1.0.0.129 Released today

-{ Quote: "1.0.0.129 Released today" }-

Any clue what was fixed???

no, but I had some issues with the last and vista and this one is having no issues. Have saved data and no issues. Thinking about buying it. This is how Returnil is suppose to work but this works better with Vista.

trying it with Eset 2.7 excluding the Eset folder and updates are downloaded and stay on reboot. This is cool.:thumb:

The following are the release notes for the new release.

At some circumstance, In Shadow Mode, the OS will boot up with a annoying message,

"We apologize for the inconvenience but windows did not start successfully a recent hardware of software may cause this safe mode start windows normally"

The new version just fixed the bug, and also the new version can defend against the attacks from a malware named 'robot dog' (a malware from China).

My question to this would be, if I was using a regular security suite,"Avira,Eset,etc" would it have made any difference.

well Peter confirmed the new version fails the robot dog that they say was fixed in he new version. So contact is being made to clarify this issue. Great software, we know they read here, so we just want to get this resolved.. This developer has a really good product, they just need to communicate with us for assistance.;)

looking at the shadow defender site I can't see any killer function that shadow defender can perform that other programs don't have. what is it that makes this any better than Returnil, Deepfreeze and others ?

right now, for me, stability and the functions that I need. The others offer different things depending on a consumers needs. I still think Returnil will rise high with its beta, but for now was causing me some issues with Vista. Plus a reboot is only needed to exit out.

Support is proving to be quick. The robocrap that Peter tested, was not part of the one added for the 12/25 release. Support said tonight that the one Peter tested will be defeated and in the next release. I really cant say anything negative at this point with this product, or the support.:thumb: Time will tell.

As of today. Peter, guess this will include the nice piece of Malware you submitted yesterday. Give it a shot, this was very quick.:thumb:

The latest release version is to defeat passdiskprotect_C.exe.

Trjam,

Does it work on Vista64 also? Site mentions Vista, but in 99% of the cases this means only Vista32.

Regards

good question, I will find out.

Can it handle softwares, that require a reboot during installation ? If not, I wait until it's adult. :)

Why would it need to. Most would never require such a feature. There is a big discrepancy between users and testers in this world, Erik. Vendors sell products for people to use in every day life, and the majority dont add and drop as we do here. So this teenager is starting to grow up quickly, because that is his aim.;)

-{ Quote: "Why would it need to. Most would never require such a feature. There is a big discrepancy between users and testers in this world, Erik. Vendors sell products for people to use in every day life, and the majority dont add and drop as we do here. So this teenager is starting to grow up quickly, because that is his aim.;)" }-
OK. Then I wait until it's adult. Also average users try new software, they can't even get rid of it, if they don't like it.
SD requires too much Image Backup/Restore software, that's not ISR anymore. :)

Point well made. But yes, I asked him that and it is a goal. Of course you know I was asking for one person in reality.::) :)

-{ Quote: "Point well made. But yes, I asked him that and it is a goal. Of course you know I was asking for one person in reality.::) :)" }-
If it is a goal, no problem. I can wait at least 5 years. :)

I think you will see this one will pass the Peter test later today to. Which is really kind of amazing. Peter submitted the sample and in less then 14 hours the code is changed and a new release is complete. So I think this shows this vendor is very active in supporting this product. Even nanana1 would be impressed.;) 8)

-{ Quote: "I think you will see this one will pass the Peter test later today to. Which is really kind of amazing. Peter submitted the sample and in less then 14 hours the code is changed and a new release is complete. So I think this shows this vendor is very active in supporting this product. Even nanana1 would be impressed.;) 8)" }-
You mean low level changes on your harddisk, done by destructive malware ?

I mean pass this test.

The latest release version is to defeat passdiskprotect_C.exe. The robobuddy one. Or whatever it is called. Peter knows better then me.

-{ Quote: "I mean pass this test.

The latest release version is to defeat passdiskprotect_C.exe. The robobuddy one. Or whatever it is called. Peter knows better then me." }-
Yes, I think you mean Robodog, but names are not important.
Unfortunately, I never met such a malware, since I work on computers, while I regularly test software that require a reboot.
I like to have features first, which I really need, instead of a protection against something than never or hardly happens, like robodog, killdisk, etc., after all I can fix this with ShadowProtect.
It's OK with me, if protection against low level changes is priority #1, I can wait. :)

-{ Quote: "Trjam,

Does it work on Vista64 also? Site mentions Vista, but in 99% of the cases this means only Vista32.

Regards" }-
Sorry kees, does not support Vista64, yet.

well Erik, if a timetable is what you want let me see. And as I said the possibility of even being able to do so was never promised to me.

Tested 130 and it sure does pass the test.

That was quick work on SD's part, and i was also glad to see response by email. Good signs for this product.

Pete

I left one computer in shadow mode for 4 days straight, visiting all the sites I wanted, let my kids do what they wanted and my daughter saved her games each time she played. I just booted out which took no time, ran a scan with the Kasperskys online scanner and AVG and nothing was found. This is really cool, my pc is completely free of everything and secure. I am sold and a license holder. All wrapped into a application that is only 578kb. .:)

Hi, Trjam

I am happy for you.

The functions of ShadowDefender you just described are the fundamental ones that a virtualization app (such as DeepFreeze, Returnil etc) ought to perform.

