Can Returnil restore your PC if you remove an important reg file?

So say you go nuts with RegSeeker (my favorite tool after an uninstall , would never just use it as a stand alone reg cleaner) and some important entries are removed, can a Returnil reboot recover your exact state? The reason I ask is I have the Returnil Premium and Ayrecovery licenses pending and don't necessarily want both. I'm way more prone to "mess" my system up by messing with it, e.g. updating drivers or flashing the motherboard than getting any malware infections. Thank You and Merry Christmas!

 

Delete the whole registry , u will get get back to old state, thats what all lite virtualisation softwares do.

 

DUDE! Are you serious? Returnil can handle that?

 

There is no reason what so ever (other than experimentation) to do the things you describe while running Returnil reboot and everything would be undone

But to answer your question, yes you could blow up your OS while running Returnil and a reboot would restore things to normal.

 

returnil is great
but unfortunately, unluckily does not support reboot

 

True, not even paid version, but I reckon there are those whose needs are met precisely by that characteristic.

 

i'm looking for a program like returnil that support reboot
powerful like returnil

 

Comodo disk shield beta is the one that promised wat u told but its buggy.

 

How about Shadow Defender?

 

Clean Slate- Change from virtualized to non virtualized without restarting.

 

thanks
it's not free
but does it work like returnil ? i mean make a file and format it or work like sandboxie
is easy & trusty ?

 

yes i read good about it , not freeware

 

I'm on a 30 day trial right now. It's, IMO, simple but not a TON of documentation however, I understand from others that the author will support it and there are several users that frequent Wilder's and some threads that discuss it quite a bit. Some use it only on demand for high risk activities, which is probably how it will shake out for me IF I end up paying for it - I think it's $35? I'm just learning about virtualization & light virtualization softwares as a security technique as I get up to speed on what I missed being gone from Wilder's about two years but I see alot of head to head comparisons between Returnil and Shadow Defender.

 

thanks
returnil create a virtual partition with a file that format and mount

does shadow work like returnil , i mean make a file , format and mount?

 

Someone can perhaps correct me - file yes, I see a file named "diskpt0.sys" that I believe is SD's "virtual partition" or "sandbox" area in the root of my C: drive, I do NOT see this mounted as a drive anywhere however.

 

This thread: https://www.wilderssecurity.com/showthread.php?t=196103 by BlueZannetti is where I started my reading on light virtualization and you can branch out in many directions from there, lots of reading to be had on this type of software. I am playing with SD right now and what I find a challenge is that, in order to commit, unless I have it wrong, you have to know specifically which folders you want to commit and if you are lazy like me, it can take quite a while to have it commit folder "C:\" plus all sub-folders!

 

I don't see why, in practice, you would want or need to commit all that much ?

Say you download a file and what to save it - then you commit that file. As for lating beyond a reboot I find it far easier to simply make a shadow Protect image and the restore when I'm finished.

I know that SD costs money but it is better than the free version of Returnil and the paid for version of Returnil requires payment every year which makes it a non-starter for me.

 

Well, I claimed laziness but, in fact, it has more to do with my own ignorance.

Case in point: I decided to give shadow mode in SD a try. My test subject was DriveSentry - maybe not so great a choice but it is my example nonetheless. I entered shadow mode, then installed DriveSentry and set it up, synchronizing signatures and all that. After a couple of hours, I decide to commit all changes. I open the SD interface and click Commit.

Now I'm presented with a dialogue asking me to specify which folders to commit. So, instead of tracking down and dissecting every change that DriveSentry has made and figure out which folders they are (I could take some guesses, but would I get them all or end up with a dysfunctional DriveSentry half-a**ed install?), I just specify C:\ and tell it to include subfolders.

My mistaken assumption was that SD would simply commit, incrementally I guess, only those folders that had changes. No, it starts scanning through all 11,773 folders on the drive (yes, exactly as I asked it to) and this takes forever and pauses for abort,retry,ignore on DriveSentry signatures and a number of other files/folders for which access was denied.

