I have been testing Returnil on a spare computer. Seems to work very well - exactly as promised. Before I load it on my primary machine, does anyone have any comments or warnings about it?

There are a lot of experts on this Board who talk about things I don't fully understand (changing MBR etc.):-[ I just want to be sure I am not doing something to my computer or operating system (XP SP3) that I should be concerned about.

Also, I am still reading about features of the premium (paid) version. Any comments about value of the additional premium features?

Thanks,
Len

{QUOTE-> I have been testing Returnil on a spare computer. Seems to work very well - exactly as promised. Before I load it on my primary machine, does anyone have any comments or warnings about it?

There are a lot of experts on this Board who talk about things I don't fully understand (changing MBR etc.):-[ I just want to be sure I am not doing something to my computer or operating system (XP SP3) that I should be concerned about.

Also, I am still reading about features of the premium (paid) version. Any comments about value of the additional premium features?

Thanks,
Len <-QUOTE}

Hello Len.
If you are using Windows Vista, diasable the hibernation feature on your computer as the current release version will cause recovery from hibernation to fail. We are testing a new 2.01 Beta version that addresses this issue right now and it is proving to be valid and stable.

Mike

Okay Folks - I promise I will not bump this again, but I was surprised to not hear back from any Returnil users concerning my questions as a potential long term user.

I did note Coldmoon's response concerning the hibernation problem. Are all other users totally pleased with it? I hope so!

Hi, Len, I am NOT a Returnil user and never have been but I can tell you as a long time reader at Wilders that Returnil seems to be one of the better and more reliable "virtual" programs. Just use the "Search" feature here at Wilders and you will see a gazillion threads that mention Returnil and you can read for yourself how many folks here like it ... might even have to try it out myself someday. 8)

Acadia

{QUOTE-> Hi, Len, I am NOT a Returnil user and never have been but I can tell you as a long time reader at Wilders that Returnil seems to be one of the better and more reliable "virtual" programs. Just use the "Search" feature here at Wilders and you will see a gazillion threads that mention Returnil and you can read for yourself how many folks here like it ... might even have to try it out myself someday. 8)

Acadia <-QUOTE}
Should have thought of that (searching prior posts). Thanks - will do.

Len, personally (on XP Pro), i yet to experience any real issues except those of my own doing like trying to access Returnil from an alternate partition whereby it tells me i might need to reinstall again. And so, i can even reinstall from that secondary partition (and access my Virtual Drive Image) from the other partition, but that's really not neccessary in reality. Just my own little experimentations with it.

Frankly RETURNIL is been one of the most reliably consistent virtual apps i ever dealt with eclipsing in many ways my long time fav PowerShadow!

I use it On-Demand Only and it delivers! each and everytime without problem or nusance, and that's super good programming if you ask me.

EASTER

Returnil is one of the first programs I install on my xp computer (never tried it on vista). I use it as my antispyware software. I would be very hesitant to surf the internet without "returnil" running in the background.

It's proven very reliable on every computer I installed it in, never crashes, never interferes with other programs, doesn't slow down my computer. I bootup my computer, download the latest virus definitions, then engage returnil.

Since I've been using "returnil" nothing virus/spyware has caused permanent damage to my computer. My computer security is very simple.
1.basic zonealarm firewall
2.avg free antivirus
3.firefox browser
4.returnil
That's it, nothing has ever defeated my defenses.

I tried "powershadow" (paid version) crash my computer several times, I tried the demo of "deepfreeze" that also crash my computer giving me a BSOD. I always recommend returnil to everyone, it's a rock-solid protection.

{QUOTE-> Returnil is one of the first programs I install on my xp computer (never tried it on vista). I use it as my antispyware software. I would be very hesitant to surf the internet without "returnil" running in the background.

It's proven very reliable on every computer I installed it in, never crashes, never interferes with other programs, doesn't slow down my computer. I bootup my computer, download the latest virus definitions, then engage returnil.

Since I've been using "returnil" nothing virus/spyware has caused permanent damage to my computer. My computer security is very simple.
1.basic zonealarm firewall
2.avg free antivirus
3.firefox browser
4.returnil
That's it, nothing has ever defeated my defenses.

I tried "powershadow" (paid version) crash my computer several times, I tried the demo of "deepfreeze" that also crash my computer giving me a BSOD. I always recommend returnil to everyone, it's a rock-solid protection. <-QUOTE}


Keep'n it simple, smart user :thumb:

I have used it for the last 8 months or so on my XP laptop. No issues at all. I love knowing when I reboot that all is well again. It reminds me of the "magic slates" I played with as a kid.

