HotCakeX · HotCakeX · Feb 21, 2025 · Feb 18, 2025 · Feb 20, 2025
@@ -43,7 +43,7 @@ jobs:
           if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New('Failed to install .NET SDK') }
 
           Write-Host -Object "`nInstalling Visual Studio Build Tools" -ForegroundColor Magenta
-          $null = winget install --id Microsoft.VisualStudio.2022.BuildTools --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget --override '--force --wait --passive --add Microsoft.VisualStudio.Workload.ManagedDesktop --add Microsoft.VisualStudio.Workload.VCTools --add Microsoft.VisualStudio.Workload.MSBuildTools --add Microsoft.VisualStudio.Workload.UniversalBuildTools --add Microsoft.VisualStudio.ComponentGroup.WindowsAppSDK.Cs --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 --add Microsoft.VisualStudio.Component.Windows11SDK.26100 --includeRecommended'
+          $null = winget install --id Microsoft.VisualStudio.2022.BuildTools --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget --override '--force --wait --passive --add Microsoft.VisualStudio.Workload.ManagedDesktop --add Microsoft.VisualStudio.Workload.VCTools --add Microsoft.VisualStudio.Workload.MSBuildTools --add Microsoft.VisualStudio.Workload.UniversalBuildTools --add Microsoft.VisualStudio.ComponentGroup.WindowsAppSDK.Cs --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 --add Microsoft.VisualStudio.Component.Windows11SDK.26100 --includeRecommended --add Microsoft.VisualStudio.Component.VC.Tools.ARM64 --add Microsoft.VisualStudio.Component.UWP.VC.ARM64'
           if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New('Failed to install Visual Studio Build Tools') }
 
           Write-Host -Object "`nInstalling Visual C++ Redistributable" -ForegroundColor Magenta

@@ -51,7 +51,6 @@
             </Style>
 
 
-
             <animations:ImplicitAnimationSet x:Name="ShowTransitions">
                 <animations:OffsetAnimation EasingMode="EaseOut"
                                    From="0,24,0"
@@ -74,8 +73,6 @@
             </animations:ImplicitAnimationSet>
 
 
-
-
         </ResourceDictionary>
     </Application.Resources>
 </Application>
@@ -79,7 +79,6 @@ public App()
 	}
 
 
-
 	/// <summary>
 	/// Event handler for when the sound setting is changed.
 	/// </summary>
@@ -101,7 +100,6 @@ private void OnSoundSettingChanged(object? sender, SoundSettingChangedEventArgs
 	}
 
 
-
 	/// <summary>
 	/// Invoked when the application is launched.
 	/// </summary>
@@ -135,15 +133,12 @@ protected override void OnLaunched(LaunchActivatedEventArgs args)
 	/// </summary>
 	private async void App_UnhandledException(object sender, Microsoft.UI.Xaml.UnhandledExceptionEventArgs e)
 	{
-		Logger.Write($"Unhandled exception: {e.Exception.Message}");
+		Logger.Write(ErrorWriter.FormatException(e.Exception));
 
 		// Prevent the app from crashing
 		// With this set to false, the same error would keep writing to the log file forever. The exception keeps bubbling up since it's unhandled.
 		e.Handled = true;
 
-		// Log the error to a file
-		Logger.Write(e.Exception.ToString());
-
 		// Show error dialog to the user
 		await ShowErrorDialogAsync(e.Exception);
 	}

@@ -1,5 +1,4 @@
 <Project Sdk="Microsoft.NET.Sdk">
-  <!-- The following are the details for AppControlManager, a Self-Contained MSIX Packaged App -->
   <PropertyGroup>
     <OutputType>WinExe</OutputType>
     <TargetFramework>net9.0-windows10.0.26100.0</TargetFramework>
@@ -25,7 +24,6 @@
     <EnableMsixTooling>true</EnableMsixTooling>
     <Nullable>enable</Nullable>
 
-
     <!-- https://learn.microsoft.com/en-us/dotnet/core/project-sdk/msbuild-props#satelliteresourcelanguages -->
     <SatelliteResourceLanguages>en-US</SatelliteResourceLanguages>
 
@@ -48,22 +46,7 @@
     <WindowsAppSDKSelfContained>true</WindowsAppSDKSelfContained>
 
