxie/common/json/JSON.cpp
+++ b/Sandboxie/common/json/JSON.cpp
@ -0,0 +1,280 @@
 /*
 * File JSON.cpp part of the SimpleJSON Library - http://mjpa.in/json
 *
 * Copyright (C) 2010 Mike Anchor
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
 #include "JSON.h"
 /**
 * Blocks off the public constructor
 *
 * @access private
 *
 */
 JSON::JSON()
 {
 }
 /**
 * Parses a complete JSON encoded string
 * This is just a wrapper around the UNICODE Parse().
 *
 * @access public
 *
 * @param char* data The JSON text
 *
 * @return JSONValue* Returns a JSON Value representing the root, or NULL on error
 */
 JSONValue *JSON::Parse(const char *data)
 {
 	size_t length = strlen(data) + 1;
 	wchar_t *w_data = (wchar_t*)malloc(length * sizeof(wchar_t));
 	#if defined(WIN32) && !defined(__GNUC__)
 		size_t ret_value = 0;
 		if (mbstowcs_s(&ret_value, w_data, length, data, length) != 0)
 		{
 			free(w_data);
 			return NULL;
 		}
 	#elif defined(ANDROID)
 		// mbstowcs seems to misbehave on android
 		for(size_t i = 0; i<length; i++)
 			w_data[i] = (wchar_t)data[i];
 	#else
 		if (mbstowcs(w_data, data, length) == (size_t)-1)
 		{
 			free(w_data);
 			return NULL;
 		}
 	#endif
 	JSONValue *value = JSON::Parse(w_data);
 	free(w_data);
 	return value;
 }
 /**
 * Parses a complete JSON encoded string (UNICODE input version)
 *
 * @access public
 *
 * @param wchar_t* data The JSON text
 *
 * @return JSONValue* Returns a JSON Value representing the root, or NULL on error
 */
 JSONValue *JSON::Parse(const wchar_t *data)
 {
 	// Skip any preceding whitespace, end of data = no JSON = fail
 	if (!SkipWhitespace(&data))
 		return NULL;
 	// We need the start of a value here now...
 	JSONValue *value = JSONValue::Parse(&data);
 	if (value == NULL)
 		return NULL;
 	// Can be white space now and should be at the end of the string then...
 	if (SkipWhitespace(&data))
 	{
 		delete value;
 		return NULL;
 	}
 	// We're now at the end of the string
 	return value;
 }
 /**
 * Turns the passed in JSONValue into a JSON encode string
 *
 * @access public
 *
 * @param JSONValue* value The root value
 *
 * @return std::wstring Returns a JSON encoded string representation of the given value
 */
 std::wstring JSON::Stringify(const JSONValue *value)
 {
 	if (value != NULL)
 		return value->Stringify();
 	else
 		return L"";
 }
 /**
 * Skips over any whitespace characters (space, tab, \r or \n) defined by the JSON spec
 *
 * @access protected
 *
 * @param wchar_t** data Pointer to a wchar_t* that contains the JSON text
 *
 * @return bool Returns true if there is more data, or false if the end of the text was reached
 */
 bool JSON::SkipWhitespace(const wchar_t **data)
 {
 	while (**data != 0 && (**data == L' ' || **data == L'\t' || **data == L'\r' || **data == L'\n'))
 		(*data)++;
 	return **data != 0;
 }
 /**
 * Extracts a JSON String as defined by the spec - "<some chars>"
 * Any escaped characters are swapped out for their unescaped values
 *
 * @access protected
 *
 * @param wchar_t** data Pointer to a wchar_t* that contains the JSON text
 * @param std::wstring& str Reference to a std::wstring to receive the extracted string
 *
 * @return bool Returns true on success, false on failure
 */
 bool JSON::ExtractString(const wchar_t **data, std::wstring &str)
 {
 	str = L"";
 	while (**data != 0)
 	{
 		// Save the char so we can change it if need be
 		wchar_t next_char = **data;
 		// Escaping something?
 		if (next_char == L'\\')
 		{
 			// Move over the escape char
 			(*data)++;
 			// Deal with the escaped char
 			switch (**data)
 			{
 				case L'"': next_char = L'"'; break;
 				case L'\\': next_char = L'\\'; break;
 				case L'/': next_char = L'/'; break;
 				case L'b': next_char = L'\b'; break;
 				case L'f': next_char = L'\f'; break;
 				case L'n': next_char = L'\n'; break;
 				case L'r': next_char = L'\r'; break;
 				case L't': next_char = L'\t'; break;
 				case L'u':
 				{
 					// We need 5 chars (4 hex + the 'u') or its not valid
 					if (!simplejson_wcsnlen(*data, 5))
 						return false;
 					// Deal with the chars
 					next_char = 0;
 					for (int i = 0; i < 4; i++)
 					{
 						// Do it first to move off the 'u' and leave us on the
 						// final hex digit as we move on by one later on
 						(*data)++;
 						next_char <<= 4;
 						// Parse the hex digit
 						if (**data >= '0' && **data <= '9')
 							next_char |= (**data - '0');
 						else if (**data >= 'A' && **data <= 'F')
 							next_char |= (10 + (**data - 'A'));
 						else if (**data >= 'a' && **data <= 'f')
 							next_char |= (10 + (**data - 'a'));
 						else
 						{
 							// Invalid hex digit = invalid JSON
 							return false;
 						}
 					}
 					break;
 				}
 				// By the spec, only the above cases are allowed
 				default:
 					return false;
 			}
 		}
 		// End of the string?
 		else if (next_char == L'"')
 		{
 			(*data)++;
 			str.reserve(); // Remove unused capacity
 			return true;
 		}
 		// Disallowed char?
 		else if (next_char < L' ' && next_char != L'\t')
 		{
 			// SPEC Violation: Allow tabs due to real world cases
 			return false;
 		}
 		// Add the next char
 		str += next_char;
 		// Move on
 		(*data)++;
 	}
 	// If we're here, the string ended incorrectly
 	return false;
 }
 /**
 * Parses some text as though it is an integer
 *
 * @access protected
 *
 * @param wchar_t** data Pointer to a wchar_t* that contains the JSON text
 *
 * @return double Returns the double value of the number found
 */
 double JSON::ParseInt(const wchar_t **data)
 {
 	double integer = 0;
 	while (**data != 0 && **data >= '0' && **data <= '9')
 		integer = integer * 10 + (*(*data)++ - '0');
 	return integer;
 }
 /**
 * Parses some text as though it is a decimal
 *
 * @access protected
 *
 * @param wchar_t** data Pointer to a wchar_t* that contains the JSON text
 *
 * @return double Returns the double value of the decimal found
 */
 double JSON::ParseDecimal(const wchar_t **data)
 {
 	double decimal = 0.0;
  double factor = 0.1;
 	while (**data != 0 && **data >= '0' && **data <= '9')
  {
    int digit = (*(*data)++ - '0');
 		decimal = decimal + digit * factor;
    factor *= 0.1;
  }
 	return decimal;
 }
--- a/Sandboxie/common/json/JSON.h
+++ b/Sandboxie/common/json/JSON.h
@ -0,0 +1,112 @@
 /*
 * File JSON.h part of the SimpleJSON Library - http://mjpa.in/json
 *
 * Copyright (C) 2010 Mike Anchor
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
 #ifndef _JSON_H_
 #define _JSON_H_
 // Win32 incompatibilities
 #if defined(WIN32) && !defined(__GNUC__)
 	#define wcsncasecmp _wcsnicmp
 	static inline bool isnan(double x) { return x != x; }
 	static inline bool isinf(double x) { return !isnan(x) && isnan(x - x); }
 #endif
 #include <vector>
 #include <string>
 #include <map>
 // Linux compile fix - from quaker66
 #ifdef __GNUC__
 	#include <cstring>
 	#include <cstdlib>
 #endif
 // Mac compile fixes - from quaker66, Lion fix by dabrahams
 #if defined(__APPLE__) && __DARWIN_C_LEVEL < 200809L || (defined(WIN32) && defined(__GNUC__)) || defined(ANDROID)
 	#include <wctype.h>
 	#include <wchar.h>
 	static inline int wcsncasecmp(const wchar_t *s1, const wchar_t *s2, size_t n)
 	{
 		int lc1  = 0;
 		int lc2  = 0;
 		while (n--)
 		{
 			lc1 = towlower (*s1);
 			lc2 = towlower (*s2);
 			if (lc1 != lc2)
 				return (lc1 - lc2);
 			if (!lc1)
 				return 0;
 			++s1;
 			++s2;
 		}
 		return 0;
 	}
 #endif
 // Simple function to check a string 's' has at least 'n' characters
 static inline bool simplejson_wcsnlen(const wchar_t *s, size_t n) {
 	if (s == 0)
 		return false;
 	const wchar_t *save = s;
 	while (n-- > 0)
 	{
 		if (*(save++) == 0) return false;
 	}
 	return true;
 }
 // Custom types
 class JSONValue;
 typedef std::vector<JSONValue*> JSONArray;
 typedef std::map<std::wstring, JSONValue*> JSONObject;
 #include "JSONValue.h"
 class JSON
 {
 	friend class JSONValue;
 	public:
 		static JSONValue* Parse(const char *data);
 		static JSONValue* Parse(const wchar_t *data);
 		static std::wstring Stringify(const JSONValue *value);
 	protected:
 		static bool SkipWhitespace(const wchar_t **data);
 		static bool ExtractString(const wchar_t **data, std::wstring &str);
 		static double ParseInt(const wchar_t **data);
 		static double ParseDecimal(const wchar_t **data);
 	private:
 		JSON();
 };
 #endif
--- a/Sandboxie/common/json/JSONValue.cpp
+++ b/Sandboxie/common/json/JSONValue.cpp
@ -0,0 +1,944 @@
 /*
 * File JSONValue.cpp part of the SimpleJSON Library - http://mjpa.in/json
 *
 * Copyright (C) 2010 Mike Anchor
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include <vector>
 #include <string>
 #include <sstream>
 #include <iostream>
 #include <math.h>
 #include "JSONValue.h"
 #ifdef __MINGW32__
 #define wcsncasecmp wcsnicmp
 #endif
 // Macros to free an array/object
 #define FREE_ARRAY(x) { JSONArray::iterator iter; for (iter = x.begin(); iter != x.end(); iter++) { delete *iter; } }
 #define FREE_OBJECT(x) { JSONObject::iterator iter; for (iter = x.begin(); iter != x.end(); iter++) { delete (*iter).second; } }
 /**
 * Parses a JSON encoded value to a JSONValue object
 *
 * @access protected
 *
 * @param wchar_t** data Pointer to a wchar_t* that contains the data
 *
 * @return JSONValue* Returns a pointer to a JSONValue object on success, NULL on error
 */
 JSONValue *JSONValue::Parse(const wchar_t **data)
 {
 	// Is it a string?
 	if (**data == '"')
 	{
 		std::wstring str;
 		if (!JSON::ExtractString(&(++(*data)), str))
 			return NULL;
 		else
 			return new JSONValue(str);
 	}
 	// Is it a boolean?
 	else if ((simplejson_wcsnlen(*data, 4) && wcsncasecmp(*data, L"true", 4) == 0) || (simplejson_wcsnlen(*data, 5) && wcsncasecmp(*data, L"false", 5) == 0))
 	{
 		bool value = wcsncasecmp(*data, L"true", 4) == 0;
 		(*data) += value ? 4 : 5;
 		return new JSONValue(value);
 	}
 	// Is it a null?
 	else if (simplejson_wcsnlen(*data, 4) && wcsncasecmp(*data, L"null", 4) == 0)
 	{
 		(*data) += 4;
 		return new JSONValue();
 	}
 	// Is it a number?
 	else if (**data == L'-' || (**data >= L'0' && **data <= L'9'))
 	{
 		// Negative?
 		bool neg = **data == L'-';
 		if (neg) (*data)++;
 		double number = 0.0;
 		// Parse the whole part of the number - only if it wasn't 0
 		if (**data == L'0')
 			(*data)++;
 		else if (**data >= L'1' && **data <= L'9')
 			number = JSON::ParseInt(data);
 		else
 			return NULL;
 		// Could be a decimal now...
 		if (**data == '.')
 		{
 			(*data)++;
 			// Not get any digits?
 			if (!(**data >= L'0' && **data <= L'9'))
 				return NULL;
 			// Find the decimal and sort the decimal place out
 			// Use ParseDecimal as ParseInt won't work with decimals less than 0.1
 			// thanks to Javier Abadia for the report & fix
 			double decimal = JSON::ParseDecimal(data);
 			// Save the number
 			number += decimal;
 		}
 		// Could be an exponent now...
 		if (**data == L'E' || **data == L'e')
 		{
 			(*data)++;
 			// Check signage of expo
 			bool neg_expo = false;
 			if (**data == L'-' || **data == L'+')
 			{
 				neg_expo = **data == L'-';
 				(*data)++;
 			}
 			// Not get any digits?
 			if (!(**data >= L'0' && **data <= L'9'))
 				return NULL;
 			// Sort the expo out
 			double expo = JSON::ParseInt(data);
 			for (double i = 0.0; i < expo; i++)
 				number = neg_expo ? (number / 10.0) : (number * 10.0);
 		}
 		// Was it neg?
 		if (neg) number *= -1;
 		return new JSONValue(number);
 	}
 	// An object?
 	else if (**data == L'{')
 	{
 		JSONObject object;
 		(*data)++;
 		while (**data != 0)
 		{
 			// Whitespace at the start?
 			if (!JSON::SkipWhitespace(data))
 			{
 				FREE_OBJECT(object);
 				return NULL;
 			}
 			// Special case - empty object
 			if (object.size() == 0 && **data == L'}')
 			{
 				(*data)++;
 				return new JSONValue(object);
 			}
 			// We want a string now...
 			std::wstring name;
 			if (!JSON::ExtractString(&(++(*data)), name))
 			{
 				FREE_OBJECT(object);
 				return NULL;
 			}
 			// More whitespace?
 			if (!JSON::SkipWhitespace(data))
 			{
 				FREE_OBJECT(object);
 				return NULL;
 			}
 			// Need a : now
 			if (*((*data)++) != L':')
 			{
 				FREE_OBJECT(object);
 				return NULL;
 			}
 			// More whitespace?
 			if (!JSON::SkipWhitespace(data))
 			{
 				FREE_OBJECT(object);
 				return NULL;
 			}
 			// The value is here
 			JSONValue *value = Parse(data);
 			if (value == NULL)
 			{
 				FREE_OBJECT(object);
 				return NULL;
 			}
 			// Add the name:value
 			if (object.find(name) != object.end())
 				delete object[name];
 			object[name] = value;
 			// More whitespace?
 			if (!JSON::SkipWhitespace(data))
 			{
 				FREE_OBJECT(object);
 				return NULL;
 			}
 			// End of object?
 			if (**data == L'}')
 			{
 				(*data)++;
 				return new JSONValue(object);
 			}
 			// Want a , now
 			if (**data != L',')
 			{
 				FREE_OBJECT(object);
 				return NULL;
 			}
 			(*data)++;
 		}
 		// Only here if we ran out of data
 		FREE_OBJECT(object);
 		return NULL;
 	}
 	// An array?
 	else if (**data == L'[')
 	{
 		JSONArray array;
 		(*data)++;
 		while (**data != 0)
 		{
 			// Whitespace at the start?
 			if (!JSON::SkipWhitespace(data))
 			{
 				FREE_ARRAY(array);
 				return NULL;
 			}
 			// Special case - empty array
 			if (array.size() == 0 && **data == L']')
 			{
 				(*data)++;
 				return new JSONValue(array);
 			}
 			// Get the value
 			JSONValue *value = Parse(data);
 			if (value == NULL)
 			{
 				FREE_ARRAY(array);
 				return NULL;
 			}
 			// Add the value
 			array.push_back(value);
 			// More whitespace?
 			if (!JSON::SkipWhitespace(data))
 			{
 				FREE_ARRAY(array);
 				return NULL;
 			}
 			// End of array?
 			if (**data == L']')
 			{
 				(*data)++;
 				return new JSONValue(array);
 			}
 			// Want a , now
 			if (**data != L',')
 			{
 				FREE_ARRAY(array);
 				return NULL;
 			}
 			(*data)++;
 		}
 		// Only here if we ran out of data
 		FREE_ARRAY(array);
 		return NULL;
 	}
 	// Ran out of possibilites, it's bad!
 	else
 	{
 		return NULL;
 	}
 }
 /**
 * Basic constructor for creating a JSON Value of type NULL
 *
 * @access public
 */
 JSONValue::JSONValue(/*NULL*/)
 {
 	type = JSONType_Null;
 }
 /**
 * Basic constructor for creating a JSON Value of type String
 *
 * @access public
 *
 * @param wchar_t* m_char_value The string to use as the value
 */
 JSONValue::JSONValue(const wchar_t *m_char_value)
 {
 	type = JSONType_String;
 	string_value = new std::wstring(std::wstring(m_char_value));
 }
 /**
 * Basic constructor for creating a JSON Value of type String
 *
 * @access public
 *
 * @param std::wstring m_string_value The string to use as the value
 */
 JSONValue::JSONValue(const std::wstring &m_string_value)
 {
 	type = JSONType_String;
 	string_value = new std::wstring(m_string_value);
 }
 /**
 * Basic constructor for creating a JSON Value of type Bool
 *
 * @access public
 *
 * @param bool m_bool_value The bool to use as the value
 */
 JSONValue::JSONValue(bool m_bool_value)
 {
 	type = JSONType_Bool;
 	bool_value = m_bool_value;
 }
 /**
 * Basic constructor for creating a JSON Value of type Number
 *
 * @access public
 *
 * @param double m_number_value The number to use as the value
 */
 JSONValue::JSONValue(double m_number_value)
 {
 	type = JSONType_Number;
 	number_value = m_number_value;
 }
 /**
 * Basic constructor for creating a JSON Value of type Number
 *
 * @access public
 *
 * @param int m_integer_value The number to use as the value
 */
 JSONValue::JSONValue(int m_integer_value)
 {
 	type = JSONType_Number;
 	number_value = (double) m_integer_value;
 }
 /**
 * Basic constructor for creating a JSON Value of type Array
 *
 * @access public
 *
 * @param JSONArray m_array_value The JSONArray to use as the value
 */
 JSONValue::JSONValue(const JSONArray &m_array_value)
 {
 	type = JSONType_Array;
 	array_value = new JSONArray(m_array_value);
 }
 /**
 * Basic constructor for creating a JSON Value of type Object
 *
 * @access public
 *
 * @param JSONObject m_object_value The JSONObject to use as the value
 */
 JSONValue::JSONValue(const JSONObject &m_object_value)
 {
 	type = JSONType_Object;
 	object_value = new JSONObject(m_object_value);
 }
 /**
 * Copy constructor to perform a deep copy of array / object values
 *
 * @access public
 *
 * @param JSONValue m_source The source JSONValue that is being copied
 */
 JSONValue::JSONValue(const JSONValue &m_source)
 {
 	type = m_source.type;
 	switch (type)
 	{
 		case JSONType_String:
 			string_value = new std::wstring(*m_source.string_value);
 			break;
 		case JSONType_Bool:
 			bool_value = m_source.bool_value;
 			break;
 		case JSONType_Number:
 			number_value = m_source.number_value;
 			break;
 		case JSONType_Array:
 		{
 			JSONArray source_array = *m_source.array_value;
 			JSONArray::iterator iter;
 			array_value = new JSONArray();
 			for (iter = source_array.begin(); iter != source_array.end(); iter++)
 				array_value->push_back(new JSONValue(**iter));
 			break;
 		}
 		case JSONType_Object:
 		{
 			JSONObject source_object = *m_source.object_value;
 			object_value = new JSONObject();
 			JSONObject::iterator iter;
 			for (iter = source_object.begin(); iter != source_object.end(); iter++)
 			{
 				std::wstring name = (*iter).first;
 				(*object_value)[name] = new JSONValue(*((*iter).second));
 			}
 			break;
 		}
 		case JSONType_Null:
 			// Nothing to do.
 			break;
 	}
 }
 /**
 * The destructor for the JSON Value object
 * Handles deleting the objects in the array or the object value
 *
 * @access public
 */
 JSONValue::~JSONValue()
 {
 	if (type == JSONType_Array)
 	{
 		JSONArray::iterator iter;
 		for (iter = array_value->begin(); iter != array_value->end(); iter++)
 			delete *iter;
 		delete array_value;
 	}
 	else if (type == JSONType_Object)
 	{
 		JSONObject::iterator iter;
 		for (iter = object_value->begin(); iter != object_value->end(); iter++)
 		{
 			delete (*iter).second;
 		}
 		delete object_value;
 	}
 	else if (type == JSONType_String)
 	{
 		delete string_value;
 	}
 }
 /**
 * Checks if the value is a NULL
 *
 * @access public
 *
 * @return bool Returns true if it is a NULL value, false otherwise
 */
 bool JSONValue::IsNull() const
 {
 	return type == JSONType_Null;
 }
 /**
 * Checks if the value is a String
 *
 * @access public
 *
 * @return bool Returns true if it is a String value, false otherwise
 */
 bool JSONValue::IsString() const
 {
 	return type == JSONType_String;
 }
 /**
 * Checks if the value is a Bool
 *
 * @access public
 *
 * @return bool Returns true if it is a Bool value, false otherwise
 */
 bool JSONValue::IsBool() const
 {
 	return type == JSONType_Bool;
 }
 /**
 * Checks if the value is a Number
 *
 * @access public
 *
 * @return bool Returns true if it is a Number value, false otherwise
 */
 bool JSONValue::IsNumber() const
 {
 	return type == JSONType_Number;
 }
 /**
 * Checks if the value is an Array
 *
 * @access public
 *
 * @return bool Returns true if it is an Array value, false otherwise
 */
 bool JSONValue::IsArray() const
 {
 	return type == JSONType_Array;
 }
 /**
 * Checks if the value is an Object
 *
 * @access public
 *
 * @return bool Returns true if it is an Object value, false otherwise
 */
 bool JSONValue::IsObject() const
 {
 	return type == JSONType_Object;
 }
 /**
 * Retrieves the String value of this JSONValue
 * Use IsString() before using this method.
 *
 * @access public
 *
 * @return std::wstring Returns the string value
 */
 const std::wstring &JSONValue::AsString() const
 {
 	return (*string_value);
 }
 /**
 * Retrieves the Bool value of this JSONValue
 * Use IsBool() before using this method.
 *
 * @access public
 *
 * @return bool Returns the bool value
 */
 bool JSONValue::AsBool() const
 {
 	return bool_value;
 }
 /**
 * Retrieves the Number value of this JSONValue
 * Use IsNumber() before using this method.
 *
 * @access public
 *
 * @return double Returns the number value
 */
 double JSONValue::AsNumber() const
 {
 	return number_value;
 }
 /**
 * Retrieves the Array value of this JSONValue
 * Use IsArray() before using this method.
 *
 * @access public
 *
 * @return JSONArray Returns the array value
 */
 const JSONArray &JSONValue::AsArray() const
 {
 	return (*array_value);
 }
 /**
 * Retrieves the Object value of this JSONValue
 * Use IsObject() before using this method.
 *
 * @access public
 *
 * @return JSONObject Returns the object value
 */
 const JSONObject &JSONValue::AsObject() const
 {
 	return (*object_value);
 }
 /**
 * Retrieves the number of children of this JSONValue.
 * This number will be 0 or the actual number of children
 * if IsArray() or IsObject().
 *
 * @access public
 *
 * @return The number of children.
 */
 std::size_t JSONValue::CountChildren() const
 {
 	switch (type)
 	{
 		case JSONType_Array:
 			return array_value->size();
 		case JSONType_Object:
 			return object_value->size();
 		default:
 			return 0;
 	}
 }
 /**
 * Checks if this JSONValue has a child at the given index.
 * Use IsArray() before using this method.
 *
 * @access public
 *
 * @return bool Returns true if the array has a value at the given index.
 */
 bool JSONValue::HasChild(std::size_t index) const
 {
 	if (type == JSONType_Array)
 	{
 		return index < array_value->size();
 	}
 	else
 	{
 		return false;
 	}
 }
 /**
 * Retrieves the child of this JSONValue at the given index.
 * Use IsArray() before using this method.
 *
 * @access public
 *
 * @return JSONValue* Returns JSONValue at the given index or NULL
 *                    if it doesn't exist.
 */
 JSONValue *JSONValue::Child(std::size_t index)
 {
 	if (index < array_value->size())
 	{
 		return (*array_value)[index];
 	}
 	else
 	{
 		return NULL;
 	}
 }
 /**
 * Checks if this JSONValue has a child at the given key.
 * Use IsObject() before using this method.
 *
 * @access public
 *
 * @return bool Returns true if the object has a value at the given key.
 */
 bool JSONValue::HasChild(const wchar_t* name) const
 {
 	if (type == JSONType_Object)
 	{
 		return object_value->find(name) != object_value->end();
 	}
 	else
 	{
 		return false;
 	}
 }
 /**
 * Retrieves the child of this JSONValue at the given key.
 * Use IsObject() before using this method.
 *
 * @access public
 *
 * @return JSONValue* Returns JSONValue for the given key in the object
 *                    or NULL if it doesn't exist.
 */
 JSONValue* JSONValue::Child(const wchar_t* name)
 {
 	JSONObject::const_iterator it = object_value->find(name);
 	if (it != object_value->end())
 	{
 		return it->second;
 	}
 	else
 	{
 		return NULL;
 	}
 }
 /**
 * Retrieves the keys of the JSON Object or an empty vector
 * if this value is not an object.
 *
 * @access public
 *
 * @return std::vector<std::wstring> A vector containing the keys.
 */
 std::vector<std::wstring> JSONValue::ObjectKeys() const
 {
 	std::vector<std::wstring> keys;
 	if (type == JSONType_Object)
 	{
 		JSONObject::const_iterator iter = object_value->begin();
 		while (iter != object_value->end())
 		{
 			keys.push_back(iter->first);
 			iter++;
 		}
 	}
 	return keys;
 }
 /**
 * Creates a JSON encoded string for the value with all necessary characters escaped
 *
 * @access public
 *
 * @param bool prettyprint Enable prettyprint
 *
 * @return std::wstring Returns the JSON string
 */
 std::wstring JSONValue::Stringify(bool const prettyprint) const
 {
 	size_t const indentDepth = prettyprint ? 1 : 0;
 	return StringifyImpl(indentDepth);
 }
 /**
 * Creates a JSON encoded string for the value with all necessary characters escaped
 *
 * @access private
 *
 * @param size_t indentDepth The prettyprint indentation depth (0 : no prettyprint)
 *
 * @return std::wstring Returns the JSON string
 */
 std::wstring JSONValue::StringifyImpl(size_t const indentDepth) const
 {
 	std::wstring ret_string;
 	size_t const indentDepth1 = indentDepth ? indentDepth + 1 : 0;
 	std::wstring const indentStr = Indent(indentDepth);
 	std::wstring const indentStr1 = Indent(indentDepth1);
 	switch (type)
 	{
 		case JSONType_Null:
 			ret_string = L"null";
 			break;
 		case JSONType_String:
 			ret_string = StringifyString(*string_value);
 			break;
 		case JSONType_Bool:
 			ret_string = bool_value ? L"true" : L"false";
 			break;
 		case JSONType_Number:
 		{
 			if (isinf(number_value) || isnan(number_value))
 				ret_string = L"null";
 			else
 			{
 				std::wstringstream ss;
 				ss.precision(15);
 				ss << number_value;
 				ret_string = ss.str();
 			}
 			break;
 		}
 		case JSONType_Array:
 		{
 			ret_string = indentDepth ? L"[\n" + indentStr1 : L"[";
 			JSONArray::const_iterator iter = array_value->begin();
 			while (iter != array_value->end())
 			{
 				ret_string += (*iter)->StringifyImpl(indentDepth1);
 				// Not at the end - add a separator
 				if (++iter != array_value->end())
 					ret_string += L",";
 			}
 			ret_string += indentDepth ? L"\n" + indentStr + L"]" : L"]";
 			break;
 		}
 		case JSONType_Object:
 		{
 			ret_string = indentDepth ? L"{\n" + indentStr1 : L"{";
 			JSONObject::const_iterator iter = object_value->begin();
 			while (iter != object_value->end())
 			{
 				ret_string += StringifyString((*iter).first);
 				ret_string += L":";
 				ret_string += (*iter).second->StringifyImpl(indentDepth1);
 				// Not at the end - add a separator
 				if (++iter != object_value->end())
 					ret_string += L",";
 			}
 			ret_string += indentDepth ? L"\n" + indentStr + L"}" : L"}";
 			break;
 		}
 	}
 	return ret_string;
 }
 /**
 * Creates a JSON encoded string with all required fields escaped
 * Works from http://www.ecma-internationl.org/publications/files/ECMA-ST/ECMA-262.pdf
 * Section 15.12.3.
