Returnil tutorial or good wiki? Also, related advice, please.

Hi,

I did a clean reinstall recently of XP SP3 on my laptop and I will never go back to the sludgy performance of all of the security layers that I had before: Avast!, Windows Defender, SandboxIE, Spyware Terminator, BOClean. I like this speed that I have now (it is still naked). I run 5 or 6 different online AV scanners every Friday night and nothing has been found yet.

But, just to be safer, I want to use Returnil or something like it with Sandboxie. The rub is that I add new browser bookmarks daily, add new documents and files with each boot (several a day) and have new files created that have to be kept permanently. I wanted to know how to use Returnil properly within these parameters or to find another app that does the same thing. If I need to make some partitions on the HD, no problem, I am a wiz at that from using Linux LiveCDs. So to sum up, I want to have the safety of this type of security application but also keep my newly created stuff. I am usually in a hurry (work environment, tight schedule) so I am prone to forget things.This worries me a little bit. I am afraid that I will lose newly created important files because I forget to save them in a special place, etc...

Lastly, I understand that Returnil runs everything in RAM. I have 1.5 GB of RAM on a Centrino 1.7 GHz single core processor. I am wondering if that will be enough to run XP SP3.

Your advice, please on Returnil vs. other options and where I might be able to look to get the information I need to run them properly.

Thanks,

B

 

Hmmm... maybe I did not give enough information or asked a dumb question....

 

Returnil PAID is exactly what you need:

1.- Returnil protects only C: partition (free or paid), so if you have a D: partition for data (which is a good idea regardless if you use Returnil or not), you can always protect C: and save newly created or modified files in D:

2.- With Returnil paid, you can
a) commit files with right click menu (see pic1)
b) specify folders to save before you shut down (pic2)
c) save the whole session (pic3)

pic1:


pic2:


pic3:



EDIT:
Returnil has 2 options, to run in memory or in disk cache.

 

Thanks.

 

If you wish to use the free version of Returnil, you can use a different partition other than the one with Windows on it to save your data. You can relocate the My Documents special folder to be on a partition that is not the Windows partition.

 

MrBrian,

Would it be necessary to have all kinds of scanning software to scan the files that I would put on the other partition ? In other words, it is harmless, essentially, when in the Returnil boot, but if I decide that I want that file to be permanent, it then leaves the safety zone of Returnil and could be malicious, right ? All files should be scanned before being saved to a different storage partition, I assume.



Thx

 

Yes. If you don't trust the file, or the origin of the file, you can upload it to virustotal and get 36 scans at a time.

 

If you have Returnil protection turned off, and you run an infected file from your permanent partition(s), then you could infect your Windows system permanently. If you have Returnil protection on, and you run an infected file from your permanent partitions(s), then any infection of the Windows partition should disappear upon reboot. Whether Returnil protection is on or off though, the data on your permanent partition(s) could be modified, deleted, etc., by any malware encountered, so it's a good idea to have a backup strategy for the permanent data partition(s).

Whether it's "necessary" to have scanning software in such a setup is your own call. I have this setup for my father's computer, and I have one real-time antivirus scanner on his system. I am the only one who turns the Returnil protection off occasionally, in order to update Windows, other programs, antivirus definitions, etc. This setup has worked well so far.

One thing to remember about such a setup: any data that's stolen while Returnil, or any similar product, is on, cannot be undone with a reboot.

 

thats why is always good to run returnil with a good and strong firewall to protect data theft and privacy.