     <!-- Publish Properties -->
-    <PublishReadyToRun Condition="'$(Configuration)' == 'Debug'">False</PublishReadyToRun>
-    <PublishReadyToRun Condition="'$(Configuration)' != 'Debug'">True</PublishReadyToRun>
-
-    <!-- Disabling trimming temporarily -->
-    <!-- There should be absolutely no trim warnings before this can be enabled
-    Otherwise there is no guarantee that the app will work as expected at all times -->
-    <!-- https://learn.microsoft.com/en-us/dotnet/core/deploying/trimming/trimming-options -->
-
-
-    <PublishTrimmed>false</PublishTrimmed>
-    <!--
-
-    <TrimMode>partial</TrimMode>
-    <SuppressTrimAnalysisWarnings>false</SuppressTrimAnalysisWarnings>
-    <TrimmerSingleWarn>false</TrimmerSingleWarn>
-    -->
+    <PublishReadyToRun>True</PublishReadyToRun>
 
     <ImplicitUsings>disable</ImplicitUsings>
     <Description>A modern secure application that simplifies management of Application Control in Windows.</Description>
@@ -90,9 +73,9 @@
     <EnforceCodeStyleInBuild>True</EnforceCodeStyleInBuild>
     <AssemblyName>AppControlManager</AssemblyName>
     <!-- https://learn.microsoft.com/en-us/dotnet/core/deploying/native-aot/optimizing -->
-    <PublishAot>false</PublishAot>
+    <PublishAot>True</PublishAot>
     <ErrorReport>send</ErrorReport>
-    <FileVersion>1.9.0.0</FileVersion>
+    <FileVersion>1.9.1.0</FileVersion>
     <AssemblyVersion>$(FileVersion)</AssemblyVersion>
     <NeutralLanguage>en-US</NeutralLanguage>
     <PackageLicenseFile>LICENSE</PackageLicenseFile>
@@ -108,7 +91,20 @@
     <CheckForOverflowUnderflow>True</CheckForOverflowUnderflow>
     <NuGetAuditMode>all</NuGetAuditMode>
     <RepositoryType>git</RepositoryType>
-    <TreatWarningsAsErrors>True</TreatWarningsAsErrors>
+    <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
+
+    <!-- There should be absolutely no trim warnings before this can be enabled
+    Otherwise there is no guarantee that the app will work as expected at all times -->
+    <!-- https://learn.microsoft.com/en-us/dotnet/core/deploying/trimming/trimming-options -->
+    <PublishTrimmed>True</PublishTrimmed>
+    <TrimMode>full</TrimMode>
+    <SuppressTrimAnalysisWarnings>false</SuppressTrimAnalysisWarnings>
+    <ILLinkTreatWarningsAsErrors>true</ILLinkTreatWarningsAsErrors>
+    <TrimmerSingleWarn>false</TrimmerSingleWarn>
+    <TrimmerRemoveSymbols>true</TrimmerRemoveSymbols>
+    <EnableUnsafeUTF7Encoding>false</EnableUnsafeUTF7Encoding>
+    <EnableUnsafeBinaryFormatterSerialization>false</EnableUnsafeBinaryFormatterSerialization>
+    <XmlResolverIsNetworkingEnabledByDefault>false</XmlResolverIsNetworkingEnabledByDefault>
   </PropertyGroup>
 
   <!--
@@ -121,14 +117,11 @@
   -->
 
   <!--
-  For trimming to exclude incompatible assemblies, but currently not working
-
   <ItemGroup>
     <TrimmerRootDescriptor Include="MyRoots.xml" />
   </ItemGroup>
 -->
 
-
   <!-- Defining the "Msix" ProjectCapability here allows the Single-project MSIX Packaging
     Tools extension to be activated for this project even if the Windows App SDK Nuget
     package has not yet been restored. -->
@@ -137,9 +130,8 @@
   </ItemGroup>
 
