nefarius · nefarius · Oct 19, 2024 · Oct 7, 2024 · Oct 7, 2024 · Oct 7, 2024
diff --git a/HidHide.sln.DotSettings b/HidHide.sln.DotSettings
@@ -1,8 +1,11 @@
 <wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=DEVCLASS/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=eventlog/@EntryIndexedValue">True</s:Boolean>
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Gidts/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=HIDCLASS/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=ITERS/@EntryIndexedValue">True</s:Boolean>
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Korff/@EntryIndexedValue">True</s:Boolean>
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Nefarius/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=POCO/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=STDEXT/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=uninitialize/@EntryIndexedValue">True</s:Boolean>

diff --git a/HidHide/HidHide.man b/HidHide/HidHide.man
@@ -12,7 +12,7 @@
     <events>
       <provider
         symbol="EtwProviderLogging"
-        name="Nefarius Hid Hide"
+        name="Nefarius HidHide"
         guid="{6DA3FFA4-AB7D-40E2-B50C-C4B41BBA36E3}"
         resourceFileName="%WinDir%\System32\drivers\HidHide.sys"
         messageFileName="%WinDir%\System32\drivers\HidHide.sys">

diff --git a/HidHide/HidHide.wprp b/HidHide/HidHide.wprp
@@ -4,14 +4,14 @@
 // SPDX-License-Identifier: MIT
 // HidHide.wprp
 -->
-<WindowsPerformanceRecorder Version="1.0" Company="Nefarius" Copyright="(C) Nefarius" Author="Nefarius Hid Hide">
+<WindowsPerformanceRecorder Version="1.0" Company="Nefarius" Copyright="(C) Nefarius" Author="Nefarius HidHide">
   <Profiles>
     <EventCollector Id="WpaEventCollector" Name="WpaEventCollector">
       <BufferSize Value="1024"/>
       <Buffers Value="200"/>
     </EventCollector>
     <EventProvider Id="WpaEventProvider" Name="Nefarius-Drivers-HidHide"/>
-    <Profile Id="WpaEventSource.Verbose.File" Name="WpaEventSource" Description="Nefarius Hid Hide" LoggingMode="File" DetailLevel="Verbose">
+    <Profile Id="WpaEventSource.Verbose.File" Name="WpaEventSource" Description="Nefarius HidHide" LoggingMode="File" DetailLevel="Verbose">
       <Collectors>
         <EventCollectorId Value="WpaEventCollector">
           <EventProviders>
@@ -20,6 +20,6 @@
         </EventCollectorId>
       </Collectors>
     </Profile>
-    <Profile Id="WpaEventSource.Verbose.Memory" Name="WpaEventSource" Description="Nefarius Hid Hide" Base="WpaEventSource.Verbose.File" LoggingMode="Memory" DetailLevel="Verbose"/>
+    <Profile Id="WpaEventSource.Verbose.Memory" Name="WpaEventSource" Description="Nefarius HidHide" Base="WpaEventSource.Verbose.File" LoggingMode="Memory" DetailLevel="Verbose"/>
   </Profiles>
 </WindowsPerformanceRecorder>
diff --git a/HidHide/ReinstallDriver.cmd b/HidHide/ReinstallDriver.cmd
@@ -1,11 +1,12 @@
+rem DEPRECATED
 @echo off
 rem (c) Eric Korff de Gidts
 rem SPDX-License-Identifier: MIT
 rem ReinstallDriver.cmd
 rem
 rem Command script requiring administrator rights used for testing purposes at target environment
 rem Mount the Visual Studio build output directory as network share and execute this script on the target environment
-rem In order to install and/or update the Nefarius Hid Hide filter device driver
+rem In order to install and/or update the Nefarius HidHide filter device driver
 rem
 
 rem we have to options and per default for the jenkens test job we will deploy the test environment using the installer
@@ -34,7 +35,7 @@ echo Uninstalling the old driver
 ".\devcon.exe" /r remove "root\HidHide"
 del "%windir%\INF\SetupApi.dev.log" > NUL
 
