Alternative to Toolwiz TimeFreeze

Hi, I have tested TTF and its not far away from what I am looking for as it provides system wide vitualisation when I test programs etc.

I have been using Sandboxie which is great and I still will use it but I was looking for something a little easier and system wide to simply switch between normal and virtual modes.

The only downside I see with TTF is that it reboots when you dont save whats in the virtual drive. Also I am not sure if upon shutdown the system is in protected mode, does it re-start in protected mode and does my AV still work within the virtual sandbox ?

Apologies but I am pretty much a novice.

Is there another similar program which works much the same as TTF without rebooting when switching between virtual and normal states when you you do not wish to save the modified data ?

Thanks in advance for any responses.

Andy

 

I could be wrong, but I believe all programs of this type need a reboot to flush all the data and go back to the previous state. The only program I can think of that doesnt do this is 'Private Workplace' http://privateworkplace.com/index.html .. however it's kind of buggy and hasnt been updated in almost a year. Too bad, it is potentially I great program.

Kiosk mode in Comodo Internet Security might do this too, but I havent used it.

 

Comodo kiosk and TTM are 2 totally different things.

 

Hi Andy, you are protected when you shutdown the system but the changes are discarded next time you start the computer. Your sytem will re start in protected mode if you set it up that way. You can use the program either on demand or you can set the system to start in protected mode. Antiviruses work fine under TTF but do the updates out of protected mode.

I am not using TTF now but is a nice program, I am sure you ll like it.

Bo

 

Hi Bo, yes ive got it running on my system and far easier for the novice to test programs in a virtual environment. I will use it on demand for now.

What do you think of Shadow Defender - better than TTF ?

 

Yes, its very easy to use and works great for trying programs, that's what I use this kind of programs for. The only thing that you should be careful about is when you uninstall the program for whatever reason, make sure to use their uninstaller, if you use any other uninstaller, you will have problems when rebooting. Don't forget it.

I switched both of my computers to SD but it was not because I felt that TTF let me down in any way. I wanted the best and probably SD is the best of its kind (Light virtualization).

Bo

 

Shadow Defender is much sturdier against sophisticated malware; in fact it can undo infections that others (including TF) cannot. SD can do it on its own, even when traditional anti-malware and anti-executions protections have been breached or even bypassed willingly by the idiot holding the mouse. I wouldn't use anything else as the final safety net for my systems.

Bottom line: When everything else has failed Shadow Defender may just save your bacon all on its very own. Think about that when you shop around for a light virtualization program.

 

I can vouch for that, 4 years now with SD, always in Shadow mode, XP 32-bit, SD has never and I mean never,never, intensionally looking to be infected or not has ever let me down. My other security apps my change from time to time (merely for testing) but SD 1.1.0.325 will always have a place in my setup.

 

Just installed SD.

Just need to ascertain exactly what the exclusion list does - does this mean that any changes which happen to the chosen folders in virtual, are also chaned to the real system too. Any examples of files to include would be helpful.

It would seem that you can only exit virtual mode on SD when shutting down (?), whereas with TTF where you can switch between the two and the unsaved contents deleted upon shutdown. Am I reading this corrrectly ?

EDIT : just spotted the F1 for help in the bottom corner of the GUI - this may answer my questions

 

Hi CyberMan,

I realize that there are some older tests which seem to support your belief, but do you know of any recent tests that show SD to be superior to other LVs (e.g., TTF) - re malware protection?

Cruise

 

Just do a search at YouTube for "shadow defender" test and make sure to order results by date. The latest test was this (it's in Polish):

http://www.youtube.com/watch?v=VTLuTjufQkU

SD failed only with one of the five super-potent malware tested here, but again this test was done in a Virtual Machine. Personally I strongly believe that malware resistance testing failures can only be taken seriously when they take place in a real testbed, not in a VM.

We must also bear in mind that no other light virtualization app would be able to withstand any single one of those five superbugs anyway. Four out of five with potent rootkits is still a great result.

In the past I have tested SD myself on a real system with a wide variety of potent malware and it managed to fully undo eveything I ever threw at it with just a simple reboot. I simply can't accept that single failure on the latest youtube test, unless I see it happening on a real machine.

I have just sent Tony (the SD author) the link anyway so he can research this Sinowal backdoor.

 

Andy, you can use the Exclusion list for files and folders where you like to bypass virtualization, on those files and folders changes done while in Shadow mode will survive. In my case, I added places.sqlite in order to be able to save bookmarks in Firefox and my downloads folder. By the way, you can also save files by right clicking on them and choosing commit. Thats pretty good stuff.

You can exit virtual mode without rebooting or shutdown and either save changes or drop them by ticking on a Volume in "Mode settings", clicking on "Exit Shadow mode" and clicking either "Commit all changes" or "Discard all changes".