   <!-- Nuget packages
-  All transitive/nested packages under the main packages are added
+  All transitive/nested packages under the main packages are added as well
   so they can be updated separately and receive bug/security vulnerability fixes faster
-
   https://devblogs.microsoft.com/nuget/introducing-transitive-dependencies-in-visual-studio/
   -->
   <ItemGroup>
@@ -154,7 +146,6 @@
     <PackageReference Include="CommunityToolkit.WinUI.Helpers" Version="8.2.250129-preview2" />
     <PackageReference Include="CommunityToolkit.WinUI.Lottie" Version="8.1.240821" />
     <PackageReference Include="CommunityToolkit.WinUI.Triggers" Version="8.2.250129-preview2" />
-    <PackageReference Include="CommunityToolkit.WinUI.UI.Controls.DataGrid" Version="7.1.2" />
     <PackageReference Include="Microsoft.Graphics.Win2D" Version="1.3.2" />
     <PackageReference Include="Microsoft.Identity.Client" Version="4.68.0" />
     <PackageReference Include="Microsoft.IdentityModel.Abstractions" Version="8.5.0" />
@@ -169,9 +160,8 @@
     <PackageReference Include="Microsoft.Windows.SDK.Win32Metadata" Version="63.0.31-preview" />
     <PackageReference Include="Microsoft.Windows.WDK.Win32Metadata" Version="0.13.25-experimental" />
     <PackageReference Include="Microsoft.WindowsAppSDK" Version="1.6.250205002" />
-    <PackageReference Include="System.CodeDom" Version="9.0.2" />
-    <PackageReference Include="System.Diagnostics.DiagnosticSource" Version="9.0.2" />
-
+    <PackageReference Include="Microsoft.Xaml.Behaviors.WinUI.Managed" Version="3.0.0" />
+    <PackageReference Include="CommunityToolkit.WinUI.Behaviors" Version="8.2.250129-preview2" />
 
     <!--
     No longer needed - manual static code has been implemented
@@ -181,7 +171,6 @@
    -->
 
     <PackageReference Include="System.Diagnostics.EventLog" Version="9.0.2" />
-    <PackageReference Include="System.Management" Version="9.0.2" />
     <PackageReference Include="System.Security.Cryptography.Pkcs" Version="9.0.2" />
   </ItemGroup>
 
@@ -244,8 +233,10 @@
     <None Remove="Pages\ViewCurrentPolicies.xaml" />
     <None Remove="Pages\ViewFileCertificates.xaml" />
     <None Remove="Resources\AppControlManagerSupplementalPolicy.xml" />
+    <None Remove="Resources\DriversBlockListAutoUpdaterScheduledTask.ps1" />
     <None Remove="Resources\EmptyPolicy.xml" />
     <None Remove="Resources\ISGBasedSupplementalPolicy.xml" />
+    <None Remove="Resources\SnapBackGuaranteeScheduledTask.ps1" />
     <None Remove="Resources\StrictKernelMode.xml" />
     <None Remove="Resources\StrictKernelMode_NoFlightRoots.xml" />
   </ItemGroup>
@@ -259,12 +250,18 @@
     <Content Include="Resources\AppControlManagerSupplementalPolicy.xml">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </Content>
+    <Content Include="Resources\DriversBlockListAutoUpdaterScheduledTask.ps1">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </Content>
     <Content Include="Resources\EmptyPolicy.xml">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </Content>
     <Content Include="Resources\ISGBasedSupplementalPolicy.xml">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </Content>
+    <Content Include="Resources\SnapBackGuaranteeScheduledTask.ps1">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </Content>
     <Content Include="Resources\StrictKernelMode.xml">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </Content>

@@ -93,7 +93,6 @@
                 </controls:SettingsCard>
 
 
-
                 <controls:SettingsCard Header="SignTool Path"
                 Description="Used to sign the policy CIP file"
                 HeaderIcon="{ui:FontIcon Glyph=&#xEA86;}">
@@ -144,5 +143,4 @@
     </ScrollView>
 
 
-
 </ContentDialog>
@@ -93,7 +93,6 @@
                 </controls:SettingsCard>
 
 
-
                 <controls:SettingsCard Header="SignTool Path"
                 Description="Used to sign the policy CIP file"
                 HeaderIcon="{ui:FontIcon Glyph=&#xEA86;}">
@@ -110,11 +109,9 @@
 
                     </controls:WrapPanel>
 
-
                 </controls:SettingsCard>
 
 
-
                 <controls:SettingsCard Header="XML File"
                     Description="The XML file of the Signed policy that is going to be removed"
                     HeaderIcon="{ui:FontIcon Glyph=&#xEA86;}">
@@ -131,7 +128,6 @@
                 </controls:SettingsCard>
 
 
-
             </StackPanel>
 
             <controls:WrapPanel Grid.Row="3" Orientation="Vertical" HorizontalSpacing="10" VerticalSpacing="10" Margin="10,15,10,0" HorizontalAlignment="Center">
@@ -161,6 +157,4 @@
 