-echo Updating Nefarius Hid Hide filter device driver
+echo Updating Nefarius HidHide filter device driver
 if not exist "C:\Program Files\Nefarius"         mkdir "C:\Program Files\Nefarius"
 if not exist "C:\Program Files\Nefarius\HidHide" mkdir "C:\Program Files\Nefarius\HidHide"
 copy "HidHide\HidHide.cat"   "C:\Program Files\Nefarius\HidHide" /Y > NUL
@@ -43,7 +44,7 @@ copy "HidHide\HidHide.inf"   "C:\Program Files\Nefarius\HidHide" /Y > NUL
 copy "HidHide.man"           "C:\Program Files\Nefarius\HidHide" /Y > NUL
 copy "HidHide.wprp"          "C:\Program Files\Nefarius\HidHide" /Y > NUL
 
-echo Updating Nefarius Hid Hide client
+echo Updating Nefarius HidHide client
 if not exist "C:\Program Files\Nefarius\HidHideClient" mkdir "C:\Program Files\Nefarius\HidHideClient"
 copy "HidHideClient.exe"     "C:\Program Files\Nefarius\HidHideClient" /Y > NUL
 

diff --git a/HidHide/src/Logging.c b/HidHide/src/Logging.c
@@ -41,7 +41,7 @@ NTSTATUS LogRegisterProviders()
 {
     NTSTATUS ntstatus;
 
-    ntstatus = EventRegisterNefarius_Hid_Hide(); // PASSIVE_LEVEL
+    ntstatus = EventRegisterNefarius_HidHide(); // PASSIVE_LEVEL
     if (!NT_SUCCESS(ntstatus)) DBG_AND_RETURN_NTSTATUS("EventRegister logging", ntstatus);
     ntstatus = EventRegisterNefarius_Drivers_HidHide();
     if (!NT_SUCCESS(ntstatus)) DBG_AND_RETURN_NTSTATUS("EventRegister tracing", ntstatus);
@@ -61,7 +61,7 @@ NTSTATUS LogUnregisterProviders()
 
     ntstatus = EventUnregisterNefarius_Drivers_HidHide(); // PASSIVE_LEVEL
     if (!NT_SUCCESS(ntstatus)) DBG_AND_RETURN_NTSTATUS("EventRegister tracing", ntstatus);
-    ntstatus = EventUnregisterNefarius_Hid_Hide();
+    ntstatus = EventUnregisterNefarius_HidHide();
     if (!NT_SUCCESS(ntstatus)) DBG_AND_RETURN_NTSTATUS("EventRegister logging", ntstatus);
 
     return (ntstatus);

diff --git a/HidHide/src/Logic.h b/HidHide/src/Logic.h
@@ -14,10 +14,10 @@ ULONG PsGetProcessSessionId(PEPROCESS process);
 #define DRIVER_PROPERTY_ACTIVE                            L"Active"                         // HKLM\SYSTEM\CurrentControlSet\Services\HidHide\Parameters\Active (DWORD)
 #define DRIVER_PROPERTY_WHITELISTED_INVERSE               L"WhitelistedInverse"             // HKLM\SYSTEM\CurrentControlSet\Services\HidHide\Parameters\WhitelistedInverse (DWORD)
 
-// The Hid Hide I/O control custom device type (range 32768 .. 65535)
+// The HidHide I/O control custom device type (range 32768 .. 65535)
 #define IoControlDeviceType 32769
 
-// The Hid Hide I/O control codes
+// The HidHide I/O control codes
 #define IOCTL_GET_WHITELIST CTL_CODE(IoControlDeviceType, 2048, METHOD_BUFFERED, FILE_READ_DATA)
 #define IOCTL_SET_WHITELIST CTL_CODE(IoControlDeviceType, 2049, METHOD_BUFFERED, FILE_READ_DATA)
 #define IOCTL_GET_BLACKLIST CTL_CODE(IoControlDeviceType, 2050, METHOD_BUFFERED, FILE_READ_DATA)

