Hi, just want some good advice.I want to buy a protective software( in addition to AV,firewall, Antispyware and HIPS) for my new notebook. I have quite a few options,

ShadowUser
Sandboxie( it,s free i think)
DeepFreeze
BufferZone
Norton GoBack
Acronis true Image
....? may be still more that I don,t know

My main concerns are as follows,

1- I am in habit of trying latest and new software, even sometimes beta, so I want a secure way of tryingr new sftwares.
2- I am in the hbit of surfing everywhere on internet, even i would like to go to some known spyware sites just to test my security appliances( a bit crazy idea! but i am not the only one). So i want to secure my web surfing.
3- Also I downlod software from internet, As downloads may be potentially dangerous,so I need protection against nasty downloads.

I don,t keepany sensitive data on my PC, so data security is not a problem, however I put a lot of software with many personal configrations of it and with all available updates, so if I loose my system, it my take a significant time ti rebuild my system.

So which one you think is the best option for me. At the moment I have used only ShadowUser and it has impressed me too much. It is strong, secure,and very easty to use with very little configuration required. Just a reboot and systemis clean again.

Just one thing that is very important, I am on low budget, soi need something good but cheeper as well.

Another related question is that which one of these two is better ShadowSurfer or Sandboxie( both are free I think).

Many thanks!

-{ Quote: "With Deep Freeze in frozen mode, files can be copied to the frozen drive or even the drive can be formatted but those modifications to the frozen drive will be removed upon reboot." }-

Sorry to be off topic, out of DeepFreeze and ShadowUser which one is easy to use and better.

If I were to pay for something on your list it would be Acronis True Image, nothing safer than a nice clean HD image. It also comes in handy for other non-security problems/testing.

Then get Sandboxie/ShadowSurfer (free).

-{ Quote: "If I were to pay for something on your list it would be Acronis True Image, nothing safer than a nice clean HD image. It also comes in handy for other non-security problems/testing.

Then get Sandboxie/ShadowSurfer (free)." }-
I second that.
An Image Backup software is never a waste of money and freewares like ShadowSurfer or Sandoxie allow you to surf safe on the internet without getting any existing or new threat.
I would go for ShadowSurfer.

I use Shadow surfer and deep freeze. Tech support at deep freeze told me not to use it on nforce chipset motherboards. they both work quite well.

-{ Quote: "If I were to pay for something on your list it would be Acronis True Image, nothing safer than a nice clean HD image. It also comes in handy for other non-security problems/testing.

Then get Sandboxie/ShadowSurfer (free)." }-

I don't know. I do a lot of the stuff Aigle asked about and while I use ATI for imaging purposes, restoring and reimaging every time I wanted to try something would be a horrific waste of time.

Rollback Rx has proved quite effective and is the quickest solution. Taking a snapshot is almost instantaneous and rolling back is not much more than a reboot. Another critical difference, is with Shadowuser if you forgot to commit a change it's gone. With Rollback since it saves a snapshot you can delete when you rollback, if you realize you need something from it you can reach into that snapshot and recover it.

Just today I had a problem where the config files from Outlook got corrupted and it wouldn't retrieve email. Going to a previous snapshot all was well. I went back to my current one and since I really didn't want to lose any additions my first try was to reach into the earlier snapshot and retrieve the earlier config files. Solved the problem.

In theory Go-back could also do this but it isn't dependable because the data isn't there permenently(or until you delete it)

Pete

I second Peter. Rollback Rx is great and with HDS Clone http://www.horizondatasys.com/product_page.html?page_id=115&product_name=HDS%20Clone from the same company provided FREE of charge you can backup/clone your Hardrive.

Thanks,

Chris

I say the same HD cloning is time consuming and is basically for HD crash, not for instant recovery.

with shadowuser\surfer is their a need for as and avs?

With Shadowuser there is not really a need that I can see for an AV or AS or any type of antimalware. But nothing can be saved with shadowsurfer. Although with shadowuser you can save certain things but then at that point you would want to use some type of antimalware or else you risk whatever you allow it to save to become infected and hence pass it on to your system when you come out of shadow mode.

Same thing applies for Rollback Rx but you can save numerous snapshots which is great.

Thanks,

Chris

-{ Quote: "
Same thing applies for Rollback Rx but you can save numerous snapshots which is great.

Thanks,

Chris" }-

Hi Chris,

So, with Rollback RX.....can you schedule times for it to take a snapshot (either through it's interface, or by using Windows Task Scheduler)? Or is it a "manual snapshot" only type option?

-{ Quote: "So, with Rollback RX.....can you schedule times for it to take a snapshot (either through it's interface, or by using Windows Task Scheduler)? Or is it a "manual snapshot" only type option?" }-
Yea you can schedule snapshots at times you want through it's interface or manually. Theres a free trial fully functional that you should try. I really doubt that you will be disappointed. Please feel free to ask more if you want but it really is a good program.

Thanks,

Chris

-{ Quote: "With Shadowuser there is not really a need that I can see for an AV or AS or any type of antimalware. But nothing can be saved with shadowsurfer. Although with shadowuser you can save certain things but then at that point you would want to use some type of antimalware or else you risk whatever you allow it to save to become infected and hence pass it on to your system when you come out of shadow mode.

Same thing applies for Rollback Rx but you can save numerous snapshots which is great.

Thanks,

Chris" }-

Hello,
It's not correct.
You can save things with ShadowSurfer. You just need more than one partition. I have tried it successfully. Protect the system partition (C), save data to another partition (K). Works superbly.
Mrk

The whole partition would be vulnerable at this point. I was assuming he was talking about protecting his PC in general not just one partition. So I guess the answer is yes if you leave partition(s) unprotected. Thanks for clarifying this Mrkvonic.

Thanks,

Chris

Hello,
NP. If it's a non-system partition what vulnerability is there? To take control of the PC, you need privileges, to have them, you need to take over the system, so there's no harm there. The only harm could come from you saving something offline and then execute it later on out of Shadow mode.
Mrk

Something similar to the Blackmal virus http://www.securityfocus.com/news/11374 would seem to be such a file that could delete files on the unprotected partition. This is just one such example. Please correct me if I am wrong.

Thanks,

Chris

Hello,
For something to execute and run with schedule - it needs system privileges. Theoretically, you could execute this virus while in Shadow mode and damage your system, but this is true for both ShadowSurfer and ShadowUser and any virtualization software that allows writing in the 'shadow' mode.
Mrk

-{ Quote: "Something similar to the Blackmal virus http://www.securityfocus.com/news/11374 would seem to be such a file that could delete files on the unprotected partition. " }-This is a good point, Chris. Also:

Deja Vu - Snow.A (http://isc.sans.org/diary.php?storyid=1154)

"appends its code to all .EXE files in all drives, including mapped network drives and removable disks."

So, while the protected partitions are restored on reboot, one can't be sure anymore what might happen on unprotected partitions. This applies also to Deep Freeze and similar programs.


-rich