Discussion in 'sandboxing & virtualization' started by Cutting_Edgetech, Feb 14, 2011.
I would just choose to put your C drive in Shadow Mode perhaps.
When you open 'Task Manager' or the equivilent what do you see running that is 'active'.
That might give some sort of clue, maybe things that are in the middle of a process but haven't yet reached conclusion. Maybe monitors or live anti virus checks.
Anything that is updating something to the exterior Internet might need to finish.
or active downloads.
If you have a doubt just close everything running before leaving Shadow Mode when you are sure that you are not in the middle of doing something.
Don't allow Windows updates in Shadow Mode or antivirus updates or system monitors and adjustments or try to fix any virus or trojan. If you have something worrying just reboot.
If using Sandboxie I always 'delete contents' before leaving Shadow Mode. Just to be on the safe side.
There have been occasions in long past versions of Shadow Defender where a sandboxed session in Shadow Defender Safe Mode carried over on reboot to ordinary session..
Remember, that anything that is not/you have not 'committed' or 'excluded' during your Shadow Mode session is going to be gone when you reboot into normal mode of your pc. Things that upgrade to software on your pc in Shadow Mode are not going to stick on reboot. New or upgraded or written/overwritten files in Shadow Mode in (unless committed) are not going to be there on reboot. User program updates within a Shadow session (that reside on your pc) won't be updated on reboot.
I may update this post if I think of anything.
My preference is to quiet my machine before entering shadow mode.
For example: SharewareOnSale Notifier that came with Shadow Defender free offer. I don't want notifier starting with windows. I don't want SOS tray icon running. I don't want programs running in the background like security updates/scans etc. My preference is to quiet my machine. Maybe, try Sign Out/In Windows before calling shadow mode.
~ and run with W10 Fast Startup = Off.
I see potential for a problem if you are running Applications in C (Shadow Mode) that might upgrade something in D (dependency) related to the C application or whatever and maybe deleting something that was there previously (in D) and replacing it. For example in system registry after reboot might not then correspond.
This is just a thought...please feel free to let me know if I am way off the mark. I often am.
I'm sure you know more about SD than I do
I have always used it in its most basic way with no other drives attached or shadowed etc.
But I know I wouldn't like to be without it.
It is still available for 2 days, for people who might be interested it is in my opinion the best protection for a computer after imaging programs. I can easily assert that you will never get infected and more importantly it will protect from your own mistakes when configuring Windows or testing new programs (most programs nowadays don't require a reboot).
The website featured review is misleading when they state in "Cons: Important data can be lost, because all the changes in Shadow Mode are discarded." It is not true, important data can be lost if one forgets to commit it to the real volume, it takes some time to get used to it, but it is easy to commit on the fly.
There is only one negative aspect, it will not stop data theft while in protected mode, therefore if you are concerned you ought to have an outbound firewall or other programs which specifically address this vulnerability.
Hey what happend let's say after a month of instalation you delete SD and then later how do you reinstall without a key?
Why would you delete it? I guess it makes sense to have an imaging program which would provide any time a fresh copy of it without a key. I also think 35 bucks for a life license is very reasonable, believe me if SD works on your system (in some rare cases it doesn't work properly) you will never regret buying it, I have 2 licenses and it's the only security program that I've been using since 2007.
With this I have 3 SD licences now and yes I save the image in case of accident
Thank you buddy
Is it ok to put c:/ in shadow mode?
Of course it is, you can protect all partitions and USB drives, but the partition with the operating system is the most important one. I also would like to add that in my experience it's better to use SD with default settings, and commit files and folders to the real volume using the the right click menu.
Nice so I can run SD with my antivirus if it misses something SD will clean after the mess the antivirus leaves I have 2 key bought them to support development but I will start using it because it is easy protection in real time
That's the idea, nowadays running SD and MS Defender is more than enough to protect a computer from any malware, the reason I have WiseVector StopX installed as well is it's behaviour capabilities which would notify me if data theft is in progress, but honestly I don't really need it.
Nice.so to updates windows on tuesday do I disable SD and update and then re enable it?
Yes, you must exit shadow mode to update Windows or just about anything that needs an update. Nothing will happen to the computer if you don't, except that on the next reboot out of shadow mode all updates will be deleted. I generally have the following daily routine: first thing in the morning I exit shadow mode, update what needs to be updated, make an incremental backup of my system (less than 2 minutes) and re-enter shadow mode. I personally would advise not to keep the computer in shadow mode more than a day, so that if malware is surreptitiously present in the system, it will be flushed out with a reboot.
It sounds very interesting
Maybe good for testing games then done and reboot
Anything that doesn't need a reboot. From memory you have kids, SD is particularly suitable for people who might click on anything...
Very true.this is very interesting software tha at the end can save your bacon I saw a video that was test about MEMZ and the tester rebooted and pc was clean
Is there any way with ShadowDefender to run an application that requires a reboot?
Thanks for answers guys.
I didn't have time to play with SD yesterday. Just saw the free offer, downloaded, installed, run it, enter in Shadow Mode and that popup appears so I came here to ask.
I'll play with it in weekend.
I don't have any monitoring/whatever programs running, just Windows Defender and WiseVector. Also Steam and Epic are sitting in tray. And I left computer 5 minutes or so to settle before entering Shadow Mode.
Also I found this (older) thread on Malwaretips and the guys doesn't seem worrried about this message.
Anyway (if I understand correctly) none of you have that message entering in Shadow Mode?
No, Shadow Defender will not run a program that requires reboot.
Years ago Tony (the developer) said that he was going to do it (within a month) and there was much excitement but it sort of fizzled out and nothing more was said about it. It was probably more complicated than it seems to achieve with some programs that run at kernel level, anti virus, system monitors, (things that like to own and lock files up for themselves and their own use) and registry etc. (just guessing)
There was a program by STORAGECRAFT called Shadowuser Pro a long time ago (pre Shadow Defender) which could deal with software installations that required reboot but it was discontinued.
Shadowuser Pro was very similar to Shadow Defender, almost the same, 'look', layout and nomenclature, internally etc. Maybe I should say that Shadow Defender was very similar to Shadowuser Pro?
Oh, very interesting, thanks for the information.
I've had that message....albeit, not usually and not with quieting my machine before calling shadow mode. Just me.
I had it in the past with other versions of SD, but it was rare. Like bjm says, it is better not to have anything running before entering shadow mode...
Definitely ShadowUser Pro was the model for SD, I had it back in 2005, it was a great program which had a persistent mode which allowed it to reboot in shadow mode. At the time it was useful as most programs needed a reboot in order to be tested, but nowadays it is very rare to find an installation that requires a reboot. The reason it was discontinued was piracy and also I believe StorageCraft was aggressively promoting its excellent imaging program ShadowProtect, which is very profitable in corporate environments (and expensive).
The simplest example is when the destination of dowloaded files is on other than system disk what is default mode in most of used browsers. Second could be in example like that mentioned some years ago when settings/log files of working app is located not on disk C but on another
Separate names with a comma.