Hi, folks: Power Shadow was 100% free if you jumped onto the wagon much earlier, both v. 2.6 and 2.8. For those who are still interesting in this product, perhaps you still can d/l from its Chinese web site ( pls note not the English site in Chiago) for free. But one thing for sure, its v.2.82 freeware for personal use will be ceased to exist from June 11, 2007 (its most recent news release ). PS is a remarkable app, dev is still under way. Have a nice day.

IMO, powershadows is completely free. Who told you PS is a have-to-pay app?

I personally recommend V2.6 ---more stable & not write MBR ( V2.8 may do so)

-{ Quote: "IMO, powershadows is completely free. Who told you PS is a have-to-pay app?

I personally recommend V2.6 ---more stable & not write MBR ( V2.8 may do so)" }-

I provided a link several responses up from this one showing that the product costs $39.

But still others are claiming it is free. That is worriesome in in itself. Are some sites offering Powershadow for free while others are charging for it?

-{ Quote: "I personally recommend V2.6 ---more stable & not write MBR ( V2.8 may do so)" }-Both PS 2.6 & 2.8.2 do NOT change/mess with the MBR... see http://www.wilderssecurity.com/showpost.php?p=1000698&postcount=126

Mike

-{ Quote: "Powershadow is not free, it cost's $39." }-
That's alot of money : $30 more and you have FDISR.

Besafe I down loaded from Tuscows put PowerShadow in as user name and the code that is shown in one of the posts and it worked for me. Code on post 12

-{ Quote: "Both PS 2.6 & 2.8.2 do NOT change/mess with the MBR... see http://www.wilderssecurity.com/showpost.php?p=1000698&postcount=126

Mike" }-

I remerber that some version later than V2.6 would really write MBR ( V2.8 ? ); many PS users have reported the bug to developers.

Very glad to hear there is no such problem with PS V2.8.2 now.

PS is worth it's weight in any distribution. Those fortunate to have got in on the action early know this. I tested this program AGAIN. This time with Rollback RX 8 with perfect results as always. Of course i got my download off the TuCows site some time ago and count many of us lucky to have been satisfied recipients of the power this app supplies.

Renown and respected Global Moderator Peter2150 put it up against KillDisk virus and POWER SHADOW returned positive results.

It's truly been an app worth it's weight. XP Pro SP1 and no problems at all here, not even on an unpatched fresh XP install with no ServicePack update.

A keeper and a Heavyweight!!!

-{ Quote: "PS is worth it's weight in any distribution. Those fortunate to have got in on the action early know this. I tested this program AGAIN. This time with Rollback RX 8 with perfect results as always. Of course i got my download off the TuCows site some time ago and count many of us lucky to have been satisfied recipients of the power this app supplies.

Renown and respected Global Moderator Peter2150 put it up against KillDisk virus and POWER SHADOW returned positive results.

It's truly been an app worth it's weight. XP Pro SP1 and no problems at all here, not even on an unpatched fresh XP install with no ServicePack update.

A keeper and a Heavyweight!!!" }-
Its a heavyweight and yet its lightweight :)

-{ Quote: "Its a heavyweight and yet its lightweight :)" }-

Sadly enough its not working on my main rig,its having Sata in it,i remember somebody saying its not working on Sata drives,on the other machines with Ide drives--flawless !!

The 2.8 will work with SATA and I tried the download and English conversion but chickened out. Couldn't exactly figure out what I needed to do.

-{ Quote: "Besafe I down loaded from Tuscows put PowerShadow in as user name and the code that is shown in one of the posts and it worked for me. Code on post 12" }-

Yeah...but that doesn't quire seem right to use a code found from this website to get the product for free. It is either free or it isn't. If it's not free, I wouldn't reccomend pirating it.

-{ Quote: "The 2.8 will work with SATA and I tried the download and English conversion but chickened out. Couldn't exactly figure out what I needed to do." }-

Sad for you,but anyway i wil take a look at 2.8
thanks.

Besafe, I don't understand about 2.6 as far as the legality of what I did. I downloaded from a legitimate site. Put in a code that someone at PS must have come up with. I believe that a lot of times when a new program is starting they let some out free to get interest started. It has certainly done that. They already have 2.8 but in Chin. They are working on an ALPHA of 2.9. I have a sys. with a SATA drive. 2.6 won't work. I am looking forward to a version that will work on mine. And I won't mind paying for it.

-{ Quote: "Yeah...but that doesn't quire seem right to use a code found from this website to get the product for free. It is either free or it isn't. If it's not free, I wouldn't reccomend pirating it." }-
Hi, folks: PS was not a freeware at its birth two years ago in North America. According to its creator Mr.Bao ( resides in Beijing, China), there are more than 20,000 copies sold, at the same time, people in China, Taiwan were widely using its cracked Chinese version. Sometime late last year, he decided to pull the plugs from North America and to give his countryfellow a legitimate copy to use freely, that was when v.26 's user name/code became public, and was picked up by our member here, and became a joy wagon, everyone seems to like it. He later published v.2.8 and 2.82 w/ different activation method(online)-this method will be ceased and desisted on June 11,2007. IMO, it is perfectly legal and moral to use it. Anyone would suggest otherwise is off track. Although there is new website set up out of Chiago, its position is still remained very vague. if there is a freeware out there, why would you fork $$ to folks in Chiago? Just my loonie sense. Have a nice one.

The author has stated that the 2.8 edition is free for individual non-commercial use.

I would like to figure out how to use it.

-{ Quote: "The author has stated that the 2.8 edition is free for individual non-commercial use." }-

is there any link to download ver. 2.8,from what i understand its working with Sata drives.

-{ Quote: "is there any link to download ver. 2.8,from what i understand its working with Sata drives." }-http://www.wilderssecurity.com/showpost.php?p=966939&postcount=519 ... the 2nd D/L link is still working.

Mike

-{ Quote: "http://www.wilderssecurity.com/showpost.php?p=966939&postcount=519 ... the 2nd D/L link is still working.

Mike" }-

Thanks Mike,

The rapidshare link was copied incorrectly. Here is the full link:

http://rapidshare.com/files/12664619/powershadow-english.zip.html

Espresso, a very special thanks from english only users! ;D :thumb: :thumb: ;D

Mike

-{ Quote: "is there any link to download ver. 2.8,from what i understand its working with Sata drives." }-

Version 2.6 worked fine with my SATA2 drive . v2.82 is supposed to work "better" with SATA but to what degree, I don't know.

-{ Quote: "The rapidshare link was copied incorrectly. Here is the full link:

[CODE]http://rapidshare.com/files/12664619/powershadow-english.zip.html[/COD

E]" }-

No problems downloading vers. 282,install and registration a breeze but starting single shadowmode nothing happen as was same with vers. 2.6,i think my Sata drive is a alien thing for this PS versions, maybe upcoming 2.9 solves but than you have to pay for it.

thanks for the links !!

How many people have SATA drives and have 2.6 working. PS support told me that it isn't compatible.

-{ Quote: "Version 2.6 worked fine with my SATA2 drive . v2.82 is supposed to work "better" with SATA but to what degree, I don't know." }-

Interesting report about v2.6 Expresso. I still have the English files posted awhile back for 2.82 but really haven't had any need to update because i'm waiting to see IF or WHEN they master the feature of also Exiting shadow-mode w/o a reboot. Now THAT will be revolutionary. I'm sure if anyone will pull that off it's the PS Team.

-{ Quote: "How many people have SATA drives and have 2.6 working. PS support told me that it isn't compatible." }-
I have run 2.6 on my dell laptop which has a sata harddrive in it with no problems at all, i now run 2.8 which also runs flawlessly.

-{ Quote: "I have run 2.6 on my dell laptop which has a sata harddrive in it with no problems at all, i now run 2.8 which also runs flawlessly." }-

dont understand,its not running on my SATA desk,no problems on my IDE driven rigs.Contrary to official reply from vendor your running PS 2.6 on SATA with no problems--thats strange---do you have a Sata disk afterall,normally they come with IDE ? And if its real SATA how you get around this to make it work ?

thanks.

I have a Hitachi HTS541080G9SA00, which is an 80gig 5400rpm sata hard drive. I don't do anything special, just a normal installation of powershadow 2.6 and it runs fine. I'm guessing that notebook and desktop sata interfaces must be different and thats where the problem lies.

I do think the technology of Powershadow will damage your harddisk.

When you first install Powershadow, it will find a free space in your harddisk for the "cache buffer". It maybe will take 1-10 GB space in your harddisk.

when you are in shadow mode, all the disk access will be actually saved into the "cache buffer". when you rebooting, the "cache buffer" will be clean. all the changes will be lost.

that is the theory of Powershadow.

Now, all the disk access will muster in a fixed buffer area. That means the linear accesss to disk will be changed to a point. The "cache buffer" will be used very very frequently.

Damage on your harddisk will be there soon.

Now other products of virtual solution already dropped this technology and move to new way.

But after I tested the PS 2.8, it was still in the old way.

There's been no real report of anything like that untill now, and why now? Is this some new discovery (bug?)

You can also just as easily damage your Hard Drive if you always run the write heads to severe xtremes excessively (other softwares), but even then that type damage would take considerable time IMO.

I'm really enjoying this. Ever since Power Shadow has surfaced here and now is spread globally like wildfire & popularity all over the net, it's become a real point of contention for some to zero in on it's potential weaknesses or even make a point to discount it in favor of sandboxes etc. but all that is really beneficial, that is to scrutinize it thoroughly and for that matter any software that is proven to back up it's claims with Positive Results!

Not to dismiss the suggestion made regarding the Hard Drive matter raised but can you offer up just a little more proof that such a potential exists beyond what's been posted so far to that? I for one would be very interested in reading more into this.

In the meantime, my own Hard Drive is not suffered any such hint of that being mentioned. In retrospect, i have run some badly coded programs B4 that have noticable taken my HD to severe task just by listening to the thrashing they were putting on it.

-{ Quote: "I do think the technology of Powershadow will damage your harddisk.

When you first install Powershadow, it will find a free space in your harddisk for the "cache buffer". It maybe will take 1-10 GB space in your harddisk.

when you are in shadow mode, all the disk access will be actually saved into the "cache buffer". when you rebooting, the "cache buffer" will be clean. all the changes will be lost.

that is the theory of Powershadow.

Now, all the disk access will muster in a fixed buffer area. That means the linear accesss to disk will be changed to a point. The "cache buffer" will be used very very frequently.

Damage on your harddisk will be there soon.

Now other products of virtual solution already dropped this technology and move to new way.

But after I tested the PS 2.8, it was still in the old way." }-

This is total unsubstantiated nonsense. This is no different then defragging and keepinig all files on one area of the disk.

Either provide factual, verifiable, reputable evidence of this, which I doubt you can or please stop making these posts.

Pete

Weird. Weird. Weird.

