Add Tmpl.Scan options for anti-phishing rules

Sandboxie/apps/control/AppPage.cpp

@@ -1526,8 +1526,8 @@ void CAppPage::UpdateTemplates3(CBox &box,
 void CAppPage::SetDefaultTemplates6(CBox &box)
 {
     box.EnableTemplate(L"AutoRecoverIgnore", TRUE);
-    box.EnableTemplate(L"Firefox_Phishing_DirectAccess", TRUE);
-    box.EnableTemplate(L"Chrome_Phishing_DirectAccess", TRUE);
+    //box.EnableTemplate(L"Firefox_Phishing_DirectAccess", TRUE);
+    //box.EnableTemplate(L"Chrome_Phishing_DirectAccess", TRUE);
     box.EnableTemplate(L"LingerPrograms", TRUE);
     SetDefaultTemplates7(box);
 }

Sandboxie/install/Templates.ini

@@ -192,6 +192,9 @@ Tmpl.Title=#4337,Mozilla Firefox
 Tmpl.Class=WebBrowser
 OpenFilePath=firefox.exe,%Tmpl.Firefox%\cert9.db
 OpenFilePath=firefox.exe,%Local AppData%\Mozilla\Firefox\Profiles\*\safebrowsing*
+Tmpl.Scan=s
+Tmpl.ScanProduct=Mozilla Firefox *
+Tmpl.ScanService=MozillaMaintenance
 
 [Template_Firefox_Profile_DirectAccess]
 Tmpl.Title=#4338,Mozilla Firefox
@@ -239,6 +242,8 @@ Tmpl.Class=WebBrowser
 OpenFilePath=waterfox.exe,%Tmpl.WaterFox%\blocklist.xml
 OpenFilePath=waterfox.exe,%Tmpl.WaterFox%\cert9.db
 OpenFilePath=waterfox.exe,%Local AppData%\Waterfox\Profiles\*\safebrowsing*
+Tmpl.Scan=s
+Tmpl.ScanProduct=Waterfox *
 
 [Template_Waterfox_Profile_DirectAccess]
 Tmpl.Title=#4338,Waterfox
@@ -285,6 +290,8 @@ Tmpl.Title=#4337,Pale Moon
 Tmpl.Class=WebBrowser
 OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\blocklist.xml
 OpenFilePath=palemoon.exe,%Tmpl.PaleMoon%\cert9.db
+Tmpl.Scan=s
+Tmpl.ScanProduct=Pale Moon *
 
 [Template_PaleMoon_Profile_DirectAccess]
 Tmpl.Title=#4338,Pale Moon
@@ -332,6 +339,8 @@ Tmpl.Class=WebBrowser
 OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\blocklist.xml
 OpenFilePath=seamonkey.exe,%Tmpl.SeaMonkey%\cert9.db
 OpenFilePath=seamonkey.exe,%Local AppData%\Mozilla\SeaMonkey\Profiles\*\safebrowsing*
+Tmpl.Scan=s
+Tmpl.ScanProduct=SeaMonkey *
 
 [Template_SeaMonkey_Profile_DirectAccess]
 Tmpl.Title=#4338,SeaMonkey
@@ -404,6 +413,9 @@ Tmpl.Title=#4337,Google Chrome
 Tmpl.Class=WebBrowser
 OpenFilePath=chrome.exe,%Local AppData%\Google\Chrome\User Data\Safe Browsing*
 OpenFilePath=chrome.exe,%Local AppData%\Google\Chrome\User Data\CertificateRevocation
+Tmpl.Scan=s
+Tmpl.ScanProduct=Google Chrome
+Tmpl.ScanService=GoogleChromeElevationService
 
 [Template_Chrome_Profile_DirectAccess]
 Tmpl.Title=#4338,Google Chrome
@@ -463,6 +475,9 @@ OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\Safe Browsing*
 OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\CertificateRevocation
 OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\SmartScreen
 OpenFilePath=msedge.exe,%Local AppData%\Microsoft\Edge\User Data\Ad Blocking
+Tmpl.Scan=s
+Tmpl.ScanProduct=Microsoft Edge
+Tmpl.ScanService=edgeupdate
 
 [Template_Edge_Profile_DirectAccess]
 Tmpl.Title=#4338,Microsoft Edge
@@ -514,6 +529,9 @@ Tmpl.Title=#4337,Comodo Dragon
 Tmpl.Class=WebBrowser
 OpenFilePath=dragon.exe,%Local AppData%\Comodo\Dragon\User Data\Safe Browsing*
 OpenFilePath=dragon.exe,%Local AppData%\Comodo\Dragon\User Data\CertificateRevocation
+Tmpl.Scan=s
+Tmpl.ScanProduct=Comodo Dragon
+Tmpl.ScanService=DragonUpdater
 
