Author Topic: [FAQ] ReHIPS files (part 1)  (Read 1420 times)


  • Administrator
  • Hero Member
  • *****
  • Posts: 1524
[FAQ] ReHIPS files (part 1)
« on: November 16, 2018, 08:37:40 am »
If you take a look into the folder ReHIPS was installed into, you'll see quite a bunch of files. For the ones curious what they are for, this blogpost is.

-DeployHelper32.exe/DeployHelper64.exe (help install software straight into isolated environment, seperate blogpost about it here;

-DesktopTools32.exe/DesktopTools64.exe (show keyboard layout indicator and help set hooks on isolated desktops);

-EmptyStub32.exe/EmptyStub64.exe (just an empty stub that does nothing; when a process is blocked, execution of this empty stub is simulated so no error message is shown);

-FileManager32.exe/FileManager64.exe (ReHIPS file manager as explorer doesn't browse folders for isolated programs, separate blogpost about this bug here;

-HIPS32.sys/HIPS64.sys (driver to monitor processes creation and termination, also filters file system and registry access operations);

-HIPSAgent32.exe/HIPSAgent64.exe (agent helps working with programs in different sessions, also shows desktops widget and all bells and whistles like taskbar for isolated desktops);

-HIPSGui32.exe/HIPSGui64.exe (main graphical user interface or ReHIPS Control Center, implemented as thin client);

-HIPSService32.exe/HIPSService64.exe (heart and core of ReHIPS, contains all the major stuff, can work in head-less mode, also operates as middle-ware between driver and Control Center);

-HookDll32.dll/HookDll64.dll (library to inject into other processes and perform usability tasks like suppressing error window when a process is blocked);

-ReHIPS.xml (database with program rules);

-RulesManager32.exe/RulesManager64.exe (separate graphical user interface for rules management, seperate blogpost about it here;

-RunElevated32.exe/RunElevated64.exe (used by DeployHelper to start elevated installer process);

-RunLimited32.exe/RunLimited64.exe (starts in isolation processes that require administrator privileges);

-RunRestricted32.exe/RunRestricted64.exe (starts files in isolation from explorer context menu, there is a trick with it described here