1, If you don't have PS, you still need to write and read your drive.
Will PowerShadow drastically increase write and read times ?
On the contrary, I think it MAYBE decrease operations a little bit.
(Because I think PowerShadow may have a buffer in the software)
A couple of people in this forum even verified that performance of computer increase a little bit after running PowerShadow.

2, you said "all the disk access will muster in a fixed buffer area.the linear accesss to disk will be changed to a point. The "cache buffer" will be used very very frequently. Damage on your harddisk will be there soon. "

Are you talking about "c:\pagefile.sys " from MicroSoft ?


-{ Quote: "I do think the technology of Powershadow will damage your harddisk.

When you first install Powershadow, it will find a free space in your harddisk for the "cache buffer". It maybe will take 1-10 GB space in your harddisk.

when you are in shadow mode, all the disk access will be actually saved into the "cache buffer". when you rebooting, the "cache buffer" will be clean. all the changes will be lost.

that is the theory of Powershadow.

Now, all the disk access will muster in a fixed buffer area. That means the linear accesss to disk will be changed to a point. The "cache buffer" will be used very very frequently.

Damage on your harddisk will be there soon.

Now other products of virtual solution already dropped this technology and move to new way.

But after I tested the PS 2.8, it was still in the old way." }-

I'm certainly not the only one so fortunate but other users of Power Shadow also have experienced a welcome phenomena of noticing an improvement! in performance after installing & running PS. Don't ask because i'm at a loss to offer any reasonable explaination for that, but i have experienced the same exact boost in normal pc operation with other apps although only a very choice few, but it was so undeniable it was mind-boggling but exciting and very welcome.

If it's not a bios rootkit theory scare tactic it's always something else like this that always seems to surface in some effort to distract away from realizing total confidence is indeed within easy reach sometimes or that solid security can be achieved in enjoying a fully stable and protected PC.
I come to expect as much anymore because positive and lasting results can surely prove hard to stomach for skeptics everywhere that some windows software programs can & do indeed excell far beyond the ordinary. We all have long been conditioned to believe this can't possibly be realized or in such a fashion as this which is refreshingly shocking even for us!

If PowerShadow is damaging my harddisk, then EVERY software is damaging my harddisk. My harddisk has to read and write bytes, otherwise it's useless and it has to spin and move too, otherwise it keeps on reading and writing at the same spot and that is boring. Where do they get all these stories ? Pffft.
I hope this helps.

PS: This was post #785 on page #32, that's more than Rocky 1, 2, 3, 4 ... They obviously ignored Peter's advice. ;)

Power Shadow is hardly a threat to HD health, for that matter neither are the "masses" of security softwares i been testing for so long, plus all the rootkits & malwares that i've enjoyed watching squirm around throughout my system only to run out of hiding spots ;D

Now then i have encountered one really bad element b4 which was a floppy image supposedly designed to wipe a disk that actually came off a very legit commercial site offered for free that "locked" my darn hard drive from the Bios even recognizing it :blink: Never did figure that one out.

With it's lid now off it rests nicely on my glass shelf as a display item of what a disc platter looks like for the curious. :)

I think that PS is great. I love the way you can choose to go into shadow mode without re-boot. I'm looking forward to the version that can come out of shadow without re-boot.

-{ Quote: "I think that PS is great. I love the way you can choose to go into shadow mode without re-boot. I'm looking forward to the version that can come out of shadow without re-boot." }-
I'm almost sure that this will happen in the future or at least with other similar softwares.
You just press a button and then your computer will be blocked for a short time to UNDO the changes. It can't be that difficult to do this. I even wonder why they didn't do it during the development. It was the next logical step. :)

On their forum they talk of a BETA, but as yet it hasn't been released. Now wouldn't that be something. Check out the new BETA while in Shadow mode.

-{ Quote: "On their forum they talk of a BETA, but as yet it hasn't been released. Now wouldn't that be something. Check out the new BETA while in Shadow mode." }-
Will probably try it in a virtual machine whilst in shadowmode!

Geez I laughed when you lost your glasses after coming out of shaowmode but I can't find that post atm.;D

I have never tried VM. I guess that Shadow mode is kind of the same thing. I have a hard time wrapping my head around a virtual machine First Defense snapshot of PowerShadow operating a Beta of PowerShadow 2.9.

-{ Quote: "I have a hard time wrapping my head around a virtual machine First Defense snapshot of PowerShadow operating a Beta of PowerShadow 2.9." }-Check this out (another PS type product)...

Returnil is protecting my Windows XP system partition, that resides on an immutable Virtual Disk Image of VirtualBox, which is hosted on Xandros 4. (http://www.wilderssecurity.com/showpost.php?p=1006359&postcount=24)

Mike

-{ Quote: "I have never tried VM. I guess that Shadow mode is kind of the same thing. I have a hard time wrapping my head around a virtual machine First Defense snapshot of PowerShadow operating a Beta of PowerShadow 2.9." }-
If you have the necessary hardware then you should give vm's a try. I use Virtual PC 2007 which is free and relatively easy to use imo.

I have been trying to download VMPlayer all afternoon. For some reason I can't get it to download.

-{ Quote: "I have been trying to download VMPlayer all afternoon. For some reason I can't get it to download." }-
I'm not using VMplayer.MS's Virtual PC seems to work fine by itself and is a 30 meg download whereas I think VMplayer is over a 100.

MS Virtual PC 2007 (http://www.microsoft.com/windows/products/winfamily/virtualpc/default.mspx)

-{ Quote: "Check this out (another PS type product)...

Returnil is protecting my Windows XP system partition, that resides on an immutable Virtual Disk Image of VirtualBox, which is hosted on Xandros 4. (http://www.wilderssecurity.com/showpost.php?p=1006359&postcount=24)

Mike" }-

Returnil looks interesting. I noticed that someone name 'sucilee' is one of the authors, or involved with Returnil. Wonder if it's the same sucilee posting in this thread? I'd prefer people be open about their association, if any, with a competitor before criticizing another similar product. That's only fair.

-{ Quote: "I'm almost sure that this will happen in the future or at least with other similar softwares.
You just press a button and then your computer will be blocked for a short time to UNDO the changes. It can't be that difficult to do this. I even wonder why they didn't do it during the development. It was the next logical step. :)" }-

They (PS Team), obviously at some point like you mention, either during development or shortly thereafter it's release realized that new type of feature would be expected from them.
Just like other software projects they probably had decided to impliment it in another release/update.
From our end it wouldn't seem to be so difficult for them to pull off, but who's say what all that involves to finally compile it together. I just like to see it become reality & sooner rather than later.

-{ Quote: "Returnil looks interesting. I noticed that someone name 'sucilee' is one of the authors, or involved with Returnil. Wonder if it's the same sucilee posting in this thread? I'd prefer people be open about their association, if any, with a competitor before criticizing another similar product. That's only fair." }-Already been said before (December 12th, 2006, 01:33 PM)... http://www.wilderssecurity.com/showpost.php?p=901219&postcount=5

Oh, the poster that said, "I do think the technology of Powershadow will damage your harddisk."

Mike

I managed to download VMPlayer. It is 145mb's. I started to download Virtual PC but it didn't say that it supported XP Home ,only Pro. I haven't done anything yet with VM . Not sure what to do.

-{ Quote: "I managed to download VMPlayer. It is 145mb's. I started to download Virtual PC but it didn't say that it supported XP Home ,only Pro. I haven't done anything yet with VM . Not sure what to do." }-
When you try to install virtual pc on xp home it pops up a warning saying the OS is not supported but you can still install it and it works fine from my experience.

I've used vmware player a bit before but if i remember correctly it doesn't allow you to create your own vm's. You either have to download a vm or download vmware converter to create one.

I prefer virtual pc as its free, its a much smaller download and it allows you to easily create your own vm's. I've made myself a custom vm using windows 2003 which is only 300mb. It only has firefox installed in it and i use it for most of my web browsing, when i shut it down i delete all changes so i have my clean vm back again.

What is the advantage to use either one over FD-ISR snapshot? Basically what I plan to do is run some Beta software and don't want to chance a system foul up.

Try Virtual Box (http://www.virtualbox.org/).

Hello everybody, I discovered PS thanks to this forum and I've been using it mainly for surfing the web and for testing new apps.

Recently though PS has been causing problems in my firefox cache and profile. After using firefox in full shadow mode and rebooting the machine firefox looses all my preferences, sometimes my bookmarks too. The strange thing is that even after resetting them firefox doesn't remember the preferences. The only way to fix this has been restoring a backup of my profile with the febe extension. Could this be due to the fact that I have 3 separate partitions for xp home, apps and temp files? Thanks

-{ Quote: "Recently though PS has been causing problems in my firefox cache and profile. After using firefox in full shadow mode and rebooting the machine firefox looses all my preferences, sometimes my bookmarks too. The strange thing is that even after resetting them firefox doesn't remember the preferences. The only way to fix this has been restoring a backup of my profile with the febe extension. Could this be due to the fact that I have 3 separate partitions for xp home, apps and temp files? Thanks" }-I am guessing you have not moved your FF profile from the default location, it is still in:
C:\Documents and Settings\vaitus\Application Data\Mozilla\Firefox\Profiles\4gxtlwcd.default ?

PS shadows/prevents any changes to C:, you need to move your FF profile to a different partition...

http://www.mozilla.org/support/firefox/profile

http://kb.mozillazine.org/Profile_Manager

Mike

-{ Quote: "I am guessing you have not moved your FF profile from the default location, it is still in:
C:\Documents and Settings\vaitus\Application Data\Mozilla\Firefox\Profiles\4gxtlwcd.default ?

PS shadows/prevents any changes to C:, you need to move your FF profile to a different partition...

http://www.mozilla.org/support/firefox/profile

http://kb.mozillazine.org/Profile_Manager

Mike" }-

Mike, thanks for replying. Sorry but I don't get this, why should I move my profile from its default location?

If everything works fine in "normal mode" and powershadows is supposed to allow no changes it should still work after I reboot to normal from full shadow mode, instead something seems to be changing. Plus in full shadow mode PS monitors all partitions.

-{ Quote: "After using firefox in full shadow mode and rebooting the machine firefox looses all my preferences, sometimes my bookmarks too." }-Pardon my old brain.exe, I missed the word "full". Full means PS will not allow any changes to all your partitions. So, if you add or change a Bookmark, it will not be saved. Maybe I am not understanding your problem?

Mike

Mike, sorry I must have not explained myself too well.

I'm aware I'm not going to keep any changes made during full shadow mode, the problem is that when I reboot to normal I loose all firefox preferences (like icons shown in the toolbar, last session tabs etc.) I already had before entering full shadow. Plus when I go and manually restore those preferences, like the above mentioned icons, I loose them again after I restart firefox, all this in normal mode. I can fix this by reinstalling ff and restoring my profile, but it's a little too much work if I have to do it after every full shadow session.