You like it, then it is a keeper for you. Future development and after sale support will dictate your continuing trust in this app for coming days/months.

Take care and good luck.

After seeing this thread I decided to give it a try, and I'm much happier using it rather than a AV. :)

-{ Quote: "After seeing this thread I decided to give it a try, and I'm much happier using it rather than a AV. :)" }-
Cant blame you. Solid protection, and you can still save information as needed. You wont regret it. I have tried everything here and this was what I was looking for and finally found it. I know my cheer-leading is getting old, but just happy. Thanks perman.

-{ Quote: "Can it handle softwares, that require a reboot during installation ? If not, I wait until it's adult. :)" }-
Erik, I have been informed tonight the developer is close to having this accomplished. Where you can save all changes made in shadow mode, reboot while still staying in shadow mode with changes made. Then choose to exit shadow mode on reboot and all will be gone. So you can test away with it. So it looks like the adult stage is close. He says he is close to accomplishing this and adding it to a future release...

I have asked that when in shadow mode the tray icon turn orange and when out keep its current color. That way you could disable the screen icon and know when you are in or out of shadow mode.

actually I was just informed both features may be here very soon.

My interpreting is not good and this is my fault not the vendors. I was just informed the ability to reboot and save in shadow is about 2 months away. So that one is my fault.

-{ Quote: "Can it handle softwares, that require a reboot during installation ? If not, I wait until it's adult. :)" }-

If this is implemented, i would consider switching from FD-ISR to Shadow Defender.

-{ Quote: "I left one computer in shadow mode for 4 days straight" }-

Hi there,

Out of curiosity before rebooting into normal mode did you happen to check the amount of disk used to store the virtual session (4 days is a long time without rebooting)? I have never tested this program, and I assume (like in ShadowUser) that you can monitor the amount of disk being used by the shadow session.

I think it was around 6GBs.

-{ Quote: "If this is implemented, i would consider switching from FD-ISR to Shadow Defender." }-
This new feature is indeed a big improvement, because there is no distinction anymore between trying softwares without reboot and softwares with reboot.
ShadowDefender can handle both in the future, while Returnil can handle only
softwares without reboot.

It's true that FDISR is the slowest one of all ISR-softwares and requires more space, especially when you use the feature "Freeze", which is the frozen mode of FDISR.
Speed and space are hardware-issues and I don't have these problems. Buy a faster CPU, more RAM and bigger HDD's and these problems are gone.

It's also true that FDISR doesn't protect you against malware, that damage your system partition by low level changes, like Killdisk, Robodog, ...
If I had such malware regularly on my computer, I would certainly do something about it, but I never met such softwares, since I use computers.
If both are executables, Anti-Executable will terminate them anyway.

So, I'm not going to ditch FDISR for that and lose the "archives" and multiple snapshots of FDISR, because these archives keep my computer clean and solve all my problems on a DAILY base.
Protecting your system partition against KillDisk, ... is not on a daily base, it only will save you, IF you have these malwares and when is this going to happen ?
ShadowProtect will save me in such situations, if my security softwares are not able to stop them.

Keep in mind that Killdisk, ... has been discussed, because some users infected their computer ON PURPOSE to test ISR-softwares and see what damage they caused, but not because it happened in reality.

I keep my FDISR as long as possible and then I will look at the other ISR-softwares.
Many of them will have more possibilities in the next 5 years.
Returnil and ShadowDefender are in full development and I can afford to wait ...
Only users, that don't have FDISR are forced to use another ISR-softwares, because FDISR is dead and can't be recommended anymore as a solution.

I'm quite surprised that some Returnil-users are still using scanners, while
Returnil doesn't allow any change on your system partition.
My frozen snapshot does exactly the same thing : no change = no change and that means no malware.
I ran all popular scanners to test my approach with the same result : no threats found, except false positives.
A reason can be that they don't use a frozen mode in the same way, like I do.
Another reason might be that they don't have archives to rollback to a fresh installed and unused system partition, like I do.

At this moment, it's too early for me, to replace FDISR with Returnil or ShadowDefender, it would be a step back in possibilities.

The one thing with Shadow Defender if you want to use a AV or other product that update
s, which I dont. But like with Avira you can exclude it, heck, you can go as far down as to a specific folder in the application to exclude, and allow for your software to still be updated.

-{ Quote: "Erik, I have been informed tonight the developer is close to having this accomplished. Where you can save all changes made in shadow mode, reboot while still staying in shadow mode with changes made. Then choose to exit shadow mode on reboot and all will be gone. So you can test away with it. So it looks like the adult stage is close. He says he is close to accomplishing this and adding it to a future release..." }-

As much as it looks like a big deal to have that extra feature, after several years of using ShadowUser Pro i've only really tested the possibility without finding any real practical advantage (I never test programs as a hobby, but when I do for real, I do it writing to disk as it might take 2 weeks).

I suppose this rebooting in shadow mode without loosing your session could be very helpful if you fear a system crash during a shadow session, whereby you would loose that session on reboot (3 times, I kept it in persistent mode because I needed to work on something potentially infected but very important at the same time).

If ShadowDefender is Vista compatible, it will certainly be my choice for my next computer.