I've also been using Returnil for a good while with no problems. It's always been there for me when I needed it. I use it as an on demand tool for trying programs, surfing the 'dark side' of the internet and recently for finding and submitting malware.

It's much easier to use that most people think. If your using the virtual partition, think of it as a file that you can turn on and off (mount and dismount) anytime you want. You can move files to an from it like any other file. You can also experiment with Returnil by creating small non-important notepad files and move them around and reboot etc. It's what I did until I was comfortable with my understanding of Returnil.

Returnil is good ,but the software itself is not complete , neither is powershadow.If u want more options like exclusion list , i would suggest shadow defender.

I left returnil becos it does not have option of protecting non-system drive.

Thank you everyone - very helpful and encouraging feedback. I always try to be cautious with new software and test it before committing to it; but nothing beats getting input from many independent users.

I am also a long time user of Returnil, on XP machines, had a minor prob when I first started using it (early version), but that was sorted by next release since then I have never had an issue. Great program, easy to use. My only disappointment now is that when I move to Vista 64 Returnil can't come too :(

I personally would not be without Returnil...it performs wonderfully. The only minor gripe I have against it is that after a year your license/subscription expires, even on the free version. Then you have to uninstall and reinstall it to get another year of use, or update to a new version if one is available.

It has been really trouble free here. I have used the free version for a few months.
The paid version allows you to save
anything you download or create during a session to your "real" hard drive.
With the free version it is not possible other than by burning it to CD,or
maybe using Internet mail to email yourself an attachment of a WordPad document,or something like that.
I am Sure you know,but here is a Wilders thread offering a free one year Returnil paid version lic.
http://www.wilderssecurity.com/showthread.php?t=228677&highlight=returnil

That is one i snapped up instantly.

{QUOTE-> Returnil is good ,but the software itself is not complete , neither is powershadow.If u want more options like exclusion list , i would suggest shadow defender.

I left returnil becos it does not have option of protecting non-system drive. <-QUOTE}

Hello raakii,
We have a new feature in 2.01 called File Protection that protects selective, non-system files, folders, partitions, and even entire drives. This is not done through exclusions however as that method is inherently riskier than the method we chose and has been used by malware in the past to circumvent ISR technologies. The reason for this is that the concept involves excluding something from being protected and as a result is available to both user and malware (potentially).

RVS File Protection is purposely designed to be simple and straight-forward by denying access to these resources until/unless the authorized user decides that they should be accessed by removing them from the protected list... ;)

For the resources you do not protect in this way, there is no need to deal with that content or interfere with the user's ability to access and edit that material. Even if malicious content were to install itself in these areas it is still rendered impotent by the fact that the changes it needs to make to the System Partition (Usually the C:\ drive) to be active are lost at restart of your computer when RVS's protection is on.

We also see ISR as an integral part of a simple, but effective layered strategy. You should always remember that ISR (RVS or others) can only do three things by itself (currently):

1) Drop all changes to clonned resources
2) Save some changes to clonned resources
3) Save all changes to clonned resources

there is no decision making other than that of the user to determine which of these choices are made. While ISR by itself can be used effectively as a stand-alone approach, it is a method best used by an advanced user who knows exactly what is happening on their computer and has the experience to know what might be unwise, unwanted, or malicious. This has been the "sticking" point where this technology is concerned traditionally and why ISR has not been adopted widely prior to now. Add complex configuration and set up issues to this and you can see why the industry has been slow to accept, or even consider ISR for security rather than as a type of recovery tool.

Mike

I bought Returnil a few days ago and also signed up for the free license. I used returnil to run both sandboxie and defensewall to see which I was going to use full time. Returnil is light on resources{even on my crappy 3 yr old laptop}
and with a reboot I go back to my previous state. My question is if I wanted to keep the changes I made, what would I have to do? I'm a newbie to Returnil, much appreciation to the developers.

Thanks for the detailed explanation Mike .I am going to use Lite Virtualization extensively only after the update comodo diskshield or shadowuser.I am using it now only on demand.


@apathy, i think there is option saving the whole session in personal . In premium edition , u will surely have.

{QUOTE-> I personally would not be without Returnil...it performs wonderfully. The only minor gripe I have against it is that after a year your license/subscription expires, even on the free version. Then you have to uninstall and reinstall it to get another year of use, or update to a new version if one is available. <-QUOTE}

Hi Firebytes,
The registration period in the Personal version was adjusted in the 2.0.0 series to last 24 months rather than 12 months. The only reason for this is to ensure that the user has the most recent version with all current fixes/upgrades.

