There are so many malicious websites, software and hackers in this cyber world which are aiming to get our information, hijack your computer or browsers. Even after you patched your computer, installed anti-virus/anti-spam/anti-spy/anti-bot/firewall/intrusion protection software on your computer, they will still find a way to come in to ruin your computer by alluring you click a link, open an attachment, or install a valid software.
Is there a way we could keep our computer completely free from those threats? No, the answer of course is no. But we could use some software provides from those security vendors to help us, such as anti-virus/anti-spam/anti-spy/anti-bot/firewall/intrusion protection software. There is another different technology we could use too to exempt some kinds of those threats away from your computers.
I call it Sandbox Endpoint software. It use Sandbox technology to isolate the threats in certain scope. Once you completed your tasks, just close that scope to delete all trails left by those tasks. Recently i found some of them are pretty helpful and evaluated them in my personal computer:
Table of Contents
1. Sandboxie Works at File System Level
This software has been recommended by LifeHacker as #1 Windows Utility:
“Let’s admit it: sometimes, even though we know it’s wrong, we all open the occasional sketchy program or file. We’re not judging, but if you’re going to do it, at least use protection. Enter Sandboxie, which lets you run programs independent of the rest of your system. That way they can’t infect, access, or otherwise interfere with your Windows installation. It’s also great for testing apps you aren’t sure of or running multiple instances of an app that won’t let you, so it’s fun for the whole family.”
1. Application software updates can sometimes break sandbox functionality, which means that Sandboxie has to be kept updated to cope with the consequences of software changes in applications that are candidates for sandboxing, e.g. browsers. Unless a lifetime license was previously purchased before the Invincea takeover, keeping Sandboxie up to date will mean purchasing an annual license.
2. Sandboxie compatibility settings may be required for Sandboxie to work smoothly alongside some other security applications and utilities. There may be also a few applications which simply aren’t compatible.
3. Sandboxie has to prevent the installation drivers and services within the sandbox, and cannot be used to test software that installs a driver or service.
One of the major plus points of Sandboxie is that it also has a rich set of policy-restriction features that can be applied to applications running in the sandbox. It is much more than just application sandboxing, which means that Sandboxie can be used as a complete security solution for the containment of untrusted applications.
2. Other Software Works on System Level
2.1 Shadow Defender
Shadow Defender provides an excellent way to prevent unwanted or malicious changes from being made to your PC/laptop. With Shadow Defender you can run system in a virtual environment, called Shadow Mode. And all the attacks will happen in the virtual environment, not in your real PC/laptop environment. If attacks happened, all you need to do is to reboot your system. After reboot, your system will be restored to the original state when you set up your PC/laptop in the shadow mode, as if nothing happened. And meanwhile you can save any selected files and folders to the real environment where is the drive you did not enable shadow mode or folders you exclude from shadow.
Main features:
- Prevent any unknown and future virus.
- Protect your privacy effectly.
- Eliminate the system downtime and PC/laptop maintenance cost.
- Surf the internet safely.
Shadow Defender is lightweight virtualization that works below the level of the Windows file system to virtualize entire disk partitions. As a minimum this should include the system partition. Changes are virtualized by redirecting all disk sectors writes on a shadowed partition to a hidden temporary cache. Shadow Defender can be thought of as sitting between Windows and the running applications. This has some consequences.
1. Providing applications are making normal Windows file system calls (direct disk writes are prevented), Shadow Defender will handle disk sector redirection without the application being aware of Shadow Defender’s existence. This is a simple and robust mechanism. Shadow Defender does not need to be kept up to date to cope with software changes in applications. Furthermore, the license is lifetime, covering all future software updates.
2. No software compatibility settings are required for Shadow Defender to operate smoothly alongside other security applications and utilities. The operation of Shadow Defender is invisible to applications running at the level of the Windows file system.
3. As all system changes are discarded when rebooting to exit Shadow Mode, Shadow Defender restores the system to a previous known state in order to eliminate unwanted change from whatever cause: malware infection, system crashes, etc. It’s about more than just protecting the system against infection by malware.
4. Because the entire system partition is virtualized in Shadow Mode, all processes are running within a system-wide sandbox. No process isolation between sandboxed and unsandboxed processes is needed. Software that installs drivers or services can be tested using Shadow Defender, providing that it does not require a reboot to complete the install.
5. Because Shadow Defender virtualizes the entire system partition, care needs to be taken to ensure that changes to data aren’t accidentally lost when rebooting. If the data folders are located on the system partition, Shadow Defender can be configure to permanently exclude them from virtualization. Alternatively, data folders can be moved to a separate data partition, if there is one. (As an alternative to folder exclusions, changes to data files can be committed manually but it does mean remembering to do it to avoid data loss.)