 [Template_Dragon_Profile_DirectAccess]
 Tmpl.Title=#4338,Comodo Dragon
@@ -574,6 +592,9 @@ Tmpl.Title=#4337,SRWare Iron
 Tmpl.Class=WebBrowser
 OpenFilePath=iron.exe,%Local AppData%\Chromium\User Data\Safe Browsing*
 OpenFilePath=iron.exe,%Local AppData%\Chromium\User Data\CertificateRevocation
+Tmpl.Scan=s
+Tmpl.ScanProduct={BA85A29D-B48E-4826-BAEE-817024E52E29}_is1
+Tmpl.ScanProduct={C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1
 
 [Template_Iron_Profile_DirectAccess]
 Tmpl.Title=#4338,SRWare Iron
@@ -689,6 +710,9 @@ Tmpl.Title=#4337,Vivaldi
 Tmpl.Class=WebBrowser
 OpenFilePath=vivaldi.exe,%Local AppData%\Vivaldi\User Data\Safe Browsing*
 OpenFilePath=vivaldi.exe,%Local AppData%\Vivaldi\User Data\CertificateRevocation
+Tmpl.Scan=s
+Tmpl.ScanProduct=Vivaldi
+Tmpl.ScanFile=%Local AppData%\Vivaldi\Application
 
 [Template_Vivaldi_Profile_DirectAccess]
 Tmpl.Title=#4338,Vivaldi
@@ -749,6 +773,9 @@ Tmpl.Title=#4337,Brave Browser
 Tmpl.Class=WebBrowser
 OpenFilePath=brave.exe,%Local AppData%\BraveSoftware\Brave-Browser\User Data\Safe Browsing*
 OpenFilePath=brave.exe,%Local AppData%\BraveSoftware\Brave-Browser\User Data\CertificateRevocation
+Tmpl.Scan=s
+Tmpl.ScanProduct=BraveSoftware Brave-Browser
+Tmpl.ScanService=brave
 
 [Template_Brave_Profile_DirectAccess]
 Tmpl.Title=#4338,Brave Browser
@@ -804,6 +831,9 @@ Tmpl.Title=#4337,Maxthon 6
 Tmpl.Class=WebBrowser
 OpenFilePath=Maxthon.exe,%Local AppData%\Maxthon\Application\User Data\Safe Browsing*
 OpenFilePath=Maxthon.exe,%Local AppData%\Maxthon\Application\User Data\CertificateRevocation
+Tmpl.Scan=s
+Tmpl.ScanProduct=Maxthon
+Tmpl.ScanFile=%Local AppData%\Maxthon\Application
 
 [Template_Maxthon6_Profile_DirectAccess]
 Tmpl.Title=#4338,Maxthon 6
@@ -863,6 +893,9 @@ OpenFilePath=opera.exe,%Tmpl.Opera%\Sync Data\*
 Tmpl.Title=#4337,Opera
 Tmpl.Class=WebBrowser
 OpenFilePath=opera.exe,%Tmpl.Opera%\CertificateRevocation
+Tmpl.Scan=s
+Tmpl.ScanProduct=Opera *
+Tmpl.ScanFile=%Local AppData%\Programs\Opera
 
 [Template_Opera_Profile_DirectAccess]
 Tmpl.Title=#4338,Opera
@@ -925,6 +958,9 @@ Tmpl.Title=#4337,Yandex Browser
 Tmpl.Class=WebBrowser
 OpenFilePath=browser.exe,%Local AppData%\Yandex\YandexBrowser\User Data\Safe Browsing*
 OpenFilePath=browser.exe,%Local AppData%\Yandex\YandexBrowser\User Data\CertificateRevocation
+Tmpl.Scan=s
+Tmpl.ScanService=YandexBrowserService
+Tmpl.ScanFile=%Local AppData%\Yandex\YandexBrowser\Application
 
 [Template_Yandex_Profile_DirectAccess]
 Tmpl.Title=#4338,Yandex Browser

SandboxiePlus/QSbieAPI/Sandboxie/SandBox.cpp

@@ -64,8 +64,8 @@ CSandBox::CSandBox(const QString& BoxName, class CSbieAPI* pAPI) : CSbieIni(BoxN
 	{
 		// templates L6
 		InsertText("Template", "AutoRecoverIgnore");
-		InsertText("Template", "Firefox_Phishing_DirectAccess");
-		InsertText("Template", "Chrome_Phishing_DirectAccess");
+		//InsertText("Template", "Firefox_Phishing_DirectAccess");
+		//InsertText("Template", "Chrome_Phishing_DirectAccess");
 		InsertText("Template", "LingerPrograms");
 	}