Toolwiz TimeFreeze vs Shadow Defender

+1
Absolutely Spot-On!

 

Actually, I feel like an idiot, I totally forgot that tools like SD can not be used when testing apps that require a reboot after install. So testing security tools will be no option, I guess? It's indeed cool that you can test tools that require a driver to run, bad it's also a security risk, that's why SBIE blocks this. I do believe there is an option in SBIE to let drivers run.

 

There has been a feature request to block the installation of drivers in Shadow Mode at user discretion. I believe that Tony, the Shadow Defender developer, is considering adding it as an optional feature.

 

I haven't kept any on demand scanners installed in my computers for three years but every once in a while, in Shadow mode, I install HMP and MBAM to run a scan. I also sometimes run TDSSkiller and Emsisoft. So, there's a few security programs that you can test using SD. Not all programs require a reboot.

The SBIE option to allow drivers was eliminated in Version 4. I remember Tzuk saying that the option to allow drivers was little used and never worked very good.

Bo

 

I'm with you, Tony coded a little jewel, although ShadowUser Pro must have been more than an inspiration...

 

Actually I wouldn't use this option, because HIPS can already take care of this, but I know what you mean.

Didn't know about this. And it's true that not all security tools require a driver to run, but the ones that do, don't work with SBIE and usually require a reboot. So perhaps the best option is to use a virtual machine.

 

Does anyone understand how the whole ToolWiz product line is Free. I tried SD and now I'm trying TTF. I find it odd that the ToolWiz website has no Legal stuff. Not even a website disclaimer. I emailed ToolWiz ~ Contact Us. No reply ? 36 million Global Toolwiz Installs ?

 

More info: http://www.toolwiz.com/en/about/

 

It's good to see some people working ethically. I can understand those looking for the catch or tripwire but when I have had communication with James at Toolwiz in the past he came across to me as a nice, well mannered person, who answers his e-mails and is appreciative of input.
Toolwiz contact is James@toolwiz.com

 

Can either program be ran as a limited/regular user? I currently use SBIE as a regular user on Win 7 with no issues. I always thought that if I stopped using SBIE (Tzuk's sale made me consider it for a while), I would migrate to one of these 2 apps (or maybe even AppGuard).

 

Thanks ~ I've been all over ToolWiz site. Not savvy enough to know under the hood workings SD v TTF
But, I find TTF an admiral product. I had two downloads that did not survive restart. Downloads excluded. Files had bytes before shutdown and 0 bytes upon re-start. So, IDK. I've excluded Desktop / Documents / Downloads / Pictures same as with Sandboxie. I recover Download from SBoxie > Stop TF > Shutdown. Maybe, I just need to Shutdown. I'm running SBoxie in TTF. Kinda' bizarro' world. I startup Normal > Updates > Bizarro' world.

 

Well, fwiw. I'm running SBoxie in TTF + VoodooShield. VS prompts me just fine for new executables. I know it's silly as TTF will ignore. But, I like the granularity.

 

Yeah, may have to resend my emails to James. Maybe just the Holidays ? Appreciate feedback re James.

 

Toolwiz TimeFreeze can. I don't know about the other one.

 

Since SD has been on sale, I chose to test it first (I'm cheap and won't likely get it for any less.) It does run under limited/regular accounts but you must click through a UAC prompt for admin approval (if you have UAC on) to actually fire it up. (Since I am a huge fan of UAC, I would never consider using Windows without it (so I have no idea what would happen with SD on a regular user account and no UAC.)) I'm no expert but I assume that even though SD is then in shadow mode while logged into the limited user account, it seems to me that SD is not running as that limited/regular user. Based on what this program actually does, the difference may not matter, but maybe it could??

 

BTW, I was thinking about SBIE vs light virtualization tools like TTF and SD, and with SBIE, all files stay inside the virtual folder/container, also after reboot. Why can't SD do the same, why do all files get cleaned when you reboot the system? It perhaps sounds a bit dumb, but I'm trying to figure out if there is a way to test software that require a reboot, but without the file and registry modifications ending up on the "real" system.

 

There are "snapshot" programs.

 

LOL I was being silly, of course! This is exactly what I'm looking for, seems I will have to do some reading:

http://alternativeto.net/software/ax64-time-machine/

 

I've used RollBack RX years ago inside virtual machines and it did work nicely. I never installed it on my real machine because of all the bad reviews. So you're saying that AX64 is completely safe? I did read that it doesn't modify the MBR which is a good thing.

https://ax64.uservoice.com/knowledg...parison-to-rollback-rx-eaz-fix-comodo-time-ma

 

I do that with 'Toolwiz Time Machine' ever.

 

Yes thanks, forgot about it, so instead of Time Freeze I actually need Time Machine. What are your experiences with it?

http://www.toolwiz.com/en/toolwiz-time-machine/

 

Using Win 7 64 bits.
1- I am always working in frozen mode (with TTF) - I use junctions to my Data disk (a non-system disk), for My documents and settings/data from e.g Maxthon, Thunderbird, AdFender, etc..
2- When needed to try a software that needs reboot (or even not, e.g. if I want to try several days), I use TT Machine.
3- Never had any annoyances with "Toolwiz Time Machine".
4- Using TTMachine I don't need to use Macrium Reflect so often.

 

So does Time Machine interfere with the system as many of the other ISR programs have in the past? I know some butted heads with some imaging programs. I lightly skimmed the info at the TTM site and it read as though it leaves the MBR alone. So imaging the system is normal? If so, I may try it too.