AntiVirus and Virtualization

Discussion in 'sandboxing & virtualization' started by TheMozart, Jun 7, 2012.

Thread Status:
Not open for further replies.
  1. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    What Virtualization application is able to handle installing an AntiVirus program such as Avira, Avast etc, and then rebooting the PC, and testing the AV and then REVERTING system back to the way it was before the AV was installed?

    Toolwiz Time Freeze cannot do it.

    Sandboxie cannot do it.

    BufferZonePRO cannot do it.

    Shadow Defender cannot do it.

    Anything able to do it?
     
    Last edited: Jun 8, 2012
  2. pk7

    pk7 Registered Member

    Joined:
    Nov 28, 2009
    Posts:
    12
    Location:
    Prague, CZ
    Definitely not an application sandbox (BufeferZone, Sandboxie, ...), because they're based on process virtualization (AV use drivers, and a lot of low level techniques). You should try some snapshot tools (e.g. GoBack) or use vmware/virtualbox.
     
  3. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    Ok thank you pk7.

    I didn't know I can use Virtualbox to install single programs. I always thought it was used for complete operating systems to be installed. And once an AV is installed into VB, how do I tell it to scan my proper C: drive?

    And didn't Goback get replaced by Norton Ghost 14?
     
  4. chris1341

    chris1341 Guest

  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,054
    Virtual Box is a Virtual Machine. It has to have an OS installed. And as far as I know, it the av would only be able to scan your Virtual Machine.

    Your only option is a snapshot program like Rollback RX(not free) or an imaging program.

    Pete
     
  6. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
  7. chris1341

    chris1341 Guest

    You'll know better than me.

    I looked at it for all of 5 mins - thought it said you had 3 options for the container:
    1 - File
    2 - hidden partition
    3 - hidden partition bigger that system partition that could survive reboot as it was basically a copy system plus changes that could revert back on demand.

    Apologies if not.
     
  8. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    Basically, option 2 will automatically reboot if becomes full and in that case one will loose everything. Option 3 is larger than the system partition and thus it will never get full, so it will never reboot automatically thus loosing everything.

    On all three options, once rebooted, everything is lost like normal virtual software.

    Best regards,

    KOR!

    P.S. I am not sure why it requires such a big container for virtual state. It could be:

    1. In anticipation that reboots will be very rare like weekly or bi-weekly.
    2. No, virtual data is kept in RAM (memory).
     
  9. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    Yes that's what I thought Pete, thank you.:thumb:

    So it seems that if someone wants to install to test a program or AV, that needs rebooting, that Rollback RX is the only program that can do it. Unless someone wants to restore a complete image, which is a pain to just test a program or to install a complete AV, scan system and remove to clean slate. Was hoping for a quicker and easier way, but as I said, seems Rollback RX is the only way. But I wasn't sure...so thank you everyone for your comments. At least now I know for sure:)
     
  10. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I wonder if something like Symantec Workspace Virtualisation could be used? I used it in the past to virtualize various programs, cant remember if i ever tried an antivirus though. I may have to give it a try in my spare time.
     
  11. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    Sorry...not only...I do the same with Keriver 1-Click Free. Maybe restoring is 3-4 minutes longer, but is not the problem for me. Latest example?...today SysWatch was installed in this way on my lap and later was succesfully "removed" by Keriver. Everything works OK :thumb:
     
  12. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Although i use imaging programes ,ive never used the incremental backup function that most of them have and always do a full back up.However i would have thought that if your imaging programme was set to incrementally back up (if it had that option) then you wouldnt have to perform a full image restore after testing software.I could be wrong of course so one of the experts may have to confirm.Personally i take a full image of my last good configuration that i liked, and just test software to my hearts content using its own unininstallers ,a registry cleaner and registry workshop to remove all remnants of anything i dont want.Not as clean as some would like ,but it works for me.
     
  13. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    How TRUE!

    I bought the Keriver PRO for $10 and legally use it on all my 9 computers. HDS, the makers of Rollback Rx, sell the same Keriver PRO for $300. Go figure!

    Best regards,

    KOR!
     
Loading...
Thread Status:
Not open for further replies.