Question on Deep freeze

Discussion in 'sandboxing & virtualization' started by hush, Jul 22, 2009.

Thread Status:
Not open for further replies.
  1. hush

    hush Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    4
    Hey guys,

    Just a quick question on Deep Freeze. Would it be wise to have an anti-virus, like Avira, or anti-malware programs beside Deep Freeze?

    Currently, i do have Avira, but the virus definitions/updates is becoming a drag with freezing/thawing lol, and im a low risk web surfer; therefore I haven't caught a virus in sometime.

    So should i fly solo with DF (i know no software is 100%), or look at other applications to give me more of an easier set-up with DF?

    Ps: im quiet new with this program but i like the idea for my Vista 64bit:rolleyes:
     
    Last edited: Jul 22, 2009
  2. bollity

    bollity Registered Member

    Joined:
    May 9, 2009
    Posts:
    179
    yes it will be wise
    imagine these situations:

    -you downloaded something from the internet (but it is infected and you don't know that) you put it in your flash memory and you want to open it on another computer

    -you received a file and it is a dangerous keylogger that steals your passwords and information , you opened it and keep working on your computer for hours before you shutdown.
     
  3. hush

    hush Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    4
    lol i figured all that:cool:

    So I guess ill suck it up (unless ppl have better applications that go well with DF)
     
  4. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Still more, say u get a malware that bypasses DeepFreeze.
     
  5. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    You can have Avira working very well with DeepFreeze: 99.9% security. Don't forget that Avira will update during the frozen mode. If you decide to reboot in a thawed state, Avira will update again with the same signatures, nonetheless you always have the latest signatures. The very FEW nasties that might defeat DF may be caught by Avira, and the very MANY nasties (0 day viruses) unknown to Avira will be neutralized by DF.

    I have exactly this set-up with Vista x64, which has the added protection of the kernel patch guard protecting Vista from rootkits.

    Another possibility is to to use DF along with Anti-Executable, IMO even better than Avira, but not a free application.
     
    Last edited: Jul 23, 2009
  6. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    Perhaps you could reinstall Avira to your unfrozen partition so that it can update OK.
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    No, it will not work. Registry will still be frozen.
     
  8. hush

    hush Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    4
    Thanks guys! And Osadan, thanks for the clarification; as well, why do you think Anti-Executable is better (i was reading here on the forums, and some members dont find it stable - but i could be wrong)?
     
  9. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Anti-Executable is the natural companion of DeepFreeze (also from Faronics). It is well known for its version 2, still one of the few applications that haven't been cracked by malware (if you check Rmus posts, all of his malware tests are carried out with AE). Why isn't everyone using it? Many reasons, it is a bit fastidious in the sense that you have to manually stop it, if you want to download anything, otherwise it will by default deny access/execution to anything that is unknown to your system (it takes a while to exclude some system files as well).

    With Vista, Faronics upgraded it to V3 and in the beginning it was very buggy as it was totally changed, it is easier to run, it has now the possibility to allow, deny, or add to its white list in a fraction of a second, very versatile indeed. Rmus tested it and found that it isn't as tight as version 2 (with executables using DLL).

    The current version is much more polished and works very well on my system. Some members found it conflicting with some programs namely Sandboxie, FirstDefense PC Rescue (these are the ones I know of).

    Now considering that x64 is excluding several security applications for the time being (Sandboxie, DefenseWall, Shadow Defender and others) I think DeepFreeze + AE for Vista and Windows7 x64, are an interesting proposition. Within this context I said AE is perhaps more suitable than Avira as it doesn't need any signatures updates with or without DeepFreeze.
     
  10. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    I personally think that there's no point updating your Anti-Virus Definitions unless you are disabling DF (this is on the proviso you do any online banking/transactions before you do any surfing, or if you've been surfing, do a reboot before you bank online / shop).

    I've had DF for years, and always used it this way. I realise that there's a small chance that I might get malware between boots, but that hardly bothers me.

    Use Firefox with noscript, and you'll be fine on almost all sites anyway.

    I use a free AV (Avast, because at the time I downloaded it, it was the most compatible with Vista 64), and Prevx (been with them since the start, and I like how the product is developing - probably the most innovative in the industry. They are working on protecting the browser from the OS, rather than the OS from the browser, which, if you think about it, a very good idea,- if they manage to get it to work without too many holes.). Of course, Vista has windows defender too, which I couldn't figure out how to disable, and in the end just got used to it (Quad core, and the machine just doesn't slow).

    I tried Anti-Executable about 1.5years back, but found it too irritating for me.
     
  11. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    When I use DF and my AV, I let it update frozen mainly because the AV might have a signature which might stop a particular executable aimed at the DF; it is very rare but quite possible: https://www.wilderssecurity.com/showthread.php?t=247937

    I'd also like to know 'for the record' if anything is caught by the AV even when frozen. Updating on most recent versions of AVs is quick and frequent, not a great waste of time IMO.
     
Loading...
Thread Status:
Not open for further replies.