Trouble with the partitioning recommendation

Discussion in 'General Returnil discussions' started by Atnodirlee, Mar 21, 2009.

Thread Status:
Not open for further replies.
  1. Atnodirlee

    Atnodirlee Registered Member

    Trouble with partitioning recommendation, and other comments

    Hi, I'm just a regular computer user but was looking for a program with the idea like Returnil for my new laptop with Vista.

    1. The Recommendation to use Alternate Data Partition:

    I see on your website:

    "Do you recommend any particular system configuration for compatibility with Returnil?
    We strongly recommend that the user consider creating an alternate data partition on their HDD. This is a widely accepted and recommended security configuration - never install programs in default directories, save your data on a non-system partition, etc."

    Well, my computer came with only 1 partition, as probably most do. I looked up on the internet how to make another and I see that people run into many problems messing with partitions, and Vista's own ability to shrink the partition to make space for another lets me shrink it by almost nothing, useless. I read stuff that said to move the page file to let me shrink it more, but I only have one hard drive and when I tried restarting with page file set to a flash drive it just set it back to the c drive.

    So I have been struggling with this, and I can't get past step one to even then install the program, and I am not going to go buy and try to work with some other partitioning program.

    I guess I could do this:
    "What you will have with RETURNIL on a system with a single partition:

    A) System Partition [C:] = Windows + Returnil + Applications

    B) Data Partition [Returnil Z:] = Personal files, downloaded files, bookmarks, e-mails, address book, etc. The only difference here is that if you set the VIRTUAL PARTITION as a default save location for your applications, you must ensure that the VIRTUAL PARTITION is mounted. This is not a great sacrifice in time or effort, just change the appropriate data save location in the application you are using."

    But the very next thing in the faq is where you strongly recommend the alternate data partition. Are there some steps you can provide to easily do this without trying to use and buy other party software?



    I am trying it just with the 1 partition. I see an error in event viewer several times saying:
    "The default transaction resource manager on volume Z: encountered a non-retryable error and could not start. The data contains the error code."

    And I think there are some other error events like:
    "The previous system shutdown at 9:38:05 PM on 3/21/2009 was unexpected."
    "Audit events have been dropped by the transport. The real time backup file was corrupt due to improper shutdown."

    I'm not sure if that is due to Returnil protection on, but I guess since the system is cloned in memory, the event viewer doesn't know what is going on. Is this a concern that will mess with Windows, or just ignore it?

    It would also be great if you had a tool to allow firefox and other browsers people like to be able to save bookmarks to the virtual file so they remain after reboot. I see the tool for moving system files supports IE, but support for other browsers would be good to add, and it would be great if your help file said how to do that and also how to have my anti-virus save its dats there, right?
    Last edited: Mar 21, 2009
  2. bgoodman4

    bgoodman4 Registered Member

    I suspect you are using the free version because with the Pro version you can tell Returnil to leave specific folders alone (not revert what was save in them during the reboot). As to the partition thing I have not bothered and I don't find it to be a hardship....but thats just me, I guess it depends on how you are using the program. I am just using it for software testing and a bit of browsing.
  3. Atnodirlee

    Atnodirlee Registered Member

    yeah free version. I wouldn't buy unless I've been using it and found it working well on my system for a while.

    Basically, it would be great if when like yesterday my mother is on the computer and then is like "Oh no! It says the computer has a virus! I was just on Google and it says it got a virus! What do I do! This is serious!" I can say just reboot. That would be great, instead of wondering, oh what is this and how many scans do I now do to make sure it is all gone.

    Well, I see from searching on the internet that firefox bookmarks are not movable. Looking this up gave me stuff about making "junctions" in files somehow (yeah right) or making a new profile, but that means the whole profile, not just bookmarks. So similarly, having Returnil leave a specific folder alone would include everything for the browser in the profile folder, right? So that doesn't seem secure to have Returnil do that for the very program that is on the internet and exposed to malware.

    Maybe it would be great if Returnil just had options like "put all my bookmarks in the virtual drive" and then made access of the cloned bookmarks file in any cloned browser just junction to a file on the z drive with dropped rights or some sandbox thing so that if a nasty got there it couldn't do anything? I don't know.

    But like I said, the Z drive showed errors in event viewer constantly.
  4. bgoodman4

    bgoodman4 Registered Member

    Returnil should be looked at as a layer of security, not the only component. Even though I have the Pro version I do not have Returnil exclude anything on the drive. If I want to save a file I have downloaded, or bookmarks etc that I have added, I will either download the file to a jump drive or, before rebooting I will copy my bookmarks file to the jump drive. This way I can revert the whole drive, scan the downloaded and saved files using anti-virus and malware software, and then, if they are clean, I can copy the files to the hard drive. None of this should be taken to imply that Returnil is sufficient to protect your PC, its darn good but.....

