GeSWall - how does it clean up after itself?

Discussion in 'other anti-malware software' started by Stro, Aug 10, 2006.

Thread Status:
Not open for further replies.
  1. Stro

    Stro Registered Member

    Joined:
    May 16, 2004
    Posts:
    130
    Location:
    Memphis, TN USA
    Can someone who knows his/her GeSWall stuff answer the two questions below?

    The GeSWall User Guide says that isolated web browsers or other isolated applications can create files, folders and registry keys** which GeSWall treats as untrusted resources (see pasted passages below).

    My first question is....what happens to all these untrust files/folders/registry keys created by the isolated browsers/applications? How and when do they ever get deleted from your PC? Or do they just stay on your PC, labelled as "untrusted," being guarded by GeSWall? And if that is the case, then what happens if you uninstall GeSWall? Do the untrusted files/folders/registry keys then become free to run wild and unchecked on your PC?

    ** My second question.....Concerning the ability of isolated browsers/applications to create registry keys, please read from pages 10 and 15 below. Page 10 clearly states isolated browsers/apps can create registry keys; page 15 just as clearly says they cannot. Anyone have any insight into this apparent contradiction?


    GeSWall 2.3 Personal Edition User Guide

    from page 10:
    Files and registry keys created by an isolated web browser or other isolated
    application pose a risk as they may contain mal-ware. GeSWall treats all such files as untrusted and warns whenever an application is started from untrusted executables proposing to isolate it. In some cases, if you have downloaded a software installation package from a source that you trust then you may need to run it non-isolated.

    from page 15:
    The definition prevents an isolated application creating resources inside the specified path. For example, if “Deny Create” for “c:\windows\system32\” denies creating any new files inside c:\windows\system32\ path. Note that by default GeSWall allows isolated applications to create new files and folders without restriction but disallows the creation of new registry keys.

    Thank you for any valuable contributions of knowledge & insight!
    Regards,
    Stro
     
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I think usually the Files remain there while the reg enteries are cleared automatically.
    But I am not sure, u should write to their support, they are nicely responsive.
     
  3. q1aqza

    q1aqza Registered Member

    Joined:
    Jul 27, 2004
    Posts:
    312
    I asked a similar question to Brian of GesWall support and he explained that the temporary entries are deleted upon process termination.
     
Loading...
Thread Status:
Not open for further replies.