Edit: Firebytes is correct in post #21 and the registration period is still 12 months. The following is still valid:

For those who want to keep the option of not upgrading at that time, simply keep a copy of the installation file in your archives and then simply uninstall and then reinstall the same version to reset the registration period.

Another feature of the installer/uninstaller is that they are the same which means in a pinch, you can save a copy of the uninstall.exe and rename it to setup.exe and it should work as a "new" installer...

Note: Remember to uninstall before attempting to install again.

Mike

{QUOTE-> ... My question is if I wanted to keep the changes I made, what would I have to do? I'm a newbie to Returnil, much appreciation to the developers. <-QUOTE}

Hi apathy :)

In the Personal Edition you have two choices:

1) Save this content on a non-system drive (Ex: Data drive D:\, optical drive, USB stick/backup drive, firewire drive, etc)
2) Save this content within the Virtual Partition if you do not have access to #1

In the Premium Edition you have more choices:

1) Same as #'s one and Two above
2) Right click and select "commit selected to the Real System"
3) Drag & Drop the file onto the Returnil Tool bar
4) Add selected files and folders to your File Manager list, select the items to be saved by checking the box to the left of the line item, and then click the "Update Selected" link at the bottom of the list window
5) Use the Real System Explorer tool to move files between the Virtual and Real System and visa-versa

Mike

{QUOTE-> Hi Firebytes,
The registration period in the Personal version was adjusted in the 2.0.0 series to last 24 months rather than 12 months. The only reason for this is to ensure that the user has the most recent version with all current fixes/upgrades. <-QUOTE}

I installed Returnil Personal Edition version 2.0.0.5011 on this system in April of 2008 and it now shows "Subscription Status" as 4/4/2009. I assume that means it will expire and need to be reinstalled at that time which would be one year. Am I wrong?

{QUOTE-> I installed Returnil Personal Edition version 2.0.0.5011 on this system in April of 2008 and it now shows "Subscription Status" as 4/4/2009. I assume that means it will expire and need to be reinstalled at that time which would be one year. Am I wrong? <-QUOTE}

Let me check and get back to you on this, but it is supposed to be 2 years.

Mike

Hi,
I've been using the trial version of Returnil for around a month. I still aren't exactly sure of the minor details of what is going on as far as System changes.
A couple of things I note:
I run Kaspersky Internet Security and I feel that if it updates its Data base while I have Returnil "running", once I reboot I think the updates are gone. Kaspersky doesn't seem to like this and gets confused so I update before enabling Returnil, and change to Manual update for KIS.

I have a C:\ Drive which is the System Drive, i.e. WinXP SP3 is installed there, plus all my Programs.
I also have a E:\ Drive (not a partition but a 4 GB HDD , for my Virtual Memory PageSwap File=1024 MB's), and an F:\ Drive(6 GB's), for all my Multimedia.

The C:\ Drive is 40 GB, has the Returnil 4GB Partition on it, and around 14 GB's free space . I have 512MB of RAM so I suppose that's why Returnil created a Partition, instead of using RAM ?
So I feel I have to be on the ball really, or I'm actually gonna make work for myself, therefore I make sure everything I want to do to the System I do before going "Virtual". Is that wrong ? Am I missing something ?

If I download something I will put it in a Drive other than C:\ . To make things even more complex I have an External Drive (G:\)for Backups , and also often use a Usb Flash drive, with portable Apps.
I have tried running Firefox portable so things like added Bookmarks are not deleted after a virtual system session, as it's running from a USB flash drive. Some quirky things have gone on, as I mentioned AV updating not retained, Bookmarks and updates to browser. Is this to be expected ?
Should using a Flash Drive with a portable browser benefit, as changes to that browser can be retained and transferred to my "System" browser ?

Scenario: Say I check my Email, while Returnil is Enabled, will the Email be gone when I reboot ?

When browsing, do all my cache, cookies, offline content, Temp files disappear ? If so do I need to run a AntiVirus progran at all with Returnil "ON", if all changes, and maybe even Malware are deleted after rebooting ?

