Returnil Virtual System (Its time to wipe out the unknown threats)

Returnil Virtual System Personal Edition v1.70.7502

This is Free!!! So Comodo MEMBERS CAN REALLY Test IT!!!

Product Description

The Returnil Virtual System Personal Edition is a powerful virtualization technology that completely mirrors your actual computer setup and it can create a virtual storage disk within your PC where you can save documents, data, and files while using the System Protection feature.
Returnil Virtual System’s protection concept is very easy to understand. It provides a simple, effective, and smart way to prevent unwanted or malicious changes from being made to your supported Windows® Operating System and the drive where Windows® is installed. You operate your system in a virtual environment, so anything you do will happen in the virtual environment, not in the real PC. If your computer is attacked or gets infected with Malware, all you need to do is simply reboot the PC to erase all changes. Once restarted, your system will be restored to the original state, as if nothing ever happened! Meanwhile, Returnil Virtual System can create a virtual storage disk for you; the purpose of this partition is to provide a place for you to save your data when the Virtual System Protection mode is turned ON, and you can customize the size of this disk to meet your individual requirements.
When the Virtual System Protection is OFF, you can install or remove programs, save documents within the Windows® disk drive, install security upgrades and software patches, alter configurations, and update user accounts. All changes made will remain following a restart of the computer.
The Returnil Virtual System is designed to take the risk and worry out of exposing your computer to all types of software, downloads, websites, or anything else that might have adverse effects on your computer or infect it with harmful viruses, spyware and other malicious programs. Once you restart your system it will revert back to its original state and all changes to your primary partition will disappear.
All of this without sacrificing computer performance or usability while helping to reduce technical support intervention and the need for routine maintenance. By cloning your system in memory rather than on your hard disk, the Returnil Virtual System offers better speed and reliability than other virtualization solutions.Features

The Returnil Virtual System:

Keeps your System Partition safe when browsing the Internet
Viruses, Trojans, Worms, Adware, Spyware, and unwanted content disappear with a simple reboot
Enforces settings and protects your internet privacy
Helps reduce overall disk wear by using memory rather than HDD cloning technology
Saves you time, money, and lost hair by maintaining or improving peak computer performance
Reduces or eliminates the need for routine disk de-fragmentation of your system partition
Your spam filter is strong, but not infallible – Returnil will eliminate the consequences of opening infected e-mail and/or attachments
Leaves absolutely no traces of computer activities
Eliminates all activities even if your computer is powered-off or crashes
Eliminates the danger of evaluating new software that does not require a reboot to install
Offers stronger, simpler and smarter protection for your PC
Seamless integration with supported Windows Operating Systems
Easy to use, simple to configure, and the one tool in your a**enal that will be there to save the day when all else fails!
System Requirements

Operating System: Microsoft® Windows® XP/ 2003 Server/ Vista 32-bit

Processor by OS:
XP: 300 MHz
2003 Server: 750 MHz
Vista: 800 MHz

Memory by OS:
XP: 128 MB
2003 Server: 128 MB
Vista: 512 MB
Hard Disk: 25 MB free HDD space (minimal configuration)


Feedbacks & Comments are welcomed

I’ve been using this for some time now and would have to say that it’s a great piece of software,with a couple of minor provisos.

From a security standpoint it offers possibly 100% protection against persistent malware,rootkits etc.You can download anything you like and open it,safe in the knowledge that your ‘real’ system won’t be infected once you reboot.

It’s also great for playing around with ‘system’ settings and trying out new software (provided it doesn’t require a reboot).

The 2 provisos would be that,although no malware infection can survive a reboot,security is still required since there’s nothing to stop an infection during a single session.It’s also vital that the system is 100% malware free before installation of returnil otherwise the malware itself will be safe from destruction.

The second would be that it does require a fair amount of user management,since it’ll need disabling to install any new software permanently,also Windows and AV updates etc.Anything that you wish to save even weblinks or pictures will either have to be saved to the ‘virtual drive’,or another drive or partition.Since it requires a reboot each time it’s enabled or disabled simple tasks can sometimes become long winded.The creators have mentioned possible future developments whereby it can be switched on and off without rebooting,which would be a big improvement.

That aside it has many positives and is very easy to use. :■■■■

Totally Agree. Almost flawless & simple from a freebie. What more can you ask more. Excellent backup to comodo firewall, fav antivirus & antispyware.

hows that compare to sandboxie etc?

Sandboxie will keep track of files and registry made so you can delete it later.
Returnil when activated will undo any change made to your computer. You can make or delete a file and it will be restored when restart of computer. So if you installed an application which required a restart it would be completely erased as if it was never there.

so basically its writing all the changes to a virtual hd… and when the session is closed, it deletes that virtual hd?


It writes all the changes to memory. Basically yes but it deletes the changes from memory so no disk space is required.

It writes all changes virtually.

When the Returnil protection is ON, your Windows system is running on a virtual partition meaning that every single change in the system partition actually takes place in the memory. Therefore all data and modifications will be lost after your system is rebooted.