diff --git a/HidHideCLI/HidHideCLI.man b/HidHideCLI/HidHideCLI.man
@@ -12,7 +12,7 @@
     <events>
       <provider
         symbol="EtwProviderLogging"
-        name="Nefarius Hid Hide CLI"
+        name="Nefarius HidHide CLI"
         guid="{E3DF118F-1AFC-4630-9F03-6C6F73848738}"
         resourceFileName="%ProgramFiles%\Nefarius\HidHideCLI\HidHideCLI.exe"
         messageFileName="%ProgramFiles%\Nefarius\HidHideCLI\HidHideCLI.exe">
@@ -100,8 +100,8 @@
         <string id="EtwKeywordPerformance" value="Performance"/>
         <string id="EtwKeywordDebugging"   value="Debugging"/>
         <string id="EtwEventLogTrace"      value="%1&#009;%2&#009;%3&#009;%4%5"/>
-        <string id="EtwEventLogStarted"    value="Hid Hide CLI version %4%5 started"/>
-        <string id="EtwEventLogStopped"    value="Hid Hide CLI stopped %4%5"/>
+        <string id="EtwEventLogStarted"    value="HidHide CLI version %4%5 started"/>
+        <string id="EtwEventLogStopped"    value="HidHide CLI stopped %4%5"/>
         <string id="EtwEventLogException"  value="Exception at &quot;%1&quot; line %2 %3 %4%5"/>
       </stringTable>
     </resources>

diff --git a/HidHideCLI/HidHideCLI.wprp b/HidHideCLI/HidHideCLI.wprp
@@ -4,14 +4,14 @@
 // SPDX-License-Identifier: MIT
 // HidHideCLI.wprp
 -->
-<WindowsPerformanceRecorder Version="1.0" Company="Nefarius" Copyright="(C) Nefarius" Author="Nefarius Hid Hide CLI">
+<WindowsPerformanceRecorder Version="1.0" Company="Nefarius" Copyright="(C) Nefarius" Author="Nefarius HidHide CLI">
   <Profiles>
     <EventCollector Id="WpaEventCollector" Name="WpaEventCollector">
       <BufferSize Value="1024"/>
       <Buffers Value="200"/>
     </EventCollector>
     <EventProvider Id="WpaEventProvider" Name="Nefarius-Drivers-HidHideCLI"/>
-    <Profile Id="WpaEventSource.Verbose.File" Name="WpaEventSource" Description="Nefarius Hid Hide CLI" LoggingMode="File" DetailLevel="Verbose">
+    <Profile Id="WpaEventSource.Verbose.File" Name="WpaEventSource" Description="Nefarius HidHide CLI" LoggingMode="File" DetailLevel="Verbose">
       <Collectors>
         <EventCollectorId Value="WpaEventCollector">
           <EventProviders>
@@ -20,6 +20,6 @@
         </EventCollectorId>
       </Collectors>
     </Profile>
-    <Profile Id="WpaEventSource.Verbose.Memory" Name="WpaEventSource" Description="Nefarius Hid Hide CLI" Base="WpaEventSource.Verbose.File" LoggingMode="Memory" DetailLevel="Verbose"/>
+    <Profile Id="WpaEventSource.Verbose.Memory" Name="WpaEventSource" Description="Nefarius HidHide CLI" Base="WpaEventSource.Verbose.File" LoggingMode="Memory" DetailLevel="Verbose"/>
   </Profiles>
 </WindowsPerformanceRecorder>
diff --git a/HidHideCLI/src/FilterDriverProxy.cpp b/HidHideCLI/src/FilterDriverProxy.cpp
@@ -11,10 +11,10 @@ namespace
 {
     typedef std::unique_ptr<std::remove_pointer<HANDLE>::type, decltype(&::CloseHandle)> CloseHandlePtr;
 
-    // The Hid Hide I/O control custom device type (range 32768 .. 65535)
+    // The HidHide I/O control custom device type (range 32768 .. 65535)
     constexpr auto IoControlDeviceType{ 32769u };
 
