Deep Freeze

Discussion in 'sandboxing & virtualization' started by sired, Feb 8, 2010.

Thread Status:
Not open for further replies.
  1. sired

    sired Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    37
    Location:
    Bangkok
    Apologies if Deep Freeze has been covered on the forum but I found out about it today from my local computer dealer who also runs an internet cafe using Deep Freeze & offered to set up my machine similar to his, stand alone, no price yet. He's had the shop several years & before installing DF says it was a nightmare. Since then claims he never has a problem. He uses no AV software though I would continue using ESET at least.

    Anyone using Deep Freeze?
     
  2. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
  3. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    deep freeze make me a blue screen in here , its better use SHADOW DEFENDER in many aspects
     
  4. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,219
    I used it for a long while and it is indeed a very light virtualization program that will protect your system effectively while in frozen mode. If you are a user who doesn't install programs regularly as a hobby and therefore your system remains static for long periods or perhaps you have children/relatives/friends who might access your computer then DeepFreeze would probably be the ideal solution.

    Somebody else mentioned Shadow Defender which is very similar but more versatile: it allows you to save some file and folders while in protected mode (shadow mode). DeepFreeze, while in frozen mode (protected) doesn't allow you to save anything, including updates for your AV (although you could have another partition or drive unfrozen where you could save anything you like).

    I must admit I prefer Shadow Defender, but DeepFreeze is also excellent.
     
  5. mike21

    mike21 Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    416
    Deep Freeze is perfect for internet cafe and publicly shared computers.

    It may be used by the casual user with its own PC, but there are other more versatile apps like SD
     
  6. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    And if your short on cash then the free version of Returnil can hold it's own in the virtual stakes.
     
  7. sired

    sired Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    37
    Location:
    Bangkok
    hacked long time ago but the hacker had to be physically at the computer so no problem.
    http://www.velocityreviews.com/forums/t307362-faronics-deep-freeze-losing-the-security-war.html

    & here http://www.securiteam.com/windowsntfocus/5XP0H1FG0S.html

    re comments Wilders link ... keylogger might be a problem, Keyscrambler any good for that? & can keyloggers read virtual keyboard clicks?

    Got a brief DF demo at the internet cafe today, destroyed the registry, accessed a few crack sites, deleted numerous folders etc & all came right back on reboot. Impressive. I'll see about a trial run tomorrow & research SD. Cheers all.
     
    Last edited: Feb 8, 2010
  8. sired

    sired Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    37
    Location:
    Bangkok
    Trialing Shadow Defender today as it appears the better product for solo machine use ... v. 1.1.0.324

    question,, If a malware should write to a folder on the Exclusion List while in Shadow Mode, on reboot with SD set to boot in non-SD mode would not the malware then be able to write to the protected volume after reboot & before SD is activated? If so if SD is set to start up on reboot would such an event be avoided? However on shutdown from Shadow Mode, Exclusion List files are written back to the protected volume so maybe I just answered the question ie you get to keep everything on the Exclusion List... would someone confirm ...
     
    Last edited: Feb 9, 2010
  9. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    I hate DeepFreeze
    Not because it's bad, the problem is the whole school computers have that crap :D

    Now im allergic to Deepfreeze :thumbd: :thumbd:
     
  10. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,219
    It goes without saying that the exclusion list should be populated by essential applications, in my case I have the the antivirus updater, Ad Muncher updater, Windows Calendar, and a desktop folder to save interesting links when I'm browsing in shadow mode.

    An antivirus or any malware scanner can be used to check something that you might like to "commit by Shadow defender" (write to disk even if you are in shadow mode). Theoretically these could be entry points for malware if your scanner fails, in practice it would be a very rare occurrence. If you are browsing dangerous websites you don't commit anything, period.
     
  11. sired

    sired Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    37
    Location:
    Bangkok

    I think SD will do the job very well, running with zero exclusions & committing only “places.sqlite”, dispensing with Excel & Word & using Google docs. Bookmarks are at the core of my work & giving up the ease of organizing them would be impractical. Xmarks used to work OK but lately it’s so slow it's virtually unusable & the site badly organized. ShadowProtect can backup an entire working volume? I took a look but I’m in the dark ages with the latest products.

    Any idea which Avira files would go into Commit. Last few days Malwarebytes & Hitman found hoardes of problems then today Avira found a trojan the others missed. Disks going to the disk doctor tomorrow for formatting. I'll need a new separate disk for ShadowProtect?
     
