Driver Uninstall & Virtualization

Discussion in 'sandboxing & virtualization' started by TomAZ, Jun 9, 2012.

Thread Status:
Not open for further replies.
  1. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,002
    Location:
    USA
    If I wanted to test the effects (if any) of uninstalling a driver that I'd like to get rid of - and did this while "virtualized" (Returnil, ShadowDefender, etc.), would I be protected in case something went wrong? Or, would the normal virtualization process not work for something like this?

    I suppose uninstalling a driver could require a reboot, but I'm not concerned about that - at least I could test things out to that point.
     
  2. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    TomAZ, firstly, NOTHING is 100%.

    Secondly, backup your entire system using a backup imaging program of your choice.

    Thirdly, to best of my limited knowledge, I believe only Rollback RX is the only virtualized software that supports rebooting. So try it with RRX and see how it goes. If worse come to worse, you got a complete image backup of your system anyway :)

    But keep in mind, I think all virtualized programs only work within the virtualized zone and not in your system, so it may not give you an accurate system indication.
     
  3. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,002
    Location:
    USA
    Do you use Rollback RX? It sure sounds like a very interesting program, but I don't think my HDD is large enough to support it. I have two external drives (1TB & 2TB), but my system drive is small -- only 80GB with approximately 45%-50% free space. So, as much as I'd like to try it, I'm not sure it will work.
     
  4. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    No Tom I do not use Rollback RX. There is a trial of it however if you wanted to try it and come to your own conclusions if it's for you or not.

    If I were you, I would use a imaging program, do a complete backup unto an external hard drive. Then remove and uninstall the driver you want and test your system. If it fails, then simply restore the image.:thumb:
     
  5. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    Hi TomAZ, Rollback RX is perfect to test-drive any program that requires a reboot in order for it to become fully functional, and this includes drivers, Windows updates etc.

    I always test all programs with it (including drivers and Windows updates), and if I don't like the results of if there is a problem I just restore an older snapshot.

    Regarding disk sizes: I have an 120GB SSD and out of that I have allocated 91 GB for a single Windows partition, leaving the rest unallocated for SSD overprovisioning. With your 80GB disk 50% free space should be enough for RX, for as long as you don't take many snapshots that contain huge changes when compared to their parent snapshot. For example, things like games or large software suites should be installed on a different disk, this ensures that future snapshots won't take a huge amount of space.

    For example: Lets say you install MS Office 2010, Nero suite or Call Of Duty 3 on D:. You then take a snapshot of C:. This snapshot will only include things like shortcuts, registry entries, plus any files that such programs add to the usual locations on C: (Common Files, C:\Windows\System32, C:\Windows\SysWOW64, etc.). The main bulk of files and folders will be on D:. If in the future you want to remove all traces of such programs, all you have to do is to restore an older snapshot first, this will bring C: back to the state it was before these programs were introduced to your system. Then you just go to D: and manually delete the folders of those programs. That's all it takes!

    Personally I think it is foolish to install large stuff on C:, this will make your snapshots huge in size and as a result you'll be running out of space must faster. Plus any future traditional backups will also be much bigger in size and will take longer to restore.

    It is also very important to set up RX the right way for your needs when you first install it. Ideally it should be installed on a fresh Windows installation BEFORE adding any drivers, win updates, or any other software. This will give you an absolutely clean and uncluttered baseline snapshot, to which you can return in the future and create a fresh Win7 setup with the newest drivers that will be available at that point, without having to install Windows from scratch or having to uninstall old stuff first.

    With a disk of limited space like yours you should also disable automatic snapshot creation. Do not schedule any automatic snapshot taking, take them manually instead and do not allow RX to take a snapshot of your existing system before restoring an older snapshot. If you do this then you'll end up with a confusing multitude of snapshots, and you'll also quickly run out of free space.

    Also do not allow RX to automatically remove older snapshots. You should check frequently to see if you're running out of space and manage your snapshots manually, according to your needs. Look at the picture below for my RX settings, this would be the best setup for a disk of limited space like yours and it will allow you full manual control of snapshot creation and restoration.

    It also it makes good sense to move your User folders to another disk. You can do this by right-clicking each folder and under the Location tab change the path to a folder on a different disk. If Windows asks you for permission to move stuff to the new location, allow it to do so. Folders like My Documents, My Music, My Pictures, My Videos, Saved Games, Downloads, Contacts etc. are all better to be on another disk. Just remember to frequently backup the contents of those folders to an external drive and keep that drive away from the computer, this will be your lifeline in case the disk that holds all your personal stuff dies. Never trust a single hard disk or a single DVD/BD-R disc with your personal files, always have AT THE VERY LEAST ONE MORE COPY, stored safely away from the computer.

