Returnil Question

Discussion in 'sandboxing & virtualization' started by Makav3l1, Apr 23, 2008.

Thread Status:
Not open for further replies.
  1. Makav3l1

    Makav3l1 Registered Member

    Joined:
    Nov 26, 2007
    Posts:
    241
    I've made the jump to virtualization after reading all the stuff on it in this forum. I have a few questions. I have my a/v installed on a separate partition (along with all my programs) from my windows files, however, it still does not save the updates when I leave Returnil on protected mode. I believe it's because of application files and whatnot still being stored on the c:/ partition. Is there a way to move that stuff over to my program partition where the a/v installation folder resides? Second question: Is there a way to save cookies somewhere other than the c:/ drive so I don't have to constantly log in if I use Returnil in protected mode all the time? As of right now I have Returnil protection off, my a/v update on startup, and then I use session lock. I would like to just turn Returnil protection on all the time and avoid having to do this. Any help would be appreciated, thanks.

    Edit* I found the Returnil folder relocation tool and moved desktop, cookies, and favorites folders over to my other partition. It was listed as ie cookies and favorites. Do these folder also contain firefox cookies and favorites?
     
    Last edited: Apr 23, 2008
  2. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,057
    Just be careful, that in doing all the moving, you don't end up negating the point of running Returnil

    Pete
     
  4. Makav3l1

    Makav3l1 Registered Member

    Joined:
    Nov 26, 2007
    Posts:
    241
    I have a problem. I moved the desktop folder to my e:/ drive and half of my desktop shortcuts disappeared. I restored it to the original location and they are still gone. When I look in the folder it shows the icons that are no longer on my desktop. It doesn't show the icons that are on my desktop. What happened? How can I fix this?
     
  5. Makav3l1

    Makav3l1 Registered Member

    Joined:
    Nov 26, 2007
    Posts:
    241
    I fixed it by doing a system restore. I'm not going to mess with that Returnil tool again, it doesn't seem to work right.
     
  6. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Yes it does work, but ...
    The problem is that you are still using a classical security setup and you added Returnil as an extra software without any further considerations, just like you would add an extra scanner to your security setup.

    Without Returnil, you always boot in a different system parition, because all the changes are included.
    With Returnil, you always boot in the same system partition without any change.

    Returnil removes all the BAD changes and that is very good, because you want to get rid of them.
    But Returnil removes also the GOOD changes and that can be a problem.
    Returnil doesn't see the difference between BAD and GOOD changes, so it removes ALL changes.

    Returnil is an Immediate System Recovery (ISR) software and all ISR-softwares, like ShadowDefender, DeepFreeze, PowerShadow, ShadowUser, FirstDefense-ISR Rescue, ... are based on that principle.
    All these ISR-softwares do the same job and have only little differences.

    So Returnil has a serious impact on your system and changes your entire security setup and your habits of doing things.

    Returnil removes ALL malware during reboot in less than 2 minuts, maybe even faster on your computer. I count at least 5 scanners in your signature, did you ever calculate the total scan-time of all these scanners ? That is alot more than 2 minuts.
    Returnil removes ALL malware (known, unknown and new), your scanners only remove what they know and the rest remains on your system partition.

    Of course every user has a different opinion about which software he will use in a frozen system partition.
    Some users ditched all scanners and stop the execution of malware with other security softwares, like :
    - HIPS softwares
    - sandbox softwares
    - anti-executables softwares
    - malicious behavior softwares
    - etc.
    So you have to find your own way.

    There are also different opinions about separating system from data.

    So Returnil requires alot of preparation, thinking and how to keep the good changes is a problem, that can be solved in different ways.

    If you think you can handle this, use Returnil, otherwise don't use Returnil. :)
     
    Last edited: Apr 23, 2008
  7. Makav3l1

    Makav3l1 Registered Member

    Joined:
    Nov 26, 2007
    Posts:
    241
    I didn't just add Returnil. I understand how it works. I have one realtime av/as scanner in mcafee and then two on-demand scanners. I don't see how that is an issue. Returnil itself works, I am referring to the system folder relocation tool, which I don't feel works very well as it caused problems with my system. Before I even heard of Returnil my computer was partitioned into a windows system partition and a programs partition. So adding Returnil was easy. I messed up my computer and had to restore to a previous time because I was trying to make using Returnil system protection on less bothersome.
     
  8. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Usually, I read.
    1. System Partition = Windows + Applications
    2. Data Partition = personal data.

    So you have ? :
    1. System Partition = Windows
    2. Program Partition = Applications
    3. Data Partition = personal data
     
  9. wrongway67

    wrongway67 Registered Member

    Joined:
    Apr 5, 2008
    Posts:
    45
    I experienced the same, but I solved in a different way

    I created a new folder named "Desktop" in another partition (F: in my case)

    I used that tool to move the desktop folder there, and I rebooted

    I noticed the icons (& files) I had on my old desktop were missing; there were only the systems' ones (My computer, My documents, Internet Explorer, My network places, Recycle bin)

    I checked the "C:\Documents and Settings\%user name%\Desktop" folder and they were still there

    I cut & pasted them in the "new" Desktop folder
     
  10. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    A bit OT, but its my experience that with the latest build where there is a choice for disk or memory contained,in my case using memory the system is remarkable faster !

