Problem with Windows registry?

Discussion in 'Returnil releases' started by Werderforever, Oct 31, 2010.

Thread Status:
Not open for further replies.
  1. Werderforever

    Werderforever Registered Member

    Joined:
    Aug 31, 2010
    Posts:
    78
    Location:
    Germany
    Hello Mike,

    in another forum you have wrote:

    "3. Microsoft Updates and Antivirus/Antispyware/Antimalware program upgrades:

    The current release generation of Returnil has limited ability to alter the Windows registry."

    Does this mean that, when I test a software and afterwards I restart the computer, that not all registy entries made by the tested software were deleted (...because of that
    limited ability to alter the Windows registry)?

    If yes, is this only a problem with older Returnil Releases or concerns this
    RSS 2011 too?

    Many thanks for help.

    Werderforever
     
  2. Coldmoon

    Coldmoon Returnil Moderator

    Joined:
    Sep 18, 2006
    Posts:
    2,981
    Location:
    USA
    Hi Werderforever,
    No, the limitation is on selective saving to the real registry. When you install something and then restart in Virtual Mode, the changes made to your registry will be gone as expected. The limitation is better described as one where you would need to save all changes made during the applicable virtual session to save registry changes.

    IOW: it's save all or nothing where the registry is concerned.

    I hope this makes it clearer.

    Mike
     
  3. Werderforever

    Werderforever Registered Member

    Joined:
    Aug 31, 2010
    Posts:
    78
    Location:
    Germany
    Hi Mike,

    many thanks! :) Now it´s clear.

    Werderforever
     
  4. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,718
    @Coldmoon

    Is there any plan on having a 'save to registry' feature during Virtual Mode in Returnil future releases? Or do you guys consider it as far too much of a risk and hence won't implement it?
     
  5. Coldmoon

    Coldmoon Returnil Moderator

    Joined:
    Sep 18, 2006
    Posts:
    2,981
    Location:
    USA
    It is risky to allow changes to the registry; especially selective changes unless performed by an advanced or expert user. The Registry is one of the most important areas to protect as most malware needs to make changes to infect or help other malware infect your system.

    We continue to research, but don't look for this immediately...

    Mike
     
Thread Status:
Not open for further replies.