     </ScrollView>
 
-
-
 </ContentDialog>
@@ -498,6 +498,4 @@ private void XMLPolicyFileBrowseButton_Click(object sender, RoutedEventArgs e)
 		}
 	}
 
-
-
 }
@@ -491,7 +491,6 @@ private static HashSet<FileIdentity> CodeIntegrityEventsRetriever(string? EvtxFi
 	}
 
 
-
 	/// <summary>
 	/// Retrieves the AppLocker events from the local and EVTX files
 	/// </summary>
@@ -897,7 +896,6 @@ private static HashSet<FileIdentity> AppLockerEventsRetriever(string? EvtxFilePa
 	}
 
 
-
 	#region Helper methods to extract values
 
 	/// <summary>
@@ -928,7 +926,6 @@ private static HashSet<FileIdentity> AppLockerEventsRetriever(string? EvtxFilePa
 	}
 
 
-
 	/// <summary>
 	/// Only works for the <EventData> node of the Event
 	/// </summary>
@@ -1049,7 +1046,6 @@ private static string ResolvePath(string path)
 	#endregion
 
 
-
 	#region Async processing
 
 	/// <summary>

@@ -160,11 +160,9 @@ internal static HashSet<FileIdentity> Retrieve(List<MDEAdvancedHuntingData> data
 				// Add the entire event package to the output list
 				_ = fileIdentities.Add(eventData);
 
-
 			}
 
 
-
 			// If the current group has Code Integrity Blocked log
 			else if (possibleCodeIntegrityBlockEvent is not null)
 			{
@@ -488,7 +486,6 @@ internal static HashSet<FileIdentity> Retrieve(List<MDEAdvancedHuntingData> data
 	}
 
 
-
 	#region Helper methods to extract values
 
 	/// <summary>

@@ -79,7 +79,6 @@ internal static bool InferCertificatePresence(SiPolicy.SiPolicy policyObject, st
 	}
 
 
-
 	/// <summary>
 	/// Gets the path to a .cer certificate file and a certificate common name
 	/// Makes sure the common name belongs to the certificate file

@@ -50,7 +50,6 @@ private static IntPtr OpenFile(string path, out int error)
 	}
 
 
-
 	internal static KernelUserVerdict CheckKernelUserModeStatus(string filePath)
 	{
 

@@ -49,7 +49,6 @@ internal static HashSet<FileIdentity> Scan(List<FileInfo> files, ushort scalabil
 		}
 
 
-
 		// Store the output of all of the parallel tasks in this
 		ConcurrentDictionary<FileInfo, FileIdentity> temporaryOutput = [];
 
@@ -103,7 +102,6 @@ internal static HashSet<FileIdentity> Scan(List<FileInfo> files, ushort scalabil
 					}
 
 
-
 					// To track whether ECC Signed signature has been detected or not
 					// Once it's been set to true, it won't be changed to false anymore for the current file
 					bool IsECCSigned = false;
@@ -247,7 +245,6 @@ internal static HashSet<FileIdentity> Scan(List<FileInfo> files, ushort scalabil
 								}
 
 
-
 								// If the Leaf Certificate exists in the current package
 								// Indicating that the current signer of the file is a normal certificate with Leaf/Intermediate(s)/Root
 								if (package.LeafCertificate is not null)

@@ -40,7 +40,6 @@ internal static bool Invoke(List<string>? filePaths, string xmlFilePath, bool no
 	}
 
 
-
 	internal static void ExportToCsv(ConcurrentDictionary<string, SimulationOutput> finalResults, string filePath)
 	{
 		// Create a list for CSV lines
Original file line number	Diff line number	Diff line change
Expand Up		@@ -498,6 +498,4 @@ private void XMLPolicyFileBrowseButton_Click(object sender, RoutedEventArgs e)
		}
		}



		}
-Original file line number
+Diff line change
@@ Expand Up @@
     	}
     	/// <summary>
     	/// Gets the path to a .cer certificate file and a certificate common name
     	/// Makes sure the common name belongs to the certificate file
@@ Expand Down @@
Original file line number	Diff line number	Diff line change
Expand Up		@@ -50,7 +50,6 @@ private static IntPtr OpenFile(string path, out int error)
		}



		internal static KernelUserVerdict CheckKernelUserModeStatus(string filePath)
		{

Expand Down