RollBack Rx & Shadow Defender

Discussion in 'backup, imaging & disk mgmt' started by bgoodman4, Jun 6, 2012.

Thread Status:
Not open for further replies.
  1. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,237
    As I have never turned off my AV when installing Rx (at least 36 installs without a single problem - well, not quite true, I had to contact support 1 time to reset my activation code) I have never felt a need to turn of my modem. In fact, we are told to be sure to have an Internet connection when un-installing and reinstalling Rx so as to (hopefully) avoid re-activation issues.

    Wow, after all this it seems like Rx is quite a bit of work to install,,,,,,never noticed this before but then again the only thing I did before my first install was to create an image. Mind you I have always done regular PC maintenance (get rid of temp files etc, defrag,,,, etc etc) so it was not something I had to think about. The long and the short of it is that your PC will run after Rx installation pretty much as it did before. The one exception to this is the somewhat longer boot times. If you are OK with your PCs performance prior to testing Rx there is no urgent need to do much of the above other than the drive image IMHO.
     
    Last edited: Jun 22, 2012
  2. Brian K

    Brian K Imaging Specialist

    Joined:
    Jan 28, 2005
    Posts:
    12,113
    Location:
    NSW, Australia
    Barry, I'm not keen on incrementals either.
     
  3. Wendi

    Wendi Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    643
    Location:
    USA
    Well I now have Rollback Rx running along with Shadow Defender (on-demand).

    I installed Rollback last night following Scott's check-list and I must say that his instructions produced a few surprises!

    - The full AV scan found and deleted over 40 tracking cookies.
    - Chkdsk /R found and repaired several index and data errors!
    - Ccleaner did a great job of cleaning up lots of junk files.
    - C: was quite fragmented (even though I do defrag regularly)!
    - The rest of the check-list went like clockwork.

    My Rollback installation went smooth as silk and Rollback (trial) is now up and running. :thumb:

    Initial observation: Rollback adds about 15 seconds to my startup time, but I don't notice any slowdown after my desktop is ready. As a matter of fact, if it were not for the Rollback icon in my tray I wouldn't even know it's there! Very nice I must say.

    Wendi
     
    Last edited: Jun 22, 2012
  4. 2YsUR

    2YsUR Registered Member

    Joined:
    Jun 3, 2012
    Posts:
    61
    The suggestion to turn off AV during installation comes from Horizon Data Sys as some AVs will detect RBrx as a rootkit. At the moment I don't have a reference I can point to but I'm sure it was in some install instructions or from customer support.

    I suggest turning off the modem as added protection during the period that your AV is disabled.

    The modem needs to be on at the point of uninstall and during installation at the time reg key is entered so HDS servers can record the uninstall/reinstall.

    The post I was replying to was only about installation procedures and not about uninstalling. Please note that I suggest turning the modem on just prior to entering the registration key. At that point the product is installed so AV can be enabled and modem turned on to record the registration process.

    When uninstalling, leave modem and AV on.
     
  5. 2YsUR

    2YsUR Registered Member

    Joined:
    Jun 3, 2012
    Posts:
    61
    RBrx Better Pricing

    Wendi, you may want to consider waiting for a sale price. Several times a year Rollback Rx will go on sale for 60% off.
     
  6. Wendi

    Wendi Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    643
    Location:
    USA
    Re: RBrx Better Pricing

    Yes, as a matter of fact I believe Scott W posted in another thread that we will likely see the 60% discount sale around the 4th of July! So if all continues to go well up to that time, I will jump on any Rollback sale.

    Wendi
     
    Last edited: Jun 22, 2012
  7. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    Never considered running RollBack Rx & Shadow Defender together until reading up on this here thread. I was a dedicated RollBack Rx user from early '07 to somewhere in '09 when an AV I was using at the time (using no AV now nor ever in the foreseeable future) flagged RollBack Rx as a rootkit and instead of just rolling back to a snapshot I let the AV disinfect the supposed rootkit (In hindsight a mistake) and with that removed two years from my machine. Anyway thinking of giving it another spin with my current setup after a making fresh image with Macrium, just in case.
     
  8. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,237
    Understood, thanks for the clarification.
     
