Deep Freeze

If I remember well it was a certain and at the time known incompatibility with certain laptops. Mine was one of them. Don't take it as a certain fact...I don't have a great memory.

The 100% sure thing is that I had issues with the program functioning correctly...it was not a problem of like or dislike.

 

thanks,NoIos.
Understood.

 

I've heard so much about these sorts of programs and I'm interested, but I can't say that I really know much about them. My security setup has always been about prevention and removal more so than something that would simply set my system back to the way it was.

I have certainly heard a lot of Shadow Defender on here and since they have a 64-bit version, I was thinking about giving it a try.

Here are some of my concerns though and if anyone who knows a lot about these programs can answer these, I would be grateful:

1) If my system is returned to the state it was after I reboot, will my browser still remember where it has been? As in forum postings, etc.?

2) What happens when I install a program that I don't want removed when I reboot? Say I'm surfing, I find something I want to install and do so and there are no issues and I want to keep this program. Then what? If I reboot, are not any changes it made to the registry and any installed system files etc. removed?

3) I download through uTorrent quite a bit, so from what I read on the Shadow Defender site, I could exclude my uTorrent downloads folder and nothing would be removed from there after a reboot correct?

I think that's it for now. If anyone can answer these I would very much appreciate it. I'm going to give Shadow Defender a try. $35 for unlimited license certainly seems worth it if I can continue what I'm doing and work around the issues above, then who would need any sort of malware protection really.

 

1. Unless you exclude your browser profile folder,or commit a specific session,any bookmarks,browser history,or cookies added while in ShadowMode will be lost at reboot.

2. programs are very difficult to retain after reboots.
You would have to know the location of every folder the program wrote data to,and exclude them. But,it is simple to save files,documents,and exe's between reboots.
Shadow Defender comes with a "right click commit" option.

3. If you exclude any download folder,rar's
torrents,or any other downloaded file will be retained.

Updates of antivirus can be a little tricky also.
I run in ShadowMode 99% of the time,and for awhile,when I switched my on demand antimalware from A-Squared free,to Avir9,I was unable to find all the locations i needed to exclude to retain updates.With A-Squared I simply excluded the entire C/A-Squared folder.
Another user furnished me the Avira storage folder paths,and it updates smooth as silk while in ShadowMode.

 

Thanks ratwing. Very informative.

For me, I think Shadow Defender would be something I would use when I am going into unchartered waters. I wouldn't be in Shadow Mode all the time.

I just did a test for the heck of it. Entered Shadow Mode and tried to infect myself. I had a pretty large list of rogues, malware, you name it, whatever I could find.

The good news? After rebooting, SD did it's job, every single thing was back to the way it was when I entered Shadow Mode.

The really good news? My combo of Avast 5 and Malwarebytes Pro did not let a SINGLE piece of malware infect my system. NOTHING got in. I had Prevx running as well and it didn't say a word the whole time, but MBAM and Avast were troopers and blocked every single thing. I really don't see the need for Prevx after that test so I have removed it.

This was seriously a list of about 50 links. I also tried to go to various sites I know to be bad, and I simply could not infect myself.

So, with that being said, I feel pretty darn confident with Avast and MBAM running in real time and when I know I am going to go somewhere that could cause issues, I'll go into Shadow Mode and be even more confident.

That was fun...

 

thanks for testing

 

np...like I said, it was fun. I am so impressed with how the security apps on my system reacted though. Just amazing quite frankly.

 

cool i will do some testing tonite
will be Mbam Pro and norton antivirus 2010

 

ratwing do you have a link for the Avir folder paths? Cheers.

 

You will need to exclude both of these:


Files Quarantined:
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop

Signature Updates:
C:\Program Files\Avira\AntiVir Desktop


Should do you fine!!
rat

credit to user: "eskro" ShadowDefender Forums.

 

thanks rat.

Still playing with the half dead #2 machine. Ran approx 6 scans.

Tonight Avira found TR/Trash.Gen in C:\System Volume Information\...\A0199502 as MBAM was running. I didn't start Avira, she found it by itself. Cannot quarantine/delete & cannot close Avira even from Task Mgr. Each time Avira makes a find she freezes the works so doesn't complete the run

Plus Tr/Agent 1034861 same folder. Brain surgery required ...

Understand SysVolInf access is beyond Administrators reach ...

Who's the hooligan above Administrators Who's the entity with access to another's propery i wonder.

Implanted at install from the installer's disk when purchased?/later?

When i get up & running with new virgin disks, no holes in ShadowDefender, however it might be some time before i'm optimistic. got one machine fixed but apprehensive virii will transmit to it via the router from #2. Very apprehensive ... or there's a keyboard keylogger buried inside the keyboard haha, part of the casing not seating properly ...

 

Sired:

This is taking the thread a little off topic,but I doubt at this stage where you are with the machine,if System Restore points are of any concern to you.
Why not just switch off System Restore,to flush out the:
C:\System Volume Information detections? Then you can keep working,and if you get things right,switch it back on a set new restore points?