Yes, that correct. Pls read my post about sandbox,lockdown & virtualization.
I used to criticize & bash several vendor products until I realized my mistake & what is the reason?? ???
I myself saw that I am not perfect so who I am to judge it so harsly.

I now for one respect all security vendors & believe that no product is perfect. All of these actually are good.

1)Firewall with HIPS
4)Anti mallware tools
5) Immediate Recovery Softwares like Virtualization, Sandbox & Lockdown.

Respect these all & love your favorite products for what they are, even if they show bugs, fails in detecting something, may have some flaws & shows some vulnerability. All of these products were created by humans to do something good but we humans are not gods & sadly we are not perfect so our products & creations are also not perfect. All of us are not perfect, that why even if one of these fails it is okay, I just make a silent report. Do not judge them too harsly because all of us also makes mistakes so if your products fails that only shows that it is human too. The power of human spirit is to keep improving & to learn from our mistakes, to have ambition & finally to become better & better person or product.

With many people having barely enough memory to run the host system, how much is needed to manage these products which then load and run software, and store data? I am worried about the consequences!

Can you “escape” the virtual machine without shuttin git down, and run the host?

No you cannot escape the virtual machine. Your present configuration is preserved unless you turn it off. For beginners use only one. either Returnil Virtualization or Sandbox or First Defense ISR partial lockdown technolgy. Choose what works best for you & test it. Remember we all have different config & hardware & software so compatibility differs.

Of course I am assuming that this very much depends on the amount of RAM you have. As you exceed that, it will be caching to HD anyway! But Virtual storage so that all these are being written to and getting rid off it is the idea. Of course what would be good is for a high powered security product to offer this virtualisation in a very efficent and more importantly in a secure way!

Lets see when we can release our own virtualisation then :wink:


Melih are you following this table?

Cpf is gonna explode soon :D.

ThreatFire (Cyberhawk) is the only hips with buffer overflow protection. As soon as cmg is incorporated into cpf it will have complete protection.

Kind of weird that they list virtualization/roll back for a hips? Oh…They mean a sandbox type thing like returnil which erases what programs did.

The current,stable version just clones the system drive in RAM,which for usage such as web surfing,etc there’s no observable difference to running ‘normally’.Of course the amount of available RAM becomes a factor when running several memory intensive tasks together while virtualised.The new,beta version has the option to use either RAM or disk caching which will address those issues.

It’ll be interesting to hear about the form that Comodo virtualisation will take?

It is strange that virtualisation utils are listed as security applications,since that’s not what they were specifically designed for.It’s just a welcome side effect that they offer the protection they do.

yes its the side effect of virtualisation…

however sometimes these products do not protect well enough against nasty malware who penetrate thru them and even abilty to switch it off from within. Hence it makes sense a Security Experts to offer virtualisation like Comodo.


Melih, just wondering have you recieved any offer for your businesss from any of your competions.


That is correct. I will give a example of that mallware

Threat Level: Very High
Description: Trojan.KillDisk.R is a trojan that has a name that properly fits the behavior it exhibits on affected system by deleting all files possible.

It is quite rare so your antivirus & antispyware should be there for defense.

Remember that mallware makers are one step ahead of all security vendors. Remember that in war The BEst defense is offense & it is always easier to destroy than protect…

HIPS works by analysing suspicious behaviour so here is the mallware makers counter.!!! (:SAD)
They are devoloping a hybrid that use both metamorphic & polymorphic & a new technolgy called stealth or cloaking technogy, that works at a kernel level lower than HIPS& that can mask the behaviour of the mallware. HIPS Also does not offer 100% protection.
These guys suck. (:AGY)
So you need all security products.



Just a thought by the way, Our immune system is also supported by friendly bacteria. So I got a new idea. Remember lactobacillus, a frinedly bacteria that helps the human immune system. We fight a virus using another virus, a virus that supports all security products. Let me name it the the assassin or ninja (search & destroy) virus that hunts down cloaked mallware & will render itself inert when no threat detected & automatically will activate to destroy mallware when commanded by the user. :BNC
I know this is unorthodox, but this time we are also fighting dirty. (:CLP)

Other than the practical problem, the idea of a virus raises ethical issues, deceiving others and taking away their freedom to choose. But like any health threat, if a person refuses to acknowledge he is infected, he may be spreading disease to others. A true ethical dilemna? Should one force another to help himself to protect innocent third parties???

Perhaps in fact a virus that hunts out security flaws in other systems is an ethical idea. This time though the virus instead of installing “malware” that harms would just direct the user to the comodo site and offer the voluntary opportunity to install firewall and security solutions.

Like Santa in “Miracle on 34th St.” the new virus should also offer other security measures if there are any that would plug the hole discovered… If the user doesn’t visit a site to plug security holes, then the “benign virus” remains on his system to be spread to others…

Put ignorance and stubborn refusal to do the right thing be a force for good? Does the end justify the means?