Sorry for the Rant, ( I wont even touch on the Virtual partition, and what it is, there's always tomorrow ;) ) and asking so many questions, I've been chasing this Forum since CC's went down and love the idea, but a newby.
I'd rather get advice from other Users rather than pre-suppose from reading a Help manual, which doesn't seem to address these issues. Any feedback on any issue I mentioned much appreciated,
Cheers:)

I am by no means an expert and have actually been using the program for a shorter time than you have but I think most of your concerns can be addressed by upgrading to the paid version (which I did after a week of using the free one). With the paid version you can save individual files or the entire state of the PC so that you don't lose things at reboot. This is handy for your situation with bookmarks and AV updates but also in case you are testing new software and decide you like the program you tested. With the free version you would have to reinstall the software and then set it up again. With the paid version you could just tell Returnil to save everything and when you reboot the program will still be there. Now I must say I have not used the program in this way but this is my understanding of how things work and is one of the reasons I have upgraded,,,,that and I feel that any company that has produced such a fine, trouble free product deserves to get paid for doing so. If everyone simply used the free version the company would some go out of business. I think that would be a real shame.

As to the AV running when the PC is virtualised I guess you are correct, its not strictly necessary but there is no reason I can see to not do so. AS a matter of fact if I am worried about the sites I am visiting I not only run the PC virtualised but I also run my browser sand-boxed. You can't be too careful as far as I am concerned. Also, if I am browsing virtualised I would just as soon not have my browsing interrupted by a virus attack so I would not turn of the AV etc even when the PC is virtualised. As to you losing AV updates I believe that any updates that are lost on reboot would be replaced the next time there is an update. This seems to be the case with my AV (Trend Micro). Perhaps a note to your AV publisher is a good idea to confirm the situation.

Hello Purplexity and welcome :)

{QUOTE-> ...I run Kaspersky Internet Security and I feel that if it updates its Data base while I have Returnil "running", once I reboot I think the updates are gone. Kaspersky doesn't seem to like this and gets confused so I update before enabling Returnil, and change to Manual update for KIS. <-QUOTE}

Can you describe "...and gets confused" in greater detail?

Outside of your reply to this question you should not have to worry about your definition (signature or database) updates while RVS protection is on as the AV will update as expected. What you may see however is that the AV database reverts to the version installed at the time you turned protection/session lock on when you restart your computer. During the time you were virtualized, the database will be current (assuming automatic updating is activated).

If you want to use RVS with protection on at all times, you may want to explore something like a "maintenance day" where you turn the protection off to install Microsoft updates, set a base version for your AV signatures, install new programs you are confident of, and/or adjust program/OS configurations.

{QUOTE-> ...The C:\ Drive is 40 GB, has the Returnil 4GB Partition on it, and around 14 GB's free space . I have 512MB of RAM so I suppose that's why Returnil created a Partition, instead of using RAM? <-QUOTE}

No, the reason there is a disk cache is because you selected the disk cache method rather than the memory caching method when you installed the software. 512MB of RAM is sufficient if we are discussing Win XP. For Vista this is obviously insufficient...

{QUOTE-> So I feel I have to be on the ball really, or I'm actually gonna make work for myself, therefore I make sure everything I want to do to the System I do before going "Virtual". Is that wrong ? Am I missing something ?... <-QUOTE}

No you are not missing anything, but you may be stressing over the wrong things. Returnil is there to help ensure that your system remains clean and enforce that state by reverting your computer to the time when you turned protection on when you restart the computer. It allows you to do anything you would do without RVS installed except allowing those changes to remain (default setting).

If you want to make "permanent" changes (those changes that will remain following a restart), you should turn RVS protection off while the changes are made. This also includes disk defragmentation and integrity checking (EX: Check Disk).

{QUOTE-> ...Some quirky things have gone on, as I mentioned AV updating not retained, Bookmarks and updates to browser. Is this to be expected? <-QUOTE}

Yes, this is to be expected as those changes are usually saved within specific profiles placed on the system partition by default. You can:

1) Alter the default save location for your user profiles on an alternate drive or partition

2) Export a copy of your session bookmarks (a copy of your bookmarks as they are at that moment rather than at the time you turned RVS protection on) and then import the copy you want to use on a more permanent basis on your "maintenance day"

{QUOTE-> ...Should using a Flash Drive with a portable browser benefit, as changes to that browser can be retained and transferred to my "System" browser? <-QUOTE}

It depends on your needs. If you are constantly moving between computers (Ex: you have a test lab or a home network with common settings) then having an exported copy of your current working list of bookmarks is of great benefit...

{QUOTE-> Scenario: Say I check my Email, while Returnil is Enabled, will the Email be gone when I reboot? <-QUOTE}

A) POP3 mail: Yes
B) IMAP mail: No

If you are using POP, you should familiarize yourself with where the program saves your mails and then adjust the program's default save location(s) to those that are more convenient for you.