-{ Quote: "The one thing with Shadow Defender if you want to use a AV or other product that update
s, which I dont. But like with Avira you can exclude it, heck, you can go as far down as to a specific folder in the application to exclude, and allow for your software to still be updated." }-
In theory any exclusion of objects makes your frozen system partition more vulnerable.
Suppose a malware targets Avira and the folders of Avira are excluded, then this malware is able to do its evil job, whatever that might be.

-{ Quote: "I think it was around 6GBs." }-

Did you notice any slowdown of your computer speed, say after 2-3 days?

no I honestly didnt. And on one I tried different AVs just for the heck of it. Some played better with it then others, as far as responsiveness. The funny thing is, and I would not think I would be saying it, but Eset 3.0 worked best. Actually it was very fast in Shadow mode.

-{ Quote: "In theory any exclusion of objects makes your frozen system partition more vulnerable.
Suppose a malware targets Avira and the folders of Avira are excluded, then this malware is able to do its evil job, whatever that might be." }-

I agree that if the file exclusion is taken too far, then it's probably not worth using the software in the first place. I would exclude 1 or 2 folders only containing documents.

For my AV/AS updates, I would have to turn off shadow mode, perform the updates and turn it back on again. Although I still use scanners, I expect the frequency of updates and scans to reduce when I start using SD. I no longer see the point of daily scanner updates.

I was only saying you could. The only thing that I save are my daughters games. Also testing F-Prot with it. Downloaded the beta for vista, but the AV is really nice. I had forgotten about it. It works very well.

Mike, it is going to come out of beta isnt it.;) Just kidding. This AV to me has progressed faster then any other in stability and detection. Need to check and see if my license is good, if not I am getting it. I do think I will run F-Prot with Shadow Defender to provide added protection. Dont worry Erik, no scanning, at least scheduled.;D

The problem with scanners is that they suddenly start with updating their signatures at any moment of the day. If you are in frozen mode, those updates will run and stored, but you will lose them when you reboot.

I would turn OFF the automatic update of these scanners forever.
After the first reboot of the day, when your system is still clean, I would go in thawed mode, do all signature updates on demand, run the scanner and remove possible malware. Then refreeze and continue.

-{ Quote: "The problem with scanners is that they suddenly start with updating their signatures at any moment of the day. If you are in frozen mode, those updates will run and stored, but you will lose them when you reboot.

I would turn OFF the automatic update of these scanners forever.
After the first reboot of the day, when your system is still clean, I would go in thawed mode, do all signature updates on demand, run the scanner and remove possible malware. Then refreeze and continue." }-
Shouldn't really be a prob, I would agree if it is possible to disable program updates as compared to definitions updates, as a program update will probably require a reboot, whereas definitions do not. Avast allows for this, so I have it set to alert if there is a program update and automatically download definitions. This ensures I have the most current definitions always, and am aware of any program update. I will lose a weeks worth of definitions when I reboot at the weekend, but as soon as I boot Avast checks for these and downloads them again, done in about 20 secs, and I can then re-enable Returnil protection, or update the program first also. Avast is the only active scanner I run.

-{ Quote: "So, I'm not going to ditch FDISR for that and lose the "archives" and multiple snapshots of FDISR, because these archives keep my computer clean and solve all my problems on a DAILY base.
Protecting your system partition against KillDisk, ... is not on a daily base, it only will save you, IF you have these malwares and when is this going to happen ?" }-

Multiple Snapshots = 10 and the life saving measure of FD-ISR's "ARCHIVES" which are a mirror copy image of sorts of those snapshots/systems, is what gives the Genuine original FD the overwhelming edge over ALL other ISR's imho.

Given the fact i have literally corrupted all executables on purpose (during file infector research w/virus) without giving forethought to making an image beforehand, then having to rely on archives stored on another partition, a simple wipe/format/reinstall of XP then FD-ISR program is a very minimal inconvenience to bring everything completely back up to normal operations again.

FD-ISR's archives are VITAL! impressions taken from snapshots and when isolated stored to an alternative disk, there is no way to lose. Only rerun and run again just as before any serious problems which rendered ALL snapshots ill-affected.

I've proven FD-ISR and other circumstances beyond my control have proven it a superior technology. Only drawback is like Erik says, it's no longer available like before.

So most users are now left with less effective alternatives at this point in time.

-{ Quote: "In theory any exclusion of objects makes your frozen system partition more vulnerable.
Suppose a malware targets Avira and the folders of Avira are excluded, then this malware is able to do its evil job, whatever that might be." }-
I have to agree with you here. The same can be said about Resource access/exclusions in Sandboxie or any program. Anytime you make an exclusion/exception, your making a "hole" in your protection. Sort of like a Windows OS ;D.

So everyone, which is the best... Creating "holes" in your virtual protection system or updating and making changes with protection off and then re-enabling protection?

-{ Quote: "
So everyone, which is the best... Creating "holes" in your virtual protection system or updating and making changes with protection off and then re-enabling protection?" }-

I don't think it makes much difference. Far too many make far to much of an issue about security - some even claiming they only update their systems off line , with the internet cable removed in a room with dimmed blue lights ( just to be on the same side).