  9. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,237
    Just for the record I image my drive weekly even though I am using Rx and I strongly suggest everyone using Rx (or even those who are not :rolleyes: image regularly as well. I have not heard of your scenario before and thought mainly of possible drive failures as a reason to image. Your comment gives added incentive to do so. Your post gave me a rather queasy feeling at the thought of loosing 2 years worth of data. Very nasty for sure.
     
  10. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,237
    Good stuff Wendi, I am sure you will like having Rx on your Pc so I will welcome you to the club now rather than later.

    Just out of curiosity what have you selected as your snapshot frequency?
     
  11. Wendi

    Wendi Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    643
    Location:
    USA
    Hi bg,

    I just went with the default snapshot frequency - whatever that is? :oops:

    Wendi
     
  12. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,237
    I think thats at boot only. To be sure open Rx and then click on SnapShot History. You will see a list of the snaps and when they were made. If you want to have Rx take a snap each hour click on Scheduled Tasks and create a new task to do this. Snaps take about 3 seconds to create so having this set will impact your use of the PC hardly at all.
     
  13. Wendi

    Wendi Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    643
    Location:
    USA
    bg, it looks like you were right about the default snapshots. I don't think I'd want automatic snapshots taken every hour (what happens if you're running stuff at that time and have open files)? :doubt:

    Wendi
     
  14. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,280
    Location:
    UK
    Without wishing to engage in the main discussion about the efficacy of using Rx and SD together, a relevant fact regarding the persistence of Rx snapshots made while in Shadow Mode is that Rx was already installed and running on the real system when the snapshot was taken. Given that Rx and SD both work, in different ways, at the disk sector level below the level of the Windows file system, I can see how this might be the case.

    As to whether it provides an indication of the ability of malware to bypass SD, this would need to be tested by trying to install Rx with Shadow Mode enabled to see if a persistent snapshot could be created. Although I've never used Rx, due to the way it works I assume it requires a reboot to install at which time SD would have removed it before it became active. SD would also have prevented any attempt to modify the MBR while in Shadow Mode.

    What this illustrates is that SD may not fully protect a system that has already been compromised while Shadow Mode was disabled. For maximum protection, if using SD as part of a layered security strategy rather than for just for software testing, SD works best if Shadow Mode is kept permanently enabled during normal use. If it doesn't interfere with the ability to make Rx snapshots, that would appear to be an advantage for anyone using the two applications together.
     
    Last edited: Jun 24, 2012
  15. Scott W

    Scott W Registered Member

    Joined:
    Sep 21, 2008
    Posts:
    659
    Location:
    USA
    Hey pegr,

    That is exactly correct and very well stated.

    Scott
     
  16. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    Therefore, you don't need both Rollback Rx and SD. You only need one. Of course, Rollback Rx cannot protect you from rootkits and viruses. So, you have no choice but to use SD to protect yourself properly.

    SD is sufficient with the following:
    1. Regular imaging: For hard disk failure or while not in Shadow Mode in those rare situation something goes wrong.
    2. System Restore Points: While not in Shadow Mode in those rare situation something goes wrong.
    3. System Recovery: While not in Shadow Mode in those rare situation something goes wrong.

    In those rare situation something goes wrong, while not in Shadow Mode, one of the above 3 should protect you.

    Thus, it makes Rollback Rx redundant and useless.

    Best regards,
     
  17. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    In those rare situation while Shadow Mode is off for Windows Updates and Software Updates, if something goes wrong, one and/or all the following will be sufficient.

    1. Regular imaging. This is a must even if one has Rollback Rx installed.
    2. System Restore Points. Rollback Rx turns these off.
    3. System Recovery. Never attempt this while Rollback Rx is installed. It will destroy Rollback Rx.

    The above makes Rollback Rx useless and redundant.

    Rollback Rx is very heavy on resources, disk space, regular maintenance and slows down the system to almost crawling. One can avoid this by regularly destroying the snapshots by creating a new baseline. This beats the purpose of having the snapshots. However, HDS the makers of Rollback Rx do recommend creating a new baseline ever so often.

    Best regards,
     
  18. Brian K

    Brian K Imaging Specialist

    Joined:
    Jan 28, 2005
    Posts:
    12,113
    Location:
    NSW, Australia
    aladdin,

    The Rollback Rx enthusiasts don't mention this. I know you have tested it on several systems and was this slowdown present on all of your machines?
     
