Deep Freeze

Apologies if Deep Freeze has been covered on the forum but I found out about it today from my local computer dealer who also runs an internet cafe using Deep Freeze & offered to set up my machine similar to his, stand alone, no price yet. He's had the shop several years & before installing DF says it was a nightmare. Since then claims he never has a problem. He uses no AV software though I would continue using ESET at least.

Anyone using Deep Freeze?

 

a few reads here........https://www.wilderssecurity.com/showthread.php?t=248721&highlight=deep freeze
and
http://www.brighthub.com/computing/smb-security/reviews/11213.aspx

 

deep freeze make me a blue screen in here , its better use SHADOW DEFENDER in many aspects

 

I used it for a long while and it is indeed a very light virtualization program that will protect your system effectively while in frozen mode. If you are a user who doesn't install programs regularly as a hobby and therefore your system remains static for long periods or perhaps you have children/relatives/friends who might access your computer then DeepFreeze would probably be the ideal solution.

Somebody else mentioned Shadow Defender which is very similar but more versatile: it allows you to save some file and folders while in protected mode (shadow mode). DeepFreeze, while in frozen mode (protected) doesn't allow you to save anything, including updates for your AV (although you could have another partition or drive unfrozen where you could save anything you like).

I must admit I prefer Shadow Defender, but DeepFreeze is also excellent.

 

Deep Freeze is perfect for internet cafe and publicly shared computers.

It may be used by the casual user with its own PC, but there are other more versatile apps like SD

 

And if your short on cash then the free version of Returnil can hold it's own in the virtual stakes.

 

hacked long time ago but the hacker had to be physically at the computer so no problem.
http://www.velocityreviews.com/forums/t307362-faronics-deep-freeze-losing-the-security-war.html

& here http://www.securiteam.com/windowsntfocus/5XP0H1FG0S.html

re comments Wilders link ... keylogger might be a problem, Keyscrambler any good for that? & can keyloggers read virtual keyboard clicks?

Got a brief DF demo at the internet cafe today, destroyed the registry, accessed a few crack sites, deleted numerous folders etc & all came right back on reboot. Impressive. I'll see about a trial run tomorrow & research SD. Cheers all.

 

Trialing Shadow Defender today as it appears the better product for solo machine use ... v. 1.1.0.324

question,, If a malware should write to a folder on the Exclusion List while in Shadow Mode, on reboot with SD set to boot in non-SD mode would not the malware then be able to write to the protected volume after reboot & before SD is activated? If so if SD is set to start up on reboot would such an event be avoided? However on shutdown from Shadow Mode, Exclusion List files are written back to the protected volume so maybe I just answered the question ie you get to keep everything on the Exclusion List... would someone confirm ...

 

I hate DeepFreeze
Not because it's bad, the problem is the whole school computers have that crap

Now im allergic to Deepfreeze

 

It goes without saying that the exclusion list should be populated by essential applications, in my case I have the the antivirus updater, Ad Muncher updater, Windows Calendar, and a desktop folder to save interesting links when I'm browsing in shadow mode.

An antivirus or any malware scanner can be used to check something that you might like to "commit by Shadow defender" (write to disk even if you are in shadow mode). Theoretically these could be entry points for malware if your scanner fails, in practice it would be a very rare occurrence. If you are browsing dangerous websites you don't commit anything, period.

 

I think SD will do the job very well, running with zero exclusions & committing only “places.sqlite”, dispensing with Excel & Word & using Google docs. Bookmarks are at the core of my work & giving up the ease of organizing them would be impractical. Xmarks used to work OK but lately it’s so slow it's virtually unusable & the site badly organized. ShadowProtect can backup an entire working volume? I took a look but I’m in the dark ages with the latest products.

Any idea which Avira files would go into Commit. Last few days Malwarebytes & Hitman found hoardes of problems then today Avira found a trojan the others missed. Disks going to the disk doctor tomorrow for formatting. I'll need a new separate disk for ShadowProtect?