Bo

 

Just curious. . . ever have any problems with SD? I've tried several versions on my XP 32bit system - I really wanted it to work. But it seemed like after a few reboots I always ran into a BSOD. Needless to say, I've been very disappointed after all of the positive comments I've read.

 

Dearest Bo,

Which version of SD you are using?

All their latest versions have massive problems and corruptions.

Best regards,

 

All latest version of SD have massive problems and corruptions. I am not sure if Tony still exists. Anyone can claim, he is TONY!

 

Never, SD has,at least for me, never ever given me any problems whatsoever.

 

Just thinking about it now, I remember that when I tried SD I also had two older light virtualiztion apps installed (Wondershare Time Freeze and Returnil). I wonder if this could have contributed to my problem? Maybe they don't play well together.

 

There's also: http://download.cnet.com/VirtualProtect/3000-8022_4-10902410.html

 

Hi Aladdin, I am lucky or could be because I got no AV, Hips or firewall messing things up. If you ask me, its the latter. I am using .346.

Greetings

Bo

 

Still is available free version 1 of Wondershare Time Freeze...it's similar to TTF
-http://download.cnet.com/Wondershare-Time-Freeze/3000-2239_4-11375831.html
Less similar but more expanded is Free Returnil System Safe.

 

Since Toolwiz already released a new product: Toolwiz Time Machine. This new product includes the Toolwiz Time Freeze and also it supports mroe than 20 snapshots.

Taking a snapshot only spends 2-3 seconds, also you can test the products which need reboot with TTM. It is a good replace for TTF.

 

Mohamed, you may have experienced such problems yourself on your systems but please, refrain from using generic statements. I have installed various SD versions from v325 onwards on at least seventy different systems of my clients during the last two years.

Only in one single instance I have had a post-install BSOD problem. It was an old Dell laptop and I remember it vividly because it was the only time that a computer failed to take-in SD. SD has always worked well on very different client systems, old and new alike, sporting a wide variety of different hardware/software configurations. I keep servicing many of those systems on a regular basis, so I know for a fact that SD is still very stable on them.

Even the "lose settings" issue is something that I don't think is widespread. Personally I have never seen it happening, and I should have considering the number of machines I've installed SD on. My hands-on experience with SD on so many different machines assures me that you are wrong on this. No further debate here, sorry my friend.

Regarding Tony being the "real Tony", the proof is in his recent work. Only the real author of SD would have enough affinity with his own code in order to implement all those new features so quickly. I have been exchanging ideas with the guy since last October, in fact the RAM cache and write cache encryption were my ideas. Tony was negative about them to start with but I managed to convince him that such features would be very useful. The guy has managed to implement them into the program within two months after I first talked to him about it, also adding Win8 and full TRIM compatibility.

I have had my doubts in the past about Tony and I have been as vocal as anyone, but I have no doubts now. I don't know what real-life problems forced him to abandon the project for so long, and frankly I don't care. I don't think that it is appropriate for personal issues about Tony's life to ever be disclosed or discussed in public.

I now try to judge things from actual results, rather than rumours and conspiracy theories.

 

That's a recipe for disaster. None of those things play nice with each other.

 

The Wondershare program hasn't been updated for years now and like most other LV apps, it is still vunerable to sophisticated threats. Same applies for Returnil which relies on its own anti-malware modules in order to prevent threats.

My take on this:

As I mentioned before, most virtualizers can protect from almost everything with the help of traditional antimalware and antiexecution components. The problem is what happens when such defences have somehow been breached by sturdy malware? What happens when anti-execution itself has been bypassed by the end user (e.g. a child that wants to run a game that may contain malicious code and allows it to execute regardless of anti-malware or anti-execution warnings).

For this case we need a virtualizer that is potent enough to contain and fully undo malicious installs all on its own, even when the novice/idiot that holds the mouse has left the door open. SD can most definitely deliver in this instance. DiskShot is another one that seems promising in that respect, but it is only available in Korean ATM.

I'm talking about UNDOING damage rather than preventing it. For prevention I have my existing layers of protection: My HIPS firewall and my antimalware and anti-keylogging programs. For damage control after the infection happens (thanks to human error in many cases), I have the overall windows safety net that is Shadow Defender. No need for post-infection cleanups, just reboot and all the nasties will be flushed along with every single change they have caused to the virtual system.

In the rare case when SD fails to contain an infection (never seen it happening on any of the systems I've worked on so far), I still have a clean full backup to rely on.

 

Two problems with this:

1) It's still in beta so it would be foolish to install it on anything but a testbed.

2) You can't go back and forth on the snapshots. Just like SysRestore, if you revert to an older snapshot you'll lose all subsequent ones. The lack of back and forth functionality just kills it for me.