That is pretty much the only way I know to get rid of infections in System Volume Information.

 

Thanks rat, turned off System Restore, changed SVI security & deleted.

Beginning to feel slightly less clueless thanks to this forum. This disk herewith forfeits all rights to Restore privileges.

 

sired:

Glad to hear it!!
Now the System Volume Information detections should be gone.
Just remember when you get your machine to a clean state,
either turn System restore back on,or look into a program called ERUNT.
(Yeah,I know,silly name,great program!!) I have used it instead of system restore for years,
and love it.
It complements Virtualization,in a way System Restore never can.
When you leave ShadowMode,and make a change on your real system,
just make a ERUNT backup and you are good to go.
Its free.
By the way,agreed,this forum is priceless.
ratwing

 

Thanks rat. Have ERUNT now & will study later.

One thing, on Commit SD stalls at the Avira string you posted, tried unloading Avira in Processes but Avira will not allow.

 

Sired:

Ok,I understand.
Boot out of ShadowMode,and add the two stings/folders to the exclusions list via the Shadow defender GUI.
(ie,open shadowdefender Gui,click exclusion list,browse for the folder,choose the first avira folder,repeat with the second)
You can commit within ShadowMode,but you cant exclude.
It is to exclude these two folders you need to do.
Once both folders are excluded,Avira should update fine in ShadowMode.

 

Deep Freeze is a good Rock solid Product. But I not use Deep Freeze or any similar product because I am always experimenting with different custom settings and tweaks with various software on my pc.

But I always keep a backed up image I that I can restore with Macrium Reflect
if needed.

 

Most programs nowadays install without needing a reboot. It is an interesting feature, as one can install a scanner(as an example) check the system, no problems, reboot and everything is gone. Nice, clean, and elegant, no leftovers. If it is a program that is productive, one can try it, you like it, you can commit the installer to save time, reboot and install the program for good.

I have used ShadowUser Pro for 5 years on one machine, DeepFreeze for a year on and off on a 64 system, and Shadow Defender on 2 computers for more than a year. I'm so used to operate shadowed that I'd feel naked without one of these programs, they really are more effective than any top notch real time scanner.

There's only one negative aspect: you really have to get into the habit to commit folders that you might have worked on as if you forget, a reboot could wipe them for ever. It happened to me several times, long hours of research, nullified in minutes. On the other hand, it happened maybe 2-3 times in 5 years, I suppose it depends on users' habits as well.

 

Very true.
That is exactly how I operate a huge list of on-demand scanners.
I install them in Shadow mode,run the scan,reboot and no maintenance.
I have a PDF2word converter program I use nearly every day,and
it has never been on my real system.

I still use wordpad,and when I see the Windows dialog box dialog
asking if I want to save changes,it becomes automatic to click "Yes",
and right click "commit by ShadowDefender".

I have a folder "desktop download's" it is set default for Firefox,and the
only location Sandboxie is allowed to recover to.
It becomes habitual to right click,"scan with Avira",and then drag and
drop the downloads to their proper folders,and while still highlighted by
Windows explorer, to click "Commit by ShadowDefender". It gets the whole highlighted group in one click.

I do foul up from time to time,mostly from forgetting there are things waiting in the download folder,and rebooting.)

"I'm so used to operate shadowed that I'd feel naked without one of these programs."

Very true!!

 

Question on booting out of SD to do system changes, move files around, get updates etc.. Spent a couple of hours changing stuff thinking SD was closed, clear screen, Defender Daemon may have been running in Processes, on reboot all changes evaporated. What is DD?

In Administration "Start with Windows" is now unchecked, in Mode Setting click on "Exit All Shadow Modes" then "Exit Shadow & Reboot Now", this right? Can someone spell out the right sequence, cheers.

===

PS think the problem was too many overzealous AVs + an earlier version of SD, now running 1.1.0.324 - been a tough week. 2000 reboots later...

 

Sorry, I'm not sure I understand your question: If you are in 'shadow mode', the tray icon should be blue in colour(otherwise yellow in normal mode); you have the choice to have or not the 'desk top tip' visible saying shadow mode; 'Start with Windows' in Administration, as far as I know, should remain checked, unless you don't want SD on the tray.

Whether you reboot with 'Exit all shadow modes' or 'restart' you will exit shadow mode. According to your 'schedule' or previous choices you may start a new shadow session or reboot in normal mode.

 

Thanks Osaban understood.

Odd thing with a 2 year old database app ... when the data file is in exclusions SD eats it on reboot, no sign of it anywhere on the HD. The file path remains in exclusions but vanishes from its folder location & the database searches in vain after reboot.. No problem in commit.

 

Sometimes it is difficult to find the right path to add to the exclusion list for a particular folder. It is not a problem for me to go on with things pertaining to SD but the thread topic is DeepFreeze, hence we've been off topic for quite a while.

It would be preferable to open a new thread about SD.

 

Is there not an easy way to save FF Bookmarks in SD?

 

Yes, you can. Just find where your FF bookmarks is stored in which folder and exclude them. Been doing that for some time now.