Question on Full Virtualization

Discussion in 'sandboxing & virtualization' started by Brandonn2010, Aug 12, 2012.

Thread Status:
Not open for further replies.
  1. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    So if I understand correctly, a program like Returnil or ShadowDefender will run a session of Windows virtualized, and when shutting down, you can choose whether to discard changes or save them?

    If so, I almost don't see how it would be effective against malware. If malware got on your system, and your realtime protection didn't detect it, if you saved changes it would save the malware as well.

    So what is the point, or am I missing something?
     
  2. WSFfan

    WSFfan Registered Member

    Joined:
    May 10, 2012
    Posts:
    374
    Location:
    The Earth
    People use SD or Returnil mainly to discard the changes,rarely commit changes to the system.
     
  3. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    In my case using DefenseWall in conjunction with ShadowDefender, DW will block/stop anything entering through a threatgate (Browser,media player,ad blocker,pdf reader,cd/dvd drives,usb + other removable drives and so on) although some remnants of malware may remain after trying to enter my computer they can do no harm with DW running all threatgates as untrusted.
    With a simple reboot (with Shadow Defender) all is as it was before, no trace of any nasties.
    I'm always in Shadowmode 100% off the time discarding one shadow session for another upon reboot, never using the "Exclusion List" (a potential security hole IMO) and rarely using the "Commit Now" feature (and only on the occasions when I know something is safe other wise it doesn't happen)
    This combo has worked excellent for years now for safe surfing,risky surfing and purposely going to the darkside looking for trouble. (although I don't much of that anymore for that was for testing purposes)
    This type of setup I'm sure is not for everyone but it is perfect for myself.
     
  4. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Besides whats mentioned already, you can test software that does not require a reboot before commiting changes to the HDD.If you decide its not what you expected or its buggy,a simple reboot discards it and any changes it has made.
     
    Last edited: Aug 12, 2012
Loading...
Thread Status:
Not open for further replies.