Hello, I would like to know if light-virtualization software (in particular Shadow-defender and TTF) can be used safely even to test programs that are installed as deep as antivirus or device drivers?.....can be used also to test large software packages (suites) such as Microsoft office, Adobe suite or 3DStudioMax, that install (unfortunately!) an infinite number of files and registry entries? All the created changes are totally deleted on system reboot or shutdown, even in these "complicated" cases? Thank.
I can only speak to Shadowdefender. The only thing you can't do is install something that requires a reboot, as the reboot will uninstall it. But I can give you an example of things I've done. I needed to test bypass for one of the vendors involving Ransomware. My machine has 3 internal drives. So I shadowed my system, and turned the ransomeware lose, and it encrypted all the data type files on all three disks. Exited shadowmode and all 3 disks were clean. As far as large packages, if I remember right both office and the big adobe suites did require a reboot, so that wouldn't work. But it's the reboot that is the key
According to my experience, neither MS Office nor LibreOffice installations require reboot. I think the "complexity" of the software, that is, the number of files or of registry entries created, doesn´t affect the functionality of Shadow Defender, as long as there is enough free disk space to save the changes in the SD cache.
Thanks for the answers, but what do you think about software that is deeply installed as AV and system drivers?.....Shadow Defender and TTF are also strong in such event? In fact I would like to test a new AV but I fear that then remains some residual trace....
Hello Zapco, I don't have any scanners in my computers. In the past, I used Shadow defender (before SD, both Time freeze programs) for installing scanners. Last time was about 8 months but done it a few times with HMP and Malwarebytes. And real timers?....I installed Avast once. I also remember running a few times the Emsisoft scanner, TDSSKiller. If rebooting is not required, you ll be able to test the new AV, otherwise, it wont work too well. Whenever I installed programs of this type or any kind, as far as I can tell, when I reboot, all is gone. The times I searched and looked for signs that something survived the reboot, I never found nothing. Bo
I haven't experienced any reboot requirement when installing Avira, MBAM, and Hitman Pro. I'm pretty sure most AVs nowadays don't require a reboot, but I've noticed that my old Vista machine occasionally requires a reboot after an important AV version update whereas with my Windows 8 machine it was never required... Best way is to try...
There won't be any residual traces, no matter how complex the software. The only thing you can't do, as Peter2150 said, is to use Shadow Defender to test software that requires a reboot. Shadow Defender intercepts all disk writes, below the level of the file system, and redirects changed disk sectors into a virtualization cache that is discarded at reboot. If nothing gets written to the registry and file system on the disk while in Shadow Mode, no traces of activity while in Shadow Mode can survive a reboot. That's why LV software in general can't be used to test software that requires a reboot to install.
If you want to test software that requires reboot then the only two solutions I depend on are 1) virtual machines, and 2) Good imaging software like Macrium.
Thank you all for the kindness (and especially to Pegr for the full explanation!) I know perfectly that light virtualization software are not appropriate to test programs that requires reboot, but I just have to check a few features..... so it's not a problem for me. the most important thing is that there remains no trace of installations! So in conclusion, with SD or TTF I can be tested safely even antivirus or large software packages, it's right?
Right...no matter how big/complicated are apps or new data...in exiting from SM to normal mode SD always rejects all changes made in virtualised system. Even if you test 2,3 or more apps in one session...even if are AV/IS or ather kind of security software which make mess in files or registry...you always have clean system at the end.