Toolwiz TimeFreeze vs Shadow Defender

Discussion in 'sandboxing & virtualization' started by Rasheed187, Dec 16, 2014.

  1. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    +1
    Absolutely Spot-On!
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Actually, I feel like an idiot, I totally forgot that tools like SD can not be used when testing apps that require a reboot after install. So testing security tools will be no option, I guess? It's indeed cool that you can test tools that require a driver to run, bad it's also a security risk, that's why SBIE blocks this. I do believe there is an option in SBIE to let drivers run.
     
  3. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,280
    Location:
    UK
    There has been a feature request to block the installation of drivers in Shadow Mode at user discretion. I believe that Tony, the Shadow Defender developer, is considering adding it as an optional feature.
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I haven't kept any on demand scanners installed in my computers for three years but every once in a while, in Shadow mode, I install HMP and MBAM to run a scan. I also sometimes run TDSSkiller and Emsisoft. So, there's a few security programs that you can test using SD. Not all programs require a reboot.

    The SBIE option to allow drivers was eliminated in Version 4. I remember Tzuk saying that the option to allow drivers was little used and never worked very good.

    Bo
     
  5. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    I'm with you, Tony coded a little jewel, although ShadowUser Pro must have been more than an inspiration...
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Actually I wouldn't use this option, because HIPS can already take care of this, but I know what you mean.

    Didn't know about this. And it's true that not all security tools require a driver to run, but the ones that do, don't work with SBIE and usually require a reboot. So perhaps the best option is to use a virtual machine.
     
  7. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Does anyone understand how the whole ToolWiz product line is Free. I tried SD and now I'm trying TTF. I find it odd that the ToolWiz website has no Legal stuff. Not even a website disclaimer. I emailed ToolWiz ~ Contact Us. No reply ? 36 million Global Toolwiz Installs ?
     
  8. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,240
    More info: http://www.toolwiz.com/en/about/
     
  9. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,158
    It's good to see some people working ethically. I can understand those looking for the catch or tripwire but when I have had communication with James at Toolwiz in the past he came across to me as a nice, well mannered person, who answers his e-mails and is appreciative of input.
    Toolwiz contact is James@toolwiz.com
     
    Last edited: Dec 23, 2014
  10. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,098
    Location:
    USA
    Can either program be ran as a limited/regular user? I currently use SBIE as a regular user on Win 7 with no issues. I always thought that if I stopped using SBIE (Tzuk's sale made me consider it for a while), I would migrate to one of these 2 apps (or maybe even AppGuard).
     
  11. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Thanks ~ I've been all over ToolWiz site. Not savvy enough to know under the hood workings SD v TTF
    But, I find TTF an admiral product. I had two downloads that did not survive restart. Downloads excluded. Files had bytes before shutdown and 0 bytes upon re-start. So, IDK. I've excluded Desktop / Documents / Downloads / Pictures same as with Sandboxie. I recover Download from SBoxie > Stop TF > Shutdown. Maybe, I just need to Shutdown. I'm running SBoxie in TTF. Kinda' bizarro' world. I startup Normal > Updates > Bizarro' world. :doubt:
     
    Last edited: Dec 24, 2014
  12. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Well, fwiw. I'm running SBoxie in TTF + VoodooShield. VS prompts me just fine for new executables. I know it's silly as TTF will ignore. But, I like the granularity.
     
  13. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Yeah, may have to resend my emails to James. Maybe just the Holidays ? Appreciate feedback re James.
     
  14. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Toolwiz TimeFreeze can. I don't know about the other one.
     
  15. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,098
    Location:
    USA
    Since SD has been on sale, I chose to test it first (I'm cheap and won't likely get it for any less.) It does run under limited/regular accounts but you must click through a UAC prompt for admin approval (if you have UAC on) to actually fire it up. (Since I am a huge fan of UAC, I would never consider using Windows without it (so I have no idea what would happen with SD on a regular user account and no UAC.)) I'm no expert but I assume that even though SD is then in shadow mode while logged into the limited user account, it seems to me that SD is not running as that limited/regular user. Based on what this program actually does, the difference may not matter, but maybe it could??
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    BTW, I was thinking about SBIE vs light virtualization tools like TTF and SD, and with SBIE, all files stay inside the virtual folder/container, also after reboot. Why can't SD do the same, why do all files get cleaned when you reboot the system? It perhaps sounds a bit dumb, but I'm trying to figure out if there is a way to test software that require a reboot, but without the file and registry modifications ending up on the "real" system.
     
  17. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    There are "snapshot" programs.
     
  18. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I
    I have been using AX64 Time Machine for this. You take an incremental, and then install test reboot to your hearts content. Then if you want to roll back you just to a restore in windows, followed by a reboot, and it's all gone.
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I've used RollBack RX years ago inside virtual machines and it did work nicely. I never installed it on my real machine because of all the bad reviews. So you're saying that AX64 is completely safe? I did read that it doesn't modify the MBR which is a good thing.

    https://ax64.uservoice.com/knowledg...parison-to-rollback-rx-eaz-fix-comodo-time-ma
     
  21. majoMo

    majoMo Registered Member

    Joined:
    Aug 31, 2007
    Posts:
    994
    I do that with 'Toolwiz Time Machine' ever.
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes thanks, forgot about it, so instead of Time Freeze I actually need Time Machine. What are your experiences with it?

    http://www.toolwiz.com/en/toolwiz-time-machine/
     
  23. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Rasheed.

    I've been beating the heck out of the latest beta. Will post results probably tomorrow. But it is a beta.

    Pete
     
  24. majoMo

    majoMo Registered Member

    Joined:
    Aug 31, 2007
    Posts:
    994
    Using Win 7 64 bits.
    1- I am always working in frozen mode (with TTF) - I use junctions to my Data disk (a non-system disk), for My documents and settings/data from e.g Maxthon, Thunderbird, AdFender, etc..
    2- When needed to try a software that needs reboot (or even not, e.g. if I want to try several days), I use TT Machine.
    3- Never had any annoyances with "Toolwiz Time Machine".
    4- Using TTMachine I don't need to use Macrium Reflect so often.
     
  25. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,098
    Location:
    USA
    So does Time Machine interfere with the system as many of the other ISR programs have in the past? I know some butted heads with some imaging programs. I lightly skimmed the info at the TTM site and it read as though it leaves the MBR alone. So imaging the system is normal? If so, I may try it too.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.