-    // The Hid Hide I/O control codes
+    // The HidHide I/O control codes
     constexpr auto IOCTL_GET_WHITELIST { CTL_CODE(IoControlDeviceType, 2048, METHOD_BUFFERED, FILE_READ_DATA) };
     constexpr auto IOCTL_SET_WHITELIST { CTL_CODE(IoControlDeviceType, 2049, METHOD_BUFFERED, FILE_READ_DATA) };
     constexpr auto IOCTL_GET_BLACKLIST { CTL_CODE(IoControlDeviceType, 2050, METHOD_BUFFERED, FILE_READ_DATA) };

diff --git a/HidHideCLI/src/HID.cpp b/HidHideCLI/src/HID.cpp
@@ -272,7 +272,7 @@ namespace
             case ERROR_ACCESS_DENIED:
                 // The device is opened exclusively and in use hence we can't interact with it
             case ERROR_SHARING_VIOLATION:
-                // The device is (most-likely) cloaked by Hid Hide itself while its client application isn't on the white-list
+                // The device is (most-likely) cloaked by HidHide itself while its client application isn't on the white-list
                 result.usage = HidHide::StringTable(IDS_HID_ATTRIBUTE_DENIED);
                 return (result);
             case ERROR_FILE_NOT_FOUND:

diff --git a/HidHideCLI/src/HidHideCLI.cpp b/HidHideCLI/src/HidHideCLI.cpp
@@ -36,7 +36,7 @@ NTSTATUS WINAPI LogRegisterProviders() noexcept
 {
     try
     {
-        EventRegisterNefarius_Hid_Hide_CLI();
+        EventRegisterNefarius_HidHide_CLI();
         EventRegisterNefarius_Drivers_HidHideCLI();
 
         // The define for BldProductVersion is passed from the project file to the source code via a define
@@ -56,7 +56,7 @@ NTSTATUS WINAPI LogUnregisterProviders() noexcept
     {
         ::LogEvent(ETW(Stopped), L"");
         EventUnregisterNefarius_Drivers_HidHideCLI();
-        EventUnregisterNefarius_Hid_Hide_CLI();
+        EventUnregisterNefarius_HidHide_CLI();
         return (STATUS_SUCCESS);
     }
     catch (...)

diff --git a/HidHideClient/HidHideClient.man b/HidHideClient/HidHideClient.man
@@ -12,7 +12,7 @@
     <events>
       <provider
         symbol="EtwProviderLogging"
-        name="Nefarius Hid Hide Client"
+        name="Nefarius HidHide Client"
         guid="{1E545280-184F-4954-B1E4-9BF8898F2571}"
         resourceFileName="%ProgramFiles%\Nefarius\HidHideClient\HidHideClient.exe"
         messageFileName="%ProgramFiles%\Nefarius\HidHideClient\HidHideClient.exe">
@@ -100,8 +100,8 @@
         <string id="EtwKeywordPerformance" value="Performance"/>
         <string id="EtwKeywordDebugging"   value="Debugging"/>
         <string id="EtwEventLogTrace"      value="%1&#009;%2&#009;%3&#009;%4%5"/>
-        <string id="EtwEventLogStarted"    value="Hid Hide Client version %4%5 started"/>
-        <string id="EtwEventLogStopped"    value="Hid Hide Client stopped %4%5"/>
+        <string id="EtwEventLogStarted"    value="HidHide Client version %4%5 started"/>
+        <string id="EtwEventLogStopped"    value="HidHide Client stopped %4%5"/>
         <string id="EtwEventLogException"  value="Exception at &quot;%1&quot; line %2 %3 %4%5"/>
       </stringTable>
     </resources>