 *
 * @access private
 *
 * @param std::wstring str The string that needs to have the characters escaped
 *
 * @return std::wstring Returns the JSON string
 */
 std::wstring JSONValue::StringifyString(const std::wstring &str)
 {
 	std::wstring str_out = L"\"";
 	std::wstring::const_iterator iter = str.begin();
 	while (iter != str.end())
 	{
 		wchar_t chr = *iter;
 		if (chr == L'"' || chr == L'\\' || chr == L'/')
 		{
 			str_out += L'\\';
 			str_out += chr;
 		}
 		else if (chr == L'\b')
 		{
 			str_out += L"\\b";
 		}
 		else if (chr == L'\f')
 		{
 			str_out += L"\\f";
 		}
 		else if (chr == L'\n')
 		{
 			str_out += L"\\n";
 		}
 		else if (chr == L'\r')
 		{
 			str_out += L"\\r";
 		}
 		else if (chr == L'\t')
 		{
 			str_out += L"\\t";
 		}
 		else if (chr < L' ' || chr > 126)
 		{
 			str_out += L"\\u";
 			for (int i = 0; i < 4; i++)
 			{
 				int value = (chr >> 12) & 0xf;
 				if (value >= 0 && value <= 9)
 					str_out += (wchar_t)('0' + value);
 				else if (value >= 10 && value <= 15)
 					str_out += (wchar_t)('A' + (value - 10));
 				chr <<= 4;
 			}
 		}
 		else
 		{
 			str_out += chr;
 		}
 		iter++;
 	}
 	str_out += L"\"";
 	return str_out;
 }
 /**
 * Creates the indentation string for the depth given
 *
 * @access private
 *
 * @param size_t indent The prettyprint indentation depth (0 : no indentation)
 *
 * @return std::wstring Returns the string
 */
 std::wstring JSONValue::Indent(size_t depth)
 {
 	const size_t indent_step = 2;
 	depth ? --depth : 0;
 	std::wstring indentStr(depth * indent_step, ' ');
 	return indentStr;
 }
--- a/Sandboxie/common/json/JSONValue.h
+++ b/Sandboxie/common/json/JSONValue.h
@ -0,0 +1,95 @@
 /*
 * File JSONValue.h part of the SimpleJSON Library - http://mjpa.in/json
 *
 * Copyright (C) 2010 Mike Anchor
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
 #ifndef _JSONVALUE_H_
 #define _JSONVALUE_H_
 #include <vector>
 #include <string>
 #include "JSON.h"
 class JSON;
 enum JSONType { JSONType_Null, JSONType_String, JSONType_Bool, JSONType_Number, JSONType_Array, JSONType_Object };
 class JSONValue
 {
 	friend class JSON;
 	public:
 		JSONValue(/*NULL*/);
 		JSONValue(const wchar_t *m_char_value);
 		JSONValue(const std::wstring &m_string_value);
 		JSONValue(bool m_bool_value);
 		JSONValue(double m_number_value);
 		JSONValue(int m_integer_value);
 		JSONValue(const JSONArray &m_array_value);
 		JSONValue(const JSONObject &m_object_value);
 		JSONValue(const JSONValue &m_source);
 		~JSONValue();
 		bool IsNull() const;
 		bool IsString() const;
 		bool IsBool() const;
 		bool IsNumber() const;
 		bool IsArray() const;
 		bool IsObject() const;
 		const std::wstring &AsString() const;
 		bool AsBool() const;
 		double AsNumber() const;
 		const JSONArray &AsArray() const;
 		const JSONObject &AsObject() const;
 		std::size_t CountChildren() const;
 		bool HasChild(std::size_t index) const;
 		JSONValue *Child(std::size_t index);
 		bool HasChild(const wchar_t* name) const;
 		JSONValue *Child(const wchar_t* name);
 		std::vector<std::wstring> ObjectKeys() const;
 		std::wstring Stringify(bool const prettyprint = false) const;
 	protected:
 		static JSONValue *Parse(const wchar_t **data);
 	private:
 		static std::wstring StringifyString(const std::wstring &str);
 		std::wstring StringifyImpl(size_t const indentDepth) const;
 		static std::wstring Indent(size_t depth);
 		JSONType type;
 		union
 		{
 			bool bool_value;
 			double number_value;
 			std::wstring *string_value;
 			JSONArray *array_value;
 			JSONObject *object_value;
 		};
 };
 #endif
--- a/Sandboxie/common/my_ntdll.c
+++ b/Sandboxie/common/my_ntdll.c
@ -0,0 +1,47 @@
 /*
 * Copyright 2020 DavidXanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 #include <ntstatus.h>
 #define WIN32_NO_STATUS
 typedef long NTSTATUS;
 #include <windows.h>
 #include "win32_ntddk.h"
 //
 // Do not include any external CRT into sboxdll (SbieDll.dll) project !!!
 // This DLL is injected early into the process start up sequence and adding dependencies may break Sandboxie. 
 // Normally we link directly to the CRT build into ntdll.dll.
 //
 // As more recent versions of ntdll.lib are not offering many CRT functions we have to create own libs.
 // See NtCRT_x64.def and NtCRT_x86.def respectively for the functions, we use a custom build step 
 // "lib /def:%(FullPath) /out:$(SolutionDir)Bin\$(PlatformName)\$(Configuration)\NtCRT.lib /machine:x64" 
 // on the apropriate def file, for x86 we use the switch /machine:x86 instead.
 //
 // For the x86 build we also need _except_handler3 which we have recreated in except_handler3.asm
 //
 // Alternatively we could link all the required functions dynamically from InitMyNtDll
 //
 int(*P_vsnwprintf)(wchar_t *_Buffer, size_t Count, const wchar_t * const, va_list Args) = NULL;
 int(*P_vsnprintf)(char *_Buffer, size_t Count, const char * const, va_list Args) = NULL;
 void InitMyNtDll(HMODULE Ntdll)
 {
 	*(FARPROC*)&P_vsnwprintf = GetProcAddress(Ntdll, "_vsnwprintf");
 	*(FARPROC*)&P_vsnprintf = GetProcAddress(Ntdll, "_vsnprintf");
 }
--- a/Sandboxie/common/my_version.h
+++ b/Sandboxie/common/my_version.h
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -20,9 +21,9 @@
 #ifndef _MY_VERSION_H
 #define _MY_VERSION_H
-#define MY_VERSION_BINARY       5,40
+#define MY_VERSION_BINARY       5,45,0
-#define MY_VERSION_STRING       "5.40"
+#define MY_VERSION_STRING       "5.45.0"
-#define MY_VERSION_STRING_EX	"5.40.1"
+#define MY_VERSION_COMPAT		"5.45.0" // this reffers to the driver ABI compatybility
 // These #defines are used by either Resource Compiler, or by NSIC installer
 #define SBIE_INSTALLER_PATH		"..\\Bin\\"
@ -30,12 +31,15 @@
 #define SBIE_INSTALLER_PATH_64  "..\\Bin\\x64\\SandboxieInstall64.exe"
 #define MY_PRODUCT_NAME_STRING  "Sandboxie"
-#define MY_COMPANY_NAME_STRING  "Sandboxie Holdings, LLC"
+#define MY_COMPANY_NAME_STRING  "xanasoft.com"
-#define MY_COPYRIGHT_STRING     "Copyright © 2004-2020 by Sandboxie Holdings, LLC"
+#define MY_COPYRIGHT_STRING     "Copyright © 2020 by David Xanatos (xanasoft.com)"
 #define MY_COPYRIGHT_STRING_OLD "Copyright © 2004-2020 by Sandboxie Holdings, LLC"
 #define SANDBOXIE               L"Sandboxie"
 #define SBIE                    L"SBIE"
 #define SANDBOXIE_USER			L"Sandboxie"
 #define SBIE_BOXED_             SBIE L"_BOXED_"
 #define SBIE_BOXED_LEN          (4 + 7)
--- a/Sandboxie/common/win32_ntddk.h
+++ b/Sandboxie/common/win32_ntddk.h
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -218,7 +219,7 @@ typedef struct _OBJECT_BASIC_INFORMATION {
 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
 typedef struct _OBJECT_NAME_INFORMATION {
-    UNICODE_STRING ObjectName;
+    UNICODE_STRING Name;
 } OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;
 typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION {
@ -298,19 +299,22 @@ typedef struct _OBJECT_DIRECTORY_INFORMATION {
    UNICODE_STRING TypeName;
 } OBJECT_DIRECTORY_INFORMATION, *POBJECT_DIRECTORY_INFORMATION;
-__declspec(dllimport) NTSTATUS NtCreateDirectoryObject(
+__declspec(dllimport) NTSTATUS __stdcall
 NtCreateDirectoryObject(
    OUT PHANDLE             DirectoryHandle,
    IN ACCESS_MASK          DesiredAccess,
    IN POBJECT_ATTRIBUTES   ObjectAttributes
 );
-__declspec(dllimport) NTSTATUS NtOpenDirectoryObject(
+__declspec(dllimport) NTSTATUS __stdcall
 NtOpenDirectoryObject(
    OUT PHANDLE             DirectoryHandle,
    IN ACCESS_MASK          DesiredAccess,
    IN POBJECT_ATTRIBUTES   ObjectAttributes
 );
-__declspec(dllimport) NTSTATUS NtQueryDirectoryObject(
+__declspec(dllimport) NTSTATUS __stdcall
 NtQueryDirectoryObject(
    IN  HANDLE              DirectoryHandle,
    OUT PVOID               Buffer,
    IN  ULONG               Length,
@ -921,6 +925,24 @@ typedef enum _PROCESSINFOCLASS {
    ProcessDebugObjectHandle,                           // 30
    ProcessDebugFlags,
    ProcessHandleTracing,
 	ProcessIoPriority,
 	ProcessExecuteFlags,
 	ProcessResourceManagement, // ProcessTlsInformation
 	ProcessCookie,
 	ProcessImageInformation,
 	ProcessCycleTime,
 	ProcessPagePriority,
 	ProcessInstrumentationCallback,						// 40
 	ProcessThreadStackAllocation,
 	ProcessWorkingSetWatchEx,
 	ProcessImageFileNameWin32,
 	ProcessImageFileMapping,
 	ProcessAffinityUpdateMode,
 	ProcessMemoryAllocationMode,
 	ProcessGroupInformation,
 	ProcessTokenVirtualizationEnabled,
 	ProcessConsoleHostProcess,
 	ProcessWindowInformation,							// 50
    MaxProcessInfoClass             // MaxProcessInfoClass should always be the last enum
    } PROCESSINFOCLASS;
@ -931,7 +953,7 @@ typedef struct _PROCESS_BASIC_INFORMATION {
    LONG BasePriority;      // was type KPRIORITY
    ULONG_PTR UniqueProcessId;
    ULONG_PTR InheritedFromUniqueProcessId;
-} PROCESS_BASIC_INFORMATION;
+} PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
 typedef struct _PROCESS_IMAGE_FILE_NAME {
    USHORT  Length;
@ -1011,7 +1033,8 @@ NtTerminateThread(
    IN NTSTATUS ExitStatus
 );
-__declspec(dllimport) NTSTATUS NtQueryInformationThread(
+__declspec(dllimport) NTSTATUS __stdcall 
 NtQueryInformationThread(
    IN  HANDLE ThreadHandle,
    IN  THREADINFOCLASS ThreadInformationClass,
    OUT PVOID ThreadInformation,
@ -1188,7 +1211,8 @@ NtEnumerateKey(
    OUT PULONG ResultLength
 );
-__declspec(dllimport) NTSTATUS NtQueryKey(
+__declspec(dllimport) NTSTATUS __stdcall 
 NtQueryKey(
    IN HANDLE KeyHandle,
    IN KEY_INFORMATION_CLASS KeyInformationClass,
    OUT PVOID KeyInformation,
@ -1241,56 +1265,217 @@ typedef enum _SYSTEM_INFORMATION_CLASS {
    SystemProcessorInformation,
    SystemPerformanceInformation,
    SystemTimeOfDayInformation,
-    SystemNotImplemented1,
+	SystemPathInformation,
    SystemProcessInformation,                               // 5
-    SystemCallCounts,
+	SystemCallCountInformation,
-    SystemConfigurationInformation,
+	SystemDeviceInformation,
-    SystemProcessorTimes,
+	SystemProcessorPerformanceInformation,
-    SystemGlobalFlag,
+	SystemFlagsInformation,
-    SystemNotImplemented2,                                  // 10
+    SystemCallTimeInformation,                              // 10
    SystemModuleInformation,                                // 11
-    SystemLockInformation,
+	SystemLocksInformation,
-    SystemNotImplemented3,
+	SystemStackTraceInformation,
-    SystemNotImplemented4,
+	SystemPagedPoolInformation,
-    SystemNotImplemented5,
+	SystemNonPagedPoolInformation,
    SystemHandleInformation,
    SystemObjectInformation,
-    SystemPagefileInformation,
+	SystemPageFileInformation,
-    SystemInstructionEmulationCounts,
+	SystemVdmInstemulInformation,
-    SystemInvalidInfoClass1,
+	SystemVdmBopInformation,
-    SystemCacheInformation,
+	SystemFileCacheInformation,
-    SystemPoolTagInformation,
+	SystemPoolTagInformation,
-    SystemProcessorStatistics,
+	SystemInterruptInformation,
-    SystemDpcInformation,
+	SystemDpcBehaviorInformation,
-    SystemNotImplemented6,
+	SystemFullMemoryInformation,
-    SystemLoadImage,
+	SystemLoadGdiDriverInformation,
-    SystemUnloadImage,
+	SystemUnloadGdiDriverInformation,
-    SystemTimeAdjustment,
+	SystemTimeAdjustmentInformation,
-    SystemNotImplemented7,
+	SystemSummaryMemoryInformation,
-    SystemNotImplemented8,
+	SystemMirrorMemoryInformation,
-    SystemNotImplemented9,
+	SystemPerformanceTraceInformation,
    SystemCrashDumpInformation,
    SystemExceptionInformation,                             // 33
    SystemCrashDumpStateInformation,
    SystemKernelDebuggerInformation,
    SystemContextSwitchInformation,
    SystemRegistryQuotaInformation,                         // 37
-    SystemLoadAndCallImage,
+	SystemExtendServiceTableInformation,
-    SystemPrioritySeparation,
+	SystemPrioritySeperation,
-    SystemNotImplemented10,
+	SystemVerifierAddDriverInformation,
-    SystemNotImplemented11,
+	SystemVerifierRemoveDriverInformation,
-    SystemInvalidInfoClass2,
+	SystemProcessorIdleInformation,
-    SystemInvalidInfoClass3,
+	SystemLegacyDriverInformation,
-    SystemTimeZoneInformation,
+    SystemCurrentTimeZoneInformation,
    SystemLookasideInformation,                             // 45
-    SystemSetTimeSlipEvent,
+	SystemTimeSlipNotification,
    SystemSessionCreate,
    SystemSessionDetach,
-    SystemInvalidInfoClass4,
+	SystemSessionInformation,
    SystemRangeStartInformation,                            // 50
    SystemVerifierInformation,
-    SystemAddVerifier,
+	SystemVerifierThunkExtend,
-    SystemSessionProcessesInformation
+	SystemSessionProcessInformation,
 	SystemLoadGdiDriverInSystemSpace,
 	SystemNumaProcessorMap,
 	SystemPrefetcherInformation,
 	SystemExtendedProcessInformation,
 	SystemRecommendedSharedDataAlignment,
 	SystemComPlusPackage,
 	SystemNumaAvailableMemory,
 	SystemProcessorPowerInformation,
 	SystemEmulationBasicInformation,				// WOW64
 	SystemEmulationProcessorInformation,		// WOW64
 	SystemExtendedHandleInformation,
 	SystemLostDelayedWriteInformation,
 	SystemBigPoolInformation,
 	SystemSessionPoolTagInformation,
 	SystemSessionMappedViewInformation,
 	SystemHotpatchInformation,
 	SystemObjectSecurityMode,
 	SystemWatchdogTimerHandler,
 	SystemWatchdogTimerInformation,
 	SystemLogicalProcessorInformation,
 	SystemWow64SharedInformationObsolete,
 	SystemRegisterFirmwareTableInformationHandler,
 	SystemFirmwareTableInformation,
 	SystemModuleInformationEx,
 	SystemVerifierTriageInformation,
 	SystemSuperfetchInformation,
 	SystemMemoryListInformation,
 	SystemFileCacheInformationEx,
 	SystemThreadPriorityClientIdInformation,
 	SystemProcessorIdleCycleTimeInformation,
 	SystemVerifierCancellationInformation,
 	SystemProcessorPowerInformationEx,
 	SystemRefTraceInformation,
 	SystemSpecialPoolInformation,
 	SystemProcessIdInformation,
 	SystemErrorPortInformation,
 	SystemBootEnvironmentInformation,
 	SystemHypervisorInformation,
 	SystemVerifierInformationEx,
 	SystemTimeZoneInformation,
 	SystemImageFileExecutionOptionsInformation,
 	SystemCoverageInformation,
 	SystemPrefetchPatchInformation,
 	SystemVerifierFaultsInformation,
 	SystemSystemPartitionInformation,
 	SystemSystemDiskInformation,
 	SystemProcessorPerformanceDistribution,
 	SystemNumaProximityNodeInformation,
 	SystemDynamicTimeZoneInformation,
 	SystemCodeIntegrityInformation,
 	SystemProcessorMicrocodeUpdateInformation,
 	SystemProcessorBrandString,
 	SystemVirtualAddressInformation,
 	SystemLogicalProcessorAndGroupInformation,
 	SystemProcessorCycleTimeInformation,
 	SystemStoreInformation,
 	SystemRegistryAppendString,
 	SystemAitSamplingValue,
 	SystemVhdBootInformation,
 	SystemCpuQuotaInformation,
 	SystemNativeBasicInformation,
 	SystemErrorPortTimeouts,
 	SystemLowPriorityIoInformation,
 	SystemTpmBootEntropyInformation,
 	SystemVerifierCountersInformation,
 	SystemPagedPoolInformationEx,
 	SystemSystemPtesInformationEx,
 	SystemNodeDistanceInformation,
 	SystemAcpiAuditInformation,
 	SystemBasicPerformanceInformation,
 	SystemQueryPerformanceCounterInformation,
 	SystemSessionBigPoolInformation,
 	SystemBootGraphicsInformation,
 	SystemScrubPhysicalMemoryInformation,
 	SystemBadPageInformation,
 	SystemProcessorProfileControlArea,
 	SystemCombinePhysicalMemoryInformation,
 	SystemEntropyInterruptTimingInformation,
 	SystemConsoleInformation,
 	SystemPlatformBinaryInformation,
 	SystemPolicyInformation,
 	SystemHypervisorProcessorCountInformation,
 	SystemDeviceDataInformation, 
 	SystemDeviceDataEnumerationInformation, 
 	SystemMemoryTopologyInformation, 
 	SystemMemoryChannelInformation, 
 	SystemBootLogoInformation, 
 	SystemProcessorPerformanceInformationEx,
 	SystemCriticalProcessErrorLogInformation,
 	SystemSecureBootPolicyInformation, 
 	SystemPageFileInformationEx, 
 	SystemSecureBootInformation, 
 	SystemEntropyInterruptTimingRawInformation,
 	SystemPortableWorkspaceEfiLauncherInformation, 
 	SystemFullProcessInformation, 
 	SystemKernelDebuggerInformationEx, 
 	SystemBootMetadataInformation, 
 	SystemSoftRebootInformation, 
 	SystemElamCertificateInformation, 
 	SystemOfflineDumpConfigInformation,
 	SystemProcessorFeaturesInformation, 
 	SystemRegistryReconciliationInformation, 
 	SystemEdidInformation,
 	SystemManufacturingInformation, 
 	SystemEnergyEstimationConfigInformation, 
 	SystemHypervisorDetailInformation, 
 	SystemProcessorCycleStatsInformation, 
 	SystemVmGenerationCountInformation,
 	SystemTrustedPlatformModuleInformation, 
 	SystemKernelDebuggerFlags, 
 	SystemCodeIntegrityPolicyInformation, 
 	SystemIsolatedUserModeInformation, 
 	SystemHardwareSecurityTestInterfaceResultsInformation,
 	SystemSingleModuleInformation, 
 	SystemAllowedCpuSetsInformation,
 	SystemVsmProtectionInformation, 
 	SystemInterruptCpuSetsInformation, 
 	SystemSecureBootPolicyFullInformation, 
 	SystemCodeIntegrityPolicyFullInformation,
 	SystemAffinitizedInterruptProcessorInformation,
 	SystemRootSiloInformation, 
 	SystemCpuSetInformation, 
 	SystemCpuSetTagInformation, 
 	SystemWin32WerStartCallout,
 	SystemSecureKernelProfileInformation, 
 	SystemCodeIntegrityPlatformManifestInformation, 
 	SystemInterruptSteeringInformation, 
 	SystemSupportedProcessorArchitectures,
 	SystemMemoryUsageInformation, 
 	SystemCodeIntegrityCertificateInformation, 
 	SystemPhysicalMemoryInformation, 
 	SystemControlFlowTransition,
 	SystemKernelDebuggingAllowed, 
 	SystemActivityModerationExeState, 
 	SystemActivityModerationUserSettings, 
 	SystemCodeIntegrityPoliciesFullInformation,
 	SystemCodeIntegrityUnlockInformation, 
 	SystemIntegrityQuotaInformation,
 	SystemFlushInformation, 
 	SystemProcessorIdleMaskInformation, 
 	SystemSecureDumpEncryptionInformation,
 	SystemWriteConstraintInformation, 
 	SystemKernelVaShadowInformation, 
 	SystemHypervisorSharedPageInformation, 
 	SystemFirmwareBootPerformanceInformation,
 	SystemCodeIntegrityVerificationInformation, 
 	SystemFirmwarePartitionInformation, 
 	SystemSpeculationControlInformation,
 	SystemDmaGuardPolicyInformation, 
 	SystemEnclaveLaunchControlInformation, 
 	SystemWorkloadAllowedCpuSetsInformation, 
 	SystemCodeIntegrityUnlockModeInformation,
 	SystemLeapSecondInformation, 
 	SystemFlags2Information, 
 	SystemSecurityModelInformation, 
 	SystemCodeIntegritySyntheticCacheInformation,
 	SystemFeatureConfigurationInformation, 
 	SystemFeatureConfigurationSectionInformation,
 	SystemFeatureUsageSubscriptionInformation,
 	SystemSecureSpeculationControlInformation,
 	MaxSystemInfoClass
 } SYSTEM_INFORMATION_CLASS;
 typedef struct _MODULE_INFO {
@ -1328,7 +1513,8 @@ typedef struct _SYSTEM_MODULE_INFORMATION {
 typedef struct _SYSTEM_PROCESS_INFORMATION {
    ULONG NextEntryOffset;
    BYTE Reserved1[52];
-    PVOID Reserved2[3];
+	UNICODE_STRING ImageName;
 	PVOID Reserved2[1];
    HANDLE UniqueProcessId;
    HANDLE InheritedFromProcessId;
    ULONG HandleCount;
@ -1346,13 +1532,13 @@ typedef struct _SYSTEM_HANDLE_INFORMATION {
 #endif
-__declspec(dllimport) NTSTATUS NtQuerySystemInformation(
+__declspec(dllimport) NTSTATUS __stdcall NtQuerySystemInformation(
    IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
    OUT PVOID                   SystemInformation,
    IN ULONG                    SystemInformationLength,
    OUT PULONG                  ReturnLength OPTIONAL);
-__declspec(dllimport) NTSTATUS NtSetSystemInformation(
+__declspec(dllimport) NTSTATUS __stdcall NtSetSystemInformation(
    IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
    IN OUT PVOID                   SystemInformation,
    IN ULONG                    SystemInformationLength);
@ -1486,14 +1672,16 @@ typedef struct _ALPC_MESSAGE_VIEW {
 // end ALPC_INFO structure from LPC-ALPC-paper.pdf
-__declspec(dllimport) NTSTATUS NtCreatePort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtCreatePort(
    OUT PHANDLE PortHandle,
    IN  POBJECT_ATTRIBUTES ObjectAttributes,
    IN  ULONG MaxConnectInfoLength,
    IN  ULONG MaxMsgLength,
    IN  OUT PULONG Reserved OPTIONAL);
-__declspec(dllimport) NTSTATUS NtConnectPort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtConnectPort(
    OUT PHANDLE ClientPortHandle,
    IN  PUNICODE_STRING ServerPortName,
    IN  PSECURITY_QUALITY_OF_SERVICE SecurityQos,
@ -1503,7 +1691,8 @@ __declspec(dllimport) NTSTATUS NtConnectPort(
    IN  OUT PVOID ConnectionInfo OPTIONAL,
    IN  OUT PULONG ConnectionInfoLength OPTIONAL);
-__declspec(dllimport) NTSTATUS NtSecureConnectPort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtSecureConnectPort(
    OUT PHANDLE ClientPortHandle,
    IN  PUNICODE_STRING ServerPortName,
    IN  PSECURITY_QUALITY_OF_SERVICE SecurityQos,
@ -1514,7 +1703,8 @@ __declspec(dllimport) NTSTATUS NtSecureConnectPort(
    IN  OUT PVOID ConnectionInfo OPTIONAL,
    IN  OUT PULONG ConnectionInfoLength OPTIONAL);
-__declspec(dllimport) NTSTATUS NtAcceptConnectPort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtAcceptConnectPort(
    OUT PHANDLE PortHandle,
    IN PVOID PortContext OPTIONAL,
    IN PPORT_MESSAGE ConnectionRequest,
@ -1522,32 +1712,39 @@ __declspec(dllimport) NTSTATUS NtAcceptConnectPort(
    IN OUT PPORT_VIEW ServerView OPTIONAL,
    OUT PREMOTE_PORT_VIEW ClientView OPTIONAL);
-__declspec(dllimport) NTSTATUS NtCompleteConnectPort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtCompleteConnectPort(
    IN  HANDLE PortHandle);
-__declspec(dllimport) NTSTATUS NtRegisterThreadTerminatePort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtRegisterThreadTerminatePort(
    IN  HANDLE PortHandle);
-__declspec(dllimport) NTSTATUS NtRequestPort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtRequestPort(
    IN HANDLE PortHandle,
    IN PPORT_MESSAGE RequestMessage);
-__declspec(dllimport) NTSTATUS NtReplyPort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtReplyPort(
    IN HANDLE PortHandle,
    IN PPORT_MESSAGE ReplyMessage);
-__declspec(dllimport) NTSTATUS NtRequestWaitReplyPort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtRequestWaitReplyPort(
    IN HANDLE PortHandle,
    IN PPORT_MESSAGE RequestMessage,
    OUT PPORT_MESSAGE ReplyMessage);
-__declspec(dllimport) NTSTATUS NtReplyWaitReceivePort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtReplyWaitReceivePort(
    IN  HANDLE PortHandle,
    OUT PVOID *PortContext OPTIONAL,
    IN  PPORT_MESSAGE ReplyMessage OPTIONAL,
    OUT PPORT_MESSAGE ReceiveMessage);
-__declspec(dllimport) NTSTATUS NtImpersonateClientOfPort(
+__declspec(dllimport) NTSTATUS __stdcall
 NtImpersonateClientOfPort(
    IN  HANDLE PortHandle,
    IN  PPORT_MESSAGE PortMessage);
@ -1652,18 +1849,18 @@ typedef NTSTATUS (*P_LdrGetDllHandleEx)(
 #define SYMBOLIC_LINK_QUERY (0x0001)
 #define SYMBOLIC_LINK_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0x1)
-__declspec(dllimport) NTSTATUS NtCreateSymbolicLinkObject(
+__declspec(dllimport) NTSTATUS __stdcall NtCreateSymbolicLinkObject(
    OUT PHANDLE SymbolicLinkHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN PUNICODE_STRING LinkTarget);
-__declspec(dllimport) NTSTATUS NtOpenSymbolicLinkObject(
+__declspec(dllimport) NTSTATUS __stdcall NtOpenSymbolicLinkObject(
    OUT PHANDLE SymbolicLinkHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes);
-__declspec(dllimport) NTSTATUS NtQuerySymbolicLinkObject(
+__declspec(dllimport) NTSTATUS __stdcall NtQuerySymbolicLinkObject(
    IN HANDLE SymbolicLinkHandle,
    IN OUT PUNICODE_STRING LinkTarget,
    OUT PULONG ReturnedLength);
@ -1698,26 +1895,28 @@ __declspec(dllimport) NTSTATUS RtlQueryRegistryValues(
 //---------------------------------------------------------------------------
 typedef void *PINITIAL_TEB;
-typedef ULONG EVENT_TYPE;
+//typedef ULONG EVENT_TYPE;
 typedef enum _EVENT_TYPE { NotificationEvent, SynchronizationEvent } EVENT_TYPE;
 //---------------------------------------------------------------------------
-__declspec(dllimport) NTSTATUS NtLoadDriver(
+__declspec(dllimport) NTSTATUS __stdcall NtLoadDriver(
    UNICODE_STRING *RegistryPath);
-__declspec(dllimport) NTSTATUS NtUnloadDriver(
+__declspec(dllimport) NTSTATUS __stdcall NtUnloadDriver(
    UNICODE_STRING *RegistryPath);
 //---------------------------------------------------------------------------
 typedef enum _MEMORY_INFORMATION_CLASS {
-    MemoryBasicInformation,
+	MemoryBasicInformation,
-    MemoryWorkingSetList,
+	MemoryWorkingSetInformation,
-    MemorySectionName,
+	MemoryMappedFilenameInformation,
-    MemoryBasicVlmInformation
+	MemoryRegionInformation,
 	MemoryWorkingSetExInformation
 } MEMORY_INFORMATION_CLASS;
-__declspec(dllimport) NTSTATUS NtAllocateVirtualMemory(
+__declspec(dllimport) NTSTATUS __stdcall NtAllocateVirtualMemory(
    IN  HANDLE ProcessHandle,
        PVOID *BaseAddress,
    IN  ULONG_PTR ZeroBits,
@ -1725,28 +1924,28 @@ __declspec(dllimport) NTSTATUS NtAllocateVirtualMemory(
    IN  ULONG AllocationType,
    IN  ULONG Protect);
-__declspec(dllimport) NTSTATUS NtReadVirtualMemory(
+__declspec(dllimport) NTSTATUS __stdcall NtReadVirtualMemory(
    IN  HANDLE ProcessHandle,
    IN  PVOID BaseAddress,
    OUT PVOID Buffer,
    IN  SIZE_T BufferSize,
    OUT PSIZE_T NumberOfBytesRead OPTIONAL);
-__declspec(dllimport) NTSTATUS NtWriteVirtualMemory(
+__declspec(dllimport) NTSTATUS __stdcall NtWriteVirtualMemory(
    IN  HANDLE ProcessHandle,
    OUT PVOID BaseAddress,
    IN  PVOID Buffer,
    IN  SIZE_T BufferSize,
    OUT PSIZE_T NumberOfBytesWritten OPTIONAL);
-__declspec(dllimport) NTSTATUS NtProtectVirtualMemory(
+__declspec(dllimport) NTSTATUS __stdcall NtProtectVirtualMemory(
    IN  HANDLE ProcessHandle,
    IN  OUT PVOID *BaseAddress,
    IN  OUT PSIZE_T RegionSize,
    IN  ULONG NewProtect,
    OUT PULONG OldProtect);
-__declspec(dllimport) NTSTATUS NtQueryVirtualMemory(
+__declspec(dllimport) NTSTATUS __stdcall NtQueryVirtualMemory(
    IN  HANDLE ProcessHandle,
    IN  PVOID BaseAddress,
    IN  MEMORY_INFORMATION_CLASS MemoryInformationClass,
@ -1756,26 +1955,26 @@ __declspec(dllimport) NTSTATUS NtQueryVirtualMemory(