-{ Quote: "I'm aware I'm not going to keep any changes made during full shadow mode, the problem is that when I reboot to normal I loose all firefox preferences (like icons shown in the toolbar, last session tabs etc.)" }-Sorry, I have no clue.

I assume you have check file permissions, any other security program that maybe goofing you up, installed any new software, etc...

Mike

hi, folks: news comes out of China: Power Shadow has released its enterprise version ,good for workstations upto 10 units. And asking approx. 200 US, with intro deal discount about $150 US. But Where is the official english v.2.82 or 2.9 beta ? There are more than 20,000 v.2.6 users here in North America awaiting.

http://www.wilderssecurity.com/showpost.php?p=1003649&postcount=751
-{ Quote: "But one thing for sure, its v.2.82 freeware for personal use will be ceased to exist from June 11, 2007 (its most recent news release )." }-
http://www.wilderssecurity.com/showpost.php?p=1005214&postcount=765
-{ Quote: "He later published v.2.8 and 2.82 w/ different activation method(online)-this method will be ceased and desisted on June 11,2007." }-
What exactly does "ceased to exist from June 11" mean?

If someone tries to install PS 2.8.2, it will not activate... can not be used... disappears from all servers and PCs on the planet?

If it is already installed (and activated) will it still work?

Mike

Hi, folks: For those who have already had it, business runs as usually. The vendor can not shut yours down- it is your baby already after all. But online acitvation method for new installation will be gone with the wind. Mind you, PS has released Enterprise version-payware-. After June 11, 2007, whether they will continue to offer freeware is billions Chinese' guess, let alone few billions here in North America. Be wise to get this freeware(sort of) before the deal is gone. Legally, there is NO freeware offered in North America, we just got lucky.

@Perman, thank you very much!

-{ Quote: "Be wise to get this freeware(sort of) before the deal is gone." }-Maybe the data hidden by PS 2.8.2 in sector 15 of the hard disk can be written by some magic program to activate the product? See http://www.wilderssecurity.com/showthread.php?t=175191

Mike

Part of the EULA from PS 2.6:
-{ Quote: "SOFTWARE PRODUCT LICENSE
The SOFTWARE PRODUCT is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. The SOFTWARE PRODUCT is licensed, not sold.

1. GRANT OF LICENSE. This EULA grants you the following rights:Installation and Use. You may install and use an unlimited number of copies of the SOFTWARE PRODUCT.

Distribution.
The SOFTWARE PRODUCT may not be sold or be included in a product or package which intends to receive benefits through the inclusion of the SOFTWARE PRODUCT. The SOFTWARE PRODUCT may be included in any free or non-profit packages or products." }-

-{ Quote: "Part of the EULA from PS 2.6:" }-OK, but what does the EULA for PS 2.8.2 say?

Mike

Hi, Folks: one of the Chinese d/l site warns that there is a plugin w/ program, this plugin is the instruction of installation---and online activation is among them. Moreover, some members have expressed concerns regading to this method. They have claimed that even key in w/ fake email address and false name, the app would still be activated. Would this fact coincide with your finding that PS 2.82 is already registered ? Puzzle, puzzle.

-{ Quote: "Hi, Folks: one of the Chinese d/l site warns that there is a plugin w/ program, this plugin is the instruction of installation---and online activation is among them." }-There are only a bunch of .jpg and .bmp, five .exe, two .dll, some html,... just a small amount of regular stuff. I do not see anything that looks like a plugin.

-{ Quote: "Moreover, some members have expressed concerns regading to this method. They have claimed that even key in w/ fake email address and false name, the app would still be activated." }-Yes, the fake stuff works.

-{ Quote: "Would this fact coincide with your finding that PS 2.82 is already registered ? Puzzle, puzzle." }-Sort of... the fact is when you install it and activate it for the first time, some hidden data is written into sector 15 of the hard disk.

Mike

-{ Quote: "OK, but what does the EULA for PS 2.8.2 say?

Mike" }-
Same thing as far as I can tell.

PS seems to have been scrutinised far more than most products in this forum and I suppose that is a good thing.

But do all the hidden things and the phoning home really negate the way PS works.Works excellent here and will be sticking with it.

I also use MS Virtual PC VMs which will replace PS if the need arises and which I hope never does as PS is too easy and secure to use.

-{ Quote: "Same thing as far as I can tell." }-Hm, "The SOFTWARE PRODUCT may be included in any free or non-profit packages or products." GREAT!!

-{ Quote: "PS seems to have been scrutinised far more than most products in this forum and I suppose that is a good thing.

But do all the hidden things and the phoning home really negate the way PS works.Works excellent here and will be sticking with it." }-Me too. At first I was very upset about the hidden data, but, today after more research, not as much.

It (2.6 or 2.8.2) is a very solid product! :thumb: :thumb: :thumb:

Mike

Hi, folks: PS v.2.6 may become an outdated app sooner than we expected, IMO, it has not been updated since its debut in 2005, although a Chinese version 2.8 is available at other side of the globe(from western part's perspective). From its EULA:" The software product is licensed, not sold." Does this mean that user will be granted a license, but there is no sell-sold transaction involved. Perhaps I can interpreted that it is truly a freeware. But why on earth that PS 's English web site based in Chiago is charging US39.00 for registration code? No explanations have been given nor any public press relases have been heard. Would it be another cyber highway robber preying on innocent victims? What a strange world we are in.

Almost all the software for sale states in the license, that the software remains the property of the company and the license holder is granted permission to use it.

Hi, Peter, thank you for the clear interpretation. Therefore, any software is not sold out to users outright, but rather a binding license agreement. In PS's case, they can charge US$39.00 lawfully ? A bit confused, but fully understood now. Thanks.

Not sure if it was mentioned before, this was what's posted on their chinese website.

The free personal edition of PowerShadow 2.8.2 will stop receiving online activation as of June 11, 2007.

From the statements, it seems like they'll be officially launching sales targeted at corporate environment.

With the help 2.6 is proven for me i gladly send them a reasonable donation.

Folks,

Is it possible to install / test a firewall in PS? i.e. install while in shadow mode so if anything goes wrong I just reboot and everything goes back to normal. Obviously I will deactivate my XP firewall while doing so and only relying on newly install firewall.

I want to learn how to use or permanently install Comodo firewall when they release their next version so that I can find out if the new firewall will slow down my system (max 512MB Ram only) as well as knowing how to set it up properly.

Cheers

:)

-{ Quote: "Is it possible to install / test a firewall in PS? i.e. install while in shadow mode so if anything goes wrong I just reboot and everything goes back to normal." }-

It's possible, but the main limitation of PS is if the program you wish to test needs to reboot to install. It has been a while, but I believe Comodo, like most FW's, need to reboot.

-{ Quote: "I want to learn how to use or permanently install Comodo firewall when they release their next version so that I can find out if the new firewall will slow down my system (max 512MB Ram only) as well as knowing how to set it up properly." }-

Benny Bronx is right, If the app needs a reboot to install, PS won't help you because when you restart, all changes will be deleted. As far as Comodo slowing down your system, the new version is suppose to be lighter than the current. I had version 2.4 running with 512MB RAM easily. It is also fairly easy to setup and I suspect the new version will be easier.

edit for accuracy

-{ Quote: "Folks,

Is it possible to install / test a firewall in PS? i.e. install while in shadow mode so if anything goes wrong I just reboot and everything goes back to normal. Obviously I will deactivate my XP firewall while doing so and only relying on newly install firewall.

I want to learn how to use or permanently install Comodo firewall when they release their next version so that I can find out if the new firewall will slow down my system (max 512MB Ram only) as well as knowing how to set it up properly.

Cheers

:)" }-
You'd be better off testing it inside a virtual machine, if anything goes wrong your base system will not be affected. Otherwise backup your system before testing so you can easily restore if it turns bad.

-{ Quote: "Folks,

Is it possible to install / test a firewall in PS? i.e. install while in shadow mode so if anything goes wrong I just reboot and everything goes back to normal. Obviously I will deactivate my XP firewall while doing so and only relying on newly install firewall.

I want to learn how to use or permanently install Comodo firewall when they release their next version so that I can find out if the new firewall will slow down my system (max 512MB Ram only) as well as knowing how to set it up properly.

Cheers

:)" }-

I think the 512mb of ram should be enough but it really depends on the ram usage of other processes. For example I've a p3 450 system with 320mb of ram. It runs fine in terms of ram usage, typically 15-30mb of ram.

The problems for me came in the cpu department. There are some bugs in the current version of Comodo (CPF) that leads to cpu being maxed out. For example the Logging & the Components Monitor. Check their forums regarding these issues, they've some really helpful people there :)

-{ Quote: "I think the 512mb of ram should be enough but it really depends on the ram usage of other processes. For example I've a p3 450 system with 320mb of ram. It runs fine in terms of ram usage, typically 15-30mb of ram.

The problems for me came in the cpu department. There are some bugs in the current version of Comodo (CPF) that leads to cpu being maxed out. For example the Logging & the Components Monitor. Check their forums regarding these issues, they've some really helpful people there :)" }-

My old computer, may it rest in peace, had 512RAM and a 1.2G Athlon processor. I had Comodo on it as a test, along with Kaspersky AV, powershadow, and ran sandboxie inside powershadow (don't ask me, I just did), asquared, cyberhawk, and something else, and never had a problem.

-{ Quote: "My old computer, may it rest in peace, had 512RAM and a 1.2G Athlon processor. I had Comodo on it as a test, along with Kaspersky AV, powershadow, and ran sandboxie inside powershadow (don't ask me, I just did), asquared, cyberhawk, and something else, and never had a problem." }-

HAHA, I can assure you that ur not the only one running sandboxie within ps or anything similar ;)

Other than that, I use antivir, ssm pro, boclean, jetico v1, protowall as my real time protection. All of which have minimum impact on this old system.

Anyways, the bugs that I mentioned about CPF is not limited to mine of any other old systems. It was a known problem among CPF users, even their forum mod face similar problems. If you look into their forum, CPF -> Help -> Faqs, near the bottom area.

Thanks folks regarding the question of installing Comodo FW on my system.

Yes, I will wait for the next version 3.

My laptop is about 6 yrs old and 1.2 Ghz Ram is the max I can have.

Still running fast and I guess I might have to uninstall one real-time protection i.e. Windows Defender, to release some resource usage.

;D

Running the now famed Power Shadow Master along with the relic firewall Kerio 2.15 alongside System Safety Monitor full version, inside of each FD-ISR snapshots, (9 to be exact), precludes for me any consideration for sandboxes. I prefer to meet any threats head on at immediate entry level and SSM does that just fine here and has now for quite awhile.

Power Shadow serves as an extra capture measure should anything mischievious evade front line shieldings. Simple reboot EXITS shadow-mode and dumps whatever was collected while in it.

Still waiting on word when they will finally get around to the EXITING shadow-mode WITHOUT a reboot feature. I wouldn't think it too difficult a task for development minds as sharp as what the PS group already is made possible with this neat protection innovation.