In practical terms the treat of infection is so low that I can't see that any one method can claim to add any real additional security. I use Returnil on some machines, DeepFreeze on others. I have used FD-ISR, software firewalls, Hips, Sandboxie .... and so on. When discussing these programs the focus naturally tends to the extreme - what if I'm attacked by some as yet unthought of, undetectable nastie ? well the answer in almost all cases is that you will probably get XXXXXXed. The probability of this happening is fortunately so low that we need not be concerned by either the science fiction writers or those who are constantly promoting their latest securicrapware.

Personally I prefer the second option - I make changes off line and then re-protect but I'm fully aware that this still leaves me exposed. every time I install a new program its an act of faith - fortunately the risks are much, much lower than some claim.

-{ Quote: "I don't think it makes much difference. Far too many make far to much of an issue about security - some even claiming they only update their systems off line , with the internet cable removed in a room with dimmed blue lights ( just to be on the same side)." }-
Darn... I've been using red lights :lurking:. I agree, it probably doesn't make much of a difference.

-{ Quote: "In practical terms the treat of infection is so low that I can't see that any one method can claim to add any real additional security. I use Returnil on some machines, DeepFreeze on others. I have used FD-ISR, software firewalls, Hips, Sandboxie .... and so on. When discussing these programs the focus naturally tends to the extreme - what if I'm attacked by some as yet unthought of, undetectable nastie ? well the answer in almost all cases is that you will probably get XXXXXXed. The probability of this happening is fortunately so low that we need not be concerned by either the science fiction writers or those who are constantly promoting their latest securicrapware." }-
From what I gather, the threat of infection is low unless your installing new junk all the time. Maybe some people need to have there systems frozen. My sis thinks she has malware and the machine is slow, but they are still using it :ouch:.

-{ Quote: "Personally I prefer the second option - I make changes off line and then re-protect but I'm fully aware that this still leaves me exposed. every time I install a new program its an act of faith - fortunately the risks are much, much lower than some claim." }-
You make your changes off-line or unprotected/unvirtualized/shadowed? I'm assuming you meant with protection off. That's what I have been doing. And I agree, it is an act of faith or trust when installing a new program. I do what I can like scanning the installers, but that's all the knowledge I have except for the good word of folks recommending a software and I'm now going to check for hashes. And that may be over the top. I'm now googling for blue lights and dimmers ;D.

In retrospect and on closer review, if this newer version ShadowDefender is all that it's coming to be from whats been mentioned for it, i will defintely be taking a turn in it's direction myself i think.

The feature of keeping a software across reboots while remaining shadowed is a benefit worth attention.

Have just tried out SD and although most of the features are of no interest to me the basic program worked well but with one major weakness:

I forgot to turn off shadow mode when I tried to restore my image. Now with DeepFreeze 6 and the free version of Returnil when I forget they very politely refuse to be destroyed and simply return me to windows unchanged. Unfortunately, on one of my machines at least, SD just stopped Acronis working and would not allow me to go back to windows or restore. SD could not, of course, stop itself being destroyed by my boot CD allowing me to restore C:
after all.

Perhaps Acronis is to blame and someone who uses a better Imaging Program will find that SD plays nicely but from my point of view programs (DeepFreeze and Returnil) which allow for human weakness as program weakness are better than those (SD) that don't.

-{ Quote: "
The feature of keeping a software across reboots while remaining shadowed is a benefit worth attention." }-

They all do that don't they ? or are you saying that several reboots later you can then get rid of the installed program ? leaving the system as though it had never been installed ?

-{ Quote: "They all do that don't they ? or are you saying that several reboots later you can then get rid of the installed program ? leaving the system as though it had never been installed ?" }-

You can stay shadowed across reboots with SD, but changes made are lost.

-{ Quote: "Have just tried out SD and although most of the features are of no interest to me the basic program worked well but with one major weakness:

I forgot to turn off shadow mode when I tried to restore my image. Now with DeepFreeze 6 and the free version of Returnil when I forget they very politely refuse to be destroyed and simply return me to windows unchanged. Unfortunately, on one of my machines at least, SD just stopped Acronis working and would not allow me to go back to windows or restore. SD could not, of course, stop itself being destroyed by my boot CD allowing me to restore C:
after all.

Perhaps Acronis is to blame and someone who uses a better Imaging Program will find that SD plays nicely but from my point of view programs (DeepFreeze and Returnil) which allow for human weakness as program weakness are better than those (SD) that don't." }-

I use SP, and SD, but that isn't a test that I am inclined to try. Just not a good practice. You do have to be alert when using some of these different softwares. For example running the SP continous incremental, I'd never put any shadow program in shadow mode.

-{ Quote: "I use SP, and SD, but that isn't a test that I am inclined to try. Just not a good practice. You do have to be alert when using some of these different softwares. For example running the SP continous incremental, I'd never put any shadow program in shadow mode." }-

you don't use shadow mode very often then ? I wonder what would happen if an incremental is performed whilst in shadow mode ? perhaps nothing ? anyway I have an intense dislike for continuous and incremental preferring to keep C: frozen except when making changes with images always being full and of un protected or unfrozen drives. Fortunately when my alertness wanders DeepFreeze and Returnil are very understanding and quietly tell me to do the job again correctly.

I have never heard of this software before but it has been said it prevents low-level disk access. Does that prevent changes being made in the master boot record and by software like Julie Lau's sector editor?