{QUOTE-> When browsing, do all my cache, cookies, offline content, Temp files disappear ? If so do I need to run a AntiVirus progran at all with Returnil "ON", if all changes, and maybe even Malware are deleted after rebooting? <-QUOTE}

This is determined by your strategy and experience. But like the old addage "If you need to ask how much something costs, you can't afford it", if you ask whether or not to use an antivirus, chances are you do not have the experience required to run "naked" and as a result should include AV in your security strategy.

What strategy you use however does not need to be complicated or über paranoid. For the most part you should first determine what risks you are likely to encounter and then develop the most simple line-up that addresses these risks with little overlap between your layers. A basic approach:

1) Prevention: Software firewall (Windows FW will suffice for most) for control of communications within your home/business network and a hardware firewall on your connection between your internal network and the outside world (Router with firewall for example). This can be refined to include a content filter and/or parental controls if they are needed or wanted.

Most modern browsers either contain the latter functionality or allow it through browser plugins/add-ins so you may not need to install specialized programs for these functions...

2) Detection: This is where your AV or HIPS solution comes into play. While no scanner will ever be able to detect 100% of all malware or unwanted content, having some form of feedback on the efficacy of your strategy is important.

3) Removal and long term cure: Time to removal of malicious content and long term assurance of a clean working state are critical and this is where Returnil comes into play. While your AV may not detect something and even more commonly, not remove what is detected properly, you are reasonably assured that with RVS protection on, a simple reboot will remove any harmful or unwanted changes to the system partition even if there is no overt detection of something wrong or bad.

{QUOTE-> ( I wont even touch on the Virtual partition, and what it is, there's always tomorrow ) <-QUOTE}

No problem, the Virtual Partition is nothing more than a very large file with special properties that forces Windows to see it as another partition on your hard drive. It is a convenience for those who only have a single partition on their computers (Ex: purchased a new Dell desktop and it comes with a single hard drive with one partition = C:\ ).

As you have described a more advanced configuration where you have a data partition and frequently make use of USB stick and drive backups, you do not need to use it.

Also be aware that the protection and VP features are independent, meaning that you do not need one for the other to work properly.

Mike

Coldmoon,

You were supposed to get back to me on my question about license expiration for the free version (post #22). Any info yet?

Thanks

{QUOTE-> Coldmoon,

You were supposed to get back to me on my question about license expiration for the free version (post #22). Any info yet?

Thanks <-QUOTE}

See post 19, your question was answered there I believe.

{QUOTE-> Coldmoon,

You were supposed to get back to me on my question about license expiration for the free version (post #22). Any info yet?

Thanks <-QUOTE}

Hi,
You were correct and I apologize for the confusion :-[ I corrected the post on the first page so that new readers get the info without having to read through to the second page

Mike

Coldmoon thanks for the answer, much appreciated.

bgoodman4 thanks for pointing out that the answer had already been posted. I just didn't think to look to an earlier post than the one where I asked the question for the answer. ;D

Yes, I thought it was a bit odd that you asked a question that had just been answered, but alls well that ends well.

Excellent, thankyou Coldmoon, and sorry for asking so many questions, also thanks for answering them all ! :) I think you enjoyed doing so, and hoping others benefit from your reply also :)
Being a Nerd isn't easy ...
Concerning KIS (Kaspersky Internet Security):
{QUOTE-> Can you describe "...and gets confused" in greater detail? <-QUOTE}
What I mean, and believe to happen is that the Kaspersky server notes it has already sent me a VDB update, whereas it dissapears obviously on rebooting. No major headache, as I said, I believe doing your "Housekeeping" before enabling Returnil is essential.
Cookies, such as in the case of Kaspersky updating (? ...just guessing their server notes updates with a cookie, no matter how it's done, it is noted, but updates can be invoked, no drama really) , is a tricky consideration for all subscribed topics, read posts, within a browser- server relationship, etc., with time I'm sure I'll iron out my misinterpretation of such events reading your resonses. I'll make a Doc out of this info for later reference.
Again some great advice and suggestions configurationally, thanks !
{QUOTE-> Quote:
...Some quirky things have gone on, as I mentioned AV updating not retained, Bookmarks and updates to browser. Is this to be expected?
Yes, this is to be expected as those changes are usually saved within specific profiles placed on the system partition by default. You can:
1) Alter the default save location for your user profiles on an alternate drive or partition
2) Export a copy of your session bookmarks (a copy of your bookmarks as they are at that moment rather than at the time you turned RVS protection on) and then import the copy you want to use on a more permanent basis on your "maintenance day" <-QUOTE}
Your suggestions are spot on, I tried to think of all minor issues I may run into and you have helped me greatly.
As far as Malware, I really am very secure, through my habits and setup. For when my young Son spends hours doing whatever "teenagers" do online Returnil is a godsend, I very much enjoy knowing I can return my Computer to a unblemished state, once he's finished ;D
Also for testing software great advantages to be gained .