Version 2.8.2 Chinese with English translation works perfectly. It's great for testing trial software. Does anyone know how to backup the registration information since the developers might discontinue the "free for personal-use" soon (I heard June 17 or something)?

One annoying side-effect: Won't hibernate with the shadowed drive as the cause.

Not too much of a problem since it'll be only enabled to test software.

Since 2.6 does't work on my Sata driven rig,i'm curious if 2.82 maybe work ?

-{ Quote: "Version 2.8.2 Chinese with English translation works perfectly. It's great for testing trial software. Does anyone know how to backup the registration information since the developers might discontinue the "free for personal-use" soon (I heard June 17 or something)?

One annoying side-effect: Won't hibernate with the shadowed drive as the cause.

Not too much of a problem since it'll be only enabled to test software." }-
I have PS on my 6 year old Dell Inspiron 8100 Laptop for few months now and as far as I know there is no problem with hibernation at all for my pc. Infact my pc is as normal as it can be.

Not sure if it affects different system differently?

:)

Huupi, I have a SATA drive and 2.8.2 works on it. I tried the dowbload conversion. I don't know what I did wrong but I have the Chinese version working. I have the 2.6 working on another computer so I know what is going on.

@ WilliamP If your having trouble converting the English files, you need to backup/copy the shadow folder (say to MyDocuments), Then delete the 'select' files in the real folder and replace them with just the files included in the download conversion folder. There should have been a readme file that vaguely explains the process. I have installed 2.8.2 and all is in English except the mouse-overs. I can help further if needed.

Edit for grammer correction.

One thing i know many of you will agree with and pleases me to no end about Power Shadow Master!

IMO, just like FD-ISR, this is one of those apps that is completely without problems, at least for most of us, and is as routine as using notepad.

We need more Security/Virtual apps like this that once you install it never come back later to haunt you or give you undo reason for any concerns.

This is one of only a very few programs i found that i can 100% totally rely on each and every time to perform and is completely stable as well as compatible with just about every other security app including the kitchen sink.

Now if they would just perfect that code whereas we can also EXIT shadow mode without reboot, but i'm willing to bet it's not likely and due in part because of how microsoft is fashioned XP internal core operations. But thats OK, as-is, is a Magnificient achievement in computer technology in my book.

@ Easter. I asked this in another thread but received no answer from anyone. I was hoping you knew. When in shadow mode, does PS protect the MBR? Just for reference my original post was in the Returnil thread. Also in that thread if I remember correctly coldmoon talks about the difficulty of returning from a 'shadowed/protected' state without a reboot. I also think that would be an awesome feature, but with so much time and energy going towards Vista compatibility by developers in general, innovation has slowed greatly :'( .

I will only speculate because i'm no reverse engineer nor coding specialist even though i sometimes get very deep into C+ & Assemble code, but takes way too much of my time and since i'm not on a payroll for such intense study i leave that to real programmers. :)

My speculation though about Power Shadow Master comes from simple observations only just like anyone. IMO, so long as you don't use the Boot-Up Menu setting then PS doesn't reside in the MBR.

As far as protecting the MBR? It surely must! Because Peter2150 tested PS with the notorious KillDisk Virus and PS survived with flying colors.

I know that this still does not get to the heart of what you want to know so i'll leave that up to someone more qualified who can confirm that concern of yours either up or down to that question.

Thanks for your reply Easter. I knew somebody had ran killdisk against it, I just couldn't remember who. I also know that you had tested some nasties against it also. If I remember right, it was Peter2150's test of killdisk that prompted returnil to protect the mbr. I've been spending to much time reading here ;D.

I was just looking for conformation of the complete effectiveness of this program. I'm not sure if they will continue to issue a free version to home users, but I do intend on hanging on to my copy.

Cheers, innerpeace

Good. Glad it was helpful for you.

Cheers EASTER.2010 ;)

When running in shadow mode, I assume powershadow does in fact use the hard disk as storage (cant use ram as not enough) -eg, if in shadow mode and download and save a 5 gig file, powershadow must infact store this somewhere on the hard disk. I know its in shadow mode and when you reboot the pc is just as it was before you entered shadow mode, but could an undelete programme or some forensic software discover what powershadow saved to disk whilst under shadow mode. Does powershadow securely delete its cache or whatever its called?

-{ Quote: "My speculation though about Power Shadow Master comes from simple observations only just like anyone. IMO, so long as you don't use the Boot-Up Menu setting then PS doesn't reside in the MBR.

As far as protecting the MBR? It surely must! Because Peter2150 tested PS with the notorious KillDisk Virus and PS survived with flying colors." }-
I always start with Boot-Up Menu using Single Shadow then go straight into Limited User a/c before connecting to the net. I prefer it this way as I want everything to be protected the moment I start my pc. So far so good.

:)

-{ Quote: "I always start with Boot-Up Menu using Single Shadow then go straight into Limited User a/c before connecting to the net. I prefer it this way as I want everything to be protected the moment I start my pc. So far so good.

:)" }-

Excellent plan chew & a most preferred approach. Congrats! 8)

What makes PSM so nice is that it is so well put together it becomes as common and routine as notepad. For me it's really that simple. :)

-{ Quote: "My speculation though about Power Shadow Master comes from simple observations only just like anyone. IMO, so long as you don't use the Boot-Up Menu setting then PS doesn't reside in the MBR." }-Based on a post in this thread Sandboxie v2.86 (http://www.wilderssecurity.com/showpost.php?p=1000698&postcount=126) I can with almost 99% confidence, say, PS (2.6 and 2.8.2) do not mess with the MBR (or PBR) in any way.

It somehow (probably using a legit M$ method) passes "/SHADOWALL" or "/SHADOWSYSTEM" (using boot.ini) into the boot process without changing MBR (or PBR).

-{ Quote: "As far as protecting the MBR? It surely must! Because Peter2150 tested PS with the notorious KillDisk Virus and PS survived with flying colors." }-Yup! :thumb:

Mike

PS 2.8.2 store activation info 14 sectors after MBR, not MBR.
Tried SectorEditor v1.05 by Julie.Lau (http://www.filesystem.com.cn/software/SectorEditor.rar) (77k Chinese freeware, loads SIoctl.sys service, Vista ready) to modify sector 15 in both /SHADOWSYSTEM and /SHADOWALL modes, PS can not stop it. dunno if this work with MBR too...

Can SectorEditor change system files ?

-{ Quote: "PS 2.8.2 store activation info 14 sectors after MBR, not MBR.
Tried SectorEditor v1.05 by Julie.Lau (http://www.filesystem.com.cn/software/SectorEditor.rar) (77k Chinese freeware, loads SIoctl.sys service, Vista ready) to modify sector 15 in both /SHADOWSYSTEM and /SHADOWALL modes, PS can not stop it. dunno if this work with MBR too..." }-

-{ Quote: "PS 2.8.2 store activation info 14 sectors after MBR, not MBR." }-Correct, MBR is Sector 0.

-{ Quote: "Tried SectorEditor v1.05 to modify sector 15 in both /SHADOWSYSTEM and /SHADOWALL modes, PS can not stop it." }-There you go folks, so much for PS being TOTALLY perfect!

UPDATE: That is exactly why I have been talking/asking about data in the first cluster (sectors 0-62) of a disk!

Mike

UPDATE: See bottom of post #854

-{ Quote: "Correct, MBR is Sector 0.

There you go folks, so much for PS being TOTALLY perfect!

UPDATE: That is exactly why I have been talking/asking about data in the first cluster (sectors 0-62) of a disk!

Mike" }-

Mike,

Are you saying PS is vulnerable in this case i.e. sectors?

Is there a way to protect the sectors? If so how?

Chew

-{ Quote: "Mike,

Are you saying PS is vulnerable in this case i.e. sectors?

Chew" }-Assuming I am reading @idle.newbie post correctly, it appears that PS does not stop low level harddisk access... so, YES.

Mike

UPDATE: See bottom of post #854

Hello Mike,

Under what conditions do you think someone could gain that type of access on your machine?

-rich

Heh, i didn't know any software program was P.E.R.F.E.C.T to begin with. ;D

You have to remember, windows programmers from every walk of life are dealing with $M core internal codes, a system which is always picked apart no matter what version.

As far as POWER SHADOW MASTER! It's as near perfect as you can get along the same lines of FD-ISR so far as STABILITY!!! THATS THE PERFECT we're after here.

Your security software should prevent malicious low level harddisk access, and with SSM and others i don't have that concern.

Power Shadow Master IS NOT a replacement for any security programs, including low-level disk access blockers, it's a virtualization program technique to return your system again completely intact at the exact point as it was right before entering Shadow-Mode.

-{ Quote: "Under what conditions do you think someone could gain that type of access on your machine?" }-On MY machine, NONE. ;D

Maybe a newbie (someone that has not become paranoid by reading all the scary posts here at Wilder's) downloads a cracked warez copy of Vista. And, at the create partition for Vista screen, after you accept, the bad program changes the MBR partition table so all the drive letters are in Klingon. ::)

-{ Quote: "Heh, i didn't know any software program was P.E.R.F.E.C.T to begin with. ;D" }-Expecially my brain.exe. :wacko:

You have to remember, windows programmers from every walk of life are dealing with $M core internal codes, a system which is always picked apart no matter what version.

-{ Quote: "As far as POWER SHADOW MASTER! It's as near perfect as you can get..." }-Yup

-{ Quote: "Your security software should prevent malicious low level harddisk access, and with SSM and others i don't have that concern." }-Yup, I need to do that. FYI: SSM 2.0 Free Edition does not have Low level keyboard access control.

-{ Quote: "Power Shadow Master IS NOT a replacement for any security programs, including low-level disk access blockers, it's a virtualization program technique to return your system again completely intact at the exact point as it was right before entering Shadow-Mode." }-Well, maybe...

Right before I did this post, I used HxD - Freeware Hex Editor and Disk Editor (http://www.mh-nexus.de/hxd/) while PS 2.6 was running. I wrote my name to sector 14. After reboot, I checked sector 14... my name was NOT there!

So, more testing... "I'll be back." (I might have to learn Chinese to test the editor mentioned by @idle.newbie!)

There you go folks, so much for PS being TOTALLY perfect!

Mike

With PS (2.6) running, I have been testing... trying all day to trash my harddisk, and I can not do it! ;D ;D

For example, I ran Paragon Hard Disk Manager 8 Special Edition, and edited sector 0 (the MBR), and wrote about half of it with "1111111111111111111111111111111111...". :o

Reboot with no problem! ;D ;D

I also wrote the words "blackcoffee" in sector 100,000,000 and it also was gone after reboot. ;D ;D

So, until we hear back from @idle.newbie, looks like PS is once again PERFECT! :thumb: :thumb:

Mike

-{ Quote: "With PS (2.6) running, I have been testing... trying all day to trash my harddisk, and I can not do it! ;D ;D

For example, I ran Paragon Hard Disk Manager 8 Special Edition, and edited sector 0 (the MBR), and wrote about half of it with "1111111111111111111111111111111111...". :o

Reboot with no problem! ;D ;D

I also wrote the words "blackcoffee" in sector 100,000,000 and it also was gone after reboot. ;D ;D

So, until we hear back from @idle.newbie, looks like PS is once again PERFECT! :thumb: :thumb:

Mike" }-

Sounds good.

