So -- If i download a virus and my malware doesn't catch it it will operate normally as malware until I reboot? I thought I couldn't get anything but I think I can it just goes away after reboot. That's important if I want to download a tool etc that I am not sure of trusting.

Returnil isn't an antimalware software, Its basically a virtual Image of your OS, so yes Malware will operate normally if you do become infected, this is why I recommend the use of an Antilogger along with your normal "HIPS" (host-based intrusion prevention system) so if you do get infected wile using your virtual OS and don't know about it, they wont be able to obtain your typed passwords ect!

{QUOTE-> So -- If i download a virus and my malware doesn't catch it it will operate normally as malware until I reboot? I thought I couldn't get anything but I think I can it just goes away after reboot. That's important if I want to download a tool etc that I am not sure of trusting. <-QUOTE}


with all these light virt. softwares, basically your real system is write protected(some exceptions though) so anything on your real system can be read,logged and send out(keylogger etc.) So SBIE comes in handy to restrict outgoing connections.But a keylogger already on your system can find ways to send out circumventing SBIE. Beware of this !!

{QUOTE-> So -- If i download a virus and my malware doesn't catch it it will operate normally as malware until I reboot? I thought I couldn't get anything but I think I can it just goes away after reboot. That's important if I want to download a tool etc that I am not sure of trusting. <-QUOTE}

As has been pointed out already, this is true. But if your AV, AS, AM, HIPS, or other does not identify the malicious content, that content will still operate as well...

The important issue here is not really detection. Though detection is essential as a feedback mechanism in any security strategy, it is not critical. What is critical is that the malware be removed as quickly as possible (IOW: Time to removal). With RVS (or similar) that time is reduced to the time between restarts of your system whereas you may be waiting a much longer time for your other solutions to update their signatures...

Mike