Directory Opus executables and hooks

This FAQ explains the purpose of the different .exe files that are part of Directory Opus. It also provides details of the keyboard hooks which Opus may install (and which some anti-virus tools may flag as potential key-loggers).

You don't need this information to use Directory Opus; it is here for people who want to understand what is running on their machines.

Executables

  • dopus.exe is the main program. If you have a Directory Opus window open, or have Opus configured to remain running in the background, then dopus.exe will be running. See How to Exit Directory Opus for information on exiting Opus or preventing it from running in the background.

    If Directory Opus is configured to launch at startup then a shortcut to dopus.exe will be added to the Start Menu's All Programs / Startup folder. (Earlier versions of Opus used the registry to launch dopus.exe on startup; this is now only used for dopusrt.exe.)

  • dopusrt.exe is a small program with two functions:

    1. Directory Opus has an option that allows you to launch open a new window (or run a command) when you double-click an empty part of the Windows desktop. When that option is on a copy of dopusrt.exe will be running to detect the double-click and launch the main program (or open a new window if it is already running). Using dopusrt.exe to do this means that the desktop double-click feature still works, using very few resources, even when the main program is not running.

      If you set Settings -> Preferences / Launching Opus / From the Desktop: Disable and click Apply then you will see dopusrt.exe exit. Enable the feature again and the process will come back.

      If the desktop double-click feature is enabled then dopusrt.exe will be set to run at startup via the registry:

      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

      Some security software may show a warning about suspicious behaviour from "Directory Opus Helper Application", which may be due to detecting the mouse hook installed by dopusrt.exe. If you wish you use the desktop double-click feature you will need to allow this.

    2. You can also use dopusrt.exe to send commands to Opus from other programs, batch files, and so on. For example, to run the command

      Go "C:\Program Files" NEW=dual"
      

      (which will open the Program Files folder in a new, dual-display window) from outside of Opus you can run this:

      "C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe" /cmd Go "C:\Program Files" NEW=dual
      
  • d8viewer.exe can be used to open images, videos, documents, etc. in the Directory Opus viewer from outside of Opus. In particular, you can associate it with filetypes using the Open With menu. For more information, see HOW TO: Use the Opus image viewer inside or outside of Opus.

  • dopusx64.exe (Directory Opus 9 only) is something you may see running in the background on 64-bit systems. It is a process that the 64-bit version of Directory Opus uses to talk to 32-bit components which cannot be loaded directly. It uses very few resources and will automatically start and stop as needed. (It may continue to run for a few minutes after Opus is exited. That is normal behaviour and is governed by the Windows COM API.) The need for this process was removed in Directory Opus 10.

  • dowshlp.exe is used to run Windows Search queries. You should only see it in the background while searching.

  • docsvw32.exe and docsvw64.exe are part of the Directory Opus ActiveX viewer plugin. The plugin allows you to view files in Opus using third-party viewers designed for things like Windows Explorer, Internet Explorer and Microsoft Office. On a 32-bit system you'll only ever see docsvw32.exe running while on a 64-bit system you may see either or both running.

    The two processes are used to run third-party viewers in a separate process so that if they crash they do not take out the main Directory Opus process. The docsvw32.exe process also allows the 64-bit version of Opus to use third-party viewers such as Adobe Reader and Flash which only have 32-bit versions.

Keyboard hooks

Directory Opus may use keyboard hooks to support certain features. These hooks can cause some anti-virus tools to flag dopus.exe, docsvw32.exe or docsvw64.exe as a potential key-logger. The hooks are nothing to worry about.

  • If you have any system-wide hotkeys that override system-default hotkeys involving the Windows key (e.g. Win-E) then dopus.exe will install a global keyboard hook so that it can intercept those keys. You can use Settings -> Customize / Keys to edit both normal and system-wide hotkeys and you can use them to run any Opus command as well as launch external programs. In the key editor, the Type column shows Hotkey * to indicate system-wide hotkeys. Not all system-wide hotkey require a hook, however.

  • If you view a PDF file within Opus using the Adobe PDF preview handler (installed as part of Adobe Reader) then docsvw32.exe will install a keyboard hook into AcroRd32Info.exe. (This hook, unlike the one for system-wide hotkeys, is not global; it only monitors keypresses within the PDF viewer window.) The hook is used to work around bugs in the Adobe PDF preview handler. (Without the hook, if you scroll the PDF file using the keyboard then it will sometimes not be drawn properly. Also, you will not be able to use tab and shift-tab to move the keyboard focus from the PDF viewer to another part of the window.)

    If you don't use the Adobe PDF preview handler then this hook will never affect you. You can also disable the hook (and in turn bring back the bugs it works around) via the ActiveX plugin's configuration file. Type /dopusdata/ConfigFiles/Plugins into the location field in Opus and you should see a Docs.oxc file. Edit it and set KeyHooks="no" on the second line:

    <?xml version="1.0" encoding="UTF-8"?>
    <Docs AllowIPersistStreamInit="yes" Debug="no" KeyHooks="no" MsgFilt="yes" Thread="yes" ...
    ...
    
  • The hooks described above are the only ones that intercept keystrokes in other processes. A few other hooks are used for a handful of other purposes but they should not look suspicious unless your anti-virus software is extremely trigger happy (or, to put it another way, "causes more problems than it could possibly solve" :slight_smile: ).