I hope the develop it further without having to reboot but if not I am still happy with it.

:)

-{ Quote: "
For example, I ran Paragon Hard Disk Manager 8 Special Edition, and edited sector 0 (the MBR)," }-Hi Mike,

Can you explain in detail how you were able to edit sector 0?


Thanks,

-rich

-{ Quote: "Can you explain in detail how you were able to edit sector 0? " }-
Warning! Make sure you have a complete image backup!!!!

Warning! Make sure you have PowerShadow running!!!!

Using Paragon Hard Disk Manager 8 Special Edition...

Highlight disk, <Right-Click>, Edit/View Sectors...
190699


Before...
190700


Click any place (right or left side of vertical bar), just start typing on keyboard...
190701


When you change the very first thing, the √ will turn green, click on green check mark to commit change....
190702

Mike

-{ Quote: "Can you explain in detail how you were able to edit sector 0?" }-
Warning! Make sure you have a complete image backup!!!!

Warning! Make sure you have PowerShadow running!!!!

Using HxD - Freeware Hex Editor and Disk Editor (http://www.mh-nexus.de/hxd/)...

190704

190705

190706

190707

190708

Mike

Hi Mike,

That's impressive!

But how could someone from the outside accomplish something like that?

I don't see this as a plausible threat to one's MBR.

How would someone get a HEX editor installed on your computer?

regards,

-rich

-{ Quote: "But how could someone from the outside accomplish something like that?

I don't see this as a plausible threat to one's MBR.

How would someone get a HEX editor installed on your computer?" }-
OK, I just make up something, but first, you need to put on your aluminum foil hat to protect from paranoia...

The HxD - Freeware Hex Editor and Disk Editor (http://www.mh-nexus.de/hxd/) is only 1,572,864 bytes, but as you can see pretty damn powerful.

So, since it is very small, I assume it would be very easy to figure out exactly what functions are called. Just recode to remove all the GUI crap and hardcode whatever, or allow it to take command line options via CMD.EXE.

Then, split the program into a four different pieces of 393,216 bytes each. (nothing magic, just divided by four)

Put these four program pieces on some popular web site with lots of repeat visitors. Over at least four visits, the program splits can be copied to the target PC.

Later on, some little program would recombine the pieces back together...
-{ Quote: "copy /y /b part1.abc + part2.def + part3.ghi + part4.jkl "C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KlingonYourHardDisk.exe"" }-
green = four program pieces
red = final bad program

Mike ;)

-{ Quote: "The HxD - Freeware Hex Editor and Disk Editor is only 1,572,864 bytes, but as you can see pretty damn powerful." }-

Thanks for the link Mike. That one and SectorEditor are both new to me where WinHex is not. Also haven't bothered with the Paragon sector editor either, nice. :thumb:

You're getting deep in the disk lately, thanks again. I not delved to this level since messing with rootkits and other kernel hiders. Certainly drives the curiosity in the right direction though because it's very beneficial to fully understand those facts from your own findings.

Good stuff ;)

Thanks Mike! I would really like to try that, but unfortunately my backup solution isn't really a solution at the moment. My burner isn't burning. It sounds like a fun test though 8) .

Edited to add that I understand the seriousness of the possible results of such a test.

-{ Quote: "OK, I just make up something, but first, you need to put on your aluminum foil hat to protect from paranoia...

The HxD - Freeware Hex Editor and Disk Editor (http://www.mh-nexus.de/hxd/) is only 1,572,864 bytes, but as you can see pretty damn powerful.

So, since it is very small, I assume it would be very easy to figure out exactly what functions are called. Just recode to remove all the GUI crap and hardcode whatever, or allow it to take command line options via CMD.EXE.

Then, split the program into a four different pieces of 393,216 bytes each. (nothing magic, just divided by four)

Put these four program pieces on some popular web site with lots of repeat visitors. Over at least four visits, the program splits can be copied to the target PC.

Later on, some little program would recombine the pieces back together...

green = four program pieces
red = final bad program

Mike ;)" }-

SSM,OA,AE etc would shut it down at the last stage.

-{ Quote: "SSM,OA,AE etc would shut it down at the last stage." }-Crap... my attempt of world domination has failed again! ;)

Mike

-{ Quote: "Crap... my attempt of world domination has failed again! ;)

Mike" }-

And you don't know why?

Like everyone else, you're also up against a Microsoft production. ;D

SectorEditor v1.05 by Julie.Lau (http://www.filesystem.com.cn/software/SectorEditor.rar)

Well, after trading PMs with @idle.newbie and me running SectorEditor.exe (03/06/2007 07:19 PM 200,704 bytes), it does in fact write to the harddisk even when PS is active! :o

SectorEditor.exe is all in English. (It has one typo, Inport instead of Import.)

SectorEditor.exe creates C:\WINDOWS\system32\drivers\sioctl.sys (5,888 bytes). (After I reboot out of PS, this file is gone.)

Searching for sioctl.sys on Google returns three hits, one here at Wilder's, and two in Chinese. The two Chinese hits are talking about debugging Windows dynamically loaded drivers... WAY beyond what I know!

The only reference (via Google) I can find about sioctl.c (source code) is What does MmProbeAndLockPages actually lock (http://www.microsoft.com/whdc/Driver/tips/MmProbe.mspx).

I also found info on page 29 & 30 on this Word doc Memory Management: What Every Driver Writer Needs to Know (http://download.microsoft.com/download/e/b/a/eba1050f-a31d-436b-9281-92cdfeae4b45/mem-mgmt.doc).

I am at a loss for words. :blink:

Mike

Your a very clever and brave man Mike and thanks for the very deadly testings and the so far good results.:)

The way your going do you think that you may eventually to able to compromise PS?

Monitoring by System Safety Monitor quickly picks up (via fast polling of course), the sioctl.sys driver loaded. Upon closing SectorEditor, SSM also confirms a timely clean removal too. Some programmers either don't or can't fashion their code to release drivers after the main program is completed. That's why i keep on hand a ton of utilities to do it for them.

-{ Quote: "Upon closing SectorEditor, SSM also confirms a timely clean removal too." }-On my system, sioctl.sys is not deleted. WTF

I am NOT giving up on testing. >:(

Mike

flinchlock,

Are you saying PS is being compromised?



EASTER.2010,

Are you using SSM Free or Pro?

So are you saying the SSM prevent sioctl.sys driver being loaded?

???

-{ Quote: "flinchlock,

Are you saying PS is being compromised?" }-Well, that is hard to say, and I am still testing. I have been getting weird results this moring testing. I need to slow down and write down step-by-step what I am trying to see if I can see what is going on.

This moring, it looked like I could only write to the 1st cluster (sectors 0-62). Those sectors are not considered a harddisk, ie: C:, D:, E:, etc. So, maybe in the protection provided by PS (protect system disk C:, or ALL disks), maybe these sectors are not protected?

So, overall, I think PS is 99.999% secure.

Some of the stuff I have been trying to compromise my harddisk with, would have a very difficult time of even happening anyway... I have a vivid imagination. :wacko:

So, please do not freak out... hang in there.

Mike

Download and run Hp backup and recovery manager as I think it just busted through my 2.6 version of Powershadow. Upon reboot it had told me it finished modifying system settings and needs to reboot. YIKES!!! This hp program was installed in full shadow mode. It appears to me I just might have found it's achilles heel.

-{ Quote: "EASTER.2010,

Are you using SSM Free or Pro?

So are you saying the SSM prevent sioctl.sys driver being loaded? " }-

NO, i'm saying SSM simply reports the driver loading and then upon closing SectorEditor SSM (Modules Alert) prompts (mine is set to close in 2 sec.), that the driver is removed.

I used my services tools to confirm it indeed unloads the driver completely, nothing new there. Any such program should.

Now then, this thing with a program writing to disk in PS shaodow-mode is disturbing if true. Means there is certainly a hole in the virtualization or else is able to completely bypass directly to the disc.

(Waiting to read more results)

-{ Quote: "Download and run Hp backup and recovery manager as I think it just busted through my 2.6 version of Powershadow. Upon reboot it had told me it finished modifying system settings and needs to reboot. YIKES!!! This hp program was installed in full shadow mode. It appears to me I just might have found it's achilles heel." }-

But you booted back into shadow mode, if I read your post in the other thread correctly. What puzzles me is why, if you uninstalled the HP program in shadow mode it came back. Unless, as I posted in the other thread, PS restored your computer to what it was before the uninstall, which doesn't make sense to me.

I know what you mean by being puzzled. It's amazing that this happened. I didn't do anything prior to installing the software like load new drives or new hardware or even new software. I went into full shadow mode from the bootup prompt and things loaded normally into full shadowmode and then I went online and downloaded the software with comodo and avast av running. Then I disconnnected from the internet, turned off comodo and then avast av then proceeded with an install of the new software with powershadow still in full shadow mode. The hp install went fine and smooth. It wanted me to reboot to finish the install. I of course DID NOT reboot. Instead I just opened the newly installed software just to look at the gui. No errors just an HP menu popped up stating 5 different things to choose from about creating a full backup or just files , etc...normal stuff. I didn't choose anything just clicked off the program then even uninstalled it from the add/removed menu in microsoft which went fine without errors. Then i just normally turned off powershadow and proceeded to reboot. I booted back into powershadow mode from the boot menu and I get a popup stating that microsoft has installed new hardware and needs to reboot then another message that system changes have been made and asks if I want to reboot now. Scarey stuff.

I wonder how version 2.8.2 would fare?

Does anyone know if PS writes to unallocated disk space like the Microsoft Shared Computer Toolkit?

edit: spelling

I've never uninstalled anything while in powershadow, so don't know if other programs would reappear or not if I rebooted back into powershadow. Gone, as in uninstalled, should mean gone.

Have you rebooted out of powershadow to see if it's still there? I'm thinking it'll be gone outside shadow mode, and that might get rid of it IN shadow mode.

-{ Quote: "I've never uninstalled anything while in powershadow, so don't know if other programs would reappear or not if I rebooted back into powershadow. Gone, as in uninstalled, should mean gone.
" }-


Any alteration in shadow mode will be invalid after reboot or shup down, so the softwares uninstalled in shadow mode surely remain in your system .

Aaaahhh, so by Horus37 rebooting into shadow mode after uninstalling, the software would remain. Rebooting OUT of shadow mode ought to get rid of it, which means PS is working as it should.