-{ Quote: "I have never heard of this software before but it has been said it prevents low-level disk access. Does that prevent changes being made in the master boot record and by software like Julie Lau's sector editor?" }-According to what I wrote here (http://www.wilderssecurity.com/showthread.php?t=196103), yes. For the test I used Ms Lau's editor.

Blue

Thanks to your thread, I can more make a more informed decision in these types of programs. Well done, Blue.

Oh, and the vendors name is Tony, in case anyone emails support.;)

Does anyone happen to have a handy link that's not a website full of garbage to download Julie Lau's sector editor?

I never seen such a travesty of jumping thru ads in all my life over a single app courtesy chinese mass media.

-{ Quote: "you don't use shadow mode very often then ? I wonder what would happen if an incremental is performed whilst in shadow mode ? perhaps nothing ? anyway I have an intense dislike for continuous and incremental preferring to keep C: frozen except when making changes with images always being full and of un protected or unfrozen drives. Fortunately when my alertness wanders DeepFreeze and Returnil are very understanding and quietly tell me to do the job again correctly." }-

No, I don't. I use it when I am doing certain things that are higher risk. For normal browsing Sandboxie works for me, and there are no issues with imaging.

Never mind. I finally nailed it after plowing thru the mess of crap they hide it in. Stupid as it gets.

Just what is it anyway, or what does it do. Maybe I shouldnt know.::)

HI

welp read most reply in here... but a big BUT goes 2 SD....

copy it from vendor site ...==>>Version 1.0.0.130 - Decemeber 27, 2007
New: defeat passdiskprotect_C.exe(a malware)

i said WTF? ...isnt is supose to be a virtual suit? how come malware defeat it?
and this is not the only malware who defeat SD....==>>Version 1.0.0.129 - Decemeber 25, 2007
New: defeat robodog(a malware)

deep freeze such situation never happned...SD is not much to trust.

cheers:-*

oh boy, guess I will give it a shot. You think that just because you use a virtual product you are 100 percent protected from malware. Nope and these are some real nasties. Oh, and SD proved to beat ones, others didnt.

-{ Quote: "oh boy, guess I will give it a shot. You think that just because you use a virtual product you are 100 percent protected from malware. Nope and these are some real nasties. Oh, and SD proved to beat ones, others didnt." }-

hi trjam... deep freeze by defualt beat them all.. is market target is INDUSTRY not for home users. read in there site they said 100% garuntie .

cheers;D

-{ Quote: "hi trjam... deep freeze by defualt beat them all.. is market target is INDUSTRY not for home users. read in there site they said 100% garuntie ." }-demoneye,

Deep Freeze is a very strong solution and Faronics is a solid and long lived supplier. If you want rock solid protection and wish to protect partitions in which the content is primarily static, I can't think of a better solution. There are specific classes of PC's that fit this profile extremely well (institutional and public general access machines), and Deep Freeze is optimized for that situation.

Home users can, in fact, mimic that scenario fairly well if they choose to. In those instances, it's a great solution and it has a substantial period of development and field use behind it - which speaks extremely well of it's stability.

However, not everyone is willing to live within the rather strict confines that can be imposed by Deep Freeze. For them, a more dynamic solution may be appropriate with the appreciation that every convenience incorporated to allow for dynamically committed content provides a potential avenue for attack.

It's really not a whole lot different than the situation with the Windows OS itself - many of the primary routes for productive attack follow paths that have been incorporated into the OS for seemlessly enhancing the dynamic nature of the user experience - a simple example of this would be autorun scripts on CD's or removable HDD's - completely unnecessary when you get down to it, but lots of users love popping a disc in a having everything handled automatically - for what? The elimination of a double click?

Blue

-{ Quote: "demoneye,

Deep Freeze is a very strong solution and Faronics is a solid and long lived supplier. If you want rock solid protection and wish to protect partitions in which the content is primarily static, I can't think of a better solution. There are specific classes of PC's that fit this profile extremely well (institutional and public general access machines), and Deep Freeze is optimized for that situation.

Home users can, in fact, mimic that scenario fairly well if they choose to. In those instances, it's a great solution and it has a substantial period of development and field use behind it - which speaks extremely well of it's stability.

However, not everyone is willing to live within the rather strict confines that can be imposed by Deep Freeze. For them, a more dynamic solution may be appropriate with the appreciation that every convenience incorporated to allow for dynamically committed content provides a potential avenue for attack.

It's really not a whole lot different than the situation with the Windows OS itself - many of the primary routes for productive attack follow paths that have been incorporated into the OS for seemlessly enhancing the dynamic nature of the user experience - a simple example of this would be autorun scripts on CD's or removable HDD's - completely unnecessary when you get down to it, but lots of users love popping a disc in a having everything handled automatically - for what? The elimination of a double click?

Blue" }-


hi BlueZannetti

so u admit deep freeze is safer than SD and all other home kiddo applz... and stronger in protecting your value data in the froozen drive :) (and public general access machines) hehe ...welp thats what none lamers box users are looking for ! :dry:

cheers:thumb:

Sorry I got most of this but "welp thats what none lamers box users are looking for" defeats me. I'm not sure what none lamers box users are. Any chance of a translation into English, Spanish, French, or even American ?

bon any nou

-{ Quote: "Sorry I got most of this but "welp thats what none lamers box users are looking for" defeats me. I'm not sure what none lamers box users are. Any chance of a translation into English, Spanish, French, or even American ?

bon any nou" }-

hi Long View ....if u know what is the meaning of lamers y will understand that pro none lamers users use what work over 100%.... no kiide play....no kame skin for winamp...no kiddo behavior :)

simple :'(

-{ Quote: "hi BlueZannetti

so u admit deep freeze is safer than SD and all other home kiddo applz... and stronger in protecting your value data in the froozen drive :) (and public general access machines) hehe ...welp thats what none lamers box users are looking for ! :dry:

cheers:thumb:" }-Admit? Admit what? Is this a cross examination?