 

@ sired....kind of off-topic but i think you should give Comodo Time Machine (CTM) a try....its free....similar to its paid cousins rollback/EAZ fx etc see here......http://www.comodo.com/home/data-storage-encryption/data-recovery.php

 

right now this machine's a wreck. rebooted to get out of SD & load CTM. Add/Remove won't uninstall SD, says it's still in Shadow Mode, but no SD files in Processes. & CTM won't install with SD installed. Windows has also decided not to save personal settings. all very Catch 22 & Kafkaesque ... a whole new twighlight world.

 

I heard that booting into safe mode on your pc will allow Shadow defender to release you from shadow mode in emergency circumstances.

 

thanks pidbo.

#1 formatted, looks OK. still using the #2 half crippled machine, torture testing SD to see if it lets me mess the machine up even more before formatting, scanned multiple times w/ Hitman, Avira, Malwarebytes, various of these found & removed all malwares named above.

However, looking in the registry still see same trojan names nodgen, fq, jo, ky, mv, qn, um, kv listed in HCU\Software\Microsoft\Search Assistant\ACMru\5603

is this normal after AV delete procedures? maybe this part of the registry isn't important

 

Technical SD question. Day 4 SD.

Say you run SD with NO EXCLUSIONS & NO COMMITS.

Then over a period of say one week add bookmarks to FF, create new docs, add & change data in various databases etc, whatever else. All changed files could be placed in their own folder (except "places.sqlite") for efficient retrieval.

Then, after a week in Shadow Mode, go offline, place all changed files in the Commit folder, scan, then COMMIT.

In this case ALL files on the real disk are protected 100% of the time & the Shadow Disk has NO holes, at any time.

What do you think? I think there must be a fatal flaw somewhere



Of course the AV programs wouldn't get updated daily,, but why would it matter if you don't exclude or commit ANYTHING when online.

A keylogger could steal Administrator & User passwords but the thief would be unable to change settings on the real disk. If so, no problem there. The only risk I can think of right now is web based app password theft. Anything else?

I don't know how viruses work but I understand if a backdoor trojan installs, it can help following viruses hide invisibly. If so & scans don't detect the subsequent actions of trojans, how good is any virtual disk when it comes to committing changed files? Ultimately the integrity of the real disk is totally dependent on detection of malwares hiding in changed files that are committed. True or false?

 

thinking SD over the last few days & concluded that since 99%+ of my computing doesn't need to be saved, once a good working state disk is set up with the right apps, a range of AVs (Avira, DefenseWall & FD-ISR a la Tony creator of SD), FF add-ons etc & the volume backed up external disks 2 & 3, cloned to external disks 3 & 4, saves can be accomplished through web based apps, with zero Exclusions or Commits. In theory only passwords would be at risk which in this case aren't very important.

snapshot of C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\32f14rr7.Default User2 yesterday AM shows the first three FF files updating almost instantly after adding a URL to Bookmarks while other files take their time.
http://img508.imageshack.us/i/cccb.png/][IMG]http://img508.imageshack.us/img508/6162/cccb.png

 

I have heard good things about DF. I've tried it once last year but had issues so I dropped it.

 

NoIos:

If you don't mind me snooping,were the issues with the
programs functioning,or just not fitting into your system needs/goals?

I am having trouble understanding the concept of a pay ware virtuilization
program that has only the features of the free Returnil,or even Windows SteadyState.

 

I've used Deep freeze with no issues.

I've thrown a ton of malware / viruses at my system and rebooted with Deep Freeze,it never failed me,the machine was back to normal,each and every time.

 

without versing any program here which one you think is better performer DF or SD?thanks

 

SD is more user friendly,but both perform and do as the software vendor says in the descriptions of each.

 

cool i never use DP but is it similar aproach or diferent kind?is it a virtual machine?or what is it?thanks

 

Returnil,Deep Freeze,Windows Steadystate,Shadowuserpro,and shadowdefender are all the same type of software programs.

I'll never be without one of these programs.I can do what I please to my systems and with a simple reboot,everything is normal and 100% clean.

 

cool i may use SD as i have a licence for it thanks for info