 //---------------------------------------------------------------------------
-__declspec(dllimport) NTSTATUS NtSetEvent(
+__declspec(dllimport) NTSTATUS __stdcall NtSetEvent(
    IN  HANDLE EventHandle,
    OUT PLONG PreviousState OPTIONAL);
-__declspec(dllimport) NTSTATUS NtFlushInstructionCache(
+__declspec(dllimport) NTSTATUS __stdcall NtFlushInstructionCache(
    IN  HANDLE ProcessHandle,
    IN  PVOID BaseAddress OPTIONAL,
    IN  ULONG Length OPTIONAL);
 //---------------------------------------------------------------------------
-__declspec(dllimport) NTSTATUS NtLoadKey(
+__declspec(dllimport) NTSTATUS __stdcall NtLoadKey(
    POBJECT_ATTRIBUTES TargetObjectAttributes,
    POBJECT_ATTRIBUTES SourceObjectAttributes);
-__declspec(dllimport) NTSTATUS NtSaveKey(
+__declspec(dllimport) NTSTATUS __stdcall NtSaveKey(
    HANDLE KeyHandle,
    HANDLE FileHandle);
-__declspec(dllimport) NTSTATUS NtQueryValueKey(
+__declspec(dllimport) NTSTATUS __stdcall NtQueryValueKey(
    HANDLE KeyHandle,
    UNICODE_STRING *ValueName,
    KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
@ -1783,7 +1982,7 @@ __declspec(dllimport) NTSTATUS NtQueryValueKey(
    ULONG Length,
    ULONG *ResultLength);
-__declspec(dllimport) NTSTATUS NtQueryMultipleValueKey(
+__declspec(dllimport) NTSTATUS __stdcall NtQueryMultipleValueKey(
    HANDLE KeyHandle,
    PKEY_VALUE_ENTRY ValueEntries,
    ULONG EntryCount,
@ -1791,7 +1990,7 @@ __declspec(dllimport) NTSTATUS NtQueryMultipleValueKey(
    ULONG *Length,
    ULONG *ResultLength);
-__declspec(dllimport) NTSTATUS NtEnumerateValueKey(
+__declspec(dllimport) NTSTATUS __stdcall NtEnumerateValueKey(
    HANDLE KeyHandle,
    ULONG Index,
    KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
@ -1799,7 +1998,7 @@ __declspec(dllimport) NTSTATUS NtEnumerateValueKey(
    ULONG Length,
    ULONG *ResultLength);
-__declspec(dllimport) NTSTATUS NtNotifyChangeKey(
+__declspec(dllimport) NTSTATUS __stdcall NtNotifyChangeKey(
    HANDLE KeyHandle,
    HANDLE Event OPTIONAL,
    PIO_APC_ROUTINE ApcRoutine OPTIONAL,
@ -1811,7 +2010,7 @@ __declspec(dllimport) NTSTATUS NtNotifyChangeKey(
    ULONG BufferSize,
    BOOLEAN Asynchronous);
-__declspec(dllimport) NTSTATUS NtNotifyChangeMultipleKeys(
+__declspec(dllimport) NTSTATUS __stdcall NtNotifyChangeMultipleKeys(
    HANDLE MasterKeyHandle,
    ULONG Count,
    OBJECT_ATTRIBUTES SlaveObjects[],
@ -1827,42 +2026,48 @@ __declspec(dllimport) NTSTATUS NtNotifyChangeMultipleKeys(
 //---------------------------------------------------------------------------
-__declspec(dllimport) NTSTATUS NtCreateEvent(
+__declspec(dllimport) NTSTATUS __stdcall NtCreateEvent(
    OUT PHANDLE EventHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes,
    IN  EVENT_TYPE EventType,
    IN  BOOLEAN InitialState);
-__declspec(dllimport) NTSTATUS NtOpenEvent(
+__declspec(dllimport) NTSTATUS __stdcall NtWaitForSingleObject(
    IN HANDLE Handle,
    IN BOOLEAN Alertable,
    IN PLARGE_INTEGER Timeout
    );
 __declspec(dllimport) NTSTATUS __stdcall NtOpenEvent(
    OUT PHANDLE EventHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes);
-__declspec(dllimport) NTSTATUS NtCreateMutant(
+__declspec(dllimport) NTSTATUS __stdcall NtCreateMutant(
    OUT PHANDLE MutantHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes,
    IN  BOOLEAN InitialOwner);
-__declspec(dllimport) NTSTATUS NtOpenMutant(
+__declspec(dllimport) NTSTATUS __stdcall NtOpenMutant(
    OUT PHANDLE MutantHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes);
-__declspec(dllimport) NTSTATUS NtCreateSemaphore(
+__declspec(dllimport) NTSTATUS __stdcall NtCreateSemaphore(
    OUT PHANDLE SemaphoreHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes,
    IN  ULONG InitialCount,
    IN  ULONG MaximumCount);
-__declspec(dllimport) NTSTATUS NtOpenSemaphore(
+__declspec(dllimport) NTSTATUS __stdcall NtOpenSemaphore(
    OUT PHANDLE SemaphoreHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes);
-__declspec(dllimport) NTSTATUS NtCreateSection(
+__declspec(dllimport) NTSTATUS __stdcall NtCreateSection(
    OUT PHANDLE SectionHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
@ -1871,12 +2076,12 @@ __declspec(dllimport) NTSTATUS NtCreateSection(
    IN ULONG SectionAttributes,
    IN HANDLE FileHandle OPTIONAL);
-__declspec(dllimport) NTSTATUS NtOpenSection(
+__declspec(dllimport) NTSTATUS __stdcall NtOpenSection(
    OUT PHANDLE SectionHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes);
-__declspec(dllimport) NTSTATUS NtMapViewOfSection(
+__declspec(dllimport) NTSTATUS __stdcall NtMapViewOfSection(
    IN  HANDLE SectionHandle,
    IN  HANDLE ProcessHandle,
    IN  OUT PVOID *BaseAddress,
@ -1888,7 +2093,7 @@ __declspec(dllimport) NTSTATUS NtMapViewOfSection(
    IN  ULONG AllocationType,
    IN  ULONG Protect);
-__declspec(dllimport) NTSTATUS NtUnmapViewOfSection(
+__declspec(dllimport) NTSTATUS __stdcall NtUnmapViewOfSection(
    IN  HANDLE ProcessHandle,
    IN  PVOID BaseAddress);
@ -1903,43 +2108,43 @@ __declspec(dllimport) NTSTATUS NtUnmapViewOfSection(
 #define TokenElevationTypeFull      2
 #define TokenElevationTypeLimited   3
-__declspec(dllimport) NTSTATUS NtOpenProcess(
+__declspec(dllimport) NTSTATUS __stdcall NtOpenProcess(
    OUT PHANDLE ProcessHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes,
    IN  PCLIENT_ID ClientId);
-__declspec(dllimport) NTSTATUS NtOpenThread(
+__declspec(dllimport) NTSTATUS __stdcall NtOpenThread(
    OUT PHANDLE ThreadHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes,
    IN  PCLIENT_ID ClientId);
-__declspec(dllimport) NTSTATUS NtOpenProcessToken(
+__declspec(dllimport) NTSTATUS __stdcall NtOpenProcessToken(
    IN HANDLE       ProcessHandle,
    IN ACCESS_MASK  DesiredAccess,
    OUT PHANDLE     TokenHandle);
-__declspec(dllimport) NTSTATUS NtOpenThreadToken(
+__declspec(dllimport) NTSTATUS __stdcall NtOpenThreadToken(
    IN HANDLE       ThreadHandle,
    IN ACCESS_MASK  DesiredAccess,
    IN BOOLEAN      OpenAsSelf,
    OUT PHANDLE     TokenHandle);
-__declspec(dllimport) NTSTATUS NtQueryInformationToken(
+__declspec(dllimport) NTSTATUS __stdcall NtQueryInformationToken(
    IN HANDLE                   TokenHandle,
    IN TOKEN_INFORMATION_CLASS  TokenInformationClass,
    OUT PVOID                   TokenInformation,
    IN ULONG                    TokenInformationLength,
    OUT PULONG                  ReturnLength);
-__declspec(dllimport) NTSTATUS NtSetInformationToken(
+__declspec(dllimport) NTSTATUS __stdcall NtSetInformationToken(
    IN HANDLE                   TokenHandle,
    IN TOKEN_INFORMATION_CLASS  TokenInformationClass,
    OUT PVOID                   TokenInformation,
    IN ULONG                    TokenInformationLength);
-__declspec(dllimport) NTSTATUS NtDuplicateObject(
+__declspec(dllimport) NTSTATUS __stdcall NtDuplicateObject(
    IN  HANDLE SourceProcessHandle,
    IN  HANDLE SourceHandle,
    IN  HANDLE TargetProcessHandle,
@ -1948,7 +2153,7 @@ __declspec(dllimport) NTSTATUS NtDuplicateObject(
    IN  ULONG HandleAttributes,
    IN  ULONG Options);
-__declspec(dllimport) NTSTATUS NtDuplicateToken(
+__declspec(dllimport) NTSTATUS __stdcall NtDuplicateToken(
    IN HANDLE ExistingTokenHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
@ -1956,12 +2161,12 @@ __declspec(dllimport) NTSTATUS NtDuplicateToken(
    IN TOKEN_TYPE TokenType,
    OUT PHANDLE NewTokenHandle);
-__declspec(dllimport) NTSTATUS NtSetSecurityObject(
+//__declspec(dllimport) NTSTATUS __stdcall NtSetSecurityObject(
-    IN  HANDLE Handle,
+//    IN  HANDLE Handle,
-    IN  SECURITY_INFORMATION SecurityInformation,
+//    IN  SECURITY_INFORMATION SecurityInformation,
-    IN  PSECURITY_DESCRIPTOR SecurityDescriptor);
+//    IN  PSECURITY_DESCRIPTOR SecurityDescriptor);
-__declspec(dllimport) NTSTATUS NtFilterToken(
+__declspec(dllimport) NTSTATUS __stdcall NtFilterToken(
    IN HANDLE ExistingTokenHandle,
    IN ULONG Flags,
    IN PTOKEN_GROUPS SidsToDisable OPTIONAL,
@ -1969,7 +2174,7 @@ __declspec(dllimport) NTSTATUS NtFilterToken(
    IN PTOKEN_GROUPS RestrictedSids OPTIONAL,
    OUT PHANDLE NewTokenHandle);
-__declspec(dllimport) NTSTATUS NtAdjustPrivilegesToken(
+__declspec(dllimport) NTSTATUS __stdcall NtAdjustPrivilegesToken(
    IN HANDLE TokenHandle,
    IN BOOLEAN DisableAllPrivileges,
    IN PTOKEN_PRIVILEGES NewState OPTIONAL,
@ -1977,7 +2182,7 @@ __declspec(dllimport) NTSTATUS NtAdjustPrivilegesToken(
    OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL,
    OUT PULONG ReturnLength);
-__declspec(dllimport) NTSTATUS NtPrivilegeCheck(
+__declspec(dllimport) NTSTATUS __stdcall NtPrivilegeCheck(
    IN HANDLE TokenHandle,
    IN OUT PPRIVILEGE_SET RequiredPrivileges,
    OUT PBOOLEAN Result);
@ -1986,16 +2191,16 @@ typedef NTSTATUS (*P_RtlQueryElevationFlags)(ULONG *Flags);
 __declspec(dllimport) NTSTATUS RtlQueryElevationFlags(ULONG *Flags);
-__declspec(dllimport) NTSTATUS NtContinue(
+__declspec(dllimport) NTSTATUS __stdcall NtContinue(
    PCONTEXT ThreadContext, BOOLEAN RaiseAlert);
-__declspec(dllimport) NTSTATUS NtTestAlert(void);
+__declspec(dllimport) NTSTATUS __stdcall NtTestAlert(void);
-__declspec(dllimport) NTSTATUS NtImpersonateThread(
+__declspec(dllimport) NTSTATUS __stdcall NtImpersonateThread(
    HANDLE ServerThreadHandle, HANDLE ClientThreadHandle,
    PSECURITY_QUALITY_OF_SERVICE SecurityQos);
-__declspec(dllimport) NTSTATUS NtImpersonateAnonymousToken(
+__declspec(dllimport) NTSTATUS __stdcall NtImpersonateAnonymousToken(
    HANDLE ThreadHandle);
 //---------------------------------------------------------------------------
@ -2068,15 +2273,15 @@ __declspec(dllimport) NTSTATUS RtlCreateProcessParameters(
    UNICODE_STRING *ShellInfo,
    UNICODE_STRING *RuntimeData);
-__declspec(dllimport) NTSTATUS NtCreateJobObject(
+__declspec(dllimport) NTSTATUS __stdcall NtCreateJobObject(
    OUT PHANDLE JobHandle,
    IN  ACCESS_MASK DesiredAccess,
    IN  POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL);
-__declspec(dllimport) NTSTATUS NtAssignProcessToJobObject(
+__declspec(dllimport) NTSTATUS __stdcall NtAssignProcessToJobObject(
    HANDLE hJob, HANDLE hProcess);
-__declspec(dllimport) NTSTATUS NtSetInformationJobObject(
+__declspec(dllimport) NTSTATUS __stdcall NtSetInformationJobObject(
    IN  HANDLE JobHandle,
    IN  JOBOBJECTINFOCLASS JobObjectInformationClass,
    IN  PVOID JobObjectInformation,
@ -2173,14 +2378,14 @@ __declspec(dllimport) void __stdcall RtlRaiseStatus(NTSTATUS Status);
 //---------------------------------------------------------------------------
-__declspec(dllimport) USHORT RtlCaptureStackBackTrace(
+//__declspec(dllimport) USHORT RtlCaptureStackBackTrace(
-    ULONG FramesToSkip,
+//    ULONG FramesToSkip,
-    ULONG FramesToCapture,
+//    ULONG FramesToCapture,
-    PVOID *BackTrace,
+//    PVOID *BackTrace,
-    ULONG *BackTraceHash
+//    ULONG *BackTraceHash
-);
+//);
-__declspec(dllimport) NTSTATUS NtRaiseHardError(
+__declspec(dllimport) NTSTATUS __stdcall NtRaiseHardError(
    NTSTATUS ErrorStatus,
    ULONG NumberOfParameters,
    ULONG UnicodeBitMask,
--- a/Sandboxie/core/dll/SboxDll.vcxproj
+++ b/Sandboxie/core/dll/SboxDll.vcxproj
@ -22,7 +22,7 @@
    <Keyword>Win32Proj</Keyword>
    <ProjectName>SboxDll</ProjectName>
    <ProjectGuid>{8E0EAA5B-6F5B-E0E2-338A-453EF2B548E4}</ProjectGuid>
-    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'" Label="Configuration">
@ -30,28 +30,28 @@
    <UseDebugLibraries>true</UseDebugLibraries>
    <UseOfMfc>false</UseOfMfc>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'" Label="Configuration">
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <UseOfMfc>false</UseOfMfc>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'" Label="Configuration">
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <UseOfMfc>false</UseOfMfc>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'" Label="Configuration">
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <UseOfMfc>false</UseOfMfc>
    <CharacterSet>Unicode</CharacterSet>
-    <PlatformToolset>v140</PlatformToolset>
+    <PlatformToolset>v142</PlatformToolset>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
@ -71,22 +71,22 @@
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">
    <TargetExt>.dll</TargetExt>
    <TargetName>SbieDll</TargetName>
-    <LibraryPath>C:\WinDDK\7600.16385.1\lib\wnet\i386</LibraryPath>
+    <LibraryPath>$(WindowsSDK_LibraryPath_x86)</LibraryPath>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">
    <TargetExt>.dll</TargetExt>
    <TargetName>SbieDll</TargetName>
-    <LibraryPath>C:\WinDDK\7600.16385.1\lib\wnet\amd64</LibraryPath>
+    <LibraryPath>$(WindowsSDK_LibraryPath_x64)</LibraryPath>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">
    <TargetExt>.dll</TargetExt>
    <TargetName>SbieDll</TargetName>
-    <LibraryPath>C:\WinDDK\7600.16385.1\lib\wnet\i386</LibraryPath>
+    <LibraryPath>$(WindowsSDK_LibraryPath_x86)</LibraryPath>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">
    <TargetExt>.dll</TargetExt>
    <TargetName>SbieDll</TargetName>
-    <LibraryPath>C:\WinDDK\7600.16385.1\lib\wnet\amd64</LibraryPath>
+    <LibraryPath>$(WindowsSDK_LibraryPath_x64)</LibraryPath>
  </PropertyGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">
    <ClCompile>
@ -96,7 +96,7 @@
      <OmitFramePointers />
    </ClCompile>
    <Link>
-      <AdditionalDependencies>ntdll.lib;uuid.lib;kernel32.lib;psapi.lib</AdditionalDependencies>
+      <AdditionalDependencies>ntdll.lib;uuid.lib;kernel32.lib</AdditionalDependencies>
      <ModuleDefinitionFile>SboxDll32.def</ModuleDefinitionFile>
      <BaseAddress>0x7D220000</BaseAddress>
      <EntryPointSymbol>DllMain</EntryPointSymbol>
@ -104,6 +104,9 @@
      <OptimizeReferences>false</OptimizeReferences>
      <EnableCOMDATFolding>false</EnableCOMDATFolding>
    </Link>
    <ResourceCompile>
      <PreprocessorDefinitions>BUILD_UTILITY_PASS2;%(PreprocessorDefinitions)</PreprocessorDefinitions>
    </ResourceCompile>
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">
    <ClCompile>
@ -112,7 +115,7 @@
      <CompileAs>Default</CompileAs>
    </ClCompile>
    <Link>
-      <AdditionalDependencies>ntdll.lib;uuid.lib;kernel32.lib;psapi.lib</AdditionalDependencies>
+      <AdditionalDependencies>ntdll.lib;uuid.lib;kernel32.lib</AdditionalDependencies>
      <BaseAddress>0x7D220000</BaseAddress>
      <EntryPointSymbol>DllMain</EntryPointSymbol>
      <ModuleDefinitionFile>SboxDll64.def</ModuleDefinitionFile>
@ -120,16 +123,19 @@
      <OptimizeReferences>false</OptimizeReferences>
      <EnableCOMDATFolding>false</EnableCOMDATFolding>
    </Link>
    <ResourceCompile>
      <PreprocessorDefinitions>BUILD_UTILITY_PASS2;MY_WIN64_FLAG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
    </ResourceCompile>
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">
    <ClCompile>
      <RuntimeTypeInfo>false</RuntimeTypeInfo>
      <CompileAs>Default</CompileAs>
      <OmitFramePointers />
-      <Optimization>Disabled</Optimization>
+      <Optimization>MaxSpeed</Optimization>
    </ClCompile>
    <Link>
-      <AdditionalDependencies>ntdll.lib;uuid.lib;kernel32.lib;psapi.lib</AdditionalDependencies>
+      <AdditionalDependencies>ntdll.lib;uuid.lib;kernel32.lib</AdditionalDependencies>
      <ModuleDefinitionFile>SboxDll32.def</ModuleDefinitionFile>
      <BaseAddress>0x7D220000</BaseAddress>
      <EntryPointSymbol>DllMain</EntryPointSymbol>
@ -137,6 +143,9 @@
      <OptimizeReferences>false</OptimizeReferences>
      <EnableCOMDATFolding>false</EnableCOMDATFolding>
    </Link>
    <ResourceCompile>
      <PreprocessorDefinitions>BUILD_UTILITY_PASS2;%(PreprocessorDefinitions)</PreprocessorDefinitions>
    </ResourceCompile>
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">
    <ClCompile>
@ -144,7 +153,7 @@
      <CompileAs>Default</CompileAs>
    </ClCompile>
    <Link>
-      <AdditionalDependencies>ntdll.lib;uuid.lib;kernel32.lib;psapi.lib</AdditionalDependencies>
+      <AdditionalDependencies>ntdll.lib;uuid.lib;kernel32.lib</AdditionalDependencies>
      <BaseAddress>0x7D220000</BaseAddress>
      <EntryPointSymbol>DllMain</EntryPointSymbol>
      <ModuleDefinitionFile>SboxDll64.def</ModuleDefinitionFile>
@ -152,8 +161,15 @@
      <OptimizeReferences>false</OptimizeReferences>
      <EnableCOMDATFolding>false</EnableCOMDATFolding>
    </Link>
    <ResourceCompile>
      <PreprocessorDefinitions>BUILD_UTILITY_PASS2;MY_WIN64_FLAG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
    </ResourceCompile>
  </ItemDefinitionGroup>
  <ItemGroup>
    <ClCompile Include="..\..\common\my_ntdll.c">
      <Optimization Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">Disabled</Optimization>
      <Optimization Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">Disabled</Optimization>
    </ClCompile>
    <ClCompile Include="..\..\common\pattern.c">
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">true</ExcludedFromBuild>
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">true</ExcludedFromBuild>
@ -227,6 +243,8 @@
    <ClCompile Include="guimsg.c" />
    <ClCompile Include="guiprop.c" />
    <ClCompile Include="guititle.c" />
    <ClCompile Include="hook_inst.c" />
    <ClCompile Include="hook_tramp.c" />
    <ClCompile Include="includes.c" />
    <ClCompile Include="ipc.c" />
    <ClCompile Include="ipc_start.c">
@ -258,6 +276,7 @@
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">true</ExcludedFromBuild>
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">true</ExcludedFromBuild>
    </ClCompile>
    <ClCompile Include="lowlevel_inject.c" />
    <ClCompile Include="lsa.c" />
    <ClCompile Include="mscoree.c" />
    <ClCompile Include="net.c" />
@ -314,6 +333,7 @@
    </ClCompile>
    <ClCompile Include="taskbar.c" />
    <ClCompile Include="terminal.c" />
    <ClCompile Include="trace.c" />
    <ClCompile Include="userenv.c" />
  </ItemGroup>
  <ItemGroup>
@ -336,6 +356,7 @@
    <ClInclude Include="dll.h" />
    <ClInclude Include="guidlg.h" />
    <ClInclude Include="gui_p.h" />
    <ClInclude Include="hook.h" />
    <ClInclude Include="ipstore_enum.h" />
    <ClInclude Include="ipstore_impl.h" />
    <ClInclude Include="obj.h" />
@ -344,14 +365,41 @@
    <ClInclude Include="sbieapi.h" />
    <ClInclude Include="sbiedll.h" />
    <ClInclude Include="taskbar.h" />
    <ClInclude Include="trace.h" />
  </ItemGroup>
  <ItemGroup>
    <ResourceCompile Include="lowlevel.rc" />
    <ResourceCompile Include="resource.rc" />
  </ItemGroup>
  <ItemGroup>
    <Midl Include="pstore.idl" />
  </ItemGroup>
  <ItemGroup>
    <CustomBuild Include="..\..\common\NtCRT\x86\except_handler3.asm">
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">true</ExcludedFromBuild>
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">true</ExcludedFromBuild>
      <FileType>Document</FileType>
      <Command Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">ml -c  -Cx -nologo -Zi -Zm -Fo$(Configuration)\%(Filename).obj %(FullPath)</Command>
      <Outputs Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">%(ProjectDir)$(Configuration)\%(Filename).obj</Outputs>
      <Command Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">ml -c  -Cx -nologo -Zi -Zm -Fo$(Configuration)\%(Filename).obj %(FullPath)</Command>
      <Outputs Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">%(ProjectDir)$(Configuration)\%(Filename).obj</Outputs>
    </CustomBuild>
    <CustomBuild Include="..\..\common\NtCRT\x64\ntdll.def">
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">true</ExcludedFromBuild>
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">true</ExcludedFromBuild>
      <Command Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">lib /def:%(FullPath) /out:$(SolutionDir)Bin\$(PlatformName)\$(Configuration)\NtCRT.lib /machine:x64</Command>
      <Outputs Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">$(SolutionDir)Bin\$(PlatformName)\$(Configuration)\NtCRT.lib</Outputs>
      <Command Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">lib /def:%(FullPath) /out:$(SolutionDir)Bin\$(PlatformName)\$(Configuration)\NtCRT.lib /machine:x64</Command>
      <Outputs Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">$(SolutionDir)Bin\$(PlatformName)\$(Configuration)\NtCRT.lib</Outputs>
    </CustomBuild>
    <CustomBuild Include="..\..\common\NtCRT\x86\ntdll.def">
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">true</ExcludedFromBuild>
      <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">true</ExcludedFromBuild>
      <Command Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">lib /def:%(FullPath) /out:$(SolutionDir)Bin\$(PlatformName)\$(Configuration)\NtCRT.lib /machine:x86</Command>
      <Outputs Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">$(SolutionDir)Bin\$(PlatformName)\$(Configuration)\NtCRT.lib</Outputs>
      <Command Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">lib /def:%(FullPath) /out:$(SolutionDir)Bin\$(PlatformName)\$(Configuration)\NtCRT.lib /machine:x86</Command>
      <Outputs Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">$(SolutionDir)Bin\$(PlatformName)\$(Configuration)\NtCRT.lib</Outputs>
    </CustomBuild>
    <None Include="SboxDll32.def" />
    <None Include="SboxDll64.def" />
    <None Include="util_32.asm">
--- a/Sandboxie/core/dll/SboxDll.vcxproj.filters
+++ b/Sandboxie/core/dll/SboxDll.vcxproj.filters
@ -0,0 +1,288 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <ItemGroup>
    <ClCompile Include="advapi.c" />
    <ClCompile Include="crypt.c" />
    <ClCompile Include="custom.c" />
    <ClCompile Include="debug.c" />
    <ClCompile Include="dllmem.c" />
    <ClCompile Include="dllpath.c" />
    <ClCompile Include="event.c" />
    <ClCompile Include="includes.c" />
    <ClCompile Include="iphlp.c" />
    <ClCompile Include="lsa.c" />
    <ClCompile Include="mscoree.c" />
    <ClCompile Include="net.c" />
    <ClCompile Include="netapi.c" />
    <ClCompile Include="obj.c" />
    <ClCompile Include="pdh.c" />
    <ClCompile Include="proc.c" />
    <ClCompile Include="rpcrt.c" />
    <ClCompile Include="secure.c" />
    <ClCompile Include="setup.c" />
    <ClCompile Include="sfc.c" />
    <ClCompile Include="sh.c" />
    <ClCompile Include="support.c" />
    <ClCompile Include="sxs.c" />
    <ClCompile Include="sysinfo.c" />
    <ClCompile Include="terminal.c" />
    <ClCompile Include="userenv.c" />
    <ClCompile Include="scm.c">
      <Filter>scm</Filter>
    </ClCompile>
    <ClCompile Include="scm_create.c">
      <Filter>scm</Filter>
    </ClCompile>
    <ClCompile Include="scm_event.c">
      <Filter>scm</Filter>
    </ClCompile>
    <ClCompile Include="scm_misc.c">
      <Filter>scm</Filter>
    </ClCompile>
    <ClCompile Include="scm_notify.c">
      <Filter>scm</Filter>
    </ClCompile>
    <ClCompile Include="scm_query.c">
      <Filter>scm</Filter>
    </ClCompile>
    <ClCompile Include="hook_inst.c">
      <Filter>hook</Filter>
    </ClCompile>
    <ClCompile Include="hook_tramp.c">
      <Filter>hook</Filter>
    </ClCompile>
    <ClCompile Include="lowlevel_inject.c">
      <Filter>hook</Filter>
    </ClCompile>
    <ClCompile Include="ldr.c">
      <Filter>hook</Filter>
    </ClCompile>
    <ClCompile Include="ldr_init.c">
      <Filter>hook</Filter>
    </ClCompile>
    <ClCompile Include="file.c">
      <Filter>file</Filter>
    </ClCompile>
    <ClCompile Include="file_dir.c">
      <Filter>file</Filter>
    </ClCompile>
    <ClCompile Include="file_init.c">
      <Filter>file</Filter>
    </ClCompile>
    <ClCompile Include="file_link.c">
      <Filter>file</Filter>
    </ClCompile>
    <ClCompile Include="file_misc.c">
      <Filter>file</Filter>
    </ClCompile>
    <ClCompile Include="file_pipe.c">
      <Filter>file</Filter>
    </ClCompile>
    <ClCompile Include="gdi.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="gui.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guiclass.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guicon.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guidde.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guidlg.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guienum.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guihook.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guimisc.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guimsg.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guiprop.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="guititle.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="..\..\common\pattern.c">
      <Filter>common</Filter>
    </ClCompile>
    <ClCompile Include="..\..\common\pool.c">
      <Filter>common</Filter>
    </ClCompile>
    <ClCompile Include="taskbar.c">
      <Filter>gui</Filter>
    </ClCompile>
    <ClCompile Include="acscmonitor.c" />
    <ClCompile Include="pst.cpp">
      <Filter>pst</Filter>
    </ClCompile>
    <ClCompile Include="ipstore_impl.cpp">
      <Filter>pst</Filter>
    </ClCompile>
    <ClCompile Include="ipstore_enum.cpp">
      <Filter>pst</Filter>
    </ClCompile>
    <ClCompile Include="cred.c" />
    <ClCompile Include="sbieapi.c">
      <Filter>api</Filter>
    </ClCompile>
    <ClCompile Include="key.c">
      <Filter>key</Filter>
    </ClCompile>
    <ClCompile Include="key_merge.c">
      <Filter>key</Filter>
    </ClCompile>
    <ClCompile Include="key_util.c">
      <Filter>key</Filter>
    </ClCompile>
    <ClCompile Include="dllhook.c">
      <Filter>hook</Filter>
    </ClCompile>
    <ClCompile Include="ipc.c">
      <Filter>ipc</Filter>
    </ClCompile>
    <ClCompile Include="ipc_start.c">
      <Filter>ipc</Filter>
    </ClCompile>
    <ClCompile Include="ole.cpp">
      <Filter>com</Filter>
    </ClCompile>
    <ClCompile Include="com.c">
      <Filter>com</Filter>
    </ClCompile>
    <ClCompile Include="callsvc.c">
      <Filter>api</Filter>