Unlike Sandboxie, Shadow Defender does not have any added real-time protection features beyond virtualization. This makes it essential to supplement Shadow Defender with additional real-time protection.
Finally, because they operate differently, they can be used together. Sandboxie can provide the additional real-time protection for sandboxed applications that Shadow Defender lacks, whereas Shadow Defender enables the system to be kept in a constant state that can also be useful for software testing.
2.2 PowerShadow from Ensurbit Software
PowerShadow makes your Windows system impervious to virus attack to spyware tracking,and it automatically sanitizes all web activities and surfing history by giving you the power to generate with one click, a “clone” of your Windows system, identical and fully functional as the original.
You then surf the net or perform any other sensitive activities while in this “cloned” PowerShadow mode. Everything you do while in PowerShadow mode is actually being done, not by your operating system, but by a clone of the operating system. Therefore, when you exit PowerShadow mode, everything (except what you save to a non-system drive) vanishes. Likewise, If a virus attacks, it attacks the clone system. If spyware is installed, it is installed on the clone system only. If you delete a file, you have only deleted a clone file, leaving the original untouched. Absolute security and privacy in one elegant software solution! PowerShadow is a similar product as Shadow Defender coming from Ensurebit Software which says
“PowerShadow automatically sanitizes all Web activities and surfing history by giving you the power to generate with one click, a clone of your Windows system, identical and fully functional as the original. You then surf the Net or perform any other sensitive activities while in this cloned PowerShadow mode. Everything you do while in PowerShadow mode is actually being done, not by your operating system, but by a clone of the operating system. Therefore, when you exit PowerShadow mode, everything (except what you save to a non-system drive) vanishes. Likewise, if a virus attacks, it attacks the clone system. If spyware is installed, it is installed on the clone system only. If you delete a file, you only have deleted a clone file, leaving the original untouched. The program offers absolute security and privacy in one elegant software solution. Version 2.6 includes new interface and online upgrade function. “
This program takes an interesting approach to protecting your privacy and keeping your computer safe from offenders. In short, PowerShadow creates a virtual drive on your computer. When you enter shadow mode, the application saves all system changes and user activities on the virtual drive instead of on your actual PC. Every time you restart, your machine will revert to its original state, wiping away nasties such as spyware and eliminating your surfing and application histories. However, since this process also will wipe away useful changes such as edits in a Word document, you must remember to save things you want to keep on your actual hard drive. In general, the app’s interface is elegant and easy to navigate, and it didn’t appear to slow our PC when running in the background. PowerShadow will be especially useful for those who share computers, but other folks may find it another useful weapon in the war against Adware.
Current version is 8.5.5 which supports Win10/Win8.1/Win8/Win7/XP and here is download link. Also from there website, it says PowerShadow is free forever.
Single Shadow Mode:
 |
| Single Shadow Mode |
Full Shadow Mode:
 |
| Full Shadow Mode |
2.3 Time Freeze from ToolWiz
Toolwiz Time Freeze is a must have for anyone who doesn’t want to make any unwanted changes to the system. No matter what changes are made, no matter what happens, a simple restart will return things to the way they were. Nothing bad can happen to your PC while Toolwiz Time Freeze is up and running. Modifications made to the settings will be undone, files downloaded from the web will be removed, and other unwanted changes will all be undone when you restart your PC. It puts everything on ice so that no unwanted changes can be performed on your PC. You can enter the freeze mode with a simple click and quit the freeze mode with a simple restart or shut down.
- Implement of Virtualization : Create a virtual environment as a copy of the real system where allows an unmodified operating system with all of its installed software to run, keeping your actual system ‘frozen’ and away from unwanted changes and malicious threats. Nothing bad can happen to your PC while Toolwiz Time Freeze is up and running.
- Operating System Support : Run multiple operation systems (real&virtual systems) at the same time on the same PC without reboot and easily switch between them to optimize your PC resources and improve efficiency.
- Restore & Recovery: No matter what changes are made, no matter what happens, a simple restart will return things to the way they were. Modifications made to the settings can be undone, files downloaded from the web can be removed, and other unwanted changes will all can be undone when you restart your PC.
Installation Steps Screenshots:
Configuration:
Enable ToolWiz Time Freeze and add Exclusion folder
2.4 Deep Freeze from Faronics
Faronics’ Deep Freeze is an application that, as the name implies, “freezes” your system so that any changes that are made are never permanent. If the system becomes unstable for any reason, say a virus or perhaps a driver misconfiguration, simply reboot! Within seconds, Deep Freeze will restore the system to the state it was in when last frozen. Just like magic, everything that had been done since then becomes undone and you are back up and running in no time.
Once installed, Deep Freeze has two states, “thawed” and “frozen.” As you might have guessed, when thawed you configure your system precisely the way you want it to be restored. When frozen, the system will then be restored