I'm just stating my impression of the situation. It's not like I have a vested interest in it one way or the other. It is what it is.

On the other hand, I also view the situation as I would any other approach to protection - there's a trade-off between facile utility and intrinsic strength and the balancing calculation needs to recognize that, at some level, differences simply don't matter. Let's see, sitting here tonight, what is the chance I'll be struck by lightning? 1 in billion? Maybe if I go downstairs it will be 1 in billion^2? There are two ways to look at this: (a) Downstairs is a billion times safer or (b) Both are close enough to zero that, frankly, I don't care and I don't pay attention to the difference.

Let's just say that SD vs DF is closer to (b) than (a) for me and if I'm wrong, the undo is trivial.

Blue

passdiskprotect_C.exe = unauthorized executable, which is immediately stopped by Anti-Executable.
That's what I call a stupid malware, too easy to detect.

-{ Quote: "passdiskprotect_C.exe = unauthorized executable, which is immediately stopped by Anti-Executable.
That's what I call a stupid malware, too easy to detect." }-

Probably because it wasn't malware, but a POC

-{ Quote: "HI

welp read most reply in here... but a big BUT goes 2 SD....

copy it from vendor site ...==>>Version 1.0.0.130 - Decemeber 27, 2007
New: defeat passdiskprotect_C.exe(a malware)

i said WTF? ...isnt is supose to be a virtual suit? how come malware defeat it?
and this is not the only malware who defeat SD....==>>Version 1.0.0.129 - Decemeber 25, 2007
New: defeat robodog(a malware)

deep freeze such situation never happned...SD is not much to trust.

cheers:-*" }-

Correct me if I am wrong, but seem a while back Faronics had a real problem with DeepFreeze, as certain malware was able to bypass it. All software has to get the kinks out, and the being smug about something, is the first step on the way down.

Hi Pete,

The exploit involved having physical access to the computer to install an executable via external media, which would hack into the password configuration permitting the person to set up another password to log in.

Kiddies, especially in colegios (schools) in South America, bragged on forums that they could hack DF. Also used in internet cafes.

Institutions I was familiar with in my area, had protection in place to prevent the running of the executable. Current versions of DF are not vulnerable to this.


----
rich

-{ Quote: "
Let's just say that SD vs DF is closer to (b) than (a) for me and if I'm wrong, the undo is trivial.

Blue" }-

Blue this deserves to be a Golden Sticky. It applies to so many of the issues discussed on this forum:

(1) the merits of imaging v file data backup. file data back up might be that little bit safer but so what any difference is irrelevant.

same basic argument for:

(2) FD-ISR v other methods
(3) Michelin Man layered security v simple protection

and on and on and on. So often debates degenerate to tribal loyalty tests - my program is better than yours because of some minor feature.

any way well said - Blue lightening

That is why, there is no better security then, "Wilders".:)

I am having one continuing issue though, trying to get my daughters games to save. I know in Vista it is saving them to Users and documents and I have it excluded but not quite there yet.

@trjam: I´m not an SD user myself, but since you can exclude files you could use filemon while playing/saving the games to trace which files you have to exclude.

/C.

well, I dont know if it is going to work for me. My daughter just played Sims for an hour and the folder to save to is excluded. At the end of the session I exited out and rebooted. It did not save her games but did eat up about 15 gigs of hard drive space. So what the hell. I am getting tired of trying to figure this out. I deleted her games and got my space back but I checked before she started and after she finished and it was close to 15 gigs. So something got sved but it wasnt her game.???

-{ Quote: "Correct me if I am wrong, but seem a while back Faronics had a real problem with DeepFreeze, as certain malware was able to bypass it. All software has to get the kinks out, and the being smug about something, is the first step on the way down." }-

hi Peter2150 .. u right... but whats that got to do with the facts DF OwNz!
we talk on facts mate not in understanding SD labor pains hehe

cheers:thumb:

you really should get, "Hooked on Phonics."::)

-{ Quote: "hi Peter2150 .. u right... but whats that got to do with the facts DF OwNz!
we talk on facts mate not in understanding SD labor pains hehe

cheers:thumb:" }-


I don't have a clue what you've said here.

-{ Quote: "I don't have a clue what you've said here." }-

i will explain Peter2150 ...You right in SD is new in the market...(etc) mate hehe the only "YOU RIGHT" in this matter on compare SD to DP ..

and for trjam reply "you you really should get, "Hooked on Phonics " i hooked on what winz. what is the best from all other kids in the block....

-{ Quote: "i will explain Peter2150 ...You right in SD is new in the market...(etc) mate hehe the only "YOU RIGHT" in this matter on compare SD to DP .." }-Just wondering..., did you even read this (http://www.wilderssecurity.com/showpost.php?p=1151967&postcount=35) post?