    </ClCompile>
    <ClCompile Include="dllmain.c">
      <Filter>hook</Filter>
    </ClCompile>
    <ClCompile Include="trace.c" />
    <ClCompile Include="..\..\common\my_ntdll.c">
      <Filter>common</Filter>
    </ClCompile>
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="advapi.h" />
    <ClInclude Include="debug.h" />
    <ClInclude Include="dll.h" />
    <ClInclude Include="hook.h">
      <Filter>hook</Filter>
    </ClInclude>
    <ClInclude Include="gui_p.h">
      <Filter>gui</Filter>
    </ClInclude>
    <ClInclude Include="guidlg.h">
      <Filter>gui</Filter>
    </ClInclude>
    <ClInclude Include="..\..\common\pool.h">
      <Filter>common</Filter>
    </ClInclude>
    <ClInclude Include="propsys.h">
      <Filter>gui</Filter>
    </ClInclude>
    <ClInclude Include="taskbar.h">
      <Filter>gui</Filter>
    </ClInclude>
    <ClInclude Include="pstore.h">
      <Filter>pst</Filter>
    </ClInclude>
    <ClInclude Include="ipstore_impl.h">
      <Filter>pst</Filter>
    </ClInclude>
    <ClInclude Include="ipstore_enum.h">
      <Filter>pst</Filter>
    </ClInclude>
    <ClInclude Include="sbieapi.h">
      <Filter>api</Filter>
    </ClInclude>
    <ClInclude Include="sbiedll.h">
      <Filter>api</Filter>
    </ClInclude>
    <ClInclude Include="obj.h">
      <Filter>com</Filter>
    </ClInclude>
    <ClInclude Include="trace.h" />
  </ItemGroup>
  <ItemGroup>
    <ResourceCompile Include="resource.rc" />
    <ResourceCompile Include="lowlevel.rc">
      <Filter>hook</Filter>
    </ResourceCompile>
  </ItemGroup>
  <ItemGroup>
    <None Include="SboxDll32.def">
      <Filter>api</Filter>
    </None>
    <None Include="SboxDll64.def">
      <Filter>api</Filter>
    </None>
    <None Include="util_64.asm">
      <Filter>hook</Filter>
    </None>
    <None Include="util_32.asm">
      <Filter>hook</Filter>
    </None>
    <None Include="..\..\common\NtCRT\x64\ntdll.def">
      <Filter>common</Filter>
    </None>
    <None Include="..\..\common\NtCRT\x86\ntdll.def">
      <Filter>common</Filter>
    </None>
  </ItemGroup>
  <ItemGroup>
    <Filter Include="scm">
      <UniqueIdentifier>{6da9a76f-4d0f-47ee-b825-7c1e546a0d71}</UniqueIdentifier>
    </Filter>
    <Filter Include="hook">
      <UniqueIdentifier>{5f7e4efc-f1a0-402a-bdc9-b2b89d6b7dd2}</UniqueIdentifier>
    </Filter>
    <Filter Include="file">
      <UniqueIdentifier>{881ad2c8-b8c4-4ca8-aecd-5c4796ad46b5}</UniqueIdentifier>
    </Filter>
    <Filter Include="gui">
      <UniqueIdentifier>{8ee84c6a-ed91-4765-b5c9-d8d65a4d605a}</UniqueIdentifier>
    </Filter>
    <Filter Include="common">
      <UniqueIdentifier>{aebace4d-7063-460f-a875-1dacf59a4ed6}</UniqueIdentifier>
    </Filter>
    <Filter Include="pst">
      <UniqueIdentifier>{5d69d34a-4b02-40d2-a27e-ae16165b5933}</UniqueIdentifier>
    </Filter>
    <Filter Include="key">
      <UniqueIdentifier>{d6a7a70a-5bfe-4598-b4e6-516442cd97e1}</UniqueIdentifier>
    </Filter>
    <Filter Include="ipc">
      <UniqueIdentifier>{66c7aa3a-4c74-4ccc-8d57-ddb65c59cd58}</UniqueIdentifier>
    </Filter>
    <Filter Include="com">
      <UniqueIdentifier>{fde0ce5f-2daf-4dfc-9512-731510cffabf}</UniqueIdentifier>
    </Filter>
    <Filter Include="api">
      <UniqueIdentifier>{1903d308-e235-4da0-a117-0dfaa6eb24eb}</UniqueIdentifier>
    </Filter>
  </ItemGroup>
  <ItemGroup>
    <Midl Include="pstore.idl">
      <Filter>pst</Filter>
    </Midl>
  </ItemGroup>
  <ItemGroup>
    <CustomBuild Include="util_asm.asm">
      <Filter>hook</Filter>
    </CustomBuild>
    <CustomBuild Include="..\..\common\NtCRT\x86\except_handler3.asm">
      <Filter>common</Filter>
    </CustomBuild>
  </ItemGroup>
 </Project>
--- a/Sandboxie/core/dll/SboxDll32.def
+++ b/Sandboxie/core/dll/SboxDll32.def
@ -26,7 +26,8 @@ SbieApi_GetFileName=_SbieApi_GetFileName@12
 SbieApi_GetHomePath=_SbieApi_GetHomePath@16
 SbieApi_GetUnmountHive=_SbieApi_GetUnmountHive@4
 SbieApi_GetVersion=_SbieApi_GetVersion@4
-SbieApi_GetWork=_SbieApi_GetWork@12
+;;; SbieApi_GetWork=_SbieApi_GetWork@12
 SbieApi_GetMessage=_SbieApi_GetMessage@24
 SbieApi_HookTramp=_SbieApi_HookTramp@8
@ -34,6 +35,7 @@ SbieApi_IsBoxEnabled=_SbieApi_IsBoxEnabled@4
 SbieApi_MonitorControl=_SbieApi_MonitorControl@8
 SbieApi_MonitorGet=_SbieApi_MonitorGet@8
 SbieApi_MonitorGetEx=_SbieApi_MonitorGetEx@16
 SbieApi_MonitorPut=_SbieApi_MonitorPut@8
 SbieApi_MonitorPut2=_SbieApi_MonitorPut2@12
--- a/Sandboxie/core/dll/acscmonitor.c
+++ b/Sandboxie/core/dll/acscmonitor.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -42,6 +43,8 @@ ULONG CALLBACK Acscmonitor_LoadLibrary(LPVOID lpParam)
 _FX BOOLEAN Acscmonitor_Init(HMODULE hDll)
 {
-    CreateThread(NULL, 0, Acscmonitor_LoadLibrary, (LPVOID)0, 0, NULL);
+	HANDLE ThreadHandle = CreateThread(NULL, 0, Acscmonitor_LoadLibrary, (LPVOID)0, 0, NULL);
 	if (ThreadHandle)
 		CloseHandle(ThreadHandle); 
    return TRUE;
 }
--- a/Sandboxie/core/dll/callsvc.c
+++ b/Sandboxie/core/dll/callsvc.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -326,6 +327,78 @@ _FX MSG_HEADER *SbieDll_CallServer(MSG_HEADER *req)
 }
 //---------------------------------------------------------------------------
 // SbieDll_CallServerQueue
 //---------------------------------------------------------------------------
 _FX void *SbieDll_CallServerQueue(const WCHAR* queue, void *req, ULONG req_len, ULONG rpl_min_len)
 {
 	//static ULONG _Ticks = 0;
 	//static ULONG _Ticks1 = 0;
 	WCHAR QueueName[64];
 	NTSTATUS status;
 	ULONG req_id;
 	ULONG data_len;
 	void *data;
 	HANDLE event;
 	//ULONG Ticks0 = GetTickCount();
 	/*if (1) {
 		WCHAR txt[128];
 		Sbie_snwprintf(txt, 128, L"Request command is %08X\n", *(ULONG *)req);
 		OutputDebugString(txt);
 	}*/
 	Sbie_snwprintf(QueueName, 64, L"*%s_%08X", queue, Dll_SessionId);
 	status = SbieDll_QueuePutReq(QueueName, req, req_len, &req_id, &event);
 	if (NT_SUCCESS(status)) {
 		if (WaitForSingleObject(event, 60 * 1000) != 0)
 			status = STATUS_TIMEOUT;
 		CloseHandle(event);
 	}
 	if (status == 0) {
 		status = SbieDll_QueueGetRpl(QueueName, req_id, &data, &data_len);
 		if (NT_SUCCESS(status)) {
 			if (data_len >= sizeof(ULONG) && *(ULONG *)data) {
 				status = *(ULONG *)data;
 			}
 			else if (data_len >= rpl_min_len) {
 				/*_Ticks += GetTickCount() - Ticks0;
 				if (_Ticks > _Ticks1 + 1000) {
 					WCHAR txt[128];
 					Sbie_snwprintf(txt, 128, L"Already spent %d ticks in gui\n", _Ticks);
 					OutputDebugString(txt);
 					_Ticks1 = _Ticks;
 				}*/
 				return data;
 			}
 			else
 				status = STATUS_INFO_LENGTH_MISMATCH;
 			Dll_Free(data);
 		}
 	}
 	SbieApi_Log(2203, L"%S - %S [%08X]", QueueName, Dll_ImageName, status);
 	SetLastError(ERROR_SERVER_DISABLED);
 	return NULL;
 }
 //---------------------------------------------------------------------------
 // SbieDll_FreeMem
 //---------------------------------------------------------------------------
@ -763,3 +836,4 @@ _FX BOOL SbieDll_RunSandboxed(
    SetLastError(err);
    return ok;
 }
--- a/Sandboxie/core/dll/com.c
+++ b/Sandboxie/core/dll/com.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -305,6 +306,7 @@ _FX BOOLEAN SbieDll_IsOpenClsid(
        // check against list of built-in CLSID exclusions
        //
 		if (SbieApi_QueryConfBool(BoxName, L"OpenDefaultClsid", TRUE))
        if (memcmp(rclsid, &CLSID_WinMgmt,              sizeof(GUID)) == 0 ||
            memcmp(rclsid, &CLSID_NetworkListManager,   sizeof(GUID)) == 0 ||
            memcmp(rclsid, &CLSID_ShellServiceHostBrokerProvider, sizeof(GUID)) == 0 ||
@ -408,6 +410,7 @@ _FX BOOLEAN SbieDll_IsOpenClsid(
        }
    }
 	if (SbieApi_QueryConfBool(BoxName, L"OpenDefaultClsid", TRUE))
    if (Com_IsFirewallClsid(rclsid, BoxName))
        return TRUE;
@ -3109,7 +3112,7 @@ _FX void *Com_Alloc(ULONG len)
    /*if (Com_Mem_Trace) {
        WCHAR txt[128];
-        Sbie_swprintf(txt, L"ALLOC <%s> AT <%08X>\n", Com_Mem_Trace, ptr);
+        Sbie_snwprintf(txt, 128, L"ALLOC <%s> AT <%08X>\n", Com_Mem_Trace, ptr);
        OutputDebugString(txt);
        Com_Mem_Trace = NULL;
    }*/
@ -3127,7 +3130,7 @@ _FX void Com_Free(void *ptr)
 {
    /*if (Com_Mem_Trace) {
        WCHAR txt[128];
-        Sbie_swprintf(txt, L"FREE  <%s> AT <%08X>\n", Com_Mem_Trace, ptr);
+        Sbie_snwprintf(txt, 128, L"FREE  <%s> AT <%08X>\n", Com_Mem_Trace, ptr);
        OutputDebugString(txt);
        Com_Mem_Trace = NULL;
    }*/
@ -3227,7 +3230,7 @@ _FX void Com_Trace(
        return;
    text = Com_Alloc(1024 * sizeof(WCHAR));
-    ptr = text + Sbie_swprintf(text, L"SBIE %s <%08X> ", TraceType, hr);
+    ptr = text + Sbie_snwprintf(text, 1024, L"SBIE %s <%08X> ", TraceType, hr);
    if (rclsid) {
        Com_Trace_Guid(ptr, rclsid, L"CLSID");
--- a/Sandboxie/core/dll/cred.c
+++ b/Sandboxie/core/dll/cred.c
@ -270,9 +270,9 @@ _FX WCHAR *Cred_GetName(
    name = Dll_Alloc(len * sizeof(WCHAR));
    if (DomainName)
-        Sbie_swprintf(name, L"%s%s-%s", Cred_DomainCred, DomainName, TargetName);
+        Sbie_snwprintf(name, len, L"%s%s-%s", Cred_DomainCred, DomainName, TargetName);
    else
-        Sbie_swprintf(name, L"%s%08X-%s", Cred_SimpleCred, Type, TargetName);
+        Sbie_snwprintf(name, len, L"%s%08X-%s", Cred_SimpleCred, Type, TargetName);
    return name;
 }
--- a/Sandboxie/core/dll/custom.c
+++ b/Sandboxie/core/dll/custom.c
@ -155,7 +155,7 @@ _FX UCHAR GetSetCustomLevel(UCHAR SetLevel)
        if (! NT_SUCCESS(status)) {
            value_info.Data[0] = 0;
-            Sbie_swprintf(path, L"%d [%08X]", -2, status);
+            Sbie_snwprintf(path, 256, L"%d [%08X]", -2, status);
            SbieApi_Log(2206, path);
        }
@ -174,7 +174,7 @@ _FX UCHAR GetSetCustomLevel(UCHAR SetLevel)
        if (! NT_SUCCESS(status)) {
-            Sbie_swprintf(path, L"%d [%08X]", -3, status);
+            Sbie_snwprintf(path, 256, L"%d [%08X]", -3, status);
            SbieApi_Log(2206, path);
        }
    }
@ -231,7 +231,7 @@ _FX BOOLEAN Custom_CreateRegLinks(void)
    }
    if (! NT_SUCCESS(status)) {
-        Sbie_swprintf(err, L"[11 / %08X]", status);
+        Sbie_snwprintf(err, 64, L"[11 / %08X]", status);
        SbieApi_Log(2326, err);
        return FALSE;
    }
@ -255,7 +255,7 @@ _FX BOOLEAN Custom_CreateRegLinks(void)
    } else if (status != STATUS_OBJECT_NAME_COLLISION) {
-        Sbie_swprintf(err, L"[22 / %08X]", status);
+		Sbie_snwprintf(err, 64, L"[22 / %08X]", status);
        SbieApi_Log(2326, err);
        NtClose(hkey1);
        return FALSE;
@ -273,7 +273,7 @@ _FX BOOLEAN Custom_CreateRegLinks(void)
    NtClose(hkey1);
    if (! NT_SUCCESS(status)) {
-        Sbie_swprintf(err, L"[33 / %08X]", status);
+		Sbie_snwprintf(err, 64, L"[33 / %08X]", status);
        SbieApi_Log(2326, err);
    }
@ -312,7 +312,7 @@ _FX BOOLEAN DisableDCOM(void)
        if (status != STATUS_BAD_INITIAL_PC &&
            status != STATUS_OBJECT_NAME_NOT_FOUND) {
-            Sbie_swprintf(err, L"[21 / %08X]", status);
+			Sbie_snwprintf(err, 64, L"[21 / %08X]", status);
            SbieApi_Log(2309, err);
        }
@ -322,7 +322,7 @@ _FX BOOLEAN DisableDCOM(void)
        RtlInitUnicodeString(&objname, L"EnableDCOM");
        status = NtSetValueKey(handle, &objname, 0, REG_SZ, &no, sizeof(no));
        if (! NT_SUCCESS(status)) {
-            Sbie_swprintf(err, L"[22 / %08X]", status);
+			Sbie_snwprintf(err, 64, L"[22 / %08X]", status);
            SbieApi_Log(2309, err);
        }
@ -853,7 +853,7 @@ _FX void AutoExec(void)
    status = SbieApi_EnumProcess(Dll_BoxName, (ULONG *)buf1);
    if (status != 0) {
-        Sbie_swprintf(error_str, L"%d [%08X]", -1, status);
+        Sbie_snwprintf(error_str, 16, L"%d [%08X]", -1, status);
        SbieApi_Log(2206, error_str);
        Dll_Free(buf1);
        return;
@ -906,7 +906,7 @@ _FX void AutoExec(void)
                SbieDll_ExpandAndRunProgram(buf2);
            } else {
-                Sbie_swprintf(error_str, L"%d [%08X]", index, status);
+                Sbie_snwprintf(error_str, 16, L"%d [%08X]", index, status);
                SbieApi_Log(2206, error_str);
            }
        }
--- a/Sandboxie/core/dll/debug.c
+++ b/Sandboxie/core/dll/debug.c
@ -202,6 +202,7 @@ _FX int Debug_Init(void)
    // break
    //
 	OutputDebugString(L"Dll_ImageName: ");
    OutputDebugString(Dll_ImageName);
    //if (_wcsicmp(Dll_ImageName, L"explorer.exe") == 0) {
@ -223,7 +224,6 @@ _FX int Debug_Init(void)
    if (0)
 #endif
    {
        while (! IsDebuggerPresent()) {
            OutputDebugString(L"BREAK\n");
            Sleep(500);
@ -246,7 +246,7 @@ ALIGNED void Debug_RtlSetLastWin32Error(ULONG err)
    if (err) {
        if (InterlockedIncrement(&InError) == 1) {
            WCHAR txt[64];
-            Sbie_swprintf(txt, L"SetErr %d\n", err);
+            Sbie_snwprintf(txt, 64, L"SetErr %d\n", err);
            OutputDebugString(txt);
            InterlockedDecrement(&InError);
        }
@ -300,7 +300,7 @@ ALIGNED BOOL Debug_DebugActiveProcess(ULONG dwProcessId)
    ULONG err;
    WCHAR txt[128];
-    Sbie_swprintf(txt, L"Debug Active Process Id %d\n", dwProcessId);
+    Sbie_snwprintf(txt, 128, L"Debug Active Process Id %d\n", dwProcessId);
    OutputDebugString(txt);
    Debug_dwProcessId = dwProcessId;
@ -329,7 +329,7 @@ ALIGNED BOOL Debug_WaitForDebugEvent(
    ok = __sys_WaitForDebugEvent(lpDebugEvent, dwMilliseconds);
    err = GetLastError();
-    Sbie_swprintf(txt, L"Debug Event %d on Process Id %d\n",
+    Sbie_snwprintf(txt, 256, L"Debug Event %d on Process Id %d\n",
        ok ? lpDebugEvent->dwDebugEventCode : 0,
        ok ? lpDebugEvent->dwProcessId : 0);
    OutputDebugString(txt);
--- a/Sandboxie/core/dll/debug.h
+++ b/Sandboxie/core/dll/debug.h
@ -28,6 +28,7 @@
 #undef  WITH_DEBUG
 //#define WITH_DEBUG
 //---------------------------------------------------------------------------
@ -35,7 +36,8 @@
 #ifdef  WITH_DEBUG
-#define  BREAK_IMAGE_1      L"java.exe" // L"jp2launcher.exe"
+//#define  BREAK_IMAGE_1      L"java.exe" // L"jp2launcher.exe"
 #define  BREAK_IMAGE_1      L"TestTarget.exe" 
 int Debug_Init(void);
--- a/Sandboxie/core/dll/dll.h
+++ b/Sandboxie/core/dll/dll.h
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -35,8 +36,8 @@ typedef long NTSTATUS;
 #include "common/defines.h"
 #include "common/list.h"
-extern __declspec(dllexport) int __CRTDECL Sbie_swprintf(wchar_t *_Buffer, const wchar_t * const _Format, ...);
+extern __declspec(dllexport) int __CRTDECL Sbie_snwprintf(wchar_t *_Buffer, size_t Count, const wchar_t * const _Format, ...);
-extern __declspec(dllexport) int __CRTDECL Sbie_sprintf(char *_Buffer, const char * const _Format, ...);
+extern __declspec(dllexport) int __CRTDECL Sbie_snprintf(char *_Buffer, size_t Count, const char * const _Format, ...);
 //---------------------------------------------------------------------------
@ -46,6 +47,8 @@ extern __declspec(dllexport) int __CRTDECL Sbie_sprintf(char *_Buffer, const cha
 #define TRUE_NAME_BUFFER        0
 #define COPY_NAME_BUFFER        1
 #define TMPL_NAME_BUFFER        2
 #define NAME_BUFFER_COUNT       3
 #define NAME_BUFFER_DEPTH       12
@ -151,8 +154,8 @@ typedef struct _THREAD_DATA {
    // name buffers:  first index is for true name, second for copy name
    //
-    WCHAR *name_buffer[2][NAME_BUFFER_DEPTH];
+    WCHAR *name_buffer[NAME_BUFFER_COUNT][NAME_BUFFER_DEPTH];
-    ULONG name_buffer_len[2][NAME_BUFFER_DEPTH];
+    ULONG name_buffer_len[NAME_BUFFER_COUNT][NAME_BUFFER_DEPTH];
    int depth;
    //
--- a/Sandboxie/core/dll/dllhook.c
+++ b/Sandboxie/core/dll/dllhook.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -22,6 +23,7 @@
 #define NOGDI
 #include "dll.h"
 #include "hook.h"
 #include "common/pool.h"
 #include "common/pattern.h"
@ -68,6 +70,28 @@ extern CRITICAL_SECTION VT_CriticalSection;
 #endif _WIN64
 extern ULONG Dll_Windows;
 //---------------------------------------------------------------------------
 // SbieApi_HookTramp
 //---------------------------------------------------------------------------
 _FX LONG SbieApi_HookTramp(void *Source, void *Trampoline)
 {
 	NTSTATUS status;
 #ifdef _WIN64
 	BOOLEAN is64 = TRUE;
 #else
 	BOOLEAN is64 = FALSE;
 #endif _WIN64
 	if (Hook_BuildTramp(Source, Trampoline, is64, TRUE))
 		status = STATUS_SUCCESS;
 	else
 		status = STATUS_UNSUCCESSFUL;
 	return status;
 }
 //---------------------------------------------------------------------------
 // SbieDll_Hook
@ -178,6 +202,12 @@ skip_e9_rewrite: ;
            SourceFunc = (void *)target;
    }
 	//
 	// this simplification fails for delay loaded libraries, see coments about SetSecurityInfo,
 	// resulting in an endless loop, so just dont do that 
 	//
 #if 0
    //
    // 64-bit only:  if the function begins with 'jmp qword ptr [x]'
    // (6 bytes) then replace the value at x, rather than overwrite
@ -216,6 +246,7 @@ skip_e9_rewrite: ;
        return orig_addr;
    }
 #endif
 #endif _WIN64
@ -284,6 +315,9 @@ skip_e9_rewrite: ;
        return NULL;
    }
 	ULONG ByteCount = *(ULONG*)(tramp + 80);
 	ULONG UsedCount = 0;
    //
    // create the detour
    //
@ -323,10 +357,12 @@ skip_e9_rewrite: ;
            func[0] = 0x48;             // 32bit relative JMP DetourFunc
            func[1] = 0xE9;             // 32bit relative JMP DetourFunc
            *(ULONG *)(&func[2]) = (ULONG)diff;
 			UsedCount = 1 + 1 + 4;
        }
        else {
            func[0] = 0xE9;             // 32bit relative JMP DetourFunc
            *(ULONG *)(&func[1]) = (ULONG)diff;
 			UsedCount = 1 + 4;
        }
    }
@ -393,6 +429,7 @@ skip_e9_rewrite: ;
                        ((ULONG_PTR *)ptrVTable->offset)[ptrVTable->index] = (ULONG_PTR)DetourFunc;
                        *(USHORT *)&func[0] = 0x25ff;
                        *(ULONG *)&func[2] = (ULONG)diff;
 						UsedCount = 2 + 4;
                        ptrVTable->index++;
                        hookset = TRUE;
                    }
@ -418,9 +455,15 @@ skip_e9_rewrite: ;
    diff = (UCHAR *)DetourFunc - (func + 5);
    func[0] = 0xE9;             // JMP DetourFunc
    *(ULONG *)(&func[1]) = (ULONG)diff;
 	UsedCount = 1 + 4;
 #endif
-    VirtualProtect(&func[-8], 20, prot, &dummy_prot);
+	// just in case nop out the rest of the code we moved to the trampoline
 	// ToDo: why does this break unity games
 	//for(; UsedCount < ByteCount; UsedCount++)
 	//	func[UsedCount] = 0x90; // nop
 	VirtualProtect(&func[-8], 20, prot, &dummy_prot);
    // the trampoline code begins at trampoline + 16 bytes
    func = (UCHAR *)(ULONG_PTR)(tramp + 16);
--- a/Sandboxie/core/dll/dllmain.c
+++ b/Sandboxie/core/dll/dllmain.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -22,6 +23,7 @@
 #include "dll.h"
 #include "obj.h"
 #include "trace.h"
 #include "debug.h"
 #include "core/low/lowdata.h"
 #include "common/my_version.h"
@ -31,7 +33,6 @@
 // Functions
 //---------------------------------------------------------------------------
 static void Dll_InitGeneric(HINSTANCE hInstance);
 static void Dll_InitInjected(void);
@ -87,7 +88,7 @@ ULONG Dll_Windows = 0;
 CRITICAL_SECTION  VT_CriticalSection;
 #endif
-const UCHAR *SbieDll_Version = MY_VERSION_STRING;
+const UCHAR *SbieDll_Version = MY_VERSION_COMPAT;
 //extern ULONG64 __security_cookie = 0;
@ -186,6 +187,12 @@ _FX void Dll_InitGeneric(HINSTANCE hInstance)
    Dll_Kernel32 = GetModuleHandle(DllName_kernel32);
    Dll_KernelBase = GetModuleHandle(DllName_kernelbase);
 	extern void InitMyNtDll(HMODULE Ntdll);
 	InitMyNtDll(Dll_Ntdll);
 	extern FARPROC __sys_GetModuleInformation;
 	__sys_GetModuleInformation = GetProcAddress(LoadLibraryW(L"psapi.dll"), "GetModuleInformation");
    if (! Dll_InitMem()) {
        SbieApi_Log(2305, NULL);
        ExitProcess(-1);
@ -200,16 +207,23 @@ _FX void Dll_InitGeneric(HINSTANCE hInstance)
 _FX void Dll_InitInjected(void)
 {
-    //
+	//
-    // Dll_InitInjected is executed by Dll_Ordinal1 in the context
+	// Dll_InitInjected is executed by Dll_Ordinal1 in the context
-    // of a program that is running in the sandbox
+	// of a program that is running in the sandbox
-    //
+	//
-    LONG status;
+	LONG status;
-    BOOLEAN ok;
+	BOOLEAN ok;
-    ULONG BoxFilePathLen;
+	ULONG BoxFilePathLen;
-    ULONG BoxKeyPathLen;
+	ULONG BoxKeyPathLen;
-    ULONG BoxIpcPathLen;
+	ULONG BoxIpcPathLen;
 	if (SbieApi_QueryConfBool(NULL, L"DebugTrace", FALSE)) {
 		Trace_Init();
 		OutputDebugString(L"SbieDll injected...");
 	}
    //
    // confirm the process is sandboxed before going further
@ -385,11 +399,11 @@ _FX void Dll_InitInjected(void)
    if (! Dll_RestrictedToken)
        CustomizeSandbox();
-            /*while (! IsDebuggerPresent()) {
+    /*while (! IsDebuggerPresent()) {
-                OutputDebugString(L"BREAK\n");
+        OutputDebugString(L"BREAK\n");
-                Sleep(500);
+        Sleep(500);
-            }
+    }
-            __debugbreak();*/
+    __debugbreak();*/
    /*if (_wcsicmp(Dll_ImageName, L"iexplore.exe") == 0) {
        WCHAR *cmd = GetCommandLine();
@ -520,6 +534,7 @@ _FX void Dll_SelectImageType(void)
        L"neon.exe",                (WCHAR *)DLL_IMAGE_GOOGLE_CHROME,
        L"maxthon.exe",             (WCHAR *)DLL_IMAGE_GOOGLE_CHROME,
        L"vivaldi.exe",             (WCHAR *)DLL_IMAGE_GOOGLE_CHROME,
 		L"msedge.exe",              (WCHAR *)DLL_IMAGE_GOOGLE_CHROME, // modern edge is chromium based
        L"GoogleUpdate.exe",        (WCHAR *)DLL_IMAGE_GOOGLE_UPDATE,
        L"AcroRd32.exe",            (WCHAR *)DLL_IMAGE_ACROBAT_READER,
        L"Acrobat.exe",             (WCHAR *)DLL_IMAGE_ACROBAT_READER,
@ -627,7 +642,7 @@ _FX ULONG_PTR Dll_Ordinal1(
    data = (SBIELOW_DATA *)inject->sbielow_data;
-    bHostInject = data->bHostInject;
+    bHostInject = data->bHostInject == 1;
    //
    // the SbieLow data area includes values that are useful to us
@ -690,7 +705,7 @@ _FX ULONG_PTR Dll_Ordinal1(
    {
        Ldr_Inject_Init(bHostInject);
    }
-
+	
    //
    // conclude the detour by passing control back to the original
    // RtlFindActivationContextSectionString.  the detour code used
--- a/Sandboxie/core/dll/dllmem.c
+++ b/Sandboxie/core/dll/dllmem.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -119,7 +120,7 @@ _FX void *Dll_AllocFromPool(POOL *pool, ULONG size)
    memset(ptr,             0xCC, 64);
    memset(ptr + size - 64, 0xCC, 64);
    //{
-    //WCHAR txt[64]; Sbie_swprintf(txt, L"Dll_Alloc for %-6d, block at %08X (%08X)\n", size, ptr, ptr + 64);
+    //WCHAR txt[64]; Sbie_snwprintf(txt, 64, L"Dll_Alloc for %-6d, block at %08X (%08X)\n", size, ptr, ptr + 64);
    //OutputDebugString(txt);
    //}
    ptr += 64;
@ -129,7 +130,7 @@ _FX void *Dll_AllocFromPool(POOL *pool, ULONG size)
    InterlockedExchangeAdd(&Dll_MemUsage, size);
    if (Dll_MemTrace) {
        WCHAR txt[128];
-        Sbie_swprintf(txt, L"ALLOC %d POOL %s\n", size, (pool == Dll_Pool) ? L"Main" : (pool == Dll_PoolTemp) ? L"Temp" : L"?");
+        Sbie_snwprintf(txt, 128, L"ALLOC %d POOL %s\n", size, (pool == Dll_Pool) ? L"Main" : (pool == Dll_PoolTemp) ? L"Temp" : L"?");
        OutputDebugString(txt);
    }
@ -182,7 +183,7 @@ _FX void Dll_Free(void *ptr)
    for (i = 0; i < 64; ++i)
        if (pre[i] != 0xCC || post[i] != 0xCC) {
            WCHAR txt[64];
-            Sbie_swprintf(txt, L"Memory corrupted, ptr=%p\n", ptr);
+            Sbie_snwprintf(txt, 64, L"Memory corrupted, ptr=%p\n", ptr);
            OutputDebugString(txt);
            SbieApi_Log(2316, NULL);
            while (! IsDebuggerPresent()) Sleep(500);
@ -190,7 +191,7 @@ _FX void Dll_Free(void *ptr)
        }
    ptr2 -= 64;
-    //Sbie_swprintf(txt, L"Dll_Free  for %-6d        at %08X\n", size, ptr2);
+    //Sbie_snwprintf(txt, 64, L"Dll_Free  for %-6d        at %08X\n", size, ptr2);
    //OutputDebugString(txt);
    }
 #endif // DEBUG_MEMORY
@ -201,7 +202,7 @@ _FX void Dll_Free(void *ptr)
    InterlockedExchangeAdd(&Dll_MemUsage, -(LONG)size);
    if (Dll_MemTrace) {
        WCHAR txt[128];
-        Sbie_swprintf(txt, L"FREE  %d\n", size);
+        Sbie_snwprintf(txt, 128, L"FREE  %d\n", size);
        OutputDebugString(txt);
    }
 #endif // DEBUG_MEMORY
@ -303,6 +304,11 @@ _FX void Dll_FreeTlsData(void)
        if (buf)
            Dll_Free(buf);
        data->name_buffer[COPY_NAME_BUFFER][depth] = NULL;
 		buf = data->name_buffer[TMPL_NAME_BUFFER][depth];
 		if (buf)
 			Dll_Free(buf);
 		data->name_buffer[TMPL_NAME_BUFFER][depth] = NULL;
    }
    Dll_Free(data);
@ -413,7 +419,7 @@ _FX void Dll_PopTlsNameBuffer(THREAD_DATA *data)
    debug_area      = ((UCHAR *)(*name_buffer)) + *name_buffer_len - 64;
    for (i = 0; i < 64 && (*name_buffer); ++i)
        if (debug_area[i] != 0xCC) {
-            Sbie_swprintf(txt, L"Buffer %d corrupted.  Buffer=%08X Length=%d Corrupt=%08X\n",
+            Sbie_snwprintf(txt, 128, L"Buffer %d corrupted.  Buffer=%08X Length=%d Corrupt=%08X\n",
                which, *name_buffer, *name_buffer_len, &debug_area[i]);
            OutputDebugString(txt);
            __debugbreak();
@ -425,12 +431,14 @@ _FX void Dll_PopTlsNameBuffer(THREAD_DATA *data)
    debug_area      = ((UCHAR *)(*name_buffer)) + *name_buffer_len - 64;
    for (i = 0; i < 64 && (*name_buffer); ++i)
        if (debug_area[i] != 0xCC) {
-            Sbie_swprintf(txt, L"Buffer %d corrupted.  Buffer=%08X Length=%d Corrupt=%08X\n",
+            Sbie_snwprintf(txt, 128, L"Buffer %d corrupted.  Buffer=%08X Length=%d Corrupt=%08X\n",
                which, *name_buffer, *name_buffer_len, &debug_area[i]);
            OutputDebugString(txt);
            __debugbreak();
        }
 	// todo: snapshots TMPL_NAME_BUFFER
    }
 #endif // DEBUG_MEMORY
--- a/Sandboxie/core/dll/file.c
+++ b/Sandboxie/core/dll/file.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -25,6 +26,7 @@
 #include <stdio.h>
 #include <dbt.h>
 #include "core/svc/FileWire.h"
 #include "core/svc/InteractiveWire.h"
 //---------------------------------------------------------------------------
