[FAQ] ReHIPS files (part 1)

Started by fixer, November 16, 2018, 08:37:40 AM

Previous topic - Next topic


If you take a look into the folder ReHIPS was installed into, you'll see quite a bunch of files. For the ones curious what they are for, this blogpost is.

-DeployHelper32.exe/DeployHelper64.exe (help install software straight into isolated environment, seperate blogpost about it here https://forum.rehips.com/index.php?topic=11675.0);

-DesktopTools32.exe/DesktopTools64.exe (show keyboard layout indicator and help set hooks on isolated desktops);

-EmptyStub32.exe/EmptyStub64.exe (just an empty stub that does nothing; when a process is blocked, execution of this empty stub is simulated so no error message is shown);

-FileManager32.exe/FileManager64.exe (ReHIPS file manager as explorer doesn't browse folders for isolated programs, separate blogpost about this bug here https://forum.rehips.com/index.php?topic=9515.0);

-HIPS32.sys/HIPS64.sys (driver to monitor processes creation and termination, also filters file system and registry access operations);

-HIPSAgent32.exe/HIPSAgent64.exe (agent helps working with programs in different sessions, also shows desktops widget and all bells and whistles like taskbar for isolated desktops);

-HIPSGui32.exe/HIPSGui64.exe (main graphical user interface or ReHIPS Control Center, implemented as thin client);

-HIPSService32.exe/HIPSService64.exe (heart and core of ReHIPS, contains all the major stuff, can work in head-less mode, also operates as middle-ware between driver and Control Center);

-HookDll32.dll/HookDll64.dll (library to inject into other processes and perform usability tasks like suppressing error window when a process is blocked);

-ReHIPS.xml (database with program rules);

-RulesManager32.exe/RulesManager64.exe (separate graphical user interface for rules management, seperate blogpost about it here https://forum.rehips.com/index.php?topic=9530.0);

-RunElevated32.exe/RunElevated64.exe (used by DeployHelper to start elevated installer process);

-RunLimited32.exe/RunLimited64.exe (starts in isolation processes that require administrator privileges);

-RunRestricted32.exe/RunRestricted64.exe (starts files in isolation from explorer context menu, there is a trick with it described here https://forum.rehips.com/index.php?topic=9574.0).