Thanks Mike for your time,
Kind Regards .

{QUOTE-> Yes, I thought it was a bit odd that you asked a question that had just been answered, but alls well that ends well. <-QUOTE}

I actually asked the question before the information was provided. Coldmoon just answered me by going back and editing his earlier post and I neglected to reread the whole thread since I expected the answer to come in a later post. No big deal, I just didn't want you to think I was a complete idiot (LOL)... close but not complete. ;)

{QUOTE-> I actually asked the question before the information was provided. Coldmoon just answered me by going back and editing his earlier post and I neglected to reread the whole thread since I expected the answer to come in a later post. No big deal, I just didn't want you to think I was a complete idiot (LOL)... close but not complete. ;) <-QUOTE}

I realise that now but at the time I posted my original comment I did not know thats what had happened.

{QUOTE-> Returnil is good ,but the software itself is not complete , neither is powershadow.If u want more options like exclusion list , i would suggest shadow defender.

I left returnil becos it does not have option of protecting non-system drive. <-QUOTE}
What exactly is a non-system drive? How am I more vulnerable if its not protected?

{QUOTE-> What exactly is a non-system drive? How am I more vulnerable if its not protected? <-QUOTE}

Your System partition (http://en.wikipedia.org/wiki/System_partition_and_boot_partition) or alternately: boot partition, is where your operating system is installed (usually C:\ ). Non-system partitions or drives are any other drive or partition on your system.

Content saved on non-system drives are inert unless there are changes made to your system partition that would make that content active. With RVS protection on, bad files could be saved to these alternate volumes but because the changes that are needed to make it active are lost at restart, you are not infected beyond left-over (orphaned) files.

We have included a new feature in the 2.0.1 series (currently Beta) called File Protection that allows you to deny access to any file, folder, or partition on non-system drives. Further, this feature can also be used to block access to the entire non-system drive if required.

{QUOTE->

We have included a new feature in the 2.0.1 series (currently Beta) called File Protection that allows you to deny access to any file, folder, or partition on non-system drives. Further, this feature can also be used to block access to the entire non-system drive if required. <-QUOTE}

Nice.

{QUOTE-> We have included a new feature in the 2.0.1 series (currently Beta) called File Protection that allows you to deny access to any file, folder, or partition on non-system drives. Further, this feature can also be used to block access to the entire non-system drive if required. <-QUOTE}
I think this will be a great feature. I do have a couple questions though.

1. Do you intend to make this fairly bulletproof? In other words, would it be possible to block crafty malware or it's remnants from a certain location during a session?

2. Will this feature be easy to turn on and off during a session to save data to keep the window of opportunity for malware to a minimum. Could or would a popup present itself asking if you meant to save the data in this "protected" location and if so, you would need to turn the protection off?

Thanks

{QUOTE-> I think this will be a great feature. I do have a couple questions though.

1. Do you intend to make this fairly bulletproof? In other words, would it be possible to block crafty malware or it's remnants from a certain location during a session?

2. Will this feature be easy to turn on and off during a session to save data to keep the window of opportunity for malware to a minimum. Could or would a popup present itself asking if you meant to save the data in this "protected" location and if so, you would need to turn the protection off?

Thanks <-QUOTE}

If I am not mistaken the 2nd already exists in the current version (paid).
As to the first is it really conceivable that a fully bullet proof security system exists? Or could? But with every layer of security you add you reduce the opportunity and likelihood.

At least thats my opinion.

{QUOTE-> If I am not mistaken the 2nd already exists in the current version (paid).
As to the first is it really conceivable that a fully bullet proof security system exists? Or could? But with every layer of security you add you reduce the opportunity and likelihood.

At least thats my opinion. <-QUOTE}
Hi bgoodman4,

I didn't say fully bullet proof. I said "fairly" bullet proof :). I guess I wanted to know if the "File Protection" feature could be considered a security feature and if so, would it be actively improved if bypassed by malware.