@ -95,6 +97,15 @@ typedef struct _FILE_LINK FILE_LINK;
 typedef struct _FILE_DRIVE FILE_DRIVE;
 typedef struct _FILE_SNAPSHOT {
 	WCHAR					ID[17];
 	ULONG					IDlen;
 	ULONG					ScramKey;
 	//WCHAR					Name[34];
 	struct _FILE_SNAPSHOT*	Parent;
 } FILE_SNAPSHOT, *PFILE_SNAPSHOT;
 //---------------------------------------------------------------------------
 // Functions
 //---------------------------------------------------------------------------
@ -128,6 +139,10 @@ static NTSTATUS File_GetName_FromFileId(
    OBJECT_ATTRIBUTES *ObjectAttributes,
    WCHAR **OutTruePath, WCHAR **OutCopyPath);
 static WCHAR* File_MakeSnapshotPath(FILE_SNAPSHOT* Cur_Snapshot, WCHAR* CopyPath);
 static BOOLEAN File_FindSnapshotPath(WCHAR** CopyPath);
 static ULONG File_MatchPath(const WCHAR *path, ULONG *FileFlags);
 static ULONG File_MatchPath2(const WCHAR *path, ULONG *FileFlags, BOOLEAN bCheckObjectExists, BOOLEAN bMonitorLog);
@ -186,6 +201,8 @@ static NTSTATUS File_MigrateFile(
    const WCHAR *TruePath, const WCHAR *CopyPath,
    BOOLEAN IsWritePath, BOOLEAN WithContents);
 static const BOOLEAN File_MigrateFile_ManualBypass(const WCHAR *TruePath, ULONGLONG file_size);
 static const WCHAR *File_MigrateFile_ShouldBypass(const WCHAR *TruePath);
 static NTSTATUS File_CopyShortName(
@ -258,6 +275,9 @@ static BOOLEAN File_RecordRecover(HANDLE FileHandle, const WCHAR *TruePath);
 static NTSTATUS File_SetReparsePoint(
    HANDLE FileHandle, UCHAR *Data, ULONG DataLen);
 static void File_ScrambleShortName(WCHAR* ShortName, CCHAR* ShortNameLength, ULONG ScramKey);
 static void File_UnScrambleShortName(WCHAR* ShortName, ULONG ScramKey);
 //---------------------------------------------------------------------------
@ -341,6 +361,10 @@ static WCHAR *File_AltBoxPath = NULL;
 static ULONG File_AltBoxPathLen = 0;
 static FILE_SNAPSHOT *File_Snapshot = NULL;
 static ULONG File_Snapshot_Count = 0;
 //---------------------------------------------------------------------------
 // File (other modules)
 //---------------------------------------------------------------------------
@ -368,6 +392,7 @@ _FX NTSTATUS File_GetName(
    static const ULONG _ShareLen = 7;
    static const WCHAR *_Drive = L"\\drive\\";
    static const ULONG _DriveLen = 7;
    static const WCHAR *_User = L"\\user";
    static const ULONG _UserLen = 5;
    static const WCHAR *_UserAll = L"\\user\\all";
@ -376,7 +401,7 @@ _FX NTSTATUS File_GetName(
    static const ULONG _UserCurrentLen = 13;
    static const WCHAR *_UserPublic = L"\\user\\public";
    static const ULONG _UserPublicLen = 12;
-
+	
    THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
    NTSTATUS status;
@ -461,7 +486,7 @@ _FX NTSTATUS File_GetName(
        if (! NT_SUCCESS(status))
            return status;
-        uni = &((OBJECT_NAME_INFORMATION *)name)->ObjectName;
+        uni = &((OBJECT_NAME_INFORMATION *)name)->Name;
 #ifdef WOW64_FS_REDIR
        //
@ -741,6 +766,31 @@ check_sandbox_prefix:
        is_boxed_path = TRUE;
    }
 	//
 	// If its a sandboxed file, check if its in the current image or in a snapshot
 	// If its in a snapshot remove teh snapshot prefix
 	//
 	if (is_boxed_path) {
 		if (length >= 10 &&
 			0 == Dll_NlsStrCmp(
 				*OutTruePath, L"\\snapshot-", 10))
 		{
 			WCHAR* path = wcschr(*OutTruePath + 10, L'\\');
 			if (path == NULL) {
 				//
 				// caller specified just the sandbox snapshot prefix
 				//
 				*OutTruePath = TruePath;
 				return STATUS_BAD_INITIAL_PC;
 			}
 			length -= (ULONG)(path - *OutTruePath);
 			*OutTruePath = path;
 		}
 	}
    //
    // the true path may now begin with "\drive\x", for instance,
    // if the process specified a RootDirectory handle that leads
@ -791,7 +841,8 @@ check_sandbox_prefix:
    // that's ok because it hasn't been initialized yet
    //
-    else if (length >= _UserLen &&
+    else if (//SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE) && // if we disable File_InitUsers we dont need to do it here and below
 			 length >= _UserLen &&
                _wcsnicmp(*OutTruePath, _User, _UserLen) == 0) {
        if (File_AllUsersLen && length >= _UserAllLen &&
@ -1045,7 +1096,8 @@ check_sandbox_prefix:
    // "\user\current", respectively
    //
-    else if (File_AllUsersLen && length >= File_AllUsersLen &&
+    else if (//SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE) && 
 			 File_AllUsersLen && length >= File_AllUsersLen &&
                0 == Dll_NlsStrCmp(
                        TruePath, File_AllUsers, File_AllUsersLen))
    {
@ -1057,7 +1109,8 @@ check_sandbox_prefix:
    }
-    else if (File_CurrentUserLen && length >= File_CurrentUserLen &&
+    else if (//SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE) && 
 			 File_CurrentUserLen && length >= File_CurrentUserLen &&
                0 == Dll_NlsStrCmp(
                        TruePath, File_CurrentUser, File_CurrentUserLen))
    {
@ -1069,7 +1122,8 @@ check_sandbox_prefix:
    }
-    else if (File_PublicUserLen && length >= File_PublicUserLen &&
+    else if (//SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE) && 
 			 File_PublicUserLen && length >= File_PublicUserLen &&
                0 == Dll_NlsStrCmp(
                        TruePath, File_PublicUser, File_PublicUserLen))
    {
@ -1385,6 +1439,136 @@ copy_suffix:
 }
 //---------------------------------------------------------------------------
 // File_MakeSnapshotPath
 //---------------------------------------------------------------------------
 _FX WCHAR* File_MakeSnapshotPath(FILE_SNAPSHOT* Cur_Snapshot, WCHAR* CopyPath)
 {
 	if (!Cur_Snapshot)
 		return NULL;
 	ULONG length = wcslen(CopyPath);
 	ULONG prefixLen = 0;
 	if (length >= Dll_BoxFilePathLen && 0 == Dll_NlsStrCmp(CopyPath, Dll_BoxFilePath, Dll_BoxFilePathLen))
 		prefixLen = Dll_BoxFilePathLen;
 	if (File_AltBoxPath && length >= File_AltBoxPathLen && 0 == Dll_NlsStrCmp(CopyPath, File_AltBoxPath, File_AltBoxPathLen))
 		prefixLen = File_AltBoxPathLen;
 	if (prefixLen == 0)
 		return NULL;
 	THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
 	WCHAR* TmplName = Dll_GetTlsNameBuffer(TlsData, TMPL_NAME_BUFFER, (wcslen(CopyPath) + 9 + 17 + 1) * sizeof(WCHAR));
 	wcsncpy(TmplName, CopyPath, prefixLen + 1);
 	wcscpy(TmplName + prefixLen + 1, L"snapshot-");
 	wcscpy(TmplName + prefixLen + 1 + 9, Cur_Snapshot->ID);
 	wcscpy(TmplName + prefixLen + 1 + 9 + Cur_Snapshot->IDlen, CopyPath + prefixLen);
 	return TmplName;
 }
 //---------------------------------------------------------------------------
 // File_GetName_ExpandShortNames2
 //---------------------------------------------------------------------------
 _FX NTSTATUS File_GetName_ExpandShortNames2(
 	WCHAR *Path, ULONG index, ULONG backslash_index, PFILE_BOTH_DIRECTORY_INFORMATION info, const ULONG info_size, FILE_SNAPSHOT* Cur_Snapshot)
 {
 	NTSTATUS status;
 	UNICODE_STRING uni;
 	OBJECT_ATTRIBUTES ObjAttrs;
 	HANDLE handle;
 	IO_STATUS_BLOCK IoStatusBlock;
 	WCHAR* TmplName;
 	WCHAR save_char;
 	save_char = Path[backslash_index + 1];
 	Path[backslash_index + 1] = L'\0';
 	TmplName = File_MakeSnapshotPath(Cur_Snapshot, Path);
 	if(TmplName != NULL)
 		uni.Buffer = TmplName;
 	else
 		uni.Buffer = Path;
 	uni.Length = wcslen(uni.Buffer) * sizeof(WCHAR);
 	uni.MaximumLength = uni.Length + sizeof(WCHAR);
 	InitializeObjectAttributes(
 		&ObjAttrs, &uni, OBJ_CASE_INSENSITIVE, NULL, NULL);
 	status = __sys_NtCreateFile(
 		&handle,
 		GENERIC_READ | SYNCHRONIZE,     // DesiredAccess
 		&ObjAttrs,
 		&IoStatusBlock,
 		NULL,                           // AllocationSize
 		0,                              // FileAttributes
 		FILE_SHARE_VALID_FLAGS,         // ShareAccess
 		FILE_OPEN,                      // CreateDisposition
 		FILE_DIRECTORY_FILE |           // CreateOptions
 		FILE_SYNCHRONOUS_IO_NONALERT,
 		NULL,                           // EaBuffer
 		0);                             // EaLength
 	//
 	// restore original path
 	//
 	Path[backslash_index + 1] = save_char;
 	if (!NT_SUCCESS(status)) 
 		return status;
 	// query long name for short name.  if the short name is not
 	// found with a status of NO_SUCH_FILE, then possibly it was
 	// already deleted or does not even exist yet.  in this case
 	// we leave the short name as is instead of failing.
 	save_char = Path[index];
 	Path[index] = L'\0';
 	WCHAR ShortName[12 + 1];
 	if (Cur_Snapshot && Cur_Snapshot->ScramKey && wcslen(&Path[backslash_index + 1]) <= 12)
 	{
 		//
 		// If we are checking in a snapshot we ned to unscramble the short name
 		//
 		wcscpy(ShortName, &Path[backslash_index + 1]);
 		File_UnScrambleShortName(ShortName, Cur_Snapshot->ScramKey);
 		uni.Buffer = ShortName;
 	}
 	else
 		uni.Buffer = &Path[backslash_index + 1];
 	uni.Length = wcslen(uni.Buffer) * sizeof(WCHAR);
 	uni.MaximumLength = uni.Length + sizeof(WCHAR);
 	status = __sys_NtQueryDirectoryFile(
 		handle,
 		NULL, NULL, NULL,   // Event, ApcRoutine, ApcContext
 		&IoStatusBlock,
 		info, info_size, FileBothDirectoryInformation,
 		TRUE, &uni, FALSE);
 	NtClose(handle);
 	Path[index] = save_char;        // restore original path
 	return status;
 }
 //---------------------------------------------------------------------------
 // File_GetName_ExpandShortNames
 //---------------------------------------------------------------------------
@ -1404,21 +1588,16 @@ _FX WCHAR *File_GetName_ExpandShortNames(
    // it can only translate short names to long names outside the box.
    //
 	info = Dll_AllocTemp(info_size);
    status = STATUS_SUCCESS;
    for (index = 0; Path[index] != 0; ) {
        UNICODE_STRING uni;
        OBJECT_ATTRIBUTES ObjAttrs;
        HANDLE handle;
        IO_STATUS_BLOCK IoStatusBlock;
        // scan path string until a tilde (~) is found, but also keep
        // the position of the last backslash character before the tilde.
        ULONG backslash_index;
        ULONG dot_count;
        WCHAR save_char;
        ULONG len;
        WCHAR *copy;
@ -1451,78 +1630,35 @@ _FX WCHAR *File_GetName_ExpandShortNames(
        // otherwise open the directory containing the short name component
-        save_char = Path[backslash_index + 1];
+		status = File_GetName_ExpandShortNames2(Path, index, backslash_index, info, info_size, NULL);
        Path[backslash_index + 1] = L'\0';
-        uni.Buffer = Path;
+		if (!NT_SUCCESS(status) && File_Snapshot != NULL)
-        uni.Length = wcslen(uni.Buffer) * sizeof(WCHAR);
+		{
-        uni.MaximumLength = uni.Length + sizeof(WCHAR);
+			for (FILE_SNAPSHOT* Cur_Snapshot = File_Snapshot; Cur_Snapshot != NULL; Cur_Snapshot = Cur_Snapshot->Parent)
 			{
 				status = File_GetName_ExpandShortNames2(Path, index, backslash_index, info, info_size, Cur_Snapshot);
 				if (NT_SUCCESS(status))
 					break;
 			}
 		}
-        InitializeObjectAttributes(
+		/*
-            &ObjAttrs, &uni, OBJ_CASE_INSENSITIVE, NULL, NULL);
+		// stop if we can't open the directory, but file-not-found
 		// or file-not-a-directory errors may occur because the caller is
 		// trying to access a directory that exists only in the copy system,
 		// while we're looking at the true system.   so we shouldn't fail.
-        status = __sys_NtCreateFile(
+		if (!NT_SUCCESS(status)) {
            &handle,
            GENERIC_READ | SYNCHRONIZE,     // DesiredAccess
            &ObjAttrs,
            &IoStatusBlock,
            NULL,                           // AllocationSize
            0,                              // FileAttributes
            FILE_SHARE_VALID_FLAGS,         // ShareAccess
            FILE_OPEN,                      // CreateDisposition
            FILE_DIRECTORY_FILE |           // CreateOptions
            FILE_SYNCHRONOUS_IO_NONALERT,
            NULL,                           // EaBuffer
            0);                             // EaLength
-        //
+			if (status == STATUS_OBJECT_NAME_NOT_FOUND ||
-        // restore original path
+				status == STATUS_OBJECT_PATH_NOT_FOUND ||
-        //
+				status == STATUS_NOT_A_DIRECTORY) {
-        Path[backslash_index + 1] = save_char;
+				status = STATUS_SUCCESS;
 			}
-        // stop if we can't open the directory, but file-not-found
+			break;
-        // or file-not-a-directory errors may occur because the caller is
+		}
        // trying to access a directory that exists only in the copy system,
        // while we're looking at the true system.   so we shouldn't fail.
        if (! NT_SUCCESS(status)) {
            if (status == STATUS_OBJECT_NAME_NOT_FOUND ||
                status == STATUS_OBJECT_PATH_NOT_FOUND ||
                status == STATUS_NOT_A_DIRECTORY) {
                status = STATUS_SUCCESS;
            }
            break;
        }
        // query long name for short name.  if the short name is not
        // found with a status of NO_SUCH_FILE, then possibly it was
        // already deleted or does not even exist yet.  in this case
        // we leave the short name as is instead of failing.
        if (! info)
            info = Dll_AllocTemp(info_size);
        save_char = Path[index];
        Path[index] = L'\0';
        uni.Buffer = &Path[backslash_index + 1];
        uni.Length = wcslen(uni.Buffer) * sizeof(WCHAR);
        uni.MaximumLength = uni.Length + sizeof(WCHAR);
        status = __sys_NtQueryDirectoryFile(
            handle,
            NULL, NULL, NULL,   // Event, ApcRoutine, ApcContext
            &IoStatusBlock,
            info, info_size, FileBothDirectoryInformation,
            TRUE, &uni, FALSE);
        NtClose(handle);
        Path[index] = save_char;        // restore original path
        if (status == STATUS_NO_SUCH_FILE) {    // short name not found,
            status = STATUS_SUCCESS;            // so don't replace it
@ -1531,6 +1667,10 @@ _FX WCHAR *File_GetName_ExpandShortNames(
        if (! NT_SUCCESS(status))       // could not query long name?
            break;
 		*/
 		if (!NT_SUCCESS(status))
 			continue;
        //
        // expand the path with the short name into the copy name buffer,
@ -2069,6 +2209,50 @@ finish:
 }
 //---------------------------------------------------------------------------
 // File_FindSnapshotPath
 //---------------------------------------------------------------------------
 _FX BOOLEAN File_FindSnapshotPath(WCHAR** CopyPath)
 {
 	NTSTATUS status;
 	OBJECT_ATTRIBUTES objattrs;
 	UNICODE_STRING objname;
 	ULONG FileType;
 	InitializeObjectAttributes(&objattrs, &objname, OBJ_CASE_INSENSITIVE, NULL, NULL);
 	//
 	// When working with snapshots the actual "CopyFile" may be located in a snapshot directory.
 	// To deal with that when the file is not in the active box directory we look through the snapshots,
 	// When we find it we update the path to point to the snapshot containing the file.
 	//
 	RtlInitUnicodeString(&objname, *CopyPath);
 	status = File_GetFileType(&objattrs, FALSE, &FileType, NULL);
 	if (!(status == STATUS_OBJECT_NAME_NOT_FOUND || status == STATUS_OBJECT_PATH_NOT_FOUND))
 		return TRUE; // file is present directly in copy path
 	for (FILE_SNAPSHOT* Cur_Snapshot = File_Snapshot; Cur_Snapshot != NULL; Cur_Snapshot = Cur_Snapshot->Parent)
 	{
 		WCHAR* TmplName = File_MakeSnapshotPath(Cur_Snapshot, *CopyPath);
 		if (!TmplName)
 			break;
 		RtlInitUnicodeString(&objname, TmplName);
 		status = File_GetFileType(&objattrs, FALSE, &FileType, NULL);
 		if (!(status == STATUS_OBJECT_NAME_NOT_FOUND || status == STATUS_OBJECT_PATH_NOT_FOUND))
 		{
 			*CopyPath = TmplName;
 			return TRUE;
 		}
 	}
 	return FALSE;
 }
 //---------------------------------------------------------------------------
 // File_NtOpenFile
 //---------------------------------------------------------------------------
@ -2155,6 +2339,7 @@ _FX NTSTATUS File_NtCreateFileImpl(
    BOOLEAN IsEmptyCopyFile;
    BOOLEAN AlreadyReparsed;
    UCHAR HaveTrueFile;
 	BOOLEAN HaveSnapshotFile;
    //char *pPtr = NULL;
    //if (wcsstr(Dll_ImageName, L"chrome.exe") != 0) {
@ -2421,6 +2606,24 @@ ReparseLoop:
    if (! NT_SUCCESS(status))
        __leave;
 	HaveSnapshotFile = FALSE;
 	if (File_Snapshot != NULL) {
 		WCHAR* TmplPath = CopyPath;
 		File_FindSnapshotPath(&TmplPath);
 		if (TmplPath != CopyPath) {
 			HaveSnapshotFile = TRUE;
 			TruePath = Dll_GetTlsNameBuffer(TlsData, TRUE_NAME_BUFFER, (wcslen(TmplPath) + 1) * sizeof(WCHAR));
 			wcscpy(TruePath, TmplPath);
 		}
 	}
    //
    // if TruePath and CopyPath contain colons that indicate an NTFS
    // alternate data stream, we remove these for now
@ -2575,6 +2778,19 @@ ReparseLoop:
            status = File_GetFileType(&objattrs, FALSE, &FileType, NULL);
        }
 		//
 		// If the "true" file is in an snapshot it can be a deleted one, 
 		// check for this and act acrodingly.
 		//
 		if (HaveSnapshotFile) {
 			if (FileType & TYPE_DELETED) {
 				status = STATUS_OBJECT_NAME_NOT_FOUND;
 			}
 		}
        if ((FileType & TYPE_REPARSE_POINT)
                && (CreateOptions & FILE_OPEN_REPARSE_POINT) == 0
                && (! AlreadyReparsed)) {
@ -3514,6 +3730,7 @@ _FX BOOLEAN File_CheckDeletedParent(WCHAR *CopyPath)
    UNICODE_STRING objname;
    ULONG FileType;
    WCHAR *ptr = NULL;
 	NTSTATUS status;
    //
    // remove the last path component so we can open the parent directory
@ -3541,12 +3758,39 @@ _FX BOOLEAN File_CheckDeletedParent(WCHAR *CopyPath)
            return FALSE;
        }
-        File_GetFileType(&objattrs, FALSE, &FileType, NULL);
+		status = File_GetFileType(&objattrs, FALSE, &FileType, NULL);
 		if (status == STATUS_OBJECT_NAME_NOT_FOUND || status == STATUS_OBJECT_PATH_NOT_FOUND)
 			continue;
        if (FileType & TYPE_DELETED) {
            *ptr = L'\\';
            return TRUE;
        }
 		//
 		// If we have snapshots check thair status, if we have a entry in the most recent snapshot
 		// than older delete markings are not relevant
 		//
 		for (FILE_SNAPSHOT* Cur_Snapshot = File_Snapshot; Cur_Snapshot != NULL; Cur_Snapshot = Cur_Snapshot->Parent)
 		{
 			WCHAR* TmplName = File_MakeSnapshotPath(Cur_Snapshot, CopyPath);
 			if (!TmplName)
 				break;
 			RtlInitUnicodeString(&objname, TmplName);
 			status = File_GetFileType(&objattrs, FALSE, &FileType, NULL);
 			if (status == STATUS_OBJECT_NAME_NOT_FOUND || status == STATUS_OBJECT_PATH_NOT_FOUND)
 				continue;
 			if (FileType & TYPE_DELETED) {
 				*ptr = L'\\';
 				return TRUE;
 			}
 			if (NT_SUCCESS(status))
 				break;
 		}
    }
 }
@ -3739,7 +3983,7 @@ _FX NTSTATUS File_MigrateFile(
    UNICODE_STRING objname;
    IO_STATUS_BLOCK IoStatusBlock;
    FILE_NETWORK_OPEN_INFORMATION open_info;
-    ULONG file_size;
+    ULONGLONG file_size;
    ACCESS_MASK DesiredAccess;
    ULONG CreateOptions;
@ -3802,15 +4046,14 @@ _FX NTSTATUS File_MigrateFile(
            File_InitCopyLimit();
        }
-        file_size = open_info.EndOfFile.LowPart;
+        file_size = open_info.EndOfFile.QuadPart;
-        if (open_info.EndOfFile.HighPart != 0 ||
+        if (File_CopyLimitKb != -1 && file_size > (File_CopyLimitKb * 1024)) {
            file_size > (File_CopyLimitKb * 1024)) {
            const WCHAR *TruePathName =
                File_MigrateFile_ShouldBypass(TruePath);
-            if (TruePathName) {
+            if (TruePathName && !File_MigrateFile_ManualBypass(TruePath, file_size)) {
                NtClose(TrueHandle);
@ -3819,7 +4062,7 @@ _FX NTSTATUS File_MigrateFile(
                    ULONG TruePathNameLen = wcslen(TruePathName);
                    WCHAR *text = Dll_AllocTemp(
                            (TruePathNameLen + 64) * sizeof(WCHAR));
-                    Sbie_swprintf(text, L"%s [%s / %d]",
+                    Sbie_snwprintf(text, (TruePathNameLen + 64), L"%s [%s / %I64u]",
                        TruePathName, Dll_BoxName, file_size);
                    SbieApi_Log(2102, text);
@ -3868,6 +4111,8 @@ _FX NTSTATUS File_MigrateFile(
    if (file_size) {
 		ULONG Next_Status = GetTickCount() + 3000; // wait 3 seconds
        void *buffer = Dll_AllocTemp(PAGE_SIZE);
        if (! buffer) {
            status = STATUS_INSUFFICIENT_RESOURCES;
@ -3877,7 +4122,7 @@ _FX NTSTATUS File_MigrateFile(
        while (file_size > 0) {
            ULONG buffer_size =
-                (file_size > PAGE_SIZE) ? PAGE_SIZE : file_size;
+                (file_size > PAGE_SIZE) ? PAGE_SIZE : (ULONG)file_size;
            status = NtReadFile(
                TrueHandle, NULL, NULL, NULL, &IoStatusBlock,
@ -3886,7 +4131,7 @@ _FX NTSTATUS File_MigrateFile(
            if (NT_SUCCESS(status)) {
                buffer_size = (ULONG)IoStatusBlock.Information;
-                file_size -= buffer_size;
+                file_size -= (ULONGLONG)buffer_size;
                status = NtWriteFile(
                    CopyHandle, NULL, NULL, NULL, &IoStatusBlock,
@ -3895,6 +4140,16 @@ _FX NTSTATUS File_MigrateFile(
            if (! NT_SUCCESS(status))
                break;
 			ULONG Cur_Ticks = GetTickCount();
 			if (Next_Status < Cur_Ticks) {
 				Next_Status = Cur_Ticks + 1000; // update prgress every second
 				WCHAR size_str[32];
 				Sbie_snwprintf(size_str, 32, L"%I64u", file_size);
 				const WCHAR* strings[] = { Dll_BoxName, TruePath, size_str, NULL };
 				SbieApi_LogMsgExt(2198, strings);
 			}
        }
        if (buffer)
@ -3938,6 +4193,32 @@ _FX NTSTATUS File_MigrateFile(
 }
 //---------------------------------------------------------------------------
 // File_MigrateFile_ManualBypass
 //---------------------------------------------------------------------------
 _FX const BOOLEAN File_MigrateFile_ManualBypass(const WCHAR *TruePath, ULONGLONG file_size)
 {
 	MAN_FILE_MIGRATION_REQ req;
 	MAN_FILE_MIGRATION_RPL *rpl = NULL;
 	BOOLEAN ok = FALSE;
 	req.msgid = MAN_FILE_MIGRATION;
 	req.file_size = file_size;
 	wcscpy(req.file_path, TruePath);
 	rpl = SbieDll_CallServerQueue(INTERACTIVE_QUEUE_NAME, &req, sizeof(req), sizeof(*rpl));
 	if (rpl)
 	{
 		ok = rpl->retval != 0;
 		Dll_Free(rpl);
 	}
 	return ok;
 }
 //---------------------------------------------------------------------------
 // File_MigrateFile_ShouldBypass
 //---------------------------------------------------------------------------
@ -3945,6 +4226,7 @@ _FX NTSTATUS File_MigrateFile(
 _FX const WCHAR *File_MigrateFile_ShouldBypass(const WCHAR *TruePath)
 {
 	// todo: load this list from file
    static const WCHAR *_names[] = {
        // firefox
        L"places.sqlite", L"xul.mfl",
@ -4300,7 +4582,7 @@ _FX BOOLEAN File_AdjustShortName(
            req->h.msgid = MSGID_FILE_SET_SHORT_NAME;
            memzero(&req->info, sizeof(req->info));
-            Sbie_swprintf(req->info.FileName,
+            Sbie_snwprintf(req->info.FileName, 12,
                     L"SB~%05X.%03X", ticks >> 12, ticks & 0xFFF);
            req->info.FileNameLength = (8 + 1 + 3) * sizeof(WCHAR);
@ -4691,6 +4973,9 @@ _FX NTSTATUS File_NtQueryFullAttributesFileImpl(
        __leave;
    }
 	if (File_Snapshot != NULL)
 		File_FindSnapshotPath(&CopyPath);
    RtlInitUnicodeString(&objname, CopyPath);
    status = __sys_NtQueryFullAttributesFile(&objattrs, FileInformation);
@ -6051,6 +6336,9 @@ _FX NTSTATUS File_RenameFile(
    SourceTruePath = Dll_AllocTemp(len);
    memcpy(SourceTruePath, TruePath, len);
 	if (File_Snapshot != NULL)
 		File_FindSnapshotPath(&CopyPath);
    len = (wcslen(CopyPath) + 1) * sizeof(WCHAR);
    SourceCopyPath = Dll_AllocTemp(len);
    memcpy(SourceCopyPath, CopyPath, len);
@ -6537,6 +6825,10 @@ _FX ULONG SbieDll_GetHandlePath(
        WCHAR *src = TruePath;
        if (Dll_BoxName &&              // sandboxed process
                IsBoxedPath && *IsBoxedPath) {
 			if (File_Snapshot != NULL)
 				File_FindSnapshotPath(&CopyPath);
            src = CopyPath;
        }
        len = wcslen(src);
--- a/Sandboxie/core/dll/file_dir.c
+++ b/Sandboxie/core/dll/file_dir.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -48,11 +49,13 @@ typedef struct _FILE_MERGE_FILE {
    ULONG name_max_len;
    UNICODE_STRING name_uni;
    BOOLEAN have_entry;
 	BOOLEAN saved_have_entry;
    BOOLEAN more_files;
    BOOLEAN RestartScan;
    BOOLEAN no_file_ids;
    POOL *cache_pool;
    LIST cache_list;
 	ULONG scram_key;
 } FILE_MERGE_FILE;
@ -66,8 +69,9 @@ typedef struct _FILE_MERGE {
    BOOLEAN first_request;
    UNICODE_STRING file_mask;
-    FILE_MERGE_FILE true_file;
+	FILE_MERGE_FILE* files; // copy file, snapshot_1 file, snapshot_2 file, ..., true file
-    FILE_MERGE_FILE copy_file;
+	ULONG files_count;
 	FILE_MERGE_FILE* true_ptr;
    ULONG name_len;     // in bytes, excluding NULL
    WCHAR name[0];
@ -516,6 +520,9 @@ _FX NTSTATUS File_Merge(
        merge = Dll_Alloc(sizeof(FILE_MERGE) + TruePath_len + sizeof(WCHAR));
        memzero(merge, sizeof(FILE_MERGE));
 		merge->files = Dll_Alloc(sizeof(FILE_MERGE_FILE) * (2 + File_Snapshot_Count));
 		memzero(merge->files, sizeof(FILE_MERGE_FILE) * (2 + File_Snapshot_Count));
        merge->handle = FileHandle;
        merge->cant_merge = FALSE;
        merge->first_request = TRUE;
@ -533,7 +540,7 @@ _FX NTSTATUS File_Merge(
            //
            // shares provided by Remote Desktop can't provide file IDs
            //
-            merge->true_file.no_file_ids = TRUE;
+			merge->files[0].no_file_ids = TRUE;
        }
        if (File_Windows2000) {
@ -542,8 +549,8 @@ _FX NTSTATUS File_Merge(
            // FileIdBothDirectoryInformation, although according to
            // documentation it is only supported on Windows XP and later
            //
-            merge->true_file.no_file_ids = TRUE;
+			for(ULONG i = 0; i < 2 + File_Snapshot_Count; i++)
-            merge->copy_file.no_file_ids = TRUE;
+				merge->files[i].no_file_ids = TRUE;
        }
        List_Insert_After(&File_DirHandles, NULL, merge);
@ -562,7 +569,7 @@ _FX NTSTATUS File_Merge(
        status = STATUS_BAD_INITIAL_PC;
-    } else if (! merge->copy_file.handle) {
+    } else if (!merge->files[0].handle) {
        //
        // open the true and copy directories, if we haven't already.