    It should be because all I/O is done in memory, its one of Returnil advantages as compared to using your real system ! :thumb:
     
  11. Makav3l1

    Makav3l1 Registered Member

    Joined:
    Nov 26, 2007
    Posts:
    241
    I have
    1. System Partition = Windows
    2. Program Partition = Application and My Documents
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,057
    To me the solution to making it less bothersome, is to first determine the threat you are trying to protect against, and then only turn on session lock at those times.
     
  13. Coldmoon

    Coldmoon Returnil Moderator

    Joined:
    Sep 18, 2006
    Posts:
    2,981
    Location:
    USA
    Hi wrongway67,
    Your procedure is correct. Moving your desktop can be tricky and this is one of the down sides to doing it. When you move the folder, you are only moving it for one of the users and not all of the users so you have to copy and paste the shortcuts into the new folder location.

    Another thing to keep in mind here. The Relocation Tool is useful once you understand all the quirks related to moving these folders under XP. It is however not as useful under Vista as Vista makes this process much easier: Simply right click a private folder, select properties, and then open the Location tab to access the folder relocation features.

    Many of the manual steps you need under XP are done automatically under Vista...

    Mike
     
  14. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Windows = Operating System + Microsoft Applications (Programs)
    So you have already a mixture of OS and MS Applications in your Windows Partition.

    So what you have is this :
    1. System Partition = Windows + MS Applications
    2. Program Partition = Third Party Applications + personal files stored under "My Documents".
    Or did you move all MS Applications to your Program Partition ? That must have been a hell of job,
    because Windows is full of MS Applications.

    In other words :
    1. Your Applications are divided over 2 partitions, that's a mess.
    2. Your Applications are still mixed with personal data, that's not good.

    What most users do, including me, is separating system from data :
    1. System Partition = Windows + MS Applications + Third Party Applications
    2. Data Partition = personal data

    It's all about your personal data, you don't want to lose these.
    Losing your system partition is never a disaster and restoring it is peanuts.

    Returnil is used to protect your system partition : Windows + All Applications.
    Once everything is configured you don't have to change anything anymore and that's what Returnil does, keep it UNCHANGED and that keeps you in control.
    No bad changes and no good changes, until YOU want them and that means you are the BOSS and not some bad guy, that installed malware to control your computer. :)
     
    Last edited: Apr 24, 2008
  15. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    One Major problem with Windows as an Operating System is, that it doesn't make strict difference between the Operating System and the rest.

    If you have worked on other Operating Systems, you will find it very useful, that you can easily remove or replace a whole program or application.
    This because it is located on a location which is separate from the OS.
    And here is where the major problem with the security of Windows start, Windows allows Applications and programs to run under the same userid
    or user permissions then the OS, and doesn't mind programs to sit in the same
    directory with the same permission or user rights then the system files.

    A perfect example is the Registry, which causes it hardly to make it impossible to copy a installed program to another computer, because it has worked itself into the whole system.

    Of course a lot of Windows security problems were solved,
    if the OS would have its own userid and permissions and EACH application would have its own.
    Same for the registry.

    So if you seperate your programs form you Windows disk, how did you do handle all the regsitry keys, and even worse the DATA that is stored there by applications?

    For example how would you restore a application (and its data) like a mail client, if your Windows partition crashes OR the Application Partition does?

    Freezing, is a nice solution, but be careful IF your system gets infected
    you might send out viruses to others until the next reboot ..

    So a antivirus/antispyware etc. that can see IF there is infection on your system, even if it is solved after a reboot, is near my opinion needed.
     
  16. Makav3l1

    Makav3l1 Registered Member

    Joined:
    Nov 26, 2007
    Posts:
    241
    I have windows and any applications (hardly any) that are required to be in c:/ on the c:/ partition. I then have all my programs, downloads, data, and relocated my documents folder on a separate partition. If this is stupid, then I guess I set it up wrong. When I built the computer a friend of mine told me that setting it up this way would yield a faster operating system because all of the core os components are close together.
     
    Last edited: Apr 24, 2008
  17. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Your friend is probably very right, but his motivation was speed.
     
  18. Makav3l1

    Makav3l1 Registered Member

    Joined:
    Nov 26, 2007
    Posts:
    241
    Well I enjoy the speed, and Returnil can still work for me. It will keep my windows os in good shape. To my knowledge most viruses target the c:\ drive because the majority of users only have one big c:\ drive.
     
  19. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Yes, most malware target C:, but that won't last forever. New malware will target other partitions as well and they already exist according my readings.
    Your D: (Applications and Data) isn't protected by Returnil.

    When and how do you backup D: ?
    How do you backup your data, without your Applications ?
    Or do you backup your Applications over and over again along with your data ?
     
  20. bman412

    bman412 Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    261
    Returnil Premium is the giveaway of the day btw :)
     
  21. Makav3l1

    Makav3l1 Registered Member

    Joined:
    Nov 26, 2007
    Posts:
    241
    I use Acronis ati to backup everything.
     
Thread Status:
Not open for further replies.