  19. The Shadow

    The Shadow Registered Member

    Joined:
    Jan 24, 2012
    Posts:
    814
    Location:
    USA
    I agree with items 1 and 2, but would you explain item 3 (I don't understand where you are coming from)?


    I am a Shadow Defender 'old timer' but I've only been using Rollback for about 2 weeks. During that time I see nothing supporting your contention that Rollback "is very heavy on PC resources" and as far as "slowing down the system to almost crawling", during startup/restart Rollback's boot-console does increase boot-times anwhere from 5 to 20 seconds (depending on whether or not it's doing an automatic snapshot defrag). After getting to the desktop I see no slow-down whatsoever!

    TS
     
  20. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    Hi Brian,

    Yes, it was.

    Rollback Rx doesn't delete anything. For example, if you install Firefox v7 and then take snapshot A, after a while and after snapshots B, C, D, you install Firefox v8 and take snapshot E. Now both Firefox v7 and v8 are present in your system. After a while and after snapshots F, G, H, you install Firefox v9 and take snapshot I. Now you have Firefox v7, v8 and v9. You get the picture now, and ever increasing disk space. At boot time since you have so many snapshots, it will now defrag them wasting your valuable time.

    You decide to roll back to snapshot E. Now the snapshots F, G, H and I become your future snapshots, as they are still there. Since you are in snapshot E, so you are using Firefox v8, but still you have Firefox v7, v8 and v9 in your system. You get the picture. This is the strength of Rollback Rx, but at the same time it is the weakness of of Rollback Rx. Too many snapshots and you have wasted too much disk space, and now the system comes to grinding halt.

    To remedy this situation, you now have to destroy all snapshots A thru I, by creating a new baseline snapshot. Doing this, you have to wait ages at boot time, while Rollback Rx cleans ups everything and leaves you with the latest.

    Then the process repeats itself and again after a while a new baseline has to be created.

    Best regards,
     
  21. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    If you ever attempt system recovery, you will destroy the boot-console of Rollback Rx. Also, never try to use any partition manager on any of your partitions and/or disks while Rollback Rx is installed.


    You must be not taking very many snapshots.

    Rollback Rx doesn't delete anything. For example, if you install Firefox v7 and then take snapshot A, after a while and after snapshots B, C, D, you install Firefox v8 and take snapshot E. Now both Firefox v7 and v8 are present in your system. After a while and after snapshots F, G, H, you install Firefox v9 and take snapshot I. Now you have Firefox v7, v8 and v9. You get the picture now, and ever increasing disk space. At boot time since you have so many snapshots, it will now defrag them wasting your valuable time.

    You decide to roll back to snapshot E. Now the snapshots F, G, H and I become your future snapshots, as they are still there. Since you are in snapshot E, so you are using Firefox v8, but still you have Firefox v7, v8 and v9 in your system. You get the picture. This is the strength of Rollback Rx, but at the same time it is the weakness of of Rollback Rx. Too many snapshots and you have wasted too much disk space, and now the system comes to grinding halt.

    To remedy this situation, you now have to destroy all snapshots A thru I, by creating a new baseline snapshot. Doing this, you have to wait ages at boot time, while Rollback Rx cleans ups everything and leaves you with the latest.

    Then the process repeats itself and again after a while a new baseline has to be created.

    Best regards,
     
  22. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    Imagine, the folks here are using two virtualization programs at the same time. Shadow Defender and Rollback Rx.

    Best regards,
     
  23. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    How much hard disk space you have lost in those 2 weeks?

    Best regards,
     
  24. 2YsUR

    2YsUR Registered Member

    Joined:
    Jun 3, 2012
    Posts:
    61
    I think it would be fair if we mentioned the amount of disk space saved by turning off system restore. For me SR used just a little more than RBrx does.
     
  25. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    You have an option to allocate the disk space for SR. And, one is only interested with current SR.

    With Rollback Rx, its strength lies in lots and lots of snapshot, going back and forth. But after a while one cannot do this, or one will run out of disk space. And, therefore it is recommended to create baseline snapshot on regular basis, thus destroying all the snapshots in the process.

    Best regards,
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.