@ -597,195 +604,309 @@ _FX NTSTATUS File_Merge(
 _FX NTSTATUS File_OpenForMerge(
-    FILE_MERGE *merge, WCHAR *TruePath, WCHAR *CopyPath)
+	FILE_MERGE *merge, WCHAR *TruePath, WCHAR *CopyPath)
 {
-    NTSTATUS status;
+	NTSTATUS status;
-    OBJECT_ATTRIBUTES objattrs;
+	OBJECT_ATTRIBUTES objattrs;
-    UNICODE_STRING objname;
+	UNICODE_STRING objname;
-    IO_STATUS_BLOCK IoStatusBlock;
+	IO_STATUS_BLOCK IoStatusBlock;
-    union {
+	union {
-        FILE_BASIC_INFORMATION basic;
+		FILE_BASIC_INFORMATION basic;
-    } info;
+	} info;
-    ULONG len;
+	ULONG len;
-    WCHAR *ptr;
+	WCHAR *ptr;
-    // BOOLEAN TruePathIsRoot;
+	// BOOLEAN TruePathIsRoot;
 	BOOLEAN TruePathDeleted = FALSE; // indicates that one of the parent snapshots deleted the true directory
 	BOOLEAN NoCopyPath = FALSE;
-    InitializeObjectAttributes(
+	InitializeObjectAttributes(
-        &objattrs, &objname, OBJ_CASE_INSENSITIVE, NULL, NULL);
+		&objattrs, &objname, OBJ_CASE_INSENSITIVE, NULL, NULL);
-    //
+	//
-    // open the copy file
+	// open the copy file
-    //
+	//
-    if (File_CheckDeletedParent(CopyPath))
+	if (File_CheckDeletedParent(CopyPath))
-        return STATUS_OBJECT_PATH_NOT_FOUND;
+		return STATUS_OBJECT_PATH_NOT_FOUND;
-    RtlInitUnicodeString(&objname, CopyPath);
+	RtlInitUnicodeString(&objname, CopyPath);
-    status = __sys_NtCreateFile(
+	status = __sys_NtCreateFile(
-        &merge->copy_file.handle,
+		&merge->files[0].handle,
-        FILE_GENERIC_READ,              // DesiredAccess
+		FILE_GENERIC_READ,              // DesiredAccess
-        &objattrs,
+		&objattrs,
-        &IoStatusBlock,
+		&IoStatusBlock,
-        NULL,                           // AllocationSize
+		NULL,                           // AllocationSize
-        0,                              // FileAttributes
+		0,                              // FileAttributes
-        FILE_SHARE_VALID_FLAGS,         // ShareAccess
+		FILE_SHARE_VALID_FLAGS,         // ShareAccess
-        FILE_OPEN,                      // CreateDisposition
+		FILE_OPEN,                      // CreateDisposition
-        FILE_SYNCHRONOUS_IO_NONALERT,   // CreateOptions
+		FILE_SYNCHRONOUS_IO_NONALERT,   // CreateOptions
-        NULL,                           // EaBuffer
+		NULL,                           // EaBuffer
-        0);                             // EaLength
+		0);                             // EaLength
-    if (NT_SUCCESS(status)) {
+	if (NT_SUCCESS(status)) {
-        //
+		//
-        // if the copy file exists, check if it is marked as deleted,
+		// if the copy file exists, check if it is marked as deleted,
-        // and if so, close it and pretend it doesn't exist;  otherwise
+		// and if so, close it and pretend it doesn't exist;  otherwise
-        // make sure it is a directory file
+		// make sure it is a directory file
-        //
+		//
-        status = __sys_NtQueryInformationFile(
+		status = __sys_NtQueryInformationFile(
-            merge->copy_file.handle, &IoStatusBlock, &info,
+			merge->files[0].handle, &IoStatusBlock, &info,
-            sizeof(FILE_BASIC_INFORMATION), FileBasicInformation);
+			sizeof(FILE_BASIC_INFORMATION), FileBasicInformation);
-        if (NT_SUCCESS(status)) {
+		if (NT_SUCCESS(status)) {
-            if (IS_DELETE_MARK(&info.basic.CreationTime)) {
+			if (IS_DELETE_MARK(&info.basic.CreationTime)) {
-                status = STATUS_OBJECT_NAME_NOT_FOUND;
+				status = STATUS_OBJECT_NAME_NOT_FOUND;
-            } else if ((info.basic.FileAttributes &
+			}
-                                    FILE_ATTRIBUTE_DIRECTORY) == 0) {
+			else if ((info.basic.FileAttributes &
 				FILE_ATTRIBUTE_DIRECTORY) == 0) {
-                status = STATUS_INVALID_PARAMETER;
+				status = STATUS_INVALID_PARAMETER;
-            }
+			}
-        }
+		}
-        if (! NT_SUCCESS(status)) {
+		if (!NT_SUCCESS(status)) {
-            __sys_NtClose(merge->copy_file.handle);
+			__sys_NtClose(merge->files[0].handle);
-            merge->copy_file.handle = NULL;
+			merge->files[0].handle = NULL;
-            return status;
+			return status;
-        }
+		}
-        //
+		//
-        // copy file passed all checks;  indicate it is ready for use
+		// copy file passed all checks;  indicate it is ready for use
-        //
+		//
-        merge->copy_file.more_files = TRUE;
+		merge->files[0].more_files = TRUE;
-        merge->copy_file.RestartScan = TRUE;
+		merge->files[0].RestartScan = TRUE;
 		merge->files_count++;
 	}
 	else {
-    } else {
+		//
 		// if there is no copy file, we don't need to merge anything,
 		// and can let the system work directly on the true file
 		//
-        //
+		if (status == STATUS_OBJECT_NAME_NOT_FOUND ||
-        // if there is no copy file, we don't need to merge anything,
+			status == STATUS_OBJECT_PATH_NOT_FOUND ||
-        // and can let the system work directly on the true file
+			status == STATUS_ACCESS_DENIED) {
        //
-        if (status == STATUS_OBJECT_NAME_NOT_FOUND ||
+			NoCopyPath = TRUE;
-            status == STATUS_OBJECT_PATH_NOT_FOUND ||
+		}
-            status == STATUS_ACCESS_DENIED) {
+		else
 			return status;
 	}
-            status = STATUS_BAD_INITIAL_PC;
+	//
-        }
+	// Now open the parent snapshots if present, and it's aprent and so on....
 	//
-        return status;
+	if (File_Snapshot != NULL)
-    }
+	{
 		for (FILE_SNAPSHOT* Cur_Snapshot = File_Snapshot; Cur_Snapshot != NULL; Cur_Snapshot = Cur_Snapshot->Parent)
 		{
 			WCHAR* TmplName = File_MakeSnapshotPath(Cur_Snapshot, CopyPath);
 			if (!TmplName)
 				break;
-    //
+			RtlInitUnicodeString(&objname, TmplName);
    // true path must end with a backslash, so that we are able to
    // open the root directory of the volume device
    //
-    // TruePathIsRoot = FALSE;
+			status = __sys_NtCreateFile(
 				&merge->files[merge->files_count].handle,
 				FILE_GENERIC_READ,              // DesiredAccess
 				&objattrs,
 				&IoStatusBlock,
 				NULL,                           // AllocationSize
 				0,                              // FileAttributes
 				FILE_SHARE_VALID_FLAGS,         // ShareAccess
 				FILE_OPEN,                      // CreateDisposition
 				FILE_SYNCHRONOUS_IO_NONALERT,   // CreateOptions
 				NULL,                           // EaBuffer
 				0);                             // EaLength
-    len = wcslen(TruePath) * sizeof(WCHAR);
+			if (NT_SUCCESS(status)) {
    if (len > sizeof(WCHAR)) {
        ptr = &TruePath[len / sizeof(WCHAR) - 1];
        if (*ptr != L'\\') {
            ptr[1] = L'\\';
            ptr[2] = L'\0';
            len += sizeof(WCHAR);
        } else {
            ptr = NULL;
            // TruePathIsRoot = TRUE;
        }
    } else
        ptr = NULL;
-    objname.Length = (USHORT)len;
+				//
-    objname.MaximumLength = objname.Length + sizeof(WCHAR);
+				// if the copy file exists, check if it is marked as deleted,
-    objname.Buffer = TruePath;
+				// and if so, close it and pretend it doesn't exist;  otherwise
 				// make sure it is a directory file
 				//
-    //
+				// todo reduce redundant code, combine with the code for the copy_file
    // open the true file
    //
-    status = __sys_NtCreateFile(
+				status = __sys_NtQueryInformationFile(
-        &merge->true_file.handle,
+					merge->files[merge->files_count].handle, &IoStatusBlock, &info,
-        FILE_GENERIC_READ,              // DesiredAccess
+					sizeof(FILE_BASIC_INFORMATION), FileBasicInformation);
        &objattrs,
        &IoStatusBlock,
        NULL,                           // AllocationSize
        0,                              // FileAttributes
        FILE_SHARE_VALID_FLAGS,         // ShareAccess
        FILE_OPEN,                      // CreateDisposition
        FILE_SYNCHRONOUS_IO_NONALERT |  // CreateOptions
        FILE_DIRECTORY_FILE,
        NULL,                           // EaBuffer
        0);                             // EaLength
-    if (ptr)
+				if (NT_SUCCESS(status)) {
        ptr[1] = L'\0';
-    //
+					if (IS_DELETE_MARK(&info.basic.CreationTime)) {
    // even if the true directory could not be opened because it isn't
    // there, or because it is a file rather than a directory, we still
    // go ahead, and will use only the copy path for the "merge".
    // for any other error opening the true directory, we abort.
    //
-    if (! NT_SUCCESS(status)) {
+						status = STATUS_OBJECT_NAME_NOT_FOUND;
-        merge->true_file.handle = NULL;
+					}
 					else if ((info.basic.FileAttributes &
 						FILE_ATTRIBUTE_DIRECTORY) == 0) {
-        if (status != STATUS_NOT_A_DIRECTORY &&
+						status = STATUS_INVALID_PARAMETER;
-            status != STATUS_OBJECT_NAME_NOT_FOUND &&
+					}
-            status != STATUS_OBJECT_PATH_NOT_FOUND) {
+				}
-            __sys_NtClose(merge->copy_file.handle);
+				if (!NT_SUCCESS(status)) {
            merge->copy_file.handle = NULL;
-            if (status == STATUS_ACCESS_DENIED)
+					__sys_NtClose(merge->files[merge->files_count].handle);
-                status = STATUS_BAD_INITIAL_PC;
+					merge->files[merge->files_count].handle = NULL;
-            return status;
+					TruePathDeleted = TRUE;
-        }
+					break; // dont look any further
 				}
-        status = STATUS_SUCCESS;
+				//
 				// copy file passed all checks;  indicate it is ready for use
 				//
-    } else {
+				merge->files[merge->files_count].more_files = TRUE;
 				merge->files[merge->files_count].RestartScan = TRUE;
 				merge->files[merge->files_count].scram_key = Cur_Snapshot->ScramKey;
 				merge->files_count++;
-        //
+			}
-        // true file passed all checks;  indicate it is ready for use
+			else {
        //
-        merge->true_file.more_files = TRUE;
+				//
-        merge->true_file.RestartScan = TRUE;
+				// Ignroe errors here for now // todo
-    }
+				//
-    //
+			}
-    // now that both copy and true directories were opened, we will need to
+		}
-    // merge them.  for this to work, we need a sorted directory listing.
+	}
    // NTFS is always sorted, but FAT isn't, so cache the listing if needed.
    //
    // note that if we don't have a true handle, we won't merge anything,
    // so do not have to cache in advance.  on the other hand, if the
    // true path is cached, we also have to cache the copy path, to make
    // sure the files will be ordered in the same sequence.  and vice
    // versa: if the copy path is cached, make sure the true path is cached
    //
-    if (merge->true_file.handle) {
+	//
 	// if there is no copy file, we don't need to merge anything,
 	// and can let the system work directly on the true file
 	//
 	if (merge->files_count == 0) {
 		status = STATUS_BAD_INITIAL_PC;
 		return status;
 	}
 	if (TruePathDeleted)
 		goto skip_true_file;
 	//
 	// true path must end with a backslash, so that we are able to
 	// open the root directory of the volume device
 	//
 	// TruePathIsRoot = FALSE;
 	len = wcslen(TruePath) * sizeof(WCHAR);
 	if (len > sizeof(WCHAR)) {
 		ptr = &TruePath[len / sizeof(WCHAR) - 1];
 		if (*ptr != L'\\') {
 			ptr[1] = L'\\';
 			ptr[2] = L'\0';
 			len += sizeof(WCHAR);
 		}
 		else {
 			ptr = NULL;
 			// TruePathIsRoot = TRUE;
 		}
 	}
 	else
 		ptr = NULL;
 	objname.Length = (USHORT)len;
 	objname.MaximumLength = objname.Length + sizeof(WCHAR);
 	objname.Buffer = TruePath;
 	//
 	// open the true file
 	//
 	merge->true_ptr = &merge->files[merge->files_count];
 	status = __sys_NtCreateFile(
 		&merge->true_ptr->handle,
 		FILE_GENERIC_READ,              // DesiredAccess
 		&objattrs,
 		&IoStatusBlock,
 		NULL,                           // AllocationSize
 		0,                              // FileAttributes
 		FILE_SHARE_VALID_FLAGS,         // ShareAccess
 		FILE_OPEN,                      // CreateDisposition
 		FILE_SYNCHRONOUS_IO_NONALERT |  // CreateOptions
 		FILE_DIRECTORY_FILE,
 		NULL,                           // EaBuffer
 		0);                             // EaLength
 	if (ptr)
 		ptr[1] = L'\0';
 	//
 	// even if the true directory could not be opened because it isn't
 	// there, or because it is a file rather than a directory, we still
 	// go ahead, and will use only the copy path for the "merge".
 	// for any other error opening the true directory, we abort.
 	//
 	if (!NT_SUCCESS(status)) {
 		merge->true_ptr->handle = NULL;
 		merge->true_ptr = NULL;
 		if (status != STATUS_NOT_A_DIRECTORY &&
 			status != STATUS_OBJECT_NAME_NOT_FOUND &&
 			status != STATUS_OBJECT_PATH_NOT_FOUND) {
 			for (ULONG i = 0; i < merge->files_count; i++) {
 				__sys_NtClose(merge->files[i].handle);
 				merge->files[i].handle = NULL;
 			}
 			if (status == STATUS_ACCESS_DENIED)
 				status = STATUS_BAD_INITIAL_PC;
 			return status;
 		}
 		status = STATUS_SUCCESS;
 	}
 	else {
 		//
 		// true file passed all checks;  indicate it is ready for use
 		//
 		merge->true_ptr->more_files = TRUE;
 		merge->true_ptr->RestartScan = TRUE;
 		merge->files_count++;
 	}
 skip_true_file:
 	//
 	// now that both copy and true directories were opened, we will need to
 	// merge them.  for this to work, we need a sorted directory listing.
 	// NTFS is always sorted, but FAT isn't, so cache the listing if needed.
 	//
 	// note that if we don't have a true handle, we won't merge anything,
 	// so do not have to cache in advance.  on the other hand, if the
 	// true path is cached, we also have to cache the copy path, to make
 	// sure the files will be ordered in the same sequence.  and vice
 	// versa: if the copy path is cached, make sure the true path is cached
 	//
 	if (merge->true_ptr) {
        BOOLEAN ForceCache = FALSE;
        if (merge->name_len >= File_MupLen * sizeof(WCHAR)
@ -801,38 +922,41 @@ _FX NTSTATUS File_OpenForMerge(
        }
        status = File_MergeCache(
-                    &merge->true_file, &merge->file_mask, ForceCache);
+                    merge->true_ptr, &merge->file_mask, ForceCache);
        if (NT_SUCCESS(status)) {
-            BOOLEAN HaveTrueCache = (merge->true_file.cache_pool != NULL);
+            BOOLEAN HaveTrueCache = (merge->true_ptr->cache_pool != NULL);
 			BOOLEAN HaveCopyCache = FALSE;
-            status = File_MergeCache(
+			for (ULONG i = 0; i < merge->files_count - 1; i++) {
                        &merge->copy_file, &merge->file_mask, HaveTrueCache);
-            if (NT_SUCCESS(status) && (! HaveTrueCache) &&
+				status = File_MergeCache(
-                                    (merge->copy_file.cache_pool != NULL)) {
+					&merge->files[i], &merge->file_mask, HaveTrueCache);
 				if (NT_SUCCESS(status) && merge->files[i].cache_pool != NULL)
 					HaveCopyCache = TRUE;
 			}
            if (!HaveTrueCache && HaveCopyCache) {
                status = File_MergeCache(
-                            &merge->true_file, &merge->file_mask, TRUE);
+                            merge->true_ptr, &merge->file_mask, TRUE);
            }
        }
        if (! NT_SUCCESS(status)) {
-            if (merge->copy_file.handle) {
+			for (ULONG i = 0; i < merge->files_count; i++) {
-                __sys_NtClose(merge->copy_file.handle);
+				if (merge->files[i].handle) {
-                merge->copy_file.handle = NULL;
+					__sys_NtClose(merge->files[i].handle);
-            }
+					merge->files[i].handle = NULL;
-
+				}
-            if (merge->true_file.handle) {
+			}
                __sys_NtClose(merge->true_file.handle);
                merge->true_file.handle = NULL;
            }
        }
    }
-    return status;
+	return status;
 }
@ -1145,23 +1269,22 @@ _FX NTSTATUS File_MergeCacheWin2000(
 _FX void File_MergeFree(FILE_MERGE *merge)
 {
-    if (merge->true_file.handle)
+	if (merge->files)
-        __sys_NtClose(merge->true_file.handle);
+	{
-    if (merge->true_file.info)
+		for (ULONG i = 0; i < merge->files_count; i++)
-        Dll_Free(merge->true_file.info);
+		{
-    if (merge->true_file.name)
+			if (merge->files[i].handle)
-        Dll_Free(merge->true_file.name);
+				__sys_NtClose(merge->files[i].handle);
-    if (merge->true_file.cache_pool)
+			if (merge->files[i].info)
-        Pool_Delete(merge->true_file.cache_pool);
+				Dll_Free(merge->files[i].info);
 			if (merge->files[i].name)
 				Dll_Free(merge->files[i].name);
 			if (merge->files[i].cache_pool)
 				Pool_Delete(merge->files[i].cache_pool);
 		}
-    if (merge->copy_file.handle)
+		Dll_Free(merge->files);
-        __sys_NtClose(merge->copy_file.handle);
+	}
    if (merge->copy_file.info)
        Dll_Free(merge->copy_file.info);
    if (merge->copy_file.name)
        Dll_Free(merge->copy_file.name);
    if (merge->copy_file.cache_pool)
        Pool_Delete(merge->copy_file.cache_pool);
    if (merge->file_mask.Buffer)
        Dll_Free(merge->file_mask.Buffer);
@ -1182,11 +1305,9 @@ _FX NTSTATUS File_GetMergedInformation(
    FILE_INFORMATION_CLASS FileInformationClass,
    BOOLEAN ReturnSingleEntry)
 {
-    NTSTATUS status;
+	NTSTATUS status = STATUS_SUCCESS;
    ULONG info_entry_length;
    FILE_ID_BOTH_DIR_INFORMATION *ptr_info;
    BOOLEAN save_true_file_have_entry;
    BOOLEAN save_copy_file_have_entry;
    PVOID prev_entry;
    PVOID next_entry;
    WCHAR *name_ptr;
@ -1220,13 +1341,11 @@ _FX NTSTATUS File_GetMergedInformation(
        // get directory entries from both directories
-        status = File_GetFullInformation(
+		for (ULONG i = 0; i < merge->files_count && NT_SUCCESS(status); i++)
-            &merge->copy_file, &merge->file_mask, TRUE);
+		{
-        if (! NT_SUCCESS(status))
+			status = File_GetFullInformation(
-            break;
+				&merge->files[i], &merge->file_mask, TRUE);
-
+		}
        status = File_GetFullInformation(
            &merge->true_file, &merge->file_mask, FALSE);
        if (! NT_SUCCESS(status))
            break;
@ -1235,44 +1354,69 @@ _FX NTSTATUS File_GetMergedInformation(
        // take info from the copy directory if a file exists in both
        ptr_info = NULL;
-        save_true_file_have_entry = merge->true_file.have_entry;
+		for (ULONG i = 0; i < merge->files_count; i++)
-        save_copy_file_have_entry = merge->copy_file.have_entry;
+			merge->files[i].saved_have_entry = merge->files[i].have_entry;
-        if (merge->copy_file.have_entry &&      // both directories
+        /*if (merge->files[0].have_entry &&      // both directories
-            merge->true_file.have_entry) {      // have an entry
+			merge->true_ptr && merge->true_ptr->have_entry) {      // have an entry
            int cmp = RtlCompareUnicodeString(
-                      &merge->true_file.name_uni,
+                      &merge->true_ptr->name_uni,
-                      &merge->copy_file.name_uni,
+                      &merge->files[0].name_uni,
                      TRUE);                    // CaseInSensitive
            if (cmp < 0) {  // true name sorts before copy name
-                ptr_info = merge->true_file.info;
+                ptr_info = merge->true_ptr->info;
-                merge->true_file.have_entry = FALSE;
+                merge->true_ptr->have_entry = FALSE;
            } else {        // true name equal to or after copy name
-                ptr_info = merge->copy_file.info;
+                ptr_info = merge->files[0].info;
-                merge->copy_file.have_entry = FALSE;
+                merge->files[0].have_entry = FALSE;
                if (cmp == 0)   // equal
-                    merge->true_file.have_entry = FALSE;
+                    merge->true_ptr->have_entry = FALSE;
            }
-        } else if (merge->copy_file.have_entry) {   // only copy
+        } else if (merge->files[0].have_entry) {   // only copy
-            merge->copy_file.have_entry = FALSE;
+            merge->files[0].have_entry = FALSE;
-            ptr_info = merge->copy_file.info;
+            ptr_info = merge->files[0].info;
-        } else if (merge->true_file.have_entry) {   // only true
+        } else if (merge->true_ptr && merge->true_ptr->have_entry) {   // only true
-            ptr_info = merge->true_file.info;
+            ptr_info = merge->true_ptr->info;
-            merge->true_file.have_entry = FALSE;
+			merge->true_ptr->have_entry = FALSE;
        }*/
 		FILE_MERGE_FILE* best = &merge->files[0];
 		for (ULONG i = 1; i < merge->files_count; i++) {
 			FILE_MERGE_FILE* cur = &merge->files[i];
 			if (!best->have_entry) {
 				best = cur;
 			}
 			else if (cur->have_entry) {
 				int cmp = RtlCompareUnicodeString(&best->name_uni, &cur->name_uni, TRUE); // CaseInSensitive
 				if (cmp == 0) // equal - same file in booth, use newer (best)
 					cur->have_entry = FALSE;
 				else if (cmp > 0)
 					best = cur;
 			}
 		}
 		if (best->have_entry) {
            ptr_info = best->info;
 			best->have_entry = FALSE;
        }
-        // if the entry found was in the copy directory, then the file
+		// if the entry found was in the copy directory, then the file
-        // may be marked deleted (see Filesys_Mark_File_Deleted for
+		// may be marked deleted (see Filesys_Mark_File_Deleted for
-        // details).  if it is marked so, we pretend this entry does
+		// details).  if it is marked so, we pretend this entry does
-        // not exist by fetching the following one
+		// not exist by fetching the following one
-        if (ptr_info == merge->copy_file.info &&
+		if (ptr_info && (!merge->true_ptr || ptr_info != merge->true_ptr->info) &&
-            IS_DELETE_MARK(&ptr_info->CreationTime))
+			IS_DELETE_MARK(&ptr_info->CreationTime))
-                continue;
+			continue;
        // if both directories are exhausted, reset the
        // NextEntryOffset field of FILE_*_INFORMATION to
@ -1306,9 +1450,8 @@ _FX NTSTATUS File_GetMergedInformation(
            // current entries have not been used yet,
            // reset flags so they are used again next time
-
+			for (ULONG i = 0; i < merge->files_count; i++)
-            merge->true_file.have_entry = save_true_file_have_entry;
+				merge->files[i].have_entry = merge->files[i].saved_have_entry;
            merge->copy_file.have_entry = save_copy_file_have_entry;
            *(ULONG *)prev_entry = 0;   // reset NextEntryOffset
@ -1357,8 +1500,8 @@ _FX NTSTATUS File_GetMergedInformation(
            // current entries have not gotten used yet,
            // reset flags so they are used again next time
-            merge->true_file.have_entry = save_true_file_have_entry;
+			for (ULONG i = 0; i < merge->files_count; i++)
-            merge->copy_file.have_entry = save_copy_file_have_entry;
+				merge->files[i].have_entry = merge->files[i].saved_have_entry;
            *(ULONG *)prev_entry = 0;   // reset NextEntryOffset
@ -1491,6 +1634,13 @@ _FX NTSTATUS File_GetFullInformation(
                }
            }
 			//
 			// Scramble the short file name to ensure each snapshot has unique short names
 			//
 			if (NT_SUCCESS(status) && qfile->scram_key && qfile->info->ShortNameLength > 0)
 				File_ScrambleShortName(qfile->info->ShortName, &qfile->info->ShortNameLength, qfile->scram_key);
            if (status == STATUS_BUFFER_OVERFLOW) {
                Dll_Free(qfile->info);
@ -2074,7 +2224,8 @@ _FX NTSTATUS File_MarkChildrenDeleted(const WCHAR *ParentTruePath)
    while (NT_SUCCESS(status)) {
-        status = __sys_NtQueryDirectoryFile(
+        //status = __sys_NtQueryDirectoryFile(
 		status = NtQueryDirectoryFile(
            handle, NULL, NULL, NULL, &IoStatusBlock,
            info, info_len, FileDirectoryInformation,
            TRUE, NULL, RestartScan);
@ -3179,6 +3330,9 @@ _FX NTSTATUS File_SetReparsePoint(
            __leave;
        }
 		if (File_Snapshot != NULL)
 			File_FindSnapshotPath(&CopyPath);
        SourcePath = Dll_Alloc((wcslen(CopyPath) + 4) * sizeof(WCHAR));
        wcscpy(SourcePath, CopyPath);
@ -3381,8 +3535,10 @@ _FX void File_DoAutoRecover_2(BOOLEAN force, ULONG ticks)
        if (send2199) {
            WCHAR *colon = wcschr(rec->path, L':');
-            if (! colon)
+			if (!colon) {
-                SbieApi_Log2199(rec->path);
+				const WCHAR* strings[] = { Dll_BoxName, rec->path, NULL };
 				SbieApi_LogMsgExt(2199, strings);
 			}
            List_Remove(&File_RecPaths, rec);
        }
@ -3546,3 +3702,115 @@ _FX BOOLEAN File_MsoDll(HMODULE module)
    File_MsoDllLoaded = TRUE;
    return TRUE;
 }
 //---------------------------------------------------------------------------
 // File_Scramble_Char
 //---------------------------------------------------------------------------
 _FX WCHAR File_Scramble_Char(WCHAR wValue, int Key, BOOLEAN scram)
 {
 	//
 	// This function allows to scramble file name charakters properly, 
 	// i.e. no invalid cahacters can result fron this operation.