Blue

-{ Quote: "i will explain Peter2150 ...You right in SD is new in the market...(etc) mate hehe the only "YOU RIGHT" in this matter on compare SD to DP ..

and for trjam reply "you you really should get, "Hooked on Phonics " i hooked on what winz. what is the best from all other kids in the block...." }-
Are you high on something? I don´t understand what you are saying...

/C.

-{ Quote: "hi trjam... deep freeze by defualt beat them all.. is market target is INDUSTRY not for home users. read in there site they said 100% garuntie " }-
You're wrong, my friend. Deep Freeze has been beaten in the past
-{ Quote: "A black-hat computer programmer in Argentina with a grudge against Faronics, Emiliano Scavuzzo, has written a program to thaw Deep Freeze without knowing the password." }-
Light virtualization software are very strong, but not 100 % bullet-proof.

-{ Quote: "Are you high on something? I don´t understand what you are saying...

/C." }-

Whew! I thought maybe it was just me...too old and out of it!

-{ Quote: "Are you high on something? I don´t understand what you are saying..." }-
Me too. I just skip over his posts.

-{ Quote: "You're wrong, my friend. Deep Freeze has been beaten in the past

Light virtualization software are very strong, but not 100 % bullet-proof." }-
Hi, folks:

Just for the record, yes DF has been violated dearly in the past, a distant past. Since July 2006, version 6 has removed that fear and to this day, that ugly Unfreezer from South America has failed to deliver his promise. To DF users, enjoy yours , no fears.

DF has two versions: enterprise and standard; targeting two different markets.
You do not have to be a pro to use standard version, as to enterprise version, that is geared for IT Adm. managing more than 10 workstations.

DF has its ups and downs, IMO, it is in its prime time, and all others are doing catching up games.

Take care.

HI

new ver of shdow defender almost out for public (131) coz found some busg that fix ASAP by tonny ( SD owner) i must admit i am TOTALY impressed by his support!! i consider buy this progy seriously

cheersssss:thumb:

-{ Quote: "HI

new ver of shdow defender almost out for public (131) coz found some busg that fix ASAP by tonny ( SD owner) i must admit i am TOTALY impressed by his support!! i consider buy this progy seriously

cheersssss:thumb:" }-

cool!

BTW, did the tonny notice this http://www.youtube.com/watch?v=wD6TJ0aM89Q ? Hope he/she can fix this part as soon as possible.

-{ Quote: "cool!

BTW, did the tonny notice this http://www.youtube.com/watch?v=wD6TJ0aM89Q ? Hope he/she can fix this part as soon as possible." }-


its look like some sort of attack against the mbr...hard to read chainess for me lol.

but...there will always be a new tool to atack mbr..best way is combine anti exeacutable from faronic with SD . thats way nothig can harm the pc totaly

cheers:dry:

-{ Quote: "its look like some sort of attack against the mbr...hard to read chainess for me lol." }-
I think the author of SD is a chinese. he can understand it well.

-{ Quote: "
but...there will always be a new tool to atack mbr..best way is combine anti exeacutable from faronic with SD . thats way nothig can harm the pc totaly

cheers:dry:" }-

yes and no. If this technology which can bypass the SD and wirte data to any sector is used by other virus and spywares, I wonder if the AE can help any more.

White.

-{ Quote: "I think the author of SD is a chinese. he can understand it well.



yes and no. If this technology which can bypass the SD and wirte data to any sector is used by other virus and spywares, I wonder if the AE can help any more.

White." }-

I would say no on AE. It's problem is the malware will problaby come packaged in something the author hopes you trust. With AE, you have to totally disable it to do an install. Once you enable it you have whitelisted the program, so any embedded malware is now trusted.

Pete

-{ Quote: "I would say no on AE. It's problem is the malware will problaby come packaged in something the author hopes you trust. With AE, you have to totally disable it to do an install. Once you enable it you have whitelisted the program, so any embedded malware is now trusted.

Pete" }-

Perhaps the best explanation I have seen as to why AE may be of little benefit ? causes minor irritations for years and then just when it is needed human weakness allows the program to fail. The gods of the computer world do have a sense of humor after all.

-{ Quote: "Perhaps the best explanation I have seen as to why AE may be of little benefit ? causes minor irritations for years and then just when it is needed human weakness allows the program to fail. The gods of the computer world do have a sense of humor after all." }-

Longview

AE has a big benefit where it was intended. Namely on computers that never change, and people don't want change. You install AE, password protect it, and it's great. A user simply can't install or run anything else. For that it's perfect. But to use it in place of stuff like eqs/prosecurity/ssm/oa you do have to be aware of it's weak spot, which is the install process of new software.

Pete

-{ Quote: "
yes and no. If this technology which can bypass the SD and wirte data to any sector is used by other virus and spywares, I wonder if the AE can help any more." }-
If it is an executable, AE will stop it and remove it.

Installing NEW objects is always YOUR decision and if you don't do any verification or research, you might install a bad object. That's a discipline for all users, no matter what security they have on their computers.
Since internet is full of new objects many users don't like that discipline, because the fun is over. I had alot more fun on the internet, when I was a total newbie unaware of any malware. Now I have to pay attention to every move I make on the internet. :)

PS: there have been quite a few tests with nasty malware (low level HDD changes), but none of these tests were done with AE on board, because AE was a problem during these tests because the malware couldn't execute itself.