Hi, folks; In theory, rebooting from shadow mode, whether to normal or back to shadow mode again, should remove all changes(of course including any prog installation), at least that is what DeepFreeze is designed to function. Perhaps PS works differently?

-{ Quote: "Aaaahhh, so by Horus37 rebooting into shadow mode after uninstalling, the software would remain. Rebooting OUT of shadow mode ought to get rid of it, which means PS is working as it should." }-


I don't think so because I've now booted out of full shadow mode to see what happens. Same thing happens, I get a prompt saying that new hardware is installed and system settings have changed and i need to reboot. That should have been gone from even a reboot into normal unshadowed mode. I'm hoping that someone with a VM will test this out. I am convinced now that my system got breached through powershadow. I was also running FDISR and had 2 snapshots to booot into. I booted into another snapshot and got the same message and also it was unshadowed. Then I proceeded to try to copy over the snapshot with a known good snapshot and even that has failed. Same exact problem occurs during normal bootup. New hardware found blah blah.... system settings have changed.....need reboot. We just need others now to confirm this.

Someone with a VM needs to download HP backup and recovery manager and intall it in a VM and see if they can get rid of it. Powershadow couldn't. FdISR couldn't.

I'd never heard of the product before, and think I'll stay clear of it, although I'd like to find a good free disk imaging software to make a snapshot, just in case. So this HP stuff even beat FDISR. From what I read, that software goes on all their machines now, rather than providing a restore disk.

-{ Quote: "I don't think so because I've now booted out of full shadow mode to see what happens. Same thing happens, I get a prompt saying that new hardware is installed and system settings have changed and i need to reboot. That should have been gone from even a reboot into normal unshadowed mode. I'm hoping that someone with a VM will test this out. I am convinced now that my system got breached through powershadow. I was also running FDISR and had 2 snapshots to booot into. I booted into another snapshot and got the same message and also it was unshadowed. Then I proceeded to try to copy over the snapshot with a known good snapshot and even that has failed. Same exact problem occurs during normal bootup. New hardware found blah blah.... system settings have changed.....need reboot. We just need others now to confirm this.

Someone with a VM needs to download HP backup and recovery manager and intall it in a VM and see if they can get rid of it. Powershadow couldn't. FdISR couldn't." }-

VM, as I suppose, may handle the problem. ( Virtual PC )
Anyhow, Powershadow is not a real VM software, totally different.

Although that HP stuff might not be a malware, this kind of software is quite a big threat to PS users. ::)

Can you see if a new partition has actually been created?

Could the HP backup have started to make a new partition sorta at the end of the drive making a shadowed partition smaller and creating the new partition in the real system?

Something like saving a file from shadow to another unshadowed partition.

If this is the case then it seems to have happened without user input.

I'm going to use a hex editor and a partition manager and see if I can't unhide this thing. Otherwise I have backup offline snapshots I can fall back to if I want to Darik nuke boot cd this thing and start over. I'm thinking someone with a VM should do this install and see if it can get rid of the hidden partition after a reboot. Recovery for me takes about one hour without any disc imaging program. I just do a fresh install of windows, install FDISR then copy an offline snapshot stored on a USB hard drive back onto the main drive and use that. Takes a bit longer but it works as I've done it before. No biggie.

Lets stop the discussion of the PowerShadow breach here and continue it the thread about it. No point in having the same discussion in two threads.

Pete

I am unable to register the chinese versio 2.8.2. I installed the program, restarted and ran the file ShadowSetting.exe in the system32 directory. A dialog popped up in chinese (can't read chinese) so I clicked okay. But when I install the english files, it said the program is still unregistered. Did the company discontinue the free registration for v2.8.2?

EDIT:

It seems they've stopped the online activation. This is what I get running through a website translator (babel.altavista.com): "2.8.2 edition on-line activations stopped, activated the user may continue the free use, the activation user has not been possible free to test 30 day. "

A bit too late for my laptop. I'll install the 2.6 then and see what happens.

Did you try entering a name and email address in version 2.8.2? That is all that is required. It doesn't even have to be a legitimate address. To be honest with you, I'm not even sure if it is sent out.

edit: -{ Quote: "Hi, folks: Power Shadow was 100% free if you jumped onto the wagon much earlier, both v. 2.6 and 2.8. For those who are still interesting in this product, perhaps you still can d/l from its Chinese web site ( pls note not the English site in Chiago) for free. But one thing for sure, its v.2.82 freeware for personal use will be ceased to exist from June 11, 2007 (its most recent news release ). PS is a remarkable app, dev is still under way. Have a nice day." }-

It's still worth trying to see if they work.

Apparently, how long Power Shadow Master's usefullness will last is a matter of what other virtual alternatives will prove out to offer more in the way of FULLY preventing Low-Level Disc access even where concerns disc tools because some fairly valid suspicions have been raised recently over this very matter.

But, even as-is in it's current state it continues to hold it's own in the face of nearly if not all malware/rootkits which i assume most regard as security prevention priority #1, then theres also the trial of new programs which PS can dispatch off with the reboot from shadow-mode and dismiss, and then we have the shared machine aspect if a user foregoes against exercising the perogative of Limited User Accounts for them.

All in all, it's still an extremely useful program and is held it's own pretty well. The extreme scrutiny PS is being TASKED with proves it's more than worth it's weight in usefullness & protection for everyone from the common surfer all the way to the applications analyst to the malware hunters like myself which it's proven to been a really great benefit so far.

EASTER

How do we test software that require restarting the computer and will not work unless the computer is restarted? Wouldn't whatever was gets deleted afterward? The help file doesn't mention anything about this other than restarting will remove whatever was changed in shadow mode.

If you restart with PS in shadow mode, everything changed gets deleted. Installing an application such as an Anti-virus program (while shadowed) that needs a restart to complete installation will fail and be gone when you reboot. There are other options for installs that require a reboot, I think a virtual machine can do this and I know you can set up Microsoft Shared computer toolkit to do this and FDISR can do this too. Others can specify more information than I can.

-{ Quote: "If you restart with PS in shadow mode, everything changed gets deleted. Installing an application such as an Anti-virus program (while shadowed) that needs a restart to complete installation will fail and be gone when you reboot. There are other options for installs that require a reboot, I think a virtual machine can do this and I know you can set up Microsoft Shared computer toolkit to do this and FDISR can do this too. Others can specify more information than I can." }-
I just downloaded microsoft shared computer tookit (MSCT). Suppose I want to install Program A that requires a restart for testing, how would I tell MSCT to remain in the "protection" mode even after restarting so that whatever that needs updated can be updated? Program A would then run as normal, but will I still be able to revert to the time before the installation of Program A like it was never installed?

It basically 'snapshots' your system like FDISR does too and you have to have different 'snapshots' of your old and new setups. I hope you have Windows XP, because I think it's the only version that MSCT works on. It's probably not the best solution for testing either. I just mentioned it because I read a little about it and was considering installing it. http://www.dslreports.com/forum/remark,15352689

Many users here use virtual machines to test software. Like I said, they can provide better advice than I can. Set-up on all these types of programs can take a little time and learning is necessary. I also am interested in trying a VM, but I'm not sure I'm ready to attempt it. http://wiki.castlecops.com/Different_classes_of_security_software#Virtualisation:-

-{ Quote: "It's recommended not to defrag the drive while running PowerShadow. Any changes too the file system have to be saved in the PS temp file so a lot of defragging will build up a huge temp file." }-

I have looked through the thread looking for more information on what is meant by this statement made by Espresso about not defragging when running Powershadow. I even saw where another member had asked basically the same questions I am about to ask but could not find the answer to those questions in the thread...so here are my questions:

Does this mean not to defrag while in Shadowmode (which I don't know why you would want to do that anyway unless you ran in Shadowmode 24/7) or does it mean not to defrag whenever Powershadow is installed on a system? If it is the latter then what are you to do after leaving Shadowmode and installing new programs or making other "permanent" changes to the system. Eventually making enough changes will require defragmenting the drive. I don't run in Shadowmode all the time so the drive does become more fragmented each day. If a huge temp file will be built up by PS even if the defrag was done while not actually in Shadowmode then is there a way to clear the temp file after defragging and allow PS to start fresh so to speak?

Thanks

I speak for myself and my current configuration XPproS2 Nlitened fully patched, I have ran my diskkeeper and other dfragmenters while in shadow mode and never had a problem, PS version 2.82.
Side note: I do not have FDISR or RollbackRX installed on my box. Why would I want to defrag while in shadow mode? I don't know but I know that I can with out messing anything up. I could be a Defragaholic since most of my defrags take but a split second to accomplish. Its habit for me when I log on and when I log off. Side note: my hard drive is about 3 years old and going strong according to the tests and tools my read and write errors are very low no wierd noises coming from the drive.

The reason one shouldn't use a defragger under PS is that PS uses a temp file to store all hard drive changes, including sector rearrangement. A large defragging operation could cause this temp file to become significantly large and use up all free space on the drive, forcing you to end your session. This was stated on the PS website. You can probably get away with it, as YankinNCrankin has testified, but it would serve no purpose and isn't worth the risk.

So what is a person to do? Should I just continue to let my hard drive become more and more fragmented? As I said I don't run in Shadowmode all the time and I do install/remove programs from my system when not in Shadowmode. Maybe this is a reason to switch to Returnil? I have never tried it but it does get good reviews here at WIlders it seems. I believe it is OK to defragment the drive when using that program if I am not mistaken.

-{ Quote: "So what is a person to do? Should I just continue to let my hard drive become more and more fragmented? As I said I don't run in Shadowmode all the time and I do install/remove programs from my system when not in Shadowmode. Maybe this is a reason to switch to Returnil? I have never tried it but it does get good reviews here at WIlders it seems. I believe it is OK to defragment the drive when using that program if I am not mistaken." }-

Firebytes, it's ok to defrag when NOT running in shadowmode.

Ahhh, see that's what I have been trying to determine all along. I hope you are right. The way I understood it from the other posts even defragmenting when not in Shadowmode would cause PS to build a large temp file when it was started.

Thanks Riverrun ;D

Firebytes, I can confirm what RiverRun stated. I have run Windows defrag with PS 2.8.2 installed while not in shadow mode. Everything was fine on my machine.

Thank you for the confirmation Innerpeace. I feel much better about PS again knowing I can still defrag my drive when needed. Thank you both for responding.

I have a little scenario/issue with PowerShadow 2.6, ShadowService.exe and the "ShadowService.log" file, and I wondered if anyone else was experiencing the same thing.

This thread (http://powershadow.freeforums.org/viewtopic.php?p=187) of mine on the PowerShadow forum will explain what I mean.

