I’d read about virtualization and how to avoid it and how to structure your application so that it could write to directories like Program Files without getting caught but I still managed to get in a right twist with it. The best overview of it that I’ve read is here.
The problem is that once you’ve triggered it you’re stuck with it. Depending on how you try to access the file you’ll get the actual file in the directory or the virtualized file. I tried my program without the manifest to force higher privilege first and it appeared to work. I then got the manifest working and tried to modify the license. The changes had no effect. If I loaded the file in a text editor however the changes were there. Freaking weird. I had assumed that since I started changing things properly with the correct permissions that it would sort it out but I was wrong. Instead the program loaded the virtualized file each time.
Ironically a deinstall didn’t always remove the virtualized file. If I ran it from the Start menu the virtualized file remained so that when I reinstalled it was there again. If I ran the uninstall from the Control Panel it did get removed however. All in all a fun feature to discover when you’re developing
Looking at the results of running procmon I suspect that the way to un-virtualize a file is to remove it from the C:\Users\%username%\AppData\Local\VirtualStore\ directory. Once that file has been deleted so long as you behave I assume that you won’t get virtualized.
I’ve now realised that it’s really important for all your executables to have the manifest specifying the access level required for the program. That’s even if you want to run ‘asInvoker’ which is typically just as the user. My previous post on the subject mentions how to setup the manifest but Aaron’s UI Design Blog has more on the subject of Virtualization and how to spot when it’s in action.
This is the sort of scenario you can see if you don’t have the manifest compiled in. Say your app is a text editor. Lets also say you have a license file in one of the directories that will get virtualized. What happens if the user decides to edit that file? It gets virtualized. Your program wrote to it and it wasn’t with elevated privileges. If they then decide to register your program because it’s so cool you spawn a process to elevate privileges and write to the license file. Only you write to the actual file not the virtualized one because you’ve done everything by the rules. The user then loads your program as usual without elevated privileges. Which license file does it pick up? The one that got virtualized. The one that you registered is sitting there, they load it in their text editor and can see the correct information. Only the program isn’t loading it!
If instead you have specified asInvoker in your manifest then you will get an access violation when you try to save to that file in the first place. Much more manageable.
Note: I’m using NSIS as an installer rather than an MSI based one so different installers may vary when it comes to the uninstall. The service packs may changes things too. And then there’s the fact that virtualization will disappear when us developers have learned to avoid being naughty!