Thanks Peter. I know I'm taking this a bit OT but I find that a certain irony surrounds AE. EA works best for user who are static or make few changes. I would have thought those who make few changes were probably less likely to get infected than those who make constant changes suggesting that AE works best for those who need it the least and best for those who would be driven mad by enabling and disabling. Just to create a tenuous link and get back OT I would have thought that for those who make few changes that SD would be ideal and AE a fairly pointless addition. Absolute security is an impossibility and once basic protection and practice are in place adding extras can be expected to provide very little benefit ( diminishing marginal returns).

-{ Quote: "Longview

AE has a big benefit where it was intended. Namely on computers that never change, and people don't want change. You install AE, password protect it, and it's great. A user simply can't install or run anything else. For that it's perfect. But to use it in place of stuff like eqs/prosecurity/ssm/oa you do have to be aware of it's weak spot, which is the install process of new software.

Pete" }-
totaly nonsense . its look like u never try AE at your place. read in faronic web site chief of LA police that talk about AE runs in ALL the LA police station.
second u cant run what doesnt need to be run. if u want to install progs thats came from respected site/place , just disable AE for the install and reenable.
thats way you got total security combibe with SD.
human fault can append even if allow some unknow file in any AV or what ever protection progs ppl using out there.

cheers:-*

-{ Quote: "if u want to install progs thats came from respected site/place , just disable AE for the install and reenable.
thats way you got total security combibe with SD.
cheers:-*" }-

If AE is disabled, how can SD deal with the low disk access type product?:(

White.

:thumb: -{ Quote: "If AE is disabled, how can SD deal with the low disk access type product?:(

White." }-
QQ2595 , SD and returnil block some of thje newest what we call low disk accesss. SD owner update it as much he can acorsding to the info he have or got to his mail.

u can check SD site and see some major improtant fix which handle new low disk access

second why disable AE? do u disable your AV or FW as well? lol :))

cheers:thumb:

Hi all,

some questions for SD.

1)If my system drive only has 1GB available space, I go to SD's shadow mode and download 600MB files from M$, can I comit these 600MB files to the system?

2)which folders should be excluded for Windows updates?

3) I found there was large hidden file in the root of every partitions after installed SD. Even it's a small USB stick.
what are these files for? Can I remove the hidden file if I do not want to protect this partition at all?

White.

-{ Quote: ":thumb:
QQ2595 , SD and returnil block some of thje newest what we call low disk accesss. SD owner update it as much he can acorsding to the info he have or got to his mail.

u can check SD site and see some major improtant fix which handle new low disk access

second why disable AE? do u disable your AV or FW as well? lol :))

cheers:thumb:" }-

You HAVE to disable AE to install a new program.

-{ Quote: "Hi all,

some questions for SD.

1)If my system drive only has 1GB available space, I go to SD's shadow mode and download 600MB files from M$, can I comit these 600MB files to the system?

2)which folders should be excluded for Windows updates?

3) I found there was large hidden file in the root of every partitions after installed SD. Even it's a small USB stick.
what are these files for? Can I remove the hidden file if I do not want to protect this partition at all?

White." }-

THis is where the disk writes are deflected to when Shadow Mode is on.

-{ Quote: " QQ2595 , SD and returnil block some of thje newest what we call low disk accesss. SD owner update it as much he can acorsding to the info he have or got to his mail.
u can check SD site and see some major improtant fix which handle new low disk access
" }-

Well done!
I hope the SD/Returnil/Powershadow will not become another AV which needs update the newest database every day.
BTW, Returnil PE and Powershadow 2008 passed the testing of CleanMBR.

-{ Quote: "second why disable AE? do u disable your AV or FW as well? lol :))" }-
When install new programs, many of them have the warning of turning off the AV/HIPS in the welcome screen.

White.

-{ Quote: "Well done!
I hope the SD/Returnil/Powershadow will not become another AV which needs update the newest database every day.
BTW, Returnil PE and Powershadow 2008 passed the testing of CleanMBR. " }-

Not on my box. Only untill i try CleanMBR myself can it be 100% convincing and proven.

Any url or site suggestions to this so-called magical tool utility?

AE, btw, is very versatile and why it's required to DISABLE temporarily to install new programs, thats just the way it's designed. LoL

HI Easter

I know returnil passed it, but if I remember right SD didn't. I'd have to restest it to be sure.

Pete

-{ Quote: "Not on my box. Only untill i try CleanMBR myself can it be 100% convincing and proven.

Any url or site suggestions to this so-called magical tool utility?

AE, btw, is very versatile and why it's required to DISABLE temporarily to install new programs, thats just the way it's designed. LoL" }-

Sorry, the old link is not available again. If I upload it to some public place, I think the boss of 250,000 internet cafes in china will shoot at me. ;D

White.

-{ Quote: "Sorry, the old link is not available again. If I upload it to some public place, I think the boss of 250,000 internet cafes in china will shoot at me. ;D

White." }-

Also please don't post it here on the forum. Thanks.

Pete

RECEIVED.

Thank You for the coutesy. I bet this is one of the worst attack files that ranks up there with the top destructioners.

EASTER