RegReMapper is a placeholder for the RegistryReMapper.exe which would do the Registry remapping. ie. The code you were writing, Peter.
BTW: What does "RegReMapper Explorer.exe" mean?
As you've already found out here:
But I have some concerns:
During the time the 'MedEvil' keys are mapped, every write into registry is written to 'MedEvil'.
this is not the case since the mappings arn't global but are local for just one process, they can not even be inherited, which is actually our problem.
Bad news: The redirection is only valid for the current process.
This problems has already been addressed by me, with 2 posts.
That means: Redirection does not remain when the redirecting program finishes.
- My first solution was, to use memory injection to use RegOverridePredefKey with more than just the current process.
Idea was actually posted here: http://www.codeproje...2k/regsvrex.asp
but as posted her: http://www.boot-land...?...ost&p=18326
I have no experience with memory injections and have no clue if it can be applied to our problem in an easy way.
- Second idea was to use rather hooks than memory injections. http://www.boot-land...?...ost&p=18345
I came up with the idea, when i detected a flaw in our initial idea.
Remapping the registry will be good enough to create an automatic script builder. Because all that would be required, is installing and seting up. Both processes, that do not need global access.
But if we wanna run apps directly from an USB stick, we will need a little different behaviour.
We want our apps to take advantage of the guest OS.
So when i start a file manager from my USb stick, i want it to use the file associations that i saved on my stick, but for all the associations that i have not set up, i would want it to use the assotiazions of the guest OS!
To achieve this, my idea was to use hooks. Our hooked dll would change the behaviour of openKey, readKey, writeKey, closeKey, usw in the following way:
- writeKey - from 'our' apps always to 'our' registry. (In my example, that was the MedEvil key.)
- readKey - first in 'our' registry, if it isn't found there, check the 'real' Registry, if nothing there too - Failure.
- openKey - same as readKey
- closeKey - same as readKey
The one problem still unsolved is, how the hooked dll can tell our apps, that run from the USB-stick, from those running from system.