    In the latest version (pay) there is a process blocker that I believe is on all the time (both in protected mode and regular mode). As I understand it when you turn the blocker on for the first time it will scan your entire PC and locate all process that are on the PC. It will create a white list of these and allow them to run whenever they neede to. Any new process that starts up will be stopped and you will be asked if you want to allow it. Now, if you just installed a trusted program and you get a question regarding a new process you can allow it, or research the process on the net to determine if its safe. If you are browsing and all of a sudden you get a warning that a process wants to start you would probably be wise to not allow it or at least research it. Virus's and malware cannot hurt you if they cannot run......

    There other process blockers available, you might want to take a look at a few, do a google or post a question on the software/hardware part of Wilders.

    There are also folks who run their browser sand-boxed even when Returnil protection is on.

    You might want to take a look at RollBack Rx. I have this on my PC and it works really nicely.

    Then of course there is imaging of the drive which is mandatory IMO. It is the only thing that will protect you from hardware failure and of course if your data gets trashed for some other reason you can restore it.

    Finally, I also use (in addition to the above) a remote storage service called iDrive. This service will monitor any files you tell it to and will upload them to a server at the services headquarters. This is a relatively cheap way to protect your critical files. It costs $49/year and you can upload up to 150 gigs of data. In reality its not practical to upload that much as upload speeds are slow but for the really critical files its nice to know that even in the event of a fire or robbery your important data is safe. Files under 50 meg can be monitored by the iDrive program and every 10 min if the file has changed it will be updated. Up to 30 versions of the file can be kept/stored.

    I hope this helps and sorry for the long winded post, also sorry if the above is old hat for you (as most of it probably is).
  5. LoneWolf

    LoneWolf Registered Member

    Do you have both Returnil and Rollback Rx on the same pc?
    No conflicts?
  6. Coldmoon

    Coldmoon Returnil Moderator

    Hi LoneWolf,
    There are quite a few posts over time here that discuss various scenarios where RVS is installed within specific image backups. If you look through the earlier threads you can find specific descriptions by some of the more advanced users...

  7. bgoodman4

    bgoodman4 Registered Member

    Yes, I do and have had no problems at all. One thing I did notice, and I was rather surprised by, was that snapshots taken by RollBack Rx while Returnil is on in protected mode are not lost upon reboot. Clearly Rx is storing its snaps on some portion of the drive that is beyond Returnils ability to "protect". Of course this means (I think) that if some virus or other problem occurs during a Returnil protected session and a Rx snap is created at that time, if you roll the PC back to that snap you would in effect be ....... well, I suspect you get the idea.

    Perhaps Mike could comment on this but I think its important to be aware of this. To avoid any possible problems either make sure no snaps are taken when running Returnil in protected mode or delete any snaps that are taken during this period. Or, at least rename the snaps so you know this happened (I think you can rename an Rx snap but I could be wrong about this).
  8. Coldmoon

    Coldmoon Returnil Moderator

    Unless the image or snapshot is stored within the System Partition, RVS will not protect that image by default. One idea here is to make use of the File Protection feature to lock access to the image/snapshot when not in use. This would keep Malware from infecting that image...

  9. bgoodman4

    bgoodman4 Registered Member

    So I am correct. If a snap is taken while protection is on, and and the snap was made with (for example) a virus on the PC at the time of the snap, you would be infecting the PC if you restored to that snap. Malware cannot infect an existing snap (I think) but thats not the issue. I have RB set to create a snap each hour so I can get a number of snaps created during a protected session. If I simply keep these snaps and not note that they occurred during a time when I was using the PC in a risky environment (say opening unknown e-mails or downloading and testing software) if I have a problem at some later date and select one of these snaps as my restore point there could well be real problems.

    This is probably obvious to anyone who thinks about it but if you don't think about it you could be leaving yourself open to problems.

    I just wanted to make this clear to anyone who may not be aware of the situation.
  10. Joeythedude

    Joeythedude Registered Member

    Try Foxmarks. Then your bookmarks are stored online and you don't need to save any data to your PC while browsing.
  11. Coldmoon

    Coldmoon Returnil Moderator

    My advice here would be to restart the computer if RVS protection is on and then create the snapshot if you suspect that there may be an infection in the virtual system. You would have to interupt the automatic snapshot schedule, but at least you would reduce the overall risk of subsequent snapshots being infected.

    The other thing here would be to create emergency images (once a day in your case?) that you know are clean to be used just in case...
Thread Status:
Not open for further replies.