First, to address your question regarding the creation of a help thread in the malware removal forum. The instruction asks that you read the "sticky posts" at the top. What that refers to is the top seven threads, although you wouldn't really know that unless you were familiar with this type of forum software. I've had issues myself with the way that instruction is worded since there is no real good method for a new member to determine with certainty, what that means. If you look to the icon to the far left, it appears to be grayed out. That is what indicates the thread is a "sticky" topic...again, you wouldn't know that either as a newbie. Now you do.
Next, I'd like to point out that Returnil is merely a piece of software. The software's purpose and design is to create a virtual image of your entire operating system. While you have mounted the virtual system, that system can become infected just as any other. The theory is, the virtual system, along with any malware that it may have collected, will just go away upon reboot. That is actually the way it does work...the vast majority of times. However, there are those few rare occasions that malware can jump past the virtual machine and infect the real hard disk. Those instances are rare but real. That is one good reason to have the returnil antivirus product engaged while you have it mounted even though you are also using another installed antivirus product.
Not to confuse the masses, but consider that the Returnil software's antivirus product is also "virtual". The rub though, is having it engaged while the system is not mounted as virtual. Now that I have the feeling that I've confused you, let me give you a bit more detail.
Returnil's software runs on each boot. You can't turn that off without breaking the software so it must run. The software must also be configured immediately after installation to tweak the default settings to suit your needs. By default, Returnil system safe, for example, installs with the virtual system mounted on each reboot. That said, it makes sense then that it's default installation is already in a virtual mode since most users also have an antivirus product on board and, it's just my guess, the author didn't feel the need to take months and months to test every single antivirus product out there as to it's irritation with Returnil's antivirus product.
With that in mind, the default install, going directly into a mounted virtual system, isn't going to struggle much with the native antivirus product which is real...not virtual. It's after your first reboot that you might have problems. I did. I had to boot to safe mode to disable Returnil's antivirus product since it conflicted with my native antivirus product while mounted into the real operating system. In my case, my antivirus product stalled the reboot because of the wrestling match that ensued.
Safe mode, in my case, was the fix.
Now...with all that out of the way...I'd like to add that a fair sampling would be to run a complete system scan of the operating system while mounted into the real system, or normal mode. Then, boot into the virtual mode and conduct your business online, whatever that may be. When that session is complete and you reboot back into the real system, or normal mode, run another complete system scan. THAT is a fairly good way to test your security with Returnil. Compare those results with your previous results. Knowing that your first scan, while in normal mode, has already found and quarantined whatever the scan produced, then the system should be considered clean. If you mounted the virtual system immediately after that and conducted your business online, then rebooted back into the normal mode and performed another complete system scan, THAT scan should produce no results. If that scan DOES produce results, then you have a pretty good case against returnil.
I might add one last note...I have used Returnil for years and years, and while actually testing the affect that certain malicious code has on the system. Sometimes testing malicious code online, such as malicious web sites, and sometimes by purposely installing malicious software and yet, not one infection jumped past it on my system.