Thanks,
Doug

-{ Quote: "So I now have this question:
Will unchecking Shadow System Service in msconfig.exe have any adverse affects on the operation of PowerShadow? - PS forum" }-

Not that I know of...well I mean I last had it configured set to manual in services, and unchecked shadowtip.exe to run on start up. Post back when you get an official reply.

ver 2.8.2

-{ Quote: "Not that I know of...well I mean I last had it configured set to manual in services, and unchecked shadowtip.exe to run on start up. Post back when you get an official reply.

ver 2.8.2" }-Thanks for the feedback, Meriadoc.
There's not much activity on the PS forum, but I will definately pass along any info I receive.

Doug

While I was waiting for a reply from the PowerShadow Forum I did some looking around, and I see some things that don't seem very professional for a commercial software company.
The first being the use of freeforums.org for their commercial forum, and second when you click the PayPal button to purchase the registration number here (http://powershadowsecurity.com/PowershadowPurchase.aspx), you get to pay for it at a personal email address @hotmail.com instead of at a company site.
Does anyone besides me have reservations about sending money to a personal email address to purchase PowerShadow (or any other commercial product for that matter)?

Doug

Well, so far no response from the PowerShadow forum Admin regarding my ShadowService question (although he has been active on the forum).

Also in reply to my own post regarding purchasing the registration, another user has this (http://powershadow.freeforums.org/viewtopic.php?t=81) to say.

So I guess maybe I'll just use the username/registration code I saw posted here (http://www.wilderssecurity.com/showpost.php?p=925327&postcount=12).

-{ Quote: "Well, so far no response from the PowerShadow forum Admin regarding my ShadowService question (although he has been active on the forum).

Also in reply to my own post regarding purchasing the registration, another user has this (http://powershadow.freeforums.org/viewtopic.php?t=81) to say.

So I guess maybe I'll just use the username/registration code I saw posted here (http://www.wilderssecurity.com/showpost.php?p=925327&postcount=12)." }-
Yeah i'd just use the free registration provided until a newer english version is released and then decide whether or not its worth buying.

For any POWER SHADOW users who didn't migrate/switch over to RAM virtualization, has it still been doing as you expect?

Also was wondering if there is any new News on another version that can also exit shadow-mode w/o the extra effort of a reboot. That's the one on my radar screen i keep watching to materialize (if possible).

I'm still using powershadow, its always worked flawlessly for me. I prefer PS as it allows me to protect all my drives not just the system partition. I've also been keeping an eye out for an update but nothing so far.

Just had this message from support re 2.9:

"Powershadow version 2.6 doesn't officially support SATA hard drive.

2.82 supports SATA hard drive, but it is non-English version.

Our new Powershadow Workstation (V2.9) will support SATA.
It is still in our internal test phase. (We experienced some delay in development. )
We hope it will finish in about 6-8 weeks."

This will be on my purchase list for sure!

-{ Quote: "For any POWER SHADOW users who didn't migrate/switch over to RAM virtualization, has it still been doing as you expect?

Also was wondering if there is any new News on another version that can also exit shadow-mode w/o the extra effort of a reboot. That's the one on my radar screen i keep watching to materialize (if possible)." }-

I still use PS 2.6 on my older desktop and it's working like a champ. Not one single problem to date. It performs flawlessly on my system.

My new laptop has SATA though so I had to go with another solution there.

-{ Quote: "Just had this message from support re 2.9:

"Powershadow version 2.6 doesn't officially support SATA hard drive.

2.82 supports SATA hard drive, but it is non-English version.

Our new Powershadow Workstation (V2.9) will support SATA.
It is still in our internal test phase. (We experienced some delay in development. )
We hope it will finish in about 6-8 weeks."

This will be on my purchase list for sure!" }-

Thanks guys. I also have opted to stay with PS for the same reason it virtualizes ALL drives, really nice feature. As far as SATA, i know some really favor them even though i'm not on that page just yet with hard drives, but am very glad to see they moving ahead to accommadate them, hopefully fully in ENGLISH. LoL

I'm not so sure the exiting from shadow-mode will become much of a priority given the make-up of the current Windows system that it could be safely done at all, but ANY new improvements w/o loss of current functionality will definitely propell a new release to be something on my shopping list also.

I love it! Great creation and amazingly stable on the order of a FD-ISR!

Reading the recent threads, I thought I would try running my version 2.8.2 which has been dormant since installing RVS. I've been afraid to try it with both programs installed. I'm posting this in full shadow mode and I'm trying a little experiment. I exited RVS through the tray icon, I then entered PS full shadow mode, I then created a small file and saved it to my z:returnil virtual partition (which is always mounted). I doubt after a reboot that the file will still exist, but I thought I would try it. I'll let you know how it goes later. I'll also let you know how the reboot goes since I haven't tried PS since I have installed RVS.

ipeace

Having both returnil and powershadow on the same system hasn't caused me any problems, i've even run them both at the same time without any problems!

-{ Quote: "Having both returnil and powershadow on the same system hasn't caused me any problems, i've even run them both at the same time without any problems!" }-
Thanks farmerlee, that makes me feel better. I haven't heard much lately from anyone who still has both installed.

Why not run PS and RVS with Sandboxie in a VM? :P

I myself no longer bother with VM's and hence save a ton of disk space. If my rollback/imaging solutions are not enough then i'm wasting my time even sitting at this desk. Besides i've collected enough used hard drives to sink a battleship with ;D If something goes too terribly wrong theres always the zero out platter procedure. :thumb:

On Topic.

I impliment Sandboxie + Power Shadow + HIPS + FD-ISR

OnDemand NOD32 plus plenty of utilities to pull the teeth from a Rhinosaurus, so theres not a lot left thats really needed anymore except these programs (and others) with NEW features. LoL

Ok, I rebooted and it went ok. The little experiment I tried in post #914 did not work. I couldn't save the file to the mounted RVS virtual partition while in full shadow mode with PS. I sorta expected this, but it would have been cool to save things while in full shadow mode that didn't involve saving to an external device which I don't have.

@ Easter, Once I get a few ducks in line, I want to get a setup I can use to try new programs and beta test. I guess there are many options available so it won't be an easy decision. I would like FD-ISR but I don't see that in my future as I need a new cd/dvd burner and would like an external hd. Unless someone is willing to trade licenses for programs that I'm not using, I don't see FD-ISR in my near future. I hear great things about it and I see that Peter2150 has a good setup. It would be cool to one day run killdisk and be able to laugh while doing so :).

Cheers, ipeace

@innerpeace

I don't know if you live in a rural or city setting but to my own surprise after visiting some local computer repair shops (not franchises), the managers/workers seemed more than eager to part with used hard drives they have laying around collecting dust and that really helped build what started out as a small collection to where today i collect any they have available and the price is peaches compared to new ones.

In fact, you can take about any unwanted used hard drives so long as they do work at all and tranform 'em into a very working and reliable system. Zero the disks, several times if so inclined, and they will PERFORM. Mind you the big Gb's are rather limited since they tend to keep those, but you occasionally you'll run across an 80 or more, and all it takes is one big GB drive to construct a nice system. Or like me, i'm content if it's a 30, 40 etc. or even smaller. They also make for great test drives you can massacre with malware/rootkits or whatever and test antispyware/ARK/HIPS to see if they are up to the challenges or not.

-{ Quote: "Thanks farmerlee, that makes me feel better. I haven't heard much lately from anyone who still has both installed.

Why not run PS and RVS with Sandboxie in a VM? :P" }-
I have run powershadow alongside an XP VM running powershadow :), its virtualisation within virtualisation within virtualisation LOL!

Okay, been away for a while and have a question that maybe somebody here can answer.

I've got several Linux distros saved on my other drive. I'd been playing with them in virtualbox and am now curious whether installing them while in PS will work the same as any other program, like when I reboot will the PC return to XP and all traces of Linux be gone?

Specifically, I'm considering PCLinux2007, Slax Kill Bill, or Puppy and I have a couple of others.

As long as the VM's are installed on a drive protected by powershadow it should all be gone on reboot.

Thanks, FarmerLee. So, theoretically since powershadow is a virtual machine, I can load Linux and run it while in powershadow and, when I reboot, be back with XP.

Have to give it a try when I'm finished with a deadline hopefully by mid next week.

I can,t understand at all. What are u talking about? U cancan,t install linux in PS as u install in a VM.
If u are talking of installing Linux in a VM while in shadow mode, I wonder why u should bother this. It,s totally useless excercise.

Thanks, aigle, that's what I was asking. I use Linux in virtualbox now. I wondered if I could install Linux in powershadow and have xp back when i rebooted.

Chuck57

PCLinuxOS 2007 and Puppy are Live CD's so you don't really need to run them on a VM. Just put them in your CD drive and reboot. They will boot into there system. When you want to use Windows again just reboot or shutdown Linux and remove the CD from the drive.
You can install them as a dual boot system (Linux and Windows). I see no need to run them in Windows and seems useless.

-{ Quote: "Thanks, aigle, that's what I was asking. I use Linux in virtualbox now. I wondered if I could install Linux in powershadow and have xp back when i rebooted." }-
I just run linux inside virtual pc. I normally don't do it in shadow mode as i don't see the need. If anything goes wrong inside the vm i simply shut it down deleting all changes.

-{ Quote: "Thanks, aigle, that's what I was asking. I use Linux in virtualbox now. I wondered if I could install Linux in powershadow and have xp back when i rebooted." }-
U can,t install linux in PS as u install in a VM.

POWER SHADOW (2.6) for me continues to perform unabated and always without ANY issues. A solid piece of work.

-{ Quote: "POWER SHADOW (2.6) for me continues to perform unabated and always without ANY issues. A solid piece of work." }-
Its definitely the best freebie i've ever used.

Just for those experiencing concerns like Chuck57 recently. I freshly installed yet again POWER SHADOW MASTER 2.6 with the same old registration data as first posted and it went off without a hitch.

This amazing app is my bread n' butter when malware searching and is not let me down yet. Of course now it has infinite support from other security apparatus including FD-ISR snapshots/archives should something new manage to penetrate to disable or destruct.

Great invention and one thats sure to stand the test of time indefinitely here.

I'm glad most others using Powershadow are trouble free. I recently rolled my computer back (thanks Paragon) to the backup I made in early June.

Powershadow ran a day. Next day, same exact thing. A notice appeared saying that my trial has expired and it refused to load. This is the Powershadow I downloaded months ago when I found it. I haven't followed my usual uninstallation, reinstallation stuff with it.

Don't know what happened unless the calling out thing has something to do with it. I have no idea. I'm currently looking at Returnil or SafeSpace and will make a decision soon.

Have you tried rolling back and then blocking PS from accessing the web? I've currently got PS blcoked from accessing the web and haven't had any similar problems. I'm going to give it access and see if experience anything similar happens.

I've just skimmed this overwhelming thread, maybe I missed the proper post, but this is my question:
You're supposed to be able to go into shadow mode without reboot, but PS is rather insistent that you should close all running apps first. Well, I've got quite a few of them sometimes, and then the difference between closing them and rebooting seems next to infinitesimal to me. So how crucial is it, really?

