comodo misses registry keys made by malware

Allo everyone im a curious guy about security , and i think CIS is the best program today to protect computeres!, has i said before im just a curious guy in this field and ive been making some tests in a VM machne runing windows 7 64 bits , i made many tests and CIS only failed leaving registry keys made by malware, i never got infected in the memory! i think in my umble and not a highteck opinion expirience that at this point the program should ,can be improved! although these registry keys are not a big thing they apeeared many times after CIS has allready scan the system.
IM a CIS fan and i recomended it to all my friends , thank you for your time and has i said before im not a tech just a person who likes security !
tell me what you guys think thank you!.

Currently programs running in the sandbox can write to some portions of the registy, but they cannot autostart. Thus many legitimate programs will still work, but many malware will fail.

As of V6 it is anticipated that there will be the option to entirely virtualize any unknown files. However, this is not active yet.

Does this answer your question?

I love this comodo feature when on-demand virtualization is on RMB menu. Really helpful to analyse FS behavior of something, complete registry virtualizations is also greatly welcomed (as I thought is’s already done by this on-demand virtualization - but still not? 0_o). Waiting for upgraded features with flags in settings allowing more and more options on behavior.