    Last edited: Feb 10, 2010
  12. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
  13. sired

    sired Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    37
    Location:
    Bangkok
    right now this machine's a wreck. rebooted to get out of SD & load CTM. Add/Remove won't uninstall SD, says it's still in Shadow Mode, but no SD files in Processes. & CTM won't install with SD installed. Windows has also decided not to save personal settings. all very Catch 22 & Kafkaesque ... a whole new twighlight world.
     
    Last edited: Feb 10, 2010
  14. pidbo

    pidbo Registered Member

    Joined:
    Dec 25, 2006
    Posts:
    198
    I heard that booting into safe mode on your pc will allow Shadow defender to release you from shadow mode in emergency circumstances.

     
  15. sired

    sired Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    37
    Location:
    Bangkok
    thanks pidbo.

    #1 formatted, looks OK. still using the #2 half crippled machine, torture testing SD to see if it lets me mess the machine up even more before formatting, scanned multiple times w/ Hitman, Avira, Malwarebytes, various of these found & removed all malwares named above.

    However, looking in the registry still see same trojan names nodgen, fq, jo, ky, mv, qn, um, kv listed in HCU\Software\Microsoft\Search Assistant\ACMru\5603

    is this normal after AV delete procedures? maybe this part of the registry isn't important
     
    Last edited: Feb 12, 2010
  16. sired

    sired Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    37
    Location:
    Bangkok
    Technical SD question. Day 4 SD.

    Say you run SD with NO EXCLUSIONS & NO COMMITS.

    Then over a period of say one week add bookmarks to FF, create new docs, add & change data in various databases etc, whatever else. All changed files could be placed in their own folder (except "places.sqlite") for efficient retrieval.

    Then, after a week in Shadow Mode, go offline, place all changed files in the Commit folder, scan, then COMMIT.

    In this case ALL files on the real disk are protected 100% of the time & the Shadow Disk has NO holes, at any time.

    What do you think? I think there must be a fatal flaw somewhere :p



    Of course the AV programs wouldn't get updated daily,, but why would it matter if you don't exclude or commit ANYTHING when online.

    A keylogger could steal Administrator & User passwords but the thief would be unable to change settings on the real disk. If so, no problem there. The only risk I can think of right now is web based app password theft. Anything else?

    I don't know how viruses work but I understand if a backdoor trojan installs, it can help following viruses hide invisibly. If so & scans don't detect the subsequent actions of trojans, how good is any virtual disk when it comes to committing changed files? Ultimately the integrity of the real disk is totally dependent on detection of malwares hiding in changed files that are committed. True or false?
     
    Last edited: Feb 12, 2010
  17. sired

    sired Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    37
    Location:
    Bangkok
    thinking SD over the last few days & concluded that since 99%+ of my computing doesn't need to be saved, once a good working state disk is set up with the right apps, a range of AVs (Avira, DefenseWall & FD-ISR a la Tony creator of SD), FF add-ons etc & the volume backed up external disks 2 & 3, cloned to external disks 3 & 4, saves can be accomplished through web based apps, with zero Exclusions or Commits. In theory only passwords would be at risk which in this case aren't very important.

    snapshot of C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\32f14rr7.Default User2 yesterday AM shows the first three FF files updating almost instantly after adding a URL to Bookmarks while other files take their time.
    http://img508.imageshack.us/i/cccb.png/][IMG]http://img508.imageshack.us/img508/6162/cccb.png
     
    Last edited: Feb 14, 2010
  18. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    I have heard good things about DF. I've tried it once last year but had issues so I dropped it.
     
  19. ratwing

    ratwing Guest

    NoIos:

    If you don't mind me snooping,were the issues with the
    programs functioning,or just not fitting into your system needs/goals?

    I am having trouble understanding the concept of a pay ware virtuilization
    program that has only the features of the free Returnil,or even Windows SteadyState.
     
  20. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    I've used Deep freeze with no issues.

    I've thrown a ton of malware / viruses at my system and rebooted with Deep Freeze,it never failed me,the machine was back to normal,each and every time.

    :thumb:
     
  21. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    without versing any program here:D which one you think is better performer DF or SD?thanks
     
  22. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    SD is more user friendly,but both perform and do as the software vendor says in the descriptions of each.
     
  23. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    cool;) i never use DP but is it similar aproach or diferent kind?is it a virtual machine?or what is it?thanks
     
  24. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293

    Returnil,Deep Freeze,Windows Steadystate,Shadowuserpro,and shadowdefender are all the same type of software programs.

    I'll never be without one of these programs.I can do what I please to my systems and with a simple reboot,everything is normal and 100% clean.
     
  25. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    cool;) i may use SD as i have a licence for it;) thanks for info
     
Loading...
Thread Status:
Not open for further replies.