I never close any of the programs running in the background (antivirus, firewall, behavior blocker, etc) and everything always goes smoothly with PS.

As far as other open programs, say a word processor with an open document etc, I would think closing them would be a good idea before going into shadowmode, but I have never left anything like that open while going into shadowmode to try it.

Just a side note of interest:

I done (2) brand new installs with Power Shadow 2.6 and both installed great and went off without a single hitch, glitch, or otherwise.

So whatever transpired or nullified Chuck57's recent incident i have no clue at this point, i can firmly and without reservation though fully confirm that PS 2.6 still installs with the all same details as before on any box i put it on, and still performs as usual.

I've given up and removed Powershadow and switched to Returnil 1.6. It seems to do pretty much the same thing. I've had a couple of large programs I downloaded to play with, moved the .exe to my other drive, and installed them to play with for a while. I let the computer run for a few days 24/7 in Returnil to give these things a decent test. On reboot, all traces gone.

I haven't fooled with any malware of any kind, but I like Returnil and reckon it'll stay.

Returnil has made swift and happy waves in a short span of time, as well as on-the-scene support here so yes i would go that route.

For me, the old PS 2.6 is still fine as wine and it doesn't discourage my interest in it with some of it's limitations compared to other new offerings.

Still, i'm anxiously awaiting Power Shadow's new release, whenever that is.

Returnil "IS" a viable and dependable alternative. Best of luck. :thumb:

H, folks: As per PS's Chinese web site, it does have an updated version released on 8/30/2007. It is dubbed as " powershadow workstation 2008 ". Its English version may be available thru shareit.com @US39.00 with 60 days trial. The other web site in Chicago; www.powershadowsecurity .com may carry 2.6 old version only at present time. Good luck.

They (PS China) need to stop procrastinating and move with dispatch to fashion FULL english versions if their ever going to progress in the global technology field.

Yeah, like some, i could be content with their early release and just leave things at that, but the better they improve and increase features/security the more attention AND CUSTOMERS they can win over IMHO.

While many developers are still jockying with Vista :ouch: compatibilities, there will remain a very large (Majority) contingent of XP users who are sticking with that system untill a truly better O/S $MS release, rather then lame vista is put together that might honestly drive interest to a new system developed by them.

In the meantime, developers are now finally returning their attention to sharpening & fashioning XP security softwares to make it one the BEST o/s's $MS ever built.

The vista fancy is about run it's course from the looks of things and is flat compared with it's forerunner XP.

Can't wait to tack on an even newer Power Shadow, and some of us are still waiting to see if it's even possible to also EXIT shadow-mode without reboot.

Yeah i see no need to change from my current version 2.82 at the moment. If they manage to solve the exit shadow mode without reboot problem i'll definitely upgrade.

-{ Quote: "Yeah i see no need to change from my current version 2.82 at the moment. If they manage to solve the exit shadow mode without reboot problem i'll definitely upgrade." }-

Same here. It's got to be one of the most stable virtualization apps i ever seen! It just doesn't fail, that is unless it's tampered with locally on purpose with various forms of destructive code like some have thrown at it for testing purposes.

On the net, i'm sure it still holds it's own in some of the most notorious of dodgy places but since i stopped running after malware download sites to capture these crafts, i rarely even bother to turn it on anymore, even when surfing. Still, it's nice to know it will do the job whenever called on.

Preview of new Powershadow Workstation (http://powershadow.freeforums.org/viewtopic.php?p=192#192)

No "exit shadow mode without reboot" yet though.

-{ Quote: "Preview of new Powershadow Workstation (http://powershadow.freeforums.org/viewtopic.php?p=192#192)

No "exit shadow mode without reboot" yet though." }-

Super of you to bring that to our attention. Many of us are totally sold on this amazing program and will settle for nothing less.


-{ Quote: ""Exit shadow mode without reboot" is on our furture feature list.
This is a huge technical challenge for our R&D team.
We hope we can find an innovative solution one day (Just like the first day we found the inspiration of Powershadow) " }-

The "exit w/o reboot" is no doubt a stumbling block of $M code that makes it near impossible to impliment or that too would have already been added.

there is a thread in chinese forums. some virus passthrough the shadow mode of PS and change and save data into the registry.

http://post.baidu.com/f?kz=263786426

-{ Quote: "there is a thread in chinese forums. some virus passthrough the shadow mode of PS and change and save data into the registry.

http://post.baidu.com/f?kz=263786426" }-

Irrelevant i must say.

With the onset of so many more people/students etc. taking part in intensive computer programming studies; aka:Windows

The fact is a VIRUS can be written to infect "ANY" program. It's a pure law of physics. There is no computer program whatsoever which is 100% completely immune from manipulation.

-{ Quote: "there is a thread in chinese forums. some virus passthrough the shadow mode of PS and change and save data into the registry.

http://post.baidu.com/f?kz=263786426" }-
Reading some of the other posts, interesting.
Baidu - PowerShadow (http://post.baidu.com/f?kw=%D3%B0%D7%D3%CF%B5%CD%B3)

Hi, folks: Yes, indeed, very interesting, especially, some claim that frequent usage of PS's shadow mode will actually shorten hard disk's life span due to the theory that PS is built on. A normal 5 years lifespan can be reduced to mere one year, some reports say.

-{ Quote: "Hi, folks: Yes, indeed, very interesting, especially, some claim that frequent usage of PS's shadow mode will actually shorten hard disk's life span due to the theory that PS is built on. A normal 5 years lifespan can be reduced to mere one year, some reports say." }-

That sounds like pure FUD to me. Powershadow, or any of the similiar programs can wear the disk that much. Can't be as bad as defragging, imaging and restoring, which I do bunches of.

Pete

Hi, Peter: Perhaps you are right, those claims are pure FUD. What those guys have been saying is that PS creates a new partition within the same hard disk. Every activity user conducts w/ shadow mode on is confined within that small section, leaving the rest of disk unused. After frequent usage, that particular partition is vulnerable to damages (due to wear and tear). This theory may sound reasonable, but I don't know. I will leave it to experts to verify. Have a nice one.

Just out of curiosity I just started PowerShadow, then I checked my partitions with Partition Magic.
There were no new partitions.
I'm of the impression PowerShadow may create a virtual partition in the form of a file.
I don't see where that would be much of a big deal because Windows uses a swapfile all the time, and Linux uses a partition for its swap file all the time.
I have never heard of any problems with either of them.
I don't see where PowerShadow's virtual partition would be any different, or cause any extra disk wear.

As far as PowerShadow getting hit with a virus, It had to happen when PowerShadow wasn't loaded ... otherwise it would surely be gone after rebooting.

Good reason to make regular system partition backups.

My-2-cents
Doug

-{ Quote: "Hi, Peter: Perhaps you are right, those claims are pure FUD. What those guys have been saying is that PS creates a new partition within the same hard disk. Every activity user conducts w/ shadow mode on is confined within that small section, leaving the rest of disk unused. After frequent usage, that particular partition is vulnerable to damages (due to wear and tear). This theory may sound reasonable, but I don't know. I will leave it to experts to verify. Have a nice one." }-

My oldest PC which is now 4 years old and in the hands of friends was defragged very frequently keeping the files on the edge of the disk. The disk was never more than 20% full, so only one area of the disk was really being used. Still running just fine.

Actually I would suspect if anything the disk mean suffer less wear as the head arms don't have to move as much. Since the heads are floating above the disk and not actually making physical contact, unlike in a tape system, I have a hard time swallowing this.


Pete

PS. If someone wants to post challenging this, I challenge you to have supporting evidence.

The website you mentioned is an anonymous forum (also a notorious dogfight forum ) with very very little credibility.

My suggesion is ----- DO NOT cite it officially in Wilders forums.

-{ Quote: "there is a thread in chinese forums. some virus passthrough the shadow mode of PS and change and save data into the registry.

http://post.baidu.com/f?kz=263786426" }-

Hi, there: Has the web site in question been ever censored/flagged by Site Advisor or its like ? Anyone knows? Innocent until it is proven otherwise, fair? pal.

-{ Quote: "My oldest PC which is now 4 years old and in the hands of friends was defragged very frequently keeping the files on the edge of the disk. The disk was never more than 20% full, so only one area of the disk was really being used. Still running just fine.

Actually I would suspect if anything the disk mean suffer less wear as the head arms don't have to move as much. Since the heads are floating above the disk and not actually making physical contact, unlike in a tape system, I have a hard time swallowing this.


Pete

PS. If someone wants to post challenging this, I challenge you to have supporting evidence." }-

I agree.Or as a matter of fact i am tired of all this FUD.This theory is the exact opposite of the "p2p destruction theory",according to which,a hard disc used for p2p,will have a much shorter life span,because it is used frequently and with high fragmentation,causing the header to move erratically up and down and having to defrag more often.

I mean,please,they should make up their minds.Do the hard discs die sooner when being defragged and the header isn't moving much or when the disc is highly fragmented,causing the header to move up and down all the time? :wacko:

Personally i beleive the impact in life span is negligible in both cases.

Hi gents ~

Is Power shadow 2.8 or later still availible for free evaluation ? I dl'd 2.6 then realised it doesn't support running SATA drives !

I am torn between PS and Sandboxie anyway ~ Would you recomend one over the other for the novice user ?

Thanks

R

I ran PS 2.6 for months and it suddenly quit loading and told me my evaluation period had expired or something. This, I think is because it called home and I neglected to block it. I don't know.

Anyway, I have Returnil installed now, free, and it's been running nicely for a month or more. I also have Sandboxie but seldom use it.

-{ Quote: "Hi gents ~

Is Power shadow 2.8 or later still availible for free evaluation ? I dl'd 2.6 then realised it doesn't support running SATA drives !

I am torn between PS and Sandboxie anyway ~ Would you recomend one over the other for the novice user ?

Thanks

R" }-
Hi TheMooN,

I don't think you can get PS for free anymore. Sandboxie is very easy to use and many of us use it daily. I recommend reading their FAQs thoroughly. Definitely give Sandboxie a try and set it up to use your internet facing programs such as your browsers, media players, Instant messaging, etc.

Returnil is a free alternative to PS, but it only virtualizes your system drive. I'm not sure it works with SATA drives. I think they are working on it. I occasionally use Returnil and Sandboxie together for extra protection.

Thank you for the advise guy's ~ Looks like Sandboxie it is !

I presume that Beta 2.9 will be SATA friendly ? Not very encouraging that a company looking for new customers withdraws evaluation from the many SATA drivers out in the World at Large :thumbd:

PS 2.6 should still work. PS 2.82 requires online activation which is no longer possible.

I don't believe PS 2.6 has official support for SATA but I used it for a week with no ill effects. YMMV but I would recommend Returnil.

I've been using version 2.6 on a sata drive for a while now with no problems.

Thanks for the info gents ~ I shall probably give 2.6 a spin along with sandboxie ~ shame PS 2.6 is 30 days only now :'(