Mike,
Have just discovered that the anti-execute element in 'Virus Guard' (trust programs from the real disk only) only appears to work if 'System Safe' is on :(
Is that the correct behavior or is my version of Returnil not working properly.
That would mean that if I had System Safe turned off to update an app on my machine I would be unprotected.
In v2 the Anti-Execute works and remembers what you block or allow no matter if you have protection turned on or off.

Hi Dark Star 72,
{QUOTE-> Have just discovered that the anti-execute element in 'Virus Guard' (trust programs from the real disk only) only appears to work if 'System Safe' is on
Is that the correct behavior or is my version of Returnil not working properly. <-QUOTE}

Your version is working properly. The AE functions have been distilled down to a simple choice between trusting only those programs already on your real System or allowing all programs to run without blocking their activation. It is also integrated into the overall AM capability that also includes behavioral analysis and malware sample collection support (can be opted out of...)

We have done this due to the fact that the VG feature is more robust and update-able than the AE in 2x, which is a more primitive combination of anti-execute and antimalware against very specific types of malware.

{QUOTE-> That would mean that if I had System Safe turned off to update an app on my machine I would be unprotected. <-QUOTE}

You are protected in a different way so you should not see it as a loss of protection. We are also working to ensure as much compatibility as possible between RVS and the solutions you may already be using. Our goal is not to replace you AM/AV/HIPS, but to augment your strategy (when appropriate) in a way that closes the gaps.

Mike

Many thanks for your answer Mike. I just wanted to be sure that i hadn't got a problem ;D
I am now running the latest release after a few weeks being otherwise occupied and this version seems to be much more stable than the previous version I ran. I have been running it for some days now and it's purring along nicely. Browsing faster as well.
I am sure that in the last version I ran that when trying to execute an exe or msi that I got a pop-up giving me a choice of allow or deny. There was no way to enable a 'default deny' option as in the v2 anti-executable. It was very nice to see that in this latest version there is just a pop-up to inform you that the execution has been blocked. A great step forward, I don't want other people using my machine to get a choice.
Look forward to seeing the shell extension enabled.