Alternative to Toolwiz TimeFreeze

Discussion in 'sandboxing & virtualization' started by AMD, Feb 26, 2013.

Thread Status:
Not open for further replies.
  1. AMD

    AMD Registered Member

    Joined:
    Jul 9, 2012
    Posts:
    88
    Location:
    UK
    Hi, I have tested TTF and its not far away from what I am looking for as it provides system wide vitualisation when I test programs etc.

    I have been using Sandboxie which is great and I still will use it but I was looking for something a little easier and system wide to simply switch between normal and virtual modes.

    The only downside I see with TTF is that it reboots when you dont save whats in the virtual drive. Also I am not sure if upon shutdown the system is in protected mode, does it re-start in protected mode and does my AV still work within the virtual sandbox ?

    Apologies but I am pretty much a novice.

    Is there another similar program which works much the same as TTF without rebooting when switching between virtual and normal states when you you do not wish to save the modified data ?

    Thanks in advance for any responses.

    Andy
     
    Last edited: Feb 26, 2013
  2. Smash

    Smash Registered Member

    Joined:
    Oct 25, 2011
    Posts:
    9
    I could be wrong, but I believe all programs of this type need a reboot to flush all the data and go back to the previous state. The only program I can think of that doesnt do this is 'Private Workplace' http://privateworkplace.com/index.html .. however it's kind of buggy and hasnt been updated in almost a year. Too bad, it is potentially I great program.

    Kiosk mode in Comodo Internet Security might do this too, but I havent used it.
     
  3. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,871
    Comodo kiosk and TTM are 2 totally different things.
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    Hi Andy, you are protected when you shutdown the system but the changes are discarded next time you start the computer. Your sytem will re start in protected mode if you set it up that way. You can use the program either on demand or you can set the system to start in protected mode. Antiviruses work fine under TTF but do the updates out of protected mode.

    I am not using TTF now but is a nice program, I am sure you ll like it.

    Bo
     
  5. AMD

    AMD Registered Member

    Joined:
    Jul 9, 2012
    Posts:
    88
    Location:
    UK
    Hi Bo, yes ive got it running on my system and far easier for the novice to test programs in a virtual environment. I will use it on demand for now.

    What do you think of Shadow Defender - better than TTF ?
     
  6. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    Yes, its very easy to use and works great for trying programs, that's what I use this kind of programs for. The only thing that you should be careful about is when you uninstall the program for whatever reason, make sure to use their uninstaller, if you use any other uninstaller, you will have problems when rebooting. Don't forget it.

    I switched both of my computers to SD but it was not because I felt that TTF let me down in any way. I wanted the best and probably SD is the best of its kind (Light virtualization).

    Bo
     
  7. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    Shadow Defender is much sturdier against sophisticated malware; in fact it can undo infections that others (including TF) cannot. SD can do it on its own, even when traditional anti-malware and anti-executions protections have been breached or even bypassed willingly by the idiot holding the mouse. I wouldn't use anything else as the final safety net for my systems.

    Bottom line: When everything else has failed Shadow Defender may just save your bacon all on its very own. Think about that when you shop around for a light virtualization program. :)
     
  8. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    I can vouch for that, 4 years now with SD, always in Shadow mode, XP 32-bit, SD has never and I mean never,never, intensionally looking to be infected or not has ever let me down. My other security apps my change from time to time (merely for testing) but SD 1.1.0.325 will always have a place in my setup.
     
  9. AMD

    AMD Registered Member

    Joined:
    Jul 9, 2012
    Posts:
    88
    Location:
    UK
    Just installed SD.

    Just need to ascertain exactly what the exclusion list does - does this mean that any changes which happen to the chosen folders in virtual, are also chaned to the real system too. Any examples of files to include would be helpful.

    It would seem that you can only exit virtual mode on SD when shutting down (?), whereas with TTF where you can switch between the two and the unsaved contents deleted upon shutdown. Am I reading this corrrectly ?

    EDIT : just spotted the F1 for help in the bottom corner of the GUI - this may answer my questions
     
  10. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    Hi CyberMan,

    I realize that there are some older tests which seem to support your belief, but do you know of any recent tests that show SD to be superior to other LVs (e.g., TTF) - re malware protection?

    Cruise
     
  11. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    Just do a search at YouTube for "shadow defender" test and make sure to order results by date. The latest test was this (it's in Polish):

    http://www.youtube.com/watch?v=VTLuTjufQkU

    SD failed only with one of the five super-potent malware tested here, but again this test was done in a Virtual Machine. Personally I strongly believe that malware resistance testing failures can only be taken seriously when they take place in a real testbed, not in a VM.

    We must also bear in mind that no other light virtualization app would be able to withstand any single one of those five superbugs anyway. Four out of five with potent rootkits is still a great result.

    In the past I have tested SD myself on a real system with a wide variety of potent malware and it managed to fully undo eveything I ever threw at it with just a simple reboot. I simply can't accept that single failure on the latest youtube test, unless I see it happening on a real machine.

    I have just sent Tony (the SD author) the link anyway so he can research this Sinowal backdoor.
     
    Last edited: Feb 26, 2013
  12. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    Andy, you can use the Exclusion list for files and folders where you like to bypass virtualization, on those files and folders changes done while in Shadow mode will survive. In my case, I added places.sqlite in order to be able to save bookmarks in Firefox and my downloads folder. By the way, you can also save files by right clicking on them and choosing commit. Thats pretty good stuff.