 	// It does not scramble invalid charakters like: " * / : < > ? \ |
 	// And it does not scramble ~
 	// The entropy of the scrambler is 25,5bit (i.e. 52 million values)
 	//
 	char reserved_ch[] = { '\"', '*', '/', ':', '<', '>', '?', '\\', '|' };
 	const int reserved_count = 9;
 	const int max_ch = 0x7E - reserved_count - 0x20;
 	int uValue = (wValue & 0x7F);
 	if (uValue < 0x20 || uValue >= 0x7E) // < space || >= ~
 		return wValue;
 	for (int i = 0; i < reserved_count; i++)
 		if (uValue == reserved_ch[i]) return wValue;
 	Key &= 0x7f;
 	while (Key >= max_ch)
 		Key -= max_ch;
 	if (!scram)
 		Key = -Key;
 	for (int i = 1; i <= reserved_count; i++)
 		if (uValue > reserved_ch[reserved_count - i])	uValue -= 1;
 	uValue -= 0x20;
 	uValue += Key;
 	if (uValue >= max_ch)
 		uValue -= max_ch;
 	else if (uValue < 0)
 		uValue += max_ch;
 	uValue += 0x20;
 	for (int i = 0; i < reserved_count; i++)
 		if (uValue >= reserved_ch[i])	uValue += 1;
 	return uValue;
 }
 //---------------------------------------------------------------------------
 // File_ScrambleShortName
 //---------------------------------------------------------------------------
 _FX void File_ScrambleShortName(WCHAR* ShortName, CCHAR* ShortNameBytes, ULONG ScramKey)
 {
 	CCHAR ShortNameLength = *ShortNameBytes / sizeof(WCHAR);
 	CCHAR dot_pos;
 	WCHAR *dot = wcsrchr(ShortName, L'.');
 	if (dot == NULL) {
 		dot_pos = ShortNameLength;
 		if (ShortNameLength >= 12)
 			return; // this should never not happen!
 		ShortName[ShortNameLength++] = L'.';
 	}
 	else
 		dot_pos = (CCHAR)(dot - ShortName);
 	while (ShortNameLength - dot_pos < 4)
 	{
 		if (ShortNameLength >= 12)
 			return; // this should never not happen!
 		ShortName[ShortNameLength++] = L' ';
 	}
 	*ShortNameBytes = ShortNameLength * sizeof(WCHAR);
 	if (dot_pos > 0)
 		ShortName[dot_pos - 1] = File_Scramble_Char(ShortName[dot_pos - 1], ((char*)&ScramKey)[0], TRUE);
 	for (int i = 1; i <= 3; i++)
 		ShortName[dot_pos + i] = File_Scramble_Char(ShortName[dot_pos + i], ((char*)&ScramKey)[i], TRUE);
 }
 //---------------------------------------------------------------------------
 // File_UnScrambleShortName
 //---------------------------------------------------------------------------
 _FX void File_UnScrambleShortName(WCHAR* ShortName, ULONG ScramKey)
 {
 	CCHAR ShortNameLength = (CCHAR)wcslen(ShortName);
 	WCHAR *dot = wcsrchr(ShortName, L'.');
 	if (dot == NULL)
 		return; // not a scrambled short name.
 	CCHAR dot_pos = (CCHAR)(dot - ShortName);
 	if (dot_pos > 0)
 		ShortName[dot_pos - 1] = File_Scramble_Char(ShortName[dot_pos - 1], ((char*)&ScramKey)[0], FALSE);
 	for (int i = 1; i <= 3; i++)
 		ShortName[dot_pos + i] = File_Scramble_Char(ShortName[dot_pos + i], ((char*)&ScramKey)[i], FALSE);
 	while (ShortName[ShortNameLength - 1] == L' ')
 		ShortName[ShortNameLength-- - 1] = 0;
 	if (ShortName[ShortNameLength - 1] == L'.')
 		ShortName[ShortNameLength-- - 1] = 0;
 }
--- a/Sandboxie/core/dll/file_init.c
+++ b/Sandboxie/core/dll/file_init.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -107,6 +108,8 @@ static void File_AdjustDrives(
 static void File_InitCopyLimit(void);
 static void File_InitSnapshots(void);
 //---------------------------------------------------------------------------
 // Variables
@ -144,8 +147,12 @@ _FX BOOLEAN File_Init(void)
    if (! File_InitDrives(0xFFFFFFFF))
        return FALSE;
-    if (! File_InitUsers())
+	if (SbieApi_QueryConfBool(NULL, L"SeparateUserFolders", TRUE)) {
-        return FALSE;
+		if (!File_InitUsers())
 			return FALSE;
 	}
 	File_InitSnapshots();
    File_InitRecoverFolders();
@ -424,7 +431,7 @@ _FX BOOLEAN File_InitDrives(ULONG DriveMask)
        path_len = 16;
        path = Dll_Alloc(path_len);
-        Sbie_swprintf(path, L"\\??\\%c:", L'A' + drive);
+        Sbie_snwprintf(path, 8, L"\\??\\%c:", L'A' + drive);
        RtlInitUnicodeString(&objname, path);
@ -477,7 +484,7 @@ _FX BOOLEAN File_InitDrives(ULONG DriveMask)
                status != STATUS_OBJECT_TYPE_MISMATCH &&
                status != STATUS_ACCESS_DENIED) {
-                Sbie_swprintf(error_str, L"%c [%08X]", L'A' + drive, status);
+                Sbie_snwprintf(error_str, 16, L"%c [%08X]", L'A' + drive, status);
                SbieApi_Log(2307, error_str);
            }
@ -572,7 +579,7 @@ _FX BOOLEAN File_InitDrives(ULONG DriveMask)
        if (! NT_SUCCESS(status)) {
-            Sbie_swprintf(error_str, L"%c [%08X]", L'A' + drive, status);
+            Sbie_snwprintf(error_str, 16, L"%c [%08X]", L'A' + drive, status);
            SbieApi_Log(2307, error_str);
        }
    }
@ -1009,7 +1016,7 @@ _FX BOOLEAN File_InitUsers(void)
    if (errlvl) {
        WCHAR error_str[16];
-        Sbie_swprintf(error_str, L"[%08X / %02X]", status, errlvl);
+        Sbie_snwprintf(error_str, 16, L"[%08X / %02X]", status, errlvl);
        SbieApi_Log(2306, error_str);
        return FALSE;
    }
@ -1511,7 +1518,7 @@ _FX void File_InitCopyLimit(void)
    if (SetMaxCopyLimit) {
-        File_CopyLimitKb     = 99999999;
+        File_CopyLimitKb     = -1;
        File_CopyLimitSilent = FALSE;
        return;
    }
@ -1523,9 +1530,9 @@ _FX void File_InitCopyLimit(void)
    status = SbieApi_QueryConfAsIs(
        NULL, _CopyLimitKb, 0, str, sizeof(str) - sizeof(WCHAR));
    if (NT_SUCCESS(status)) {
-        ULONG num = _wtoi(str);
+        ULONGLONG num = _wtoi64(str);
        if (num)
-            File_CopyLimitKb = num;
+            File_CopyLimitKb = (num > 0x000000007fffffff) ? -1 : (ULONG)num;
        else
            SbieApi_Log(2207, _CopyLimitKb);
    }
@ -1730,7 +1737,7 @@ _FX void File_GetSetDeviceMap(WCHAR *DeviceMap96)
            } else {
                UNICODE_STRING *uni =
-                    &((OBJECT_NAME_INFORMATION *)dirname)->ObjectName;
+                    &((OBJECT_NAME_INFORMATION *)dirname)->Name;
                length = uni->Length / sizeof(WCHAR);
                if (length > 95)
                    length = 95;
@ -1740,3 +1747,58 @@ _FX void File_GetSetDeviceMap(WCHAR *DeviceMap96)
        }
    }
 }
 //---------------------------------------------------------------------------
 // File_InitCopyLimit
 //---------------------------------------------------------------------------
 /* CRC */
 #define CRC_WITH_ADLERTZUK64
 #include "common/crc.c"
 _FX void File_InitSnapshots(void)
 {
 	WCHAR ShapshotsIni[MAX_PATH] = { 0 };
 	wcscpy(ShapshotsIni, Dll_BoxFilePath);
 	wcscat(ShapshotsIni, L"\\Snapshots.ini");
 	SbieDll_TranslateNtToDosPath(ShapshotsIni);
 	WCHAR Shapshot[16] = { 0 };
 	GetPrivateProfileStringW(L"Current", L"Snapshot", L"", Shapshot, 16, ShapshotsIni);
 	if (*Shapshot == 0)
 		return; // not using snapshots
 	File_Snapshot = Dll_Alloc(sizeof(FILE_SNAPSHOT));
 	memzero(File_Snapshot, sizeof(FILE_SNAPSHOT));
 	wcscpy(File_Snapshot->ID, Shapshot);
 	File_Snapshot->IDlen = wcslen(Shapshot);
 	FILE_SNAPSHOT* Cur_Snapshot = File_Snapshot;
 	File_Snapshot_Count = 1;
 	for (;;)
 	{
 		Cur_Snapshot->ScramKey = CRC32(Cur_Snapshot->ID, Cur_Snapshot->IDlen * sizeof(WCHAR));
 		WCHAR ShapshotId[26] = L"Snapshot_";
 		wcscat(ShapshotId, Shapshot);
 		//WCHAR ShapshotName[34] = { 0 };
 		//GetPrivateProfileStringW(ShapshotId, L"Name", L"", ShapshotName, 34, ShapshotsIni);
 		//wcscpy(Cur_Snapshot->Name, ShapshotName);
 		GetPrivateProfileStringW(ShapshotId, L"Parent", L"", Shapshot, 16, ShapshotsIni);
 		if (*Shapshot == 0)
 			break; // no more snapshots
 		Cur_Snapshot->Parent = Dll_Alloc(sizeof(FILE_SNAPSHOT));
 		memzero(Cur_Snapshot->Parent, sizeof(FILE_SNAPSHOT));
 		wcscpy(Cur_Snapshot->Parent->ID, Shapshot);
 		Cur_Snapshot->Parent->IDlen = wcslen(Shapshot);
 		Cur_Snapshot = Cur_Snapshot->Parent;
 		File_Snapshot_Count++;
 	}
 }
--- a/Sandboxie/core/dll/file_link.c
+++ b/Sandboxie/core/dll/file_link.c
@ -636,7 +636,7 @@ finish:
    /*TimeSpentHere += GetTickCount() - ticks;
    if (TimeSpentHere - TimeSpentHereLastReport > 5000) {
        WCHAR txt[256];
-        Sbie_swprintf(txt, L"Time Spent On Links = %d\n", TimeSpentHere);
+        Sbie_snwprintf(txt, 256, L"Time Spent On Links = %d\n", TimeSpentHere);
        OutputDebugString(txt);
        TimeSpentHereLastReport = TimeSpentHere;
    }*/
--- a/Sandboxie/core/dll/file_misc.c
+++ b/Sandboxie/core/dll/file_misc.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -328,6 +329,9 @@ _FX void File_ReplaceFileW_3(
        (*FileFlags) &= FGN_IS_BOXED_PATH;
        if (*FileFlags) {
 			if (File_Snapshot != NULL)
 				File_FindSnapshotPath(&CopyPath);
            len = (wcslen(CopyPath) + 1) * sizeof(WCHAR);
            path = Dll_AllocTemp(len);
            memcpy(path, CopyPath, len);
--- a/Sandboxie/core/dll/file_pipe.c
+++ b/Sandboxie/core/dll/file_pipe.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -78,6 +79,8 @@ static BOOLEAN File_IsPipeSuffix(const WCHAR *ptr);
 static ULONG File_IsNamedPipe(const WCHAR *path, const WCHAR **server);
 static const BOOLEAN File_InternetBlockade_ManualBypass();
 static NTSTATUS File_NtCreateFilePipe(
    HANDLE *FileHandle,
    ACCESS_MASK DesiredAccess,
@ -253,9 +256,12 @@ _FX ULONG File_IsNamedPipe(const WCHAR *path, const WCHAR **server)
    if (len >= 10 && _wcsnicmp(path, File_Mup, 8) == 0) {
-        if (SbieApi_CheckInternetAccess(NULL, path + 8, TRUE) ==
+		BOOLEAN prompt = SbieApi_QueryConfBool(NULL, L"PromptForInternetAccess", FALSE);
-                                                STATUS_ACCESS_DENIED)
+		if (SbieApi_CheckInternetAccess(NULL, path + 8, !prompt) == STATUS_ACCESS_DENIED
-            return TYPE_NET_DEVICE;
+			&& (!prompt || !File_InternetBlockade_ManualBypass())) {
 			return TYPE_NET_DEVICE;
 		}
    }
    //
@ -266,6 +272,42 @@ _FX ULONG File_IsNamedPipe(const WCHAR *path, const WCHAR **server)
 }
 //---------------------------------------------------------------------------
 // File_InternetBlockade_ManualBypass
 //---------------------------------------------------------------------------
 _FX const BOOLEAN File_InternetBlockade_ManualBypass()
 {
 	MAN_INET_BLOCKADE_REQ req;
 	MAN_INET_BLOCKADE_RPL *rpl = NULL;
 	BOOLEAN ok = FALSE;
 	req.msgid = MAN_INET_BLOCKADE;
 	rpl = SbieDll_CallServerQueue(INTERACTIVE_QUEUE_NAME, &req, sizeof(req), sizeof(*rpl));
 	if (rpl)
 	{
 		ok = rpl->retval != 0;
 		Dll_Free(rpl);
 	}
 	else if(SbieApi_QueryConfBool(NULL, L"NotifyInternetAccessDenied", TRUE))
 		SbieApi_Log(1307, L"%s [%s]", Dll_ImageName, Dll_BoxName);
 	//
 	// Note: the granting process must notify the driver about the exemption 
 	//			and we must ask the driver to update the open/closed path lists
 	//
 	if (ok) 
 	{
 		Dll_RefreshPathList();
 	}
 	return ok;
 }
 //---------------------------------------------------------------------------
 // File_NtCreateMailslotFile
 //---------------------------------------------------------------------------
--- a/Sandboxie/core/dll/gdi.c
+++ b/Sandboxie/core/dll/gdi.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -210,6 +211,9 @@ _FX ULONG_PTR Gdi_GdiDllInitialize_Common(
    // Gui_ConnectToWindowStationAndDesktop
    //
 	// NoSbieDesk BEGIN
 	if(!SbieApi_QueryConfBool(NULL, L"NoSandboxieDesktop", FALSE))
 	// NoSbieDesk END
    if (! _Initialized) {
        if (! Gui_ConnectToWindowStationAndDesktop(User32))
@ -252,7 +256,7 @@ _FX ULONG_PTR Gdi_GdiDllInitialize_Common(
    if (rc != 0) {
        WCHAR errtxt[48];
-        Sbie_swprintf(errtxt, L"GdiInit.%08p", (void*)rc);
+        Sbie_snwprintf(errtxt, 48, L"GdiInit.%08p", (void*)rc);
        SbieApi_Log(2205, errtxt);
    }
@ -755,95 +759,117 @@ _FX BOOLEAN Gdi_InitZero(void)
 //---------------------------------------------------------------------------
-// Gdi_Full_Init
+// Gdi_Full_Init_impl
 //---------------------------------------------------------------------------
 _FX BOOLEAN Gdi_Full_Init(HMODULE module) {
    P_CreateDCW CreateDCW;
    P_GdiAddFontResourceW GdiAddFontResourceW;
    P_RemoveFontResourceExW RemoveFontResourceExW;
    P_GetFontResourceInfoW GetFontResourceInfoW;
    P_CreateScalableFontResourceW CreateScalableFontResourceW;
-    P_EnumFontFamiliesEx EnumFontFamiliesExA;
+_FX BOOLEAN Gdi_Full_Init_impl(HMODULE module, BOOLEAN full)
-    P_EnumFontFamiliesEx EnumFontFamiliesExW;
+{
-    P_GetStockObject GetStockObject;
+	P_CreateDCW CreateDCW;
 	P_GdiAddFontResourceW GdiAddFontResourceW;
 	P_RemoveFontResourceExW RemoveFontResourceExW;
 	P_GetFontResourceInfoW GetFontResourceInfoW;
 	P_CreateScalableFontResourceW CreateScalableFontResourceW;
-    if (Dll_OsBuild < 14291) {
+	P_EnumFontFamiliesEx EnumFontFamiliesExA;
-        return TRUE;
+	P_EnumFontFamiliesEx EnumFontFamiliesExW;
-    }
+	P_GetStockObject GetStockObject;
-    InitializeCriticalSection(&Gdi_CritSec);
+	InitializeCriticalSection(&Gdi_CritSec);
-    if (! Gdi_InitZero())
+	if (!Gdi_InitZero())
-        return FALSE;
+		return FALSE;
-    //
+	//
-    // add, remove, get, create fonts
+	// add, remove, get, create fonts
-    //
+	//
-    CreateDCW = (P_CreateDCW)
+	CreateDCW = (P_CreateDCW)
-        GetProcAddress(module, "CreateDCW");
+		GetProcAddress(module, "CreateDCW");
-    GdiAddFontResourceW = (P_GdiAddFontResourceW)
+	GdiAddFontResourceW = (P_GdiAddFontResourceW)
-        GetProcAddress(module, "GdiAddFontResourceW");
+		GetProcAddress(module, "GdiAddFontResourceW");
-    RemoveFontResourceExW = (P_RemoveFontResourceExW)
+	RemoveFontResourceExW = (P_RemoveFontResourceExW)
-        GetProcAddress(module, "RemoveFontResourceExW");
+		GetProcAddress(module, "RemoveFontResourceExW");
-    GetFontResourceInfoW = (P_GetFontResourceInfoW)
+	GetFontResourceInfoW = (P_GetFontResourceInfoW)
-        GetProcAddress(module, "GetFontResourceInfoW");
+		GetProcAddress(module, "GetFontResourceInfoW");
-    CreateScalableFontResourceW = (P_CreateScalableFontResourceW)
+	if (full) {
-        GetProcAddress(module, "CreateScalableFontResourceWImpl");
+		CreateScalableFontResourceW = (P_CreateScalableFontResourceW)
 			GetProcAddress(module, "CreateScalableFontResourceWImpl");
 	}
 	else {
 		CreateScalableFontResourceW = (P_CreateScalableFontResourceW)
 			GetProcAddress(module, "CreateScalableFontResourceW");
 	}
 #ifndef _WIN64
-    if (Dll_OsBuild >= 8400) {
+	if (Dll_OsBuild >= 8400) {
-        SBIEDLL_HOOK(Gdi_,CreateDCW);
+		SBIEDLL_HOOK(Gdi_, CreateDCW);
-    }
+	}
 #endif ! _WIN64
-    SBIEDLL_HOOK(Gdi_,GdiAddFontResourceW);
+	SBIEDLL_HOOK(Gdi_, GdiAddFontResourceW);
-    SBIEDLL_HOOK(Gdi_,RemoveFontResourceExW);
+	SBIEDLL_HOOK(Gdi_, RemoveFontResourceExW);
-    if (GetFontResourceInfoW) {
+	if (GetFontResourceInfoW) {
-        SBIEDLL_HOOK(Gdi_,GetFontResourceInfoW);
+		SBIEDLL_HOOK(Gdi_, GetFontResourceInfoW);
-    }
+	}
-    SBIEDLL_HOOK(Gdi_,CreateScalableFontResourceW);
+	SBIEDLL_HOOK(Gdi_, CreateScalableFontResourceW);
-    //
+	//
-    // enumerate
+	// enumerate
-    //
+	//
-    EnumFontFamiliesExA = (P_EnumFontFamiliesEx)
+	EnumFontFamiliesExA = (P_EnumFontFamiliesEx)
-        GetProcAddress(module, "EnumFontFamiliesExA");
+		GetProcAddress(module, "EnumFontFamiliesExA");
-    EnumFontFamiliesExW = (P_EnumFontFamiliesEx)
+	EnumFontFamiliesExW = (P_EnumFontFamiliesEx)
-        GetProcAddress(module, "EnumFontFamiliesExW");
+		GetProcAddress(module, "EnumFontFamiliesExW");
-    GetStockObject = (P_GetStockObject)
+	if (full) {
-        GetProcAddress(module, "GetStockObject");
+		GetStockObject = (P_GetStockObject)
 			GetProcAddress(module, "GetStockObject");
 	}
-    SBIEDLL_HOOK(Gdi_, EnumFontFamiliesExA);
+	SBIEDLL_HOOK(Gdi_, EnumFontFamiliesExA);
-    SBIEDLL_HOOK(Gdi_, EnumFontFamiliesExW);
+	SBIEDLL_HOOK(Gdi_, EnumFontFamiliesExW);
-    SBIEDLL_HOOK(Gdi_, GetStockObject);
+	if (full) {
 		SBIEDLL_HOOK(Gdi_, GetStockObject);
 	}
-    __sys_GetEnhMetaFileBits = (P_GetEnhMetaFileBits)
+	__sys_GetEnhMetaFileBits = (P_GetEnhMetaFileBits)
-        GetProcAddress(module, "GetEnhMetaFileBits");
+		GetProcAddress(module, "GetEnhMetaFileBits");
-    __sys_GetBitmapBits = (P_GetBitmapBits)
+	__sys_GetBitmapBits = (P_GetBitmapBits)
-        GetProcAddress(module, "GetBitmapBits");
+		GetProcAddress(module, "GetBitmapBits");
-    __sys_DeleteObject = (P_DeleteObject)
+	__sys_DeleteObject = (P_DeleteObject)
-        GetProcAddress(module, "DeleteObject");
+		GetProcAddress(module, "DeleteObject");
-    __sys_DeleteEnhMetaFile = (P_DeleteEnhMetaFile)
+	__sys_DeleteEnhMetaFile = (P_DeleteEnhMetaFile)
-        GetProcAddress(module, "DeleteEnhMetaFile");
+		GetProcAddress(module, "DeleteEnhMetaFile");
-    return TRUE;
+	return TRUE;
 }
 //---------------------------------------------------------------------------
 // Gdi_Full_Init
 //---------------------------------------------------------------------------
 _FX BOOLEAN Gdi_Full_Init(HMODULE module) 
 {
 	if (Dll_OsBuild < 14291) {
 		return TRUE;
 	}
    return Gdi_Full_Init_impl(module, TRUE);
 }
@ -875,87 +901,11 @@ _FX BOOLEAN Gdi_Init_Spool(HMODULE module)
 _FX BOOLEAN Gdi_Init(HMODULE module)
 {
-    P_CreateDCW CreateDCW;
+	if (Dll_OsBuild >= 14291) {
-    P_GdiAddFontResourceW GdiAddFontResourceW;
+		return TRUE;
-    P_RemoveFontResourceExW RemoveFontResourceExW;
+	}
    P_GetFontResourceInfoW GetFontResourceInfoW;
    P_CreateScalableFontResourceW CreateScalableFontResourceW;
-    P_EnumFontFamiliesEx EnumFontFamiliesExA;
+	return Gdi_Full_Init_impl(module, FALSE);
    P_EnumFontFamiliesEx EnumFontFamiliesExW;
    if (Dll_OsBuild >= 14291) {
        return TRUE;
    }
    InitializeCriticalSection(&Gdi_CritSec);
    if (! Gdi_InitZero())
        return FALSE;
    //
    // add, remove, get, create fonts
    //
    CreateDCW = (P_CreateDCW)
        GetProcAddress(module, "CreateDCW");
    GdiAddFontResourceW = (P_GdiAddFontResourceW)
        GetProcAddress(module, "GdiAddFontResourceW");
    RemoveFontResourceExW = (P_RemoveFontResourceExW)
        GetProcAddress(module, "RemoveFontResourceExW");
    GetFontResourceInfoW = (P_GetFontResourceInfoW)
        GetProcAddress(module, "GetFontResourceInfoW");
    CreateScalableFontResourceW = (P_CreateScalableFontResourceW)
        GetProcAddress(module, "CreateScalableFontResourceW");
 #ifndef _WIN64
    if (Dll_OsBuild >= 8400) {
        SBIEDLL_HOOK(Gdi_,CreateDCW);
    }
 #endif ! _WIN64
    SBIEDLL_HOOK(Gdi_,GdiAddFontResourceW);
    SBIEDLL_HOOK(Gdi_,RemoveFontResourceExW);
    if (GetFontResourceInfoW) {
        SBIEDLL_HOOK(Gdi_,GetFontResourceInfoW);
    }
    SBIEDLL_HOOK(Gdi_,CreateScalableFontResourceW);
    //
    // enumerate
    //
    EnumFontFamiliesExA = (P_EnumFontFamiliesEx)
        GetProcAddress(module, "EnumFontFamiliesExA");
    EnumFontFamiliesExW = (P_EnumFontFamiliesEx)
        GetProcAddress(module, "EnumFontFamiliesExW");
    SBIEDLL_HOOK(Gdi_,EnumFontFamiliesExA);
    SBIEDLL_HOOK(Gdi_,EnumFontFamiliesExW);
    __sys_GetEnhMetaFileBits = (P_GetEnhMetaFileBits)
        GetProcAddress(module, "GetEnhMetaFileBits");
    __sys_GetBitmapBits = (P_GetBitmapBits)
        GetProcAddress(module, "GetBitmapBits");
    __sys_DeleteObject = (P_DeleteObject)
        GetProcAddress(module, "DeleteObject");
    __sys_DeleteEnhMetaFile = (P_DeleteEnhMetaFile)
        GetProcAddress(module, "DeleteEnhMetaFile");
    return TRUE;
 }
 //Workaround for a rare chrome crash in a non-vm environment.  There is a chance for gdi32full!GetStockObject to cause a crash 
--- a/Sandboxie/core/dll/gui.c
+++ b/Sandboxie/core/dll/gui.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -531,6 +532,11 @@ import_fail:
    if (ok)
        ok = Gui_Init3();
 	// NoSbieDesk BEGIN
 	if (SbieApi_QueryConfBool(NULL, L"NoSandboxieDesktop", FALSE))
 		return ok;
 	// NoSbieDesk END
    SBIEDLL_HOOK_GUI(AttachThreadInput);
    return ok;
@ -952,6 +958,11 @@ _FX BOOLEAN Gui_ConnectToWindowStationAndDesktop(HMODULE User32)
                rc = (ULONG_PTR)NtCurrentThread();
 				// OriginalToken BEGIN
 				if (SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
 					rc = 0;
 				else
 				// OriginalToken END
                if (__sys_NtSetInformationThread)
                {
                    rc = __sys_NtSetInformationThread(NtCurrentThread(),
@ -1020,7 +1031,7 @@ ConnectThread:
    if (errlvl) {
        WCHAR errtxt[48];
-        Sbie_swprintf(errtxt, L"Win32Init.%d (%08p)", errlvl, (void*)rc);
+        Sbie_snwprintf(errtxt, 48, L"Win32Init.%d (%08p)", errlvl, (void*)rc);
        SbieApi_Log(2205, errtxt);
    }
@ -1165,7 +1176,7 @@ _FX HWND Gui_CreateDummyParentWindow(void)
        WCHAR clsnm[64], *boxed_clsnm;
        WNDCLASS wc;
-        Sbie_swprintf(clsnm, L"%s-DUMMY-%d-%d",
+        Sbie_snwprintf(clsnm, 64, L"%s-DUMMY-%d-%d",
                 SBIE, Dll_ProcessId, GetTickCount());
        boxed_clsnm = Gui_CreateClassNameW(clsnm);
@ -2440,13 +2451,13 @@ _FX void *Gui_CallProxyEx(
    if (! _QueueName) {
        _QueueName = Dll_Alloc(32 * sizeof(WCHAR));
-        Sbie_swprintf(_QueueName, L"*GUIPROXY_%08X", Dll_SessionId);
+        Sbie_snwprintf(_QueueName, 32, L"*GUIPROXY_%08X", Dll_SessionId);
        //_Ticks = 0;
    }
    /*if (1) {
        WCHAR txt[128];
-        Sbie_swprintf(txt, L"Request command is %08X\n", *(ULONG *)req);
+        Sbie_snwprintf(txt, 128, L"Request command is %08X\n", *(ULONG *)req);
        OutputDebugString(txt);
    }*/
@ -2564,7 +2575,7 @@ _FX void *Gui_CallProxyEx(
                /*_Ticks += GetTickCount() - Ticks0;
                if (_Ticks > _Ticks1 + 1000) {
                    WCHAR txt[128];
-                    Sbie_swprintf(txt, L"Already spent %d ticks in gui\n", _Ticks);
+                    Sbie_snwprintf(txt, 128, L"Already spent %d ticks in gui\n", _Ticks);
                    OutputDebugString(txt);
                    _Ticks1 = _Ticks;
                }*/
--- a/Sandboxie/core/dll/guiclass.c
+++ b/Sandboxie/core/dll/guiclass.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -137,7 +138,7 @@ _FX BOOLEAN Gui_InitClass(void)
    len = (wcslen(Sandbox) + 1 + wcslen(Dll_BoxName) + 1 + 1)
        * sizeof(WCHAR);
    Gui_BoxPrefixW = Dll_Alloc(len);
-    Sbie_swprintf(Gui_BoxPrefixW, L"%s:%s:", Sandbox, Dll_BoxName);
+    Sbie_snwprintf(Gui_BoxPrefixW, len / sizeof(WCHAR), L"%s:%s:", Sandbox, Dll_BoxName);
    Gui_BoxPrefix_Len = wcslen(Gui_BoxPrefixW);
    len = Gui_BoxPrefix_Len + 1;
@ -147,6 +148,15 @@ _FX BOOLEAN Gui_InitClass(void)
        Gui_BoxPrefixA, len, NULL, NULL);
    Gui_BoxPrefixA[len - 1] = '\0';
 	// NoSbieDesk BEGIN
 	if (SbieApi_QueryConfBool(NULL, L"NoSandboxieDesktop", FALSE)) {
 		Gui_OpenAllWinClasses = TRUE;
 		Gui_RenameClasses = FALSE;
 	}
 	else
 	// NoSbieDesk END
    //
    // if OpenWinClass specifies *, we will not do any window class