    If you're interested in a slightly paranoid way of setting up Win7 securely, have a look at this guide I've published at the SSD Review forums:

    http://thessdreview.com/Forums/software/2247.htm

    Hope this helps! :D
     

    Attached Files:

    • 1.jpg
      1.jpg
      File size:
      221.7 KB
      Views:
      4
    Last edited: Jun 10, 2012
  6. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,002
    Location:
    USA
    Thanks to both of you for the suggestions and all the help -- really appreciate it!

    By the way, CB969... how long have you been using Rollback RX? I assume this is not a freebie. Have you had any problems with it at all? Just curious.
     
  7. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    You're welcome!

    Yes RX is commercial software. I've been using Comodo Time Machine (CTM) before that and that was freeware, but when I switched to SSDs I had to switch to RX because CTM doesn't support TRIM. The new version 3.0 of CTM will support TRIM, and a beta should be available hopefully by the end of the summer.
     
  8. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,002
    Location:
    USA
    If CTM supported your current needs, which of the two would you prefer? Is one of them more disk intensive (use more disk space) than another?

    Currently, I'm using Macrium Reflect and I image my drive quite regularly. In addition, I use either Returnil or Time Machine for light virtualization software testing. So, with that in mind, is a rollback program really needed, or is it overkill?
     
  9. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    Once you start using a snapshot app like CTM or RX you will be amazed on how you managed for so long without it. Plus, you won't have to touch that traditional backup for ages. It is great to be able to switch between different software setups in seconds.

    CTM was working great for me but it has caused problems for others because of incompatibilities with certain configurations. The only reason I dropped it is because it doesn't support TRIM. The new version will be much better and will support TRIM but a final release most probably won't be ready until at least next year. Until then RX would be your best option. It's definitely worth its money. If you like testing different software and you find yourself trying and then uninstalling stuff frequently, then RX is a tool that will keep your system clean and fresh, and also save you a a hell of a lot of time.
     
    Last edited: Jun 10, 2012
  10. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
  11. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    Yup, it is a super duper "Restore Point". And, if the snapshots (restore points) contain viruses and/or malware, than it is no good.

    Best regards,

    KOR!
     
  12. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    Hi Ichito

    The RX snapshots are stored on the disk's free space. There is no actual transfer of backup data taking place (as is the case in a traditional backup), that's why taking and restoring a snapshot takes mere seconds. The OS and any unsophisticated malware cannot see the snapshots. RX protects its snapshots from being overwitten by Windows or other programs by installing a low-lever driver which intercepts all writes addressed to sectors that contain snapshot data. Such writes are then redirected to truly empty sectors. This is seamless even on older hardware, there's no noticeable overhead. I have benchmarked hard disks and SSDs before and after RX was installed, and I found that there were no delays associated with its use.

    RX doesn't protect against malware, it cannot differentiate between malicious and non-malicious system changes. It is however invaluable for software testing and for undoing all non-malicious system changes. It is also good for reversing the changes cause by unsophisticated malware, as well as for undoing system crashes. This feature alone is worth the price of admission for me: It allows the user to experiment with overclocking, and there's no need to check the disk for file system errors after every crash. When the system freezes you just hard reset, enter the BIOS and choose a more moderate clock, then restore an older snapshot on the next reboot; and all this happens before Windows even has the chance to complain about an improper shutdown: The crash is instantly undone.

    Unlike light-virtualization (LV) apps which work per-session only, snapshot apps like RX can reverse program installations and other system changes across several reboots. It can also undo infections by 'dumb' malware (e.g. malware that are not MBR-resident). Like KOR said the snapshots can get infected, but this can only happen if the malware is MBR-resident. For this reason RX has to be used in conjunction with a decent firewall, antivirus/antimalware, PLUS antiexecution software in order for the system to be fully protected against sophisticated threats. :)
     
    Last edited: Jun 11, 2012
  13. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
    Thanks CyberMan...I hade license and tried to use Rollback RX and Eaz-Fix about two years ago (actually there are the same app)...but both are "uneatable" for me...sorry :) I found Keriver 1-Click and it was exactly what i needed...OK, it was OT :)
    Back to meritum...Rollbac Rx is not virtualisation software...if we are going this way of thinking we can say that bicycle is a car...it have the weels, can go, turn left or right, requires the driver...even more - can stop. Right? :D
     
  14. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    Keriver is a very good backup program, but personally I prefer RX snapshoting because of the speeds involved, on my machine less than 2 seconds to save a snapshot, and 5 seconds to restore one. I test software every day, so to me this speed does make a difference.
     
    Last edited: Jun 13, 2012
Loading...
Thread Status:
Not open for further replies.