    You can exit virtual mode without rebooting or shutdown and either save changes or drop them by ticking on a Volume in "Mode settings", clicking on "Exit Shadow mode" and clicking either "Commit all changes" or "Discard all changes".

    Bo
     
  13. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,002
    Location:
    USA
    Just curious. . . ever have any problems with SD? I've tried several versions on my XP 32bit system - I really wanted it to work. But it seemed like after a few reboots I always ran into a BSOD. Needless to say, I've been very disappointed after all of the positive comments I've read.
     
  14. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    Dearest Bo,

    Which version of SD you are using?

    All their latest versions have massive problems and corruptions.

    Best regards,
     
  15. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    All latest version of SD have massive problems and corruptions. I am not sure if Tony still exists. Anyone can claim, he is TONY!
     
  16. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Never, SD has,at least for me, never ever given me any problems whatsoever.
     
  17. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,002
    Location:
    USA
    Just thinking about it now, I remember that when I tried SD I also had two older light virtualiztion apps installed (Wondershare Time Freeze and Returnil). I wonder if this could have contributed to my problem? Maybe they don't play well together.
     
  18. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  19. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    Hi Aladdin, I am lucky or could be because I got no AV, Hips or firewall messing things up. If you ask me, its the latter. I am using .346.

    Greetings

    Bo
     
  20. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
    Still is available free version 1 of Wondershare Time Freeze...it's similar to TTF
    -http://download.cnet.com/Wondershare-Time-Freeze/3000-2239_4-11375831.html
    Less similar but more expanded is Free Returnil System Safe.
     
  21. littleturle

    littleturle Registered Member

    Joined:
    Jun 26, 2012
    Posts:
    102
    Location:
    US
    Since Toolwiz already released a new product: Toolwiz Time Machine. This new product includes the Toolwiz Time Freeze and also it supports mroe than 20 snapshots.

    Taking a snapshot only spends 2-3 seconds, also you can test the products which need reboot with TTM. It is a good replace for TTF.
     
  22. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    Mohamed, you may have experienced such problems yourself on your systems but please, refrain from using generic statements. I have installed various SD versions from v325 onwards on at least seventy different systems of my clients during the last two years.

    Only in one single instance I have had a post-install BSOD problem. It was an old Dell laptop and I remember it vividly because it was the only time that a computer failed to take-in SD. SD has always worked well on very different client systems, old and new alike, sporting a wide variety of different hardware/software configurations. I keep servicing many of those systems on a regular basis, so I know for a fact that SD is still very stable on them.

    Even the "lose settings" issue is something that I don't think is widespread. Personally I have never seen it happening, and I should have considering the number of machines I've installed SD on. My hands-on experience with SD on so many different machines assures me that you are wrong on this. No further debate here, sorry my friend.

    Regarding Tony being the "real Tony", the proof is in his recent work. Only the real author of SD would have enough affinity with his own code in order to implement all those new features so quickly. I have been exchanging ideas with the guy since last October, in fact the RAM cache and write cache encryption were my ideas. Tony was negative about them to start with but I managed to convince him that such features would be very useful. The guy has managed to implement them into the program within two months after I first talked to him about it, also adding Win8 and full TRIM compatibility.

    I have had my doubts in the past about Tony and I have been as vocal as anyone, but I have no doubts now. I don't know what real-life problems forced him to abandon the project for so long, and frankly I don't care. I don't think that it is appropriate for personal issues about Tony's life to ever be disclosed or discussed in public.

    I now try to judge things from actual results, rather than rumours and conspiracy theories.
     
    Last edited: Feb 27, 2013
  23. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    That's a recipe for disaster. None of those things play nice with each other.
     
  24. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    The Wondershare program hasn't been updated for years now and like most other LV apps, it is still vunerable to sophisticated threats. Same applies for Returnil which relies on its own anti-malware modules in order to prevent threats.

    My take on this:

    As I mentioned before, most virtualizers can protect from almost everything with the help of traditional antimalware and antiexecution components. The problem is what happens when such defences have somehow been breached by sturdy malware? What happens when anti-execution itself has been bypassed by the end user (e.g. a child that wants to run a game that may contain malicious code and allows it to execute regardless of anti-malware or anti-execution warnings).

    For this case we need a virtualizer that is potent enough to contain and fully undo malicious installs all on its own, even when the novice/idiot that holds the mouse has left the door open. SD can most definitely deliver in this instance. DiskShot is another one that seems promising in that respect, but it is only available in Korean ATM.

    I'm talking about UNDOING damage rather than preventing it. For prevention I have my existing layers of protection: My HIPS firewall and my antimalware and anti-keylogging programs. For damage control after the infection happens (thanks to human error in many cases), I have the overall windows safety net that is Shadow Defender. No need for post-infection cleanups, just reboot and all the nasties will be flushed along with every single change they have caused to the virtual system.

    In the rare case when SD fails to contain an infection (never seen it happening on any of the systems I've worked on so far), I still have a clean full backup to rely on.
     
    Last edited: Feb 27, 2013
  25. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    Two problems with this:

    1) It's still in beta so it would be foolish to install it on anything but a testbed.

    2) You can't go back and forth on the snapshots. Just like SysRestore, if you revert to an older snapshot you'll lose all subsequent ones. The lack of back and forth functionality just kills it for me.
     
Thread Status:
Not open for further replies.