diff --git a/HidHideClient/HidHideClient.rc b/HidHideClient/HidHideClient.rc
@@ -198,7 +198,7 @@ END
 STRINGTABLE
 BEGIN
     IDS_STATIC_WHITELIST_GUIDANCE 
-                            "List here the applications Hid Hide should allow to look through the cloak. Any pre-selected application is not found at the registered location."
+                            "List here the applications HidHide should allow to look through the cloak. Any pre-selected application is not found at the registered location."
     IDS_BUTTON_WHITELIST_INSERT "&+"
     IDS_BUTTON_WHITELIST_DELETE "&-"
     IDS_CHECK_BLACKLIST_FILTER "&Filter-out disconnected"
@@ -210,9 +210,9 @@ BEGIN
     IDS_HID_ATTRIBUTE_DENIED "denied"
     IDS_HID_ATTRIBUTE_ABSENT "absent"
     IDS_STATIC_MESSAGEBOX_PRESENT 
-                            "The Hid Hide control device can't be reached. When Hid Hide is just installed be sure to REBOOT first else inspect the status of the Nefarius Hid Hide driver under System Devices in the Device Manager and ensure it is properly loaded and enabled. Once corrected press Retry. When the issue can't be resolved press Cancel and re-install the Hid Hide software."
+                            "The HidHide control device can't be reached. When HidHide is just installed be sure to REBOOT first else inspect the status of the Nefarius HidHide driver under System Devices in the Device Manager and ensure it is properly loaded and enabled. Once corrected press Retry. When the issue can't be resolved press Cancel and re-install the HidHide software."
     IDS_STATIC_MESSAGEBOX_IN_USE 
-                            "The Hid Hide control device can't be accessed. Be sure to close the HidHide command line interface or any other application. When the issue can't be resolved after a REBOOT press Cancel and re-install the Hid Hide software."
+                            "The HidHide control device can't be accessed. Be sure to close the HidHide command line interface or any other application. When the issue can't be resolved after a REBOOT press Cancel and re-install the HidHide software."
     IDS_STATIC_MESSAGEBOX_EXCEPTION 
                             "Something unforeseen has happened which cannot be recovered from. Program execution has to be terminated. Sorry for the inconvenience."
     IDS_CHECK_WHITELIST_INVERSE "&Inverse application cloak"

diff --git a/HidHideClient/HidHideClient.wprp b/HidHideClient/HidHideClient.wprp
@@ -4,14 +4,14 @@
 // SPDX-License-Identifier: MIT
 // HidHideClient.wprp
 -->
-<WindowsPerformanceRecorder Version="1.0" Company="Nefarius" Copyright="(C) Nefarius" Author="Nefarius Hid Hide Client">
+<WindowsPerformanceRecorder Version="1.0" Company="Nefarius" Copyright="(C) Nefarius" Author="Nefarius HidHide Client">
   <Profiles>
     <EventCollector Id="WpaEventCollector" Name="WpaEventCollector">
       <BufferSize Value="1024"/>
       <Buffers Value="200"/>
     </EventCollector>
     <EventProvider Id="WpaEventProvider" Name="Nefarius-Drivers-HidHideClient"/>
-    <Profile Id="WpaEventSource.Verbose.File" Name="WpaEventSource" Description="Nefarius Hid Hide Client" LoggingMode="File" DetailLevel="Verbose">
+    <Profile Id="WpaEventSource.Verbose.File" Name="WpaEventSource" Description="Nefarius HidHide Client" LoggingMode="File" DetailLevel="Verbose">
       <Collectors>
         <EventCollectorId Value="WpaEventCollector">
           <EventProviders>
@@ -20,6 +20,6 @@
         </EventCollectorId>
       </Collectors>
     </Profile>
-    <Profile Id="WpaEventSource.Verbose.Memory" Name="WpaEventSource" Description="Nefarius Hid Hide Client" Base="WpaEventSource.Verbose.File" LoggingMode="Memory" DetailLevel="Verbose"/>
+    <Profile Id="WpaEventSource.Verbose.Memory" Name="WpaEventSource" Description="Nefarius HidHide Client" Base="WpaEventSource.Verbose.File" LoggingMode="Memory" DetailLevel="Verbose"/>
   </Profiles>
 </WindowsPerformanceRecorder>
diff --git a/HidHideClient/src/HidHideClient.cpp b/HidHideClient/src/HidHideClient.cpp
@@ -61,7 +61,7 @@ NTSTATUS WINAPI LogRegisterProviders() noexcept
 {
     try
     {
-        EventRegisterNefarius_Hid_Hide_Client();
+        EventRegisterNefarius_HidHide_Client();
         EventRegisterNefarius_Drivers_HidHideClient();
 
         // The define for BldProductVersion is passed from the project file to the source code via a define
@@ -81,7 +81,7 @@ NTSTATUS WINAPI LogUnregisterProviders() noexcept
     {
         ::LogEvent(ETW(Stopped), L"");
         EventUnregisterNefarius_Drivers_HidHideClient();
-        EventUnregisterNefarius_Hid_Hide_Client();
+        EventUnregisterNefarius_HidHide_Client();
         return (STATUS_SUCCESS);
     }
     catch (...)