    // renaming.  note that we can't use Gui_IsOpenClass yet, because
--- a/Sandboxie/core/dll/guicon.c
+++ b/Sandboxie/core/dll/guicon.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -143,6 +144,16 @@ _FX BOOL Gui_ConnectConsole(ULONG ShowFlag)
    HANDLE ProcessToken;
    NTSTATUS status;
 	// NoSbieDesk BEGIN
 	if (SbieApi_QueryConfBool(NULL, L"NoSandboxieDesktop", FALSE)) {
 		typedef BOOL(*P_AllocConsole)();
 		P_AllocConsole AllocConsole = (P_AllocConsole)
 			GetProcAddress(Dll_Kernel32, "AllocConsole");
 		return AllocConsole();
 	}
 	// NoSbieDesk END
    //
    // on Windows 7, a console process tries to launch conhost.exe through
    // csrss.exe during initialization of kernel32.dll in the function
@ -216,7 +227,7 @@ _FX BOOL Gui_ConnectConsole(ULONG ShowFlag)
    if (! NT_SUCCESS(status)) {
        WCHAR errtxt[48];
-        Sbie_swprintf(errtxt, L"ConsoleInit (%08X)", status);
+        Sbie_snwprintf(errtxt, 48, L"ConsoleInit (%08X)", status);
        SbieApi_Log(2205, errtxt);
        return FALSE;
    }
@ -254,7 +265,9 @@ _FX void Gui_InitConsole2(void)
    if (_wcsicmp(Dll_ImageName, L"klwtblfs.exe") == 0) {
-        CreateThread(NULL, 0, Proc_WaitForParentExit, (void *)1, 0, NULL);
+		HANDLE ThreadHandle = CreateThread(NULL, 0, Proc_WaitForParentExit, (void *)1, 0, NULL);
 		if (ThreadHandle)
 			CloseHandle(ThreadHandle); 
    }
    //
--- a/Sandboxie/core/dll/guidde.c
+++ b/Sandboxie/core/dll/guidde.c
@ -352,7 +352,7 @@ _FX BOOLEAN Gui_DDE_COPYDATA_Received(
    if (cds->dwData != tzuk)
        return FALSE;
-    Sbie_swprintf(prop_name, SBIE L"_DDE_%08p", (void*)hWnd);
+    Sbie_snwprintf(prop_name, 64, SBIE L"_DDE_%08p", (void*)hWnd);
    hClientWnd = Gui_GetPropCommon((HWND)wParam, prop_name, TRUE, 0);
    if (TlsData->gui_dde_client_hwnd != (HWND)-1) {
        if ((! hClientWnd) || (hClientWnd != TlsData->gui_dde_client_hwnd))
@ -492,7 +492,7 @@ _FX BOOLEAN Gui_DDE_Post_In_Box(
    THREAD_DATA *TlsData = Dll_GetTlsData(NULL);
    WCHAR prop_name[64];
-    Sbie_swprintf(prop_name, SBIE L"_DDE_%08p", (void*)hWnd);
+    Sbie_snwprintf(prop_name, 64, SBIE L"_DDE_%08p", (void*)hWnd);
    __sys_SetPropW((HWND)wParam, prop_name, (HWND)wParam);
    cds.dwData = tzuk;
--- a/Sandboxie/core/dll/guienum.c
+++ b/Sandboxie/core/dll/guienum.c
@ -728,9 +728,9 @@ _FX HWND Gui_FindWindowW(
    WCHAR txt[256];
    if (((ULONG_PTR)lpClassName & 0xFFFF0000) != 0)
-        Sbie_swprintf(txt, L"FindWindowW   - %s\n", lpClassName);
+        Sbie_snwprintf(txt, 256, L"FindWindowW   - %s\n", lpClassName);
    else
-        Sbie_swprintf(txt, L"FindWindowW   - %X\n", lpClassName);
+        Sbie_snwprintf(txt, 256, L"FindWindowW   - %X\n", lpClassName);
    OutputDebugString(txt);
 #endif
@ -762,7 +762,7 @@ _FX HWND Gui_FindWindowW(
        Gui_Free(clsnm);
 #ifdef DEBUG_FINDWINDOW
-    Sbie_swprintf(txt, L"FindWindowW   - Result HWND %X\n", hwndResult);
+    Sbie_snwprintf(txt, 256, L"FindWindowW   - Result HWND %X\n", hwndResult);
    OutputDebugString(txt);
 #endif
@ -786,9 +786,9 @@ _FX HWND Gui_FindWindowA(
 #ifdef DEBUG_FINDWINDOW
    WCHAR txt[256];
    if (((ULONG_PTR)lpClassName & 0xFFFF0000) != 0)
-        Sbie_swprintf(txt, L"FindWindowA   - %S\n", lpClassName);
+        Sbie_snwprintf(txt, 256, L"FindWindowA   - %S\n", lpClassName);
    else
-        Sbie_swprintf(txt, L"FindWindowA   - %X\n", lpClassName);
+		Sbie_snwprintf(txt, 256, L"FindWindowA   - %X\n", lpClassName);
    OutputDebugString(txt);
 #endif
@ -820,7 +820,7 @@ _FX HWND Gui_FindWindowA(
        Gui_Free(clsnm);
 #ifdef DEBUG_FINDWINDOW
-    Sbie_swprintf(txt, L"FindWindowA   - Result HWND %X\n", hwndResult);
+	Sbie_snwprintf(txt, 256, L"FindWindowA   - Result HWND %X\n", hwndResult);
    OutputDebugString(txt);
 #endif
@ -845,9 +845,9 @@ _FX HWND Gui_FindWindowExW(
 #ifdef DEBUG_FINDWINDOW
    WCHAR txt[256];
    if (((ULONG_PTR)lpClassName & 0xFFFF0000) != 0)
-        Sbie_swprintf(txt, L"FindWindowExW - %s\n", lpClassName);
+		Sbie_snwprintf(txt, 256, L"FindWindowExW - %s\n", lpClassName);
    else
-        Sbie_swprintf(txt, L"FindWindowExW - %X\n", lpClassName);
+		Sbie_snwprintf(txt, 256, L"FindWindowExW - %X\n", lpClassName);
    OutputDebugString(txt);
 #endif
@ -881,7 +881,7 @@ _FX HWND Gui_FindWindowExW(
        Gui_Free(clsnm);
 #ifdef DEBUG_FINDWINDOW
-    Sbie_swprintf(txt, L"FindWindowExW - Result HWND %X\n", hwndResult);
+	Sbie_snwprintf(txt, 256, L"FindWindowExW - Result HWND %X\n", hwndResult);
    OutputDebugString(txt);
 #endif
@ -906,9 +906,9 @@ _FX HWND Gui_FindWindowExA(
 #ifdef DEBUG_FINDWINDOW
    WCHAR txt[256];
    if (((ULONG_PTR)lpClassName & 0xFFFF0000) != 0)
-        Sbie_swprintf(txt, L"FindWindowExA - %S\n", lpClassName);
+		Sbie_snwprintf(txt, 256, L"FindWindowExA - %S\n", lpClassName);
    else
-        Sbie_swprintf(txt, L"FindWindowExA - %X\n", lpClassName);
+		Sbie_snwprintf(txt, 256, L"FindWindowExA - %X\n", lpClassName);
    OutputDebugString(txt);
 #endif
@ -942,7 +942,7 @@ _FX HWND Gui_FindWindowExA(
        Gui_Free(clsnm);
 #ifdef DEBUG_FINDWINDOW
-    Sbie_swprintf(txt, L"FindWindowExA - Result HWND %X\n", hwndResult);
+	Sbie_snwprintf(txt, 256, L"FindWindowExA - Result HWND %X\n", hwndResult);
    OutputDebugString(txt);
 #endif
@ -962,7 +962,7 @@ _FX void Gui_MonitorW(const WCHAR *clsnm, USHORT monflag, HWND hwnd)
        wcsncpy(text, Gui_UnCreateClassName(clsnm), 128);
        text[128] = L'\0';
    } else
-        Sbie_swprintf(text, L"#%d", PtrToUlong(clsnm) & 0xFFFF);
+        Sbie_snwprintf(text, 130, L"#%d", PtrToUlong(clsnm) & 0xFFFF);
    if ((! hwnd) && (! monflag))
        monflag |= MONITOR_DENY;
    SbieApi_MonitorPut(MONITOR_WINCLASS | monflag, text);
--- a/Sandboxie/core/dll/guihook.c
+++ b/Sandboxie/core/dll/guihook.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -288,7 +289,10 @@ _FX HHOOK Gui_SetWindowsHookEx(
    threads = Dll_Alloc((MAX_THREADS + 4) * sizeof(LONG_PTR));
    threads[0] = 0;
-    Gui_EnumWindows(Gui_HookCollectThreads, (LPARAM)threads);
+	if(Gui_OpenAllWinClasses && __sys_EnumWindows)
 		__sys_EnumWindows(Gui_HookCollectThreads, (LPARAM)threads);
 	else
 	    Gui_EnumWindows(Gui_HookCollectThreads, (LPARAM)threads);
    ok = FALSE;
    err = 0;
@ -412,7 +416,7 @@ _FX BOOLEAN Gui_HookThread(GUI_HOOK *ghk, ULONG_PTR idThread)
 #ifdef DEBUG_HOOKS
    {   WCHAR msg[256];
-        Sbie_swprintf(msg, L"2 SetWindowsHookEx%c idHook=%d lpfn=%08X hMod=%08X dwThreadId=%d ; hhook=%08X error=%d\n",
+        Sbie_snwprintf(msg, 256, L"2 SetWindowsHookEx%c idHook=%d lpfn=%08X hMod=%08X dwThreadId=%d ; hhook=%08X error=%d\n",
        ghk->IsUnicode ? L'W' : L'A',
        ghk->idHook, ghk->lpfn, ghk->hMod, idThread, thd->hhk, GetLastError());
        OutputDebugString(msg);
--- a/Sandboxie/core/dll/guimisc.c
+++ b/Sandboxie/core/dll/guimisc.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -165,6 +166,11 @@ _FX BOOLEAN Gui_InitMisc(void)
        }
    }
 	// NoSbieDesk BEGIN
 	if (SbieApi_QueryConfBool(NULL, L"NoSandboxieDesktop", FALSE))
 		return TRUE;
 	// NoSbieDesk END
    SBIEDLL_HOOK_GUI(OpenClipboard);
    SBIEDLL_HOOK_GUI(CloseClipboard);
    SBIEDLL_HOOK_GUI(GetClipboardData);
--- a/Sandboxie/core/dll/guimsg.c
+++ b/Sandboxie/core/dll/guimsg.c
@ -477,7 +477,7 @@ _FX LRESULT Gui_SendPostMessageCommon(
    /*if (uMsg >= WM_DDE_FIRST && uMsg <= WM_DDE_LAST) {
        WCHAR txt[128];
        UCHAR *ptr = (UCHAR *)&which;
-        Sbie_swprintf(txt, L"Doing (%c%c%c%c) MSG=%04X to HWND=%08X from WPARAM=%08X\n",
+        Sbie_snwprintf(txt, 128, L"Doing (%c%c%c%c) MSG=%04X to HWND=%08X from WPARAM=%08X\n",
                ptr[3],ptr[2],ptr[1],ptr[0], uMsg, hWnd, wParam);
        OutputDebugString(txt);
    }*/
@ -792,7 +792,7 @@ fail:
        return TRUE;
    }
-    Sbie_swprintf(name, L"$:TID=%08X:MSG=%08X", idThread, uMsg);
+    Sbie_snwprintf(name, 48, L"$:TID=%08X:MSG=%08X", idThread, uMsg);
    SbieApi_MonitorPut(MONITOR_WINCLASS | MONITOR_DENY, name);
    return FALSE;
--- a/Sandboxie/core/dll/guiprop.c
+++ b/Sandboxie/core/dll/guiprop.c
@ -240,7 +240,7 @@ _FX void Gui_InitPropAtoms(void)
            GlobalAddAtomW(_OleDropTargetInterface);
        if (Gui_OleDropTargetInterface_Atom) {
-            Sbie_swprintf(name, _format, Dll_BoxName, _OleDropTargetInterface);
+            Sbie_snwprintf(name, 128, _format, Dll_BoxName, _OleDropTargetInterface);
            Gui_Sandbox_OleDropTargetInterface_Atom = GlobalAddAtomW(name);
        }
    }
@ -251,7 +251,7 @@ _FX void Gui_InitPropAtoms(void)
            GlobalAddAtomW(_OleDropTargetMarshalHwnd);
        if (Gui_OleDropTargetMarshalHwnd_Atom) {
-            Sbie_swprintf(name, _format, Dll_BoxName, _OleDropTargetMarshalHwnd);
+			Sbie_snwprintf(name, 128, _format, Dll_BoxName, _OleDropTargetMarshalHwnd);
            Gui_Sandbox_OleDropTargetMarshalHwnd_Atom = GlobalAddAtomW(name);
        }
    }
@ -262,7 +262,7 @@ _FX void Gui_InitPropAtoms(void)
            GlobalAddAtomW(_OleEndPointID);
        if (Gui_OleEndPointID_Atom) {
-            Sbie_swprintf(name, _format, Dll_BoxName, _OleEndPointID);
+			Sbie_snwprintf(name, 128, _format, Dll_BoxName, _OleEndPointID);
            Gui_Sandbox_OleEndPointID_Atom = GlobalAddAtomW(name);
        }
    }
--- a/Sandboxie/core/dll/hook.h
+++ b/Sandboxie/core/dll/hook.h
@ -0,0 +1,144 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *   (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 //---------------------------------------------------------------------------
 // Hook Management
 //---------------------------------------------------------------------------
 #ifndef _MY_HOOK_H
 #define _MY_HOOK_H
 //---------------------------------------------------------------------------
 // Structures and Types
 //---------------------------------------------------------------------------
 #ifdef HOOK_WITH_PRIVATE_PARTS
 enum HOOK_KIND {
    INST_UNKNOWN    = 0,
    INST_MOVE,
    INST_CTLXFER,           // jmp/jcc/call with 32-bit disp
    INST_CTLXFER_REG,       // jmp/call reg or [reg]
    INST_CALL_MEM,          // call [mem]
    INST_JUMP_MEM,          // jmp  [mem]
    INST_SYSCALL,
    INST_RET
 };
 typedef struct _HOOK_INST {
    ULONG len;
    UCHAR kind;
    UCHAR op1, op2;
    ULONG64 parm;
    LONG *rel32;            // --> 32-bit relocation for control-xfer
    UCHAR *modrm;
    ULONG flags;
 } HOOK_INST;
 #endif // HOOK_WITH_PRIVATE_PARTS
 //---------------------------------------------------------------------------
 // HOOK_TRAMP
 //---------------------------------------------------------------------------
 #pragma pack(push)
 #pragma pack(1)
 typedef struct _HOOK_TRAMP {
    ULONG eyecatcher;                   // (0,4) signature
    ULONG size;                         // (4,4) tramp size (multiple of 16)
    void *target;                       // (8,4/8) branch target in source
    __declspec(align(16))
        UCHAR code[64];                 // (16) source code + extra jmp
 	ULONG count;						// original length of relocated code
 } HOOK_TRAMP;
 #pragma pack(pop)
 #define HOOK_TRAMP_CODE_TO_TRAMP_HEAD(x)    \
    (HOOK_TRAMP *)((ULONG_PTR)x - FIELD_OFFSET(HOOK_TRAMP, code))
 //---------------------------------------------------------------------------
 // Functions
 //---------------------------------------------------------------------------
 // Hook_BuildTramp constructs a detour trampoline that will jump to
 // SourceFunc + n, where n is the length, in bytes, of the first few
 // instructions at SourceFunc that would be damaged by placing a jump
 // instruction at the top of SourceFunc.  The jump instruction is assumed
 // to be 5 bytes long in 32-bit mode and 12 bytes long in 64-bit mode.
 // The damaged instructions are copied to the detour trampoline.
 // Returns the address to the start of the code in the detour trampoline.
 // The function being redirected to, through the overwriting jump
 // instruction, should jump to the returned value, to invoke the
 // original code.  The trampoline is built on the address specified
 // in Trampoline.  Kernel-mode code should pass a NULL address to
 // use a system space trampoline.
 void *Hook_BuildTramp(
    void *SourceFunc, void *Trampoline, BOOLEAN is64, BOOLEAN probe);
 // Hook_BuildJump1 will write a 'jmp DestFunc' instruction at
 // the address specified by WritableAddr.  In case WritableAddr was
 // generated using MmGetSystemAddressForMdlSafe, then ExecutableAddr
 // specifies the corresponding "real" address which will be used to
 // generate a 32-bit jump offset.  (Note that 64-bit code does not
 // use jump offsets and disregards ExecutableAddr.)
 void Hook_BuildJump(
    void *WritableAddr, void *ExecutableAddr, void *JumpTarget);
 #ifdef HOOK_WITH_PRIVATE_PARTS
 // Analyze a single instruction at the specified address
 BOOLEAN Hook_Analyze(
    void *address,
    BOOLEAN probe_address,
    BOOLEAN is64,
    HOOK_INST *inst);
 #endif // HOOK_WITH_PRIVATE_PARTS
 //---------------------------------------------------------------------------
 #endif // _MY_HOOK_H
--- a/Sandboxie/core/dll/hook_inst.c
+++ b/Sandboxie/core/dll/hook_inst.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -20,8 +21,14 @@
 //---------------------------------------------------------------------------
 #ifndef KERNEL_MODE
 #include "dll.h"
 #include "msgs/msgs.h"
 #define MSG_HOOK_ANALYZE    MSG_1151
 #define Log_Msg1			SbieApi_Log
 #define HOOK_WITH_PRIVATE_PARTS
 #include "hook.h"
 #endif
 //---------------------------------------------------------------------------
@ -130,8 +137,10 @@ ALIGNED BOOLEAN Hook_Analyze(
    __try {
 #ifdef KERNEL_MODE
        if (probe_address)
            ProbeForRead(address, 16, sizeof(UCHAR));
 #endif
        /*if (1) {
            UCHAR *z = (UCHAR *)address;
@ -147,7 +156,12 @@ ALIGNED BOOLEAN Hook_Analyze(
        addr = Hook_Analyze_Inst(addr, inst);
        if (! addr) {
            addr = address;
-            swprintf(text, L"%08p:  %02X,%02X,%02X,%02X,"
+#ifdef KERNEL_MODE
 			swprintf(text,
 #else
 			Sbie_snwprintf(text, 64, 
 #endif
 				L"%08p:  %02X,%02X,%02X,%02X,"
                L"%02X,%02X,%02X,%02X,%02X,%02X,%02X,%02X", addr,
                addr[0],  addr[1],  addr[2],  addr[3],  addr[4],  addr[5],
                addr[6],  addr[7],  addr[8],  addr[9],  addr[10], addr[11]);
@ -158,7 +172,12 @@ ALIGNED BOOLEAN Hook_Analyze(
    } __except (EXCEPTION_EXECUTE_HANDLER) {
        addr = NULL;
-        swprintf(text, L"(fault at %p)", address);
+#ifdef KERNEL_MODE
 		swprintf(text,
 #else
 		Sbie_snwprintf(text, 64,
 #endif
 			L"(fault at %p)", address);
        Log_Msg1(MSG_HOOK_ANALYZE, text);
    }
--- a/Sandboxie/core/dll/hook_tramp.c
+++ b/Sandboxie/core/dll/hook_tramp.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -20,11 +21,12 @@
 //---------------------------------------------------------------------------
 #ifndef KERNEL_MODE
 #include "dll.h"
 #define HOOK_WITH_PRIVATE_PARTS
 #include "hook.h"
-#include "util.h"
+#endif
 BOOLEAN File_TrusteerLoaded(void);
 //---------------------------------------------------------------------------
 // Structures and Types
@ -44,9 +46,6 @@ typedef struct _HOOK_TRAMP_PAGE {
 // Functions
 //---------------------------------------------------------------------------
 static void *Hook_Tramp_Get(ULONG TrampSize);
 static BOOLEAN Hook_Tramp_CountBytes(
    void *SysProc, ULONG *ByteCount, BOOLEAN is64, BOOLEAN probe);
@ -68,7 +67,7 @@ static BOOLEAN Hook_Tramp_Pages_Initialized = FALSE;
 // Hook_Tramp_Get
 //---------------------------------------------------------------------------
-
+#ifdef KERNEL_MODE
 _FX void *Hook_Tramp_Get(ULONG TrampSize)
 {
    NTSTATUS status;
@ -174,7 +173,7 @@ finish:
    return tramp;
 }
-
+#endif
 //---------------------------------------------------------------------------
 // Hook_Tramp_CountBytes
@ -185,7 +184,8 @@ _FX BOOLEAN Hook_Tramp_CountBytes(
    void *SysProc, ULONG *ByteCount, BOOLEAN is64, BOOLEAN probe)
 {
    UCHAR *addr = (UCHAR *)SysProc;
-    ULONG needlen = (is64 == 9 ? 13 : (is64 ? 12 : (File_TrusteerLoaded()?6:5)));
+    //ULONG needlen = (is64 == 9 ? 13 : (is64 ? 12 : (File_TrusteerLoaded()?6:5)));
 	ULONG needlen = (is64 ? 12 : 5);
    ULONG copylen = 0;
    // count at least the (needlen) bytes of instructions from the original
@ -232,6 +232,7 @@ _FX BOOLEAN Hook_Tramp_Copy(
    tramp->eyecatcher = tzuk;
    tramp->target = src + ByteCount;
 	tramp->count = ByteCount;
    // copy ByteCount bytes from the original source function into
    // the code area of the trampoline stub, adjustmenting it as needed
@ -452,13 +453,14 @@ _FX void *Hook_BuildTramp(
            return NULL;
    }
-    if (Trampoline)
+#ifdef KERNEL_MODE
 	if (!Trampoline)
 		tramp = (HOOK_TRAMP *)Hook_Tramp_Get(sizeof(HOOK_TRAMP));
 	else
 #endif
        tramp = (HOOK_TRAMP *)Trampoline;
-    else {
+    if (! tramp)
-        tramp = (HOOK_TRAMP *)Hook_Tramp_Get(sizeof(HOOK_TRAMP));
+        return NULL;
        if (! tramp)
            return NULL;
    }
    if (SourceFunc) {
        if (! Hook_Tramp_Copy(tramp, SourceFunc, ByteCount, is64, probe))
@ -479,6 +481,7 @@ _FX void Hook_BuildJump(
 {
    UCHAR *SourceAddr = (UCHAR *)WritableAddr;
 #ifdef KERNEL_MODE
    //
    // ideally, WritableAddr points at a writable page received through
    // MmGetSystemAddressForMdlSafe for the page at ExecutableAddr.
@ -487,6 +490,7 @@ _FX void Hook_BuildJump(
    //
    DisableWriteProtect();
 #endif
    //
    // if we detect JMP DWORD/QWORD PTR [+00], then replace the jump target
@ -545,5 +549,7 @@ _FX void Hook_BuildJump(
    }
 #ifdef KERNEL_MODE
    EnableWriteProtect();
 #endif
 }
--- a/Sandboxie/core/dll/ipc.c
+++ b/Sandboxie/core/dll/ipc.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -402,7 +403,7 @@ _FX void Ipc_CreateObjects(void)
    // the last path component (the dummy name itself)
    //
-    Sbie_swprintf(str, SBIE_BOXED_ L"DummyEvent_%d", Dll_ProcessId);
+    Sbie_snwprintf(str, 64, SBIE_BOXED_ L"DummyEvent_%d", Dll_ProcessId);
    handle = CreateEvent(NULL, FALSE, FALSE, str);
    if (! handle) {
        errlvl = 11;
@ -575,7 +576,7 @@ _FX NTSTATUS Ipc_GetName(
        if (! NT_SUCCESS(status))
            return status;
-        *OutTruePath = ((OBJECT_NAME_INFORMATION *)name)->ObjectName.Buffer;
+        *OutTruePath = ((OBJECT_NAME_INFORMATION *)name)->Name.Buffer;
        if (! *OutTruePath) {
@ -588,7 +589,7 @@ _FX NTSTATUS Ipc_GetName(
        }
        name = (*OutTruePath)
-             + ((OBJECT_NAME_INFORMATION *)name)->ObjectName.Length
+             + ((OBJECT_NAME_INFORMATION *)name)->Name.Length
                    / sizeof(WCHAR);
        if (objname_len) {
@ -972,10 +973,10 @@ _FX void Ipc_AdjustPortPath(UNICODE_STRING *ObjectName)
        status = Obj_GetObjectName(handle, name, &length);
        if (NT_SUCCESS(status) &&
-                name->ObjectName.Length >= ParentLength * sizeof(WCHAR) &&
+                name->Name.Length >= ParentLength * sizeof(WCHAR) &&
-            0 == _wcsnicmp(name->ObjectName.Buffer, Buffer, ParentLength)) {
+            0 == _wcsnicmp(name->Name.Buffer, Buffer, ParentLength)) {
-            wmemcpy(Buffer, name->ObjectName.Buffer, ParentLength);
+            wmemcpy(Buffer, name->Name.Buffer, ParentLength);
        }
        Dll_Free(name);
--- a/Sandboxie/core/dll/ipc_start.c
+++ b/Sandboxie/core/dll/ipc_start.c
@ -1,5 +1,6 @@
 /*
 * Copyright 2004-2020 Sandboxie Holdings, LLC 
 * Copyright 2020 David Xanatos, xanasoft.com
 *
 * This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -40,7 +41,7 @@ _FX HANDLE Ipc_GetServerEvent(const WCHAR *service, BOOLEAN *create_flag)
    WCHAR event_name[64];
    HANDLE hEvent;
-    Sbie_swprintf(event_name, SBIE_BOXED_ L"ServiceInitComplete_%s", service);
+    Sbie_snwprintf(event_name, 64, SBIE_BOXED_ L"ServiceInitComplete_%s", service);
    if (create_flag) {
        *create_flag = FALSE;
        hEvent = CreateEvent(NULL, TRUE, FALSE, event_name);
@ -169,10 +170,18 @@ _FX BOOLEAN Ipc_StartServer(const WCHAR *TruePath, BOOLEAN Async)
                else {
                    WCHAR *fullpath = Dll_AllocTemp(512 * sizeof(WCHAR));
-                    Sbie_swprintf(fullpath, L"\"%s\\%s\"", homedir, program);
+                    Sbie_snwprintf(fullpath, 512, L"\"%s\\%s\"", homedir, program);
-                    if (! SbieDll_RunSandboxed(
+					//
-                            L"*THREAD*", fullpath, homedir, 0, &si, &pi))
+					// Note: many proesses started by DcomLaunch must be started as user this is currently a bit broken,
 					// see Proc_CreateProcessInternalW_RS5 so for successfull operation in most cases we can't run RpcSs with a system token
 					// Fix-Me: fix Proc_CreateProcessInternalW_RS5 and make prtected RpcSs and subsequently DcomLaunch the deault
 					//
 					// Note: ServiceServer::CanAccessSCM has a special case to permit DcomLaunch to start services without being system
 					//
 					const WCHAR* box_name = SbieApi_QueryConfBool(NULL, L"ProtectRpcSs", FALSE) ? L"*SYSTEM*" : L"*THREAD*";
                    if (! SbieDll_RunSandboxed(box_name, fullpath, homedir, 0, &si, &pi))
                        errnum = GetLastError();
                    else
                        errnum = -1;
--- a/Sandboxie/core/dll/ipstore_enum.cpp
+++ b/Sandboxie/core/dll/ipstore_enum.cpp
@ -296,7 +296,7 @@ void IEnumPStoreTypesImpl::StringFromGUID(const GUID *guid, WCHAR *str)
        UCHAR y5;
        UCHAR y6;
    } *s = (_s *)guid;
-    Sbie_swprintf(str, L"{%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X",
+    Sbie_snwprintf(str, 48, L"{%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X",
        s->a, s->b, s->c,
        s->x1, s->x2,
        s->y1, s->y2, s->y3, s->y4, s->y5, s->y6);
--- a/Sandboxie/core/dll/key.c
+++ b/Sandboxie/core/dll/key.c
@ -308,7 +308,7 @@ static const WCHAR *Key_Wow6432Node = L"\\Wow6432Node\\";
 #if 0
 #define PRINT_STATUS(x) if (Key_Trace) { \
    WCHAR status_txt[64];                                   \
-    Sbie_swprintf(status_txt, L#x L" - %08X\n", status);         \
+    Sbie_snwprintf(status_txt, 64, L#x L" - %08X\n", status);         \
    OutputDebugString(status_txt);                          \
    }
 #else
@ -319,7 +319,7 @@ static const WCHAR *Key_Wow6432Node = L"\\Wow6432Node\\";
 #if 0
 #define PRINT_PATH(title,ptrstr) if (Key_Trace) { \
    WCHAR path_txt[256];                                    \
-    Sbie_swprintf(path_txt, title L"%-200.200s\n", *ptrstr);     \
+    Sbie_snwprintf(path_txt, 256, title L"%-200.200s\n", *ptrstr);     \
    OutputDebugString(path_txt);                            \
    }
 #else
--- a/Show More
+++ b/Show More