Peter2150 had run into malware about a year or so ago that left remnants on a data partition. This data partition was supposed to be protected by a partition locking program. I should have mentioned this in my post and now you can see my concern. I really need protection for my data partition because of some of the things I do. Otherwise, I'll have to eventually get a program that virtualizes all partitions.

Understood. I don't know if this would be of value to you but my solution regarding highly important files that are changed/modified daily is to use a service called IDrive. Its an off site storage service that you can set to update backup files that are less than 50 meg in size every 10 min (otherwise it will update/backup daily). For $4.95 a month or $49 a year you get 150 gigs of storage and up to 30 versions (you set the limit) of the file will be maintained. The version history does not count toward the 150 gig limit. You can get a fully function free service at IDrive for up to 2 gig. It has works flawlessly for me since I began using it 2 months ago.

There is also another somewhat more expensive service that will not only back your files up off site (if you wish) but also will instantly sync your file folder with a folder on another PC via the Internet or network. I chose IDrive over this 2nd one partly because its more expensive but mainly because you have to have the files that are being watched in a set, single, folder.

The program just came out of Beta and you get 50 gigs for $99 a year. Its called DropBox and you can learn more about it at http://www.getdropbox.com/

Other sync solutions can be found at the following links (these are among programs I looked at when searching for a "highly sensitive" file protection solution).

http://www.peridotec.com/datasync/

http://peccatte.karefil.com/software/Idem/Idemhelpeng.htm

http://web.it.kth.se/~cmasus/

http://www.allsync.biz/backup-software/en_file_synchronization.htm

http://www.goodsync.com.au/goodsync/resources.html

http://www.diginaut.com/shareware/fw/

{QUOTE->

Peter2150 had run into malware about a year or so ago that left remnants on a data partition. This data partition was supposed to be protected by a partition locking program. I should have mentioned this in my post and now you can see my concern. I really need protection for my data partition because of some of the things I do. Otherwise, I'll have to eventually get a program that virtualizes all partitions. <-QUOTE}

Don't forget that you can also setup sandboxie to prevent access to your other partitions.

But yea it would good to have returnil as well for a second security layer. I can't see it possible for any thing being able to get passed both.

Thanks for alternative solution bgoodman4. I do backup to an external hard drive although not as often as I should. Most of my info really isn't important, but I do want to keep it clean. I have a feeling Returnil's File Protection will probably be good as they are always preaching about have a separate data partition.

{QUOTE-> Don't forget that you can also setup sandboxie to prevent access to your other partitions.

But yea it would good to have returnil as well for a second security layer. I can't see it possible for any thing being able to get passed both. <-QUOTE}
Yep, I do have Sbie blocking access to my data partition, but it's only effective with something running in the sandbox. I hope Returnil can fill that gap. And I agree, it would tough for anything to get through both programs.

Hello Coldmoon AKA Mike.

I have a few questions that I'd be greatful if they could be cleared up so I can fully get a grasp on Returnil's settings, and config, I'm trialling the free version.
I have multiple drives, and as by default on Win XP, C:\ is my System Drive.
So a Single Drive setup would require the "Partition", but if you have alternative drives, using them is a prefered option, so as not to waste precious System Drive Space I believe ?
I'm unsure / wondering if this Virtual Drive (Partition) 'Houses' the Mirror, or "Virtual System" RVS creates ?
From the HELP notes: The Returnil Virtual System 2008 is a powerful virtualization technology that completely mirrors your actual computer setup |
and it can create a virtual storage disk within your PC where you can save documents, data, and files while using the System Protection feature.
The reason for asking this is related to the Partition I created during installation. The Virtual Storage Partition, which does not lose data after a ReBoot.
{QUOTE-> Note: mounting and dismounting the Virtual Drive will not alter the content stored in the drive; but unless mounted, you will not be able to access the drive or its contents. Additionally, the drive will not show within your Windows drive menu. <-QUOTE}
Makes sense !
Once the VP file (Virtual Drive) is deleted, any data saved within it will also be deleted.
Makes sense also !
So if I unmount, it's still there, just not accessible ? I understand this, like mounting an ISO .

So physically, where is the Mirror of my System whilst Returnil "Protection Status" is ON ?

I presume the complete mirror of My Actual Computer Setup must be held somewhere on my machine?
Is that virtual storage "Partition" where Returnil houses the "Virtual mirror" of my System ? I understand the virtual storage disk can store files, data, and documents.
Does it also host this Mirror of my System?
If not I could use the Disk space, as I have alternate storage, HDD's, USB drives where I can store data off of my C:\ Drive, whilst Returnil is turned on, but being the System Drive, I really don't need a 4 GB unused Virtual hole, if in fact that is what it is ? Systems grow, especially in Windows.

