Ask Questions Here - ReHIPS Features & Unexpected Behaviors

[paulderdash]

Another minidump - the fifth since I installed RC4 (all the same 'DPC Watchdog Violation', so not sure if an additional minidump is helpful). This time during or after loading Firefox (I wasn't at my PC).

Edit: @Fixer I assume you will post here if you do spot something (or not)? I guess I should have started a new thread for my issue.

[Umbra]

Btw I am intrigued - how then do you get HMPA to run alongside ReHIPS then? What changes did you have to make?

I added 3 of ReHIPS processes into HMPA exclusions (was mandatory for the first beta of v2.2)  but now it seems not necessary, but i still do it in case of...

[crasher]

Another minidump - the fifth since I installed RC4 (all the same 'DPC Watchdog Violation', so not sure if an additional minidump is helpful). This time during or after loading Firefox (I wasn't at my PC).

Edit: @Fixer I assume you will post here if you do spot something (or not)? I guess I should have started a new thread for my issue.

Both minidumps point to one problem, but contains little information. Can you get full kernel memory dump (https://msdn.microsoft.com/en-us/library/windows/hardware/ff542953(v=vs.85).aspx) and send me link to it to PM?

[paulderdash]

Thanks @crasher. Set it up for a kernel memory dump, and it crashed shortly afterwards. Will send you a PM.
I suspect it is Malwarebytes 3 (AE module), or Zemana Anti-Logger or Reason Core Security (recently playing with that), as others have said, which should be removed.
If the crash has nothing to do with ReHIPS, my apologies for wasting your time!

Edit: PM sent.

[Ozone]

I have program which I have allowed to run, but sometimes I would like it to run it isolated

Instead of right clicking and selecting "Run isolated in ReHIPS", I would like to create shortcut for it to run isolated.
is this possible?

[aDVll]

I have program which I have allowed to run, but sometimes I would like to run it isolated

Instead of right clicking and selecting "Run isolated in ReHIPS", I would like to create shortcut for it to run isolated.
is this possible?
Nope not possible to make such shortcut. What you can do is run isolated in rehips for the specific program and let it create a new IE for it and when you want to run it not isolated disable rehips, launch it and then enable rehips again.

EDIT: I assumed it's not a portable application that you can just make a copy and launch that.

[Ozone]

I have program which I have allowed to run, but sometimes I would like to run it isolated

Instead of right clicking and selecting "Run isolated in ReHIPS", I would like to create shortcut for it to run isolated.
is this possible?

Nope not possible to make such shortcut. What you can do is run isolated in rehips for the specific program and let it create a new IE for it and when you want to run it not isolated disable rehips, launch it and then enable rehips again.

EDIT: I assumed it's not a portable application that you can just make a copy and launch that.

it's not portable application
I am testing firefox nightly, I am running it alongside stable

I had created shortcut and it seems to work, but I don't know if correctly

"C:\Program Files\ReCrypt\ReHIPS\RunRestricted64.exe" "C:\Program Files\Nightly\firefox.exe"  -p nightly -no-remote

[aDVll]

I have program which I have allowed to run, but sometimes I would like to run it isolated

Instead of right clicking and selecting "Run isolated in ReHIPS", I would like to create shortcut for it to run isolated.
is this possible?

Nope not possible to make such shortcut. What you can do is run isolated in rehips for the specific program and let it create a new IE for it and when you want to run it not isolated disable rehips, launch it and then enable rehips again.

EDIT: I assumed it's not a portable application that you can just make a copy and launch that.

it's not portable application
I am testing firefox nightly, I am running it alongside stable

I had created shortcut and it seems to work, but I don't know if correctly

"C:\Program Files\ReCrypt\ReHIPS\RunRestricted64.exe" "C:\Program Files\Nightly\firefox.exe"  -p nightly -no-remote

That seems clever and never though of it. Good work. If you can see it in isolated program list in rehips(enable advanced mode from main gui) then it works. If not i will test it in a bit and tell you how it went.

EDIT: It works. Well done.
Remember to change the default rules for firefox in rehips to allow and when you want it to run isolated run your shortcut.

[Ozone]

it's working but some programs  will not be child process of rehips but outside (I use Process Explorer to watch processes)
I am not familiar how this work, but ReHIPS says it's isolated (in GUI and red border) so I think it's okay

[aDVll]

it's working but some programs  will not be child process of rehips but outside (I use Process Explorer to watch processes)
I am not familiar how this work, but ReHIPS says it's isolated (in GUI and red border) so I think it's okay

You can always check on what user account they are running in process explorer. Then you will know when it's rehips and when not but i never seen rehips gui showing the wrong info.

[Ozone]

it's working but some programs  will not be child process of rehips but outside (I use Process Explorer to watch processes)
I am not familiar how this work, but ReHIPS says it's isolated (in GUI and red border) so I think it's okay

You can always check on what user account they are running in process explorer. Then you will know when it's rehips and when not but i never seen rehips gui showing the wrong info.

thx, forgot about that

[Umbra]

it's working but some programs  will not be child process of rehips but outside (I use Process Explorer to watch processes)
I am not familiar how this work, but ReHIPS says it's isolated (in GUI and red border) so I think it's okay

some child processes of FF need to be run isolated too, (plug-in container.exe especially) , so you have to add it to the  same IE as FF.

[crasher]

Thanks @crasher. Set it up for a kernel memory dump, and it crashed shortly afterwards. Will send you a PM.
I suspect it is Malwarebytes 3 (AE module), or Zemana Anti-Logger or Reason Core Security (recently playing with that), as others have said, which should be removed.
If the crash has nothing to do with ReHIPS, my apologies for wasting your time!

Edit: PM sent.

Thank you for your dump. Try to remove or fully disable product with gwdrv driver (I think it is GlassWire).

[paulderdash]

It is indeed Glasswire. I'll uninstall it later to confirm if it solves the problem and report back.

Edit 1: @crasher btw Excellent sleuthing, and dedication (reading kernel dumps on a Sunday night) 

Assuming you are correct and it is gwdrv driver (Glasswire is now uninstalled, no crashes so far, so I'm sure you are right) - if it is an incompatibility, is there any chance of making ReHIPS compatible with Glasswire, or would a change need to be made from the Glasswire side? Glasswire is essentially a Windows firewall monitor / interface. I would like to keep it as I have a paid lifetime license ...

Edit 2: I have also alerted Glasswire to this issue on their uninstall feedback screen, and asked also if they could reach out to you.

[crasher]

Assuming you are correct and it is gwdrv driver (Glasswire is now uninstalled, no crashes so far, so I'm sure you are right) - if it is an incompatibility, is there any chance of making ReHIPS compatible with Glasswire, or would a change need to be made from the Glasswire side?

We will investigate this problem more deeply, but it does not seem that the problem on our side.