So, I guess either I'm not a meticulous and sophisticated enough user (read: "lazy") to nitpick through which folders to commit in this case or I am trying to grossly misuse SD for much more than it's intended to be used.


I'll certainly appreciate any advice or clarification anyone can provide although I don't really insist on hijacking OP's thread here.

 

shadow Protect is cool !
does it protect by virii that can attack partition tables?

when i start shadow mode , a windows pop up with a warning file in use reboot it's normal?

about commit : some programs like adobe have a strong protection anti piracy system , can i for example commit photoshop cs4?
will restore photoshop cs4 regfiles , files and photoshop store the serial in the some hardisk sectors

 

Mantra shadow protect is cool - it is a great imaging program. I think, though, that you are refering to shadow defender SD ?

pop up warning is normal - you possibly have some security program updating in the background and SD is just warning you.

I hope that SD protects against partition virii but as I have never seen any real live virii or any malware I'm not too worried.

As to commit - I tend to run protected when I go somewhere unknown and only commit the odd download. when I am happy with a new program I just install it without SD protection being on. If I have been testing for a few days and I want to go back to the way it was before I restore a shadow protect image. Both SD and SP get used almost every day.

 

thanks
i mean shadow defender , sorry
about shadow protect is better the ti 9 or new version?

 

Have been using Acronis since version 6 without problems. More recent versions have become somewhat bloated.

I only use SP from CD to make and restore full images. Tends to be faster than Acronis for larger data drives and partitions. Acronis does still have some advantages for me. It works with whole drive encryption (drive crypt plus) wheras I have been unable to get SP to work. Last week SP would not work with an Acer laptop ( setup with a strange FAT16b) C: partition. I wouldn't be surprised if Acronis worked.

If Acronis 9 works with your system then to me, apart from a bit of speed, that's all that matters.

 

crofttk, when using shadow defender, as Long View mentioned, it's mainly for the odd download, to right-click and commit a document, bunch of mp3s, and so on.

If you've switched it on, and shadowed your drives, you can test a program like drive sentry, and see how it works on your system. As you did. If you decide to keep it, all you had to do is 'commit' the install file, reboot, and with shadow defender off, launch the drive sentry install file.

Once all rules are set up, launch shadow defender again. I've found the 'commit' feature works well with smaller files, I've tried it with a 4GB dvd file and it took a few mins. The 8GB file took a little longer.

But if I want to keep large files, I find it easier to copy them to my external drive or say an 8GB USB stick, and then copy the files after a reboot. You basically can reboot, update any windows critcal files, updat your AV in about 15 minutes and have shadow defender or returnil running for the rest of the time. Or use these programs when trying out software, or installing a game, or installing/using something like limewire/frostwire or bittorrent program, committing what you need, then rebooting to see the 'shifty' program disappear.

And for those times you come across a page you want to bookmark, but shadow defender/returnil is running, just create a text file, copy the links in, or any other things to remember and commit it. After a reboot, add all the bookmarks etc. Pretty easy program to work with considering the 'protection' it gives.

 

vert intersting
but there are issues with ultimage degrag i mean the mft offline defrag

is there a portable shardow protect version?

 

mantra, not sure if there is a portable program for virtualisation.

Regarding defragging, you wouldn't want to defrag a drive that has shadow defender or returnil running. My understanding is, you do all your 'business', such as windows updates, AV updates, deleting files, defragging (I'm using portable JKDefrag and that seems to work well), and launch the program only when you'll be trying programs out or trying a few things.

For example, a couple of portable programs I have don't seem to run with sandboxie. But if run normally, they create a number of backup files which I have to manually delete. That's where something like returnil or shadow defender is useful, I can run the program knowing I don't have to 'clean up' after it. All junk cleaned up after a reboot.

I just tried a few media programs today, some were ok, some installed everywhere they could. Reboot, and see you later ya piece of s*** that screwed all my file extensions and wouldn't uninstall!

You can also still sandbox your browser, and delete the contents of the sandbox browser whenever you need to improve your protection against keyloggers, and so you don't have to reboot as often. But running returnil or shadow defender on its own is still good protection if you reboot regularly such as once a day.