I suspect un checking the box to load the Virtual Partition when Windows starts, is a better option, as I wont use it for storage. I wont be running RVS always, just for specific sessions.Deleting the partition is also a confusing issue. I suspect this option returns the partition back to my C:\ Drive, as usable space, not that it isn't useable, but if RVS is OFF I see no point to having the Virtual Partition active ?

Yes, I have read the Help file, and I still don't have a clear picture of these issues. What are the "Session Lock"
functions as compared to Turning ON the "Protection Status" ?

Thankyou for your time
Regards

Purplexity.

Hi Purplexity,

{QUOTE-> ...So a Single Drive setup would require the "Partition", but if you have alternative drives, using them is a prefered option, so as not to waste precious System Drive Space I believe?... <-QUOTE}

Yes, but I would not say that space on the system partition is the real issue. Keeping the real system stable and clean is the real goal. For the most part there is little need to make "permanent" changes to the system outside of specific maintenance (Microsoft and AV updates, program upgrades, new installations, etc).

{QUOTE-> ...I'm unsure / wondering if this Virtual Drive (Partition) 'Houses' the Mirror, or "Virtual System" RVS creates?... <-QUOTE}

No, the VP is just a storage volume in the form of a file with special properites. The cloning is done within the cache (disk or memory depending on which one you are using).

{QUOTE-> Once the VP file (Virtual Drive) is deleted, any data saved within it will also be deleted. <-QUOTE}

Yes

{QUOTE-> So if I unmount, it's still there, just not accessible? <-QUOTE}

Yes

{QUOTE-> So physically, where is the Mirror of my System whilst Returnil "Protection Status" is ON? <-QUOTE}

In the cache

{QUOTE-> I presume the complete mirror of My Actual Computer Setup must be held somewhere on my machine?
Is that virtual storage "Partition" where Returnil houses the "Virtual mirror" of my System ? I understand the virtual storage disk can store files, data, and documents.
Does it also host this Mirror of my System?
If not I could use the Disk space, as I have alternate storage, HDD's, USB drives where I can store data off of my C:\ Drive, whilst Returnil is turned on, but being the System Drive, I really don't need a 4 GB unused Virtual hole, if in fact that is what it is ? Systems grow, especially in Windows. <-QUOTE}

Take the space back ;D

As you have an alternate place to save your files and data, you do not need the VP. If you do not anticipate the need to save any content on the C:\ drive then you might consider using the memory cache mode which would free up the sapce being used by the disk cache. In fact I encourage you to experiment with both modes and see which works best for you and how you use your computer ;)

{QUOTE-> I suspect un checking the box to load the Virtual Partition when Windows starts, is a better option, as I wont use it for storage. I wont be running RVS always, just for specific sessions.Deleting the partition is also a confusing issue. I suspect this option returns the partition back to my C:\ Drive, as usable space, not that it isn't useable, but if RVS is OFF I see no point to having the Virtual Partition active?

Yes, I have read the Help file, and I still don't have a clear picture of these issues. <-QUOTE}

If you do not need the VP, simply select the "Skip" button during the install. If you already created one but did not need or want it do the following:

1) Open Returnil
2) Click the "Dismount" link to the right side of the "Virtual Partition" section in the main window and then check My Computer to make sure the VP no longer shows as an optional drive
3) Navigate to C:\Returnil and delete the RVSYSTEM.img file. This folder is hidden so you will need to activate the "Show hidden files and folders" option in Windows Explorer.

{QUOTE-> What are the "Session Lock" functions as compared to Turning ON the "Protection Status"? <-QUOTE}

They are essentially the same thing; the only difference is one of persistence. Session Lock is only valid during the current boot session. In plain English this means that it is only valid until you turn your computer off. When you turn the system back on, the protection will be off.

When you change the mode for System Protection to "ON" (as opposed to "OFF" or "Session Lock") you force Returnil to keep the protection active across restarts of your computer. IOW, when you turn the computer off and then back on, Returnil's System Protection will still be active.

Thank you Coldmoon, I ask the stupid questions so no one else has to ;)

Seriously , that's excellent, I have picked your brain till I have no further questions. Sorry to have been a pest, but I'd rather ask, than be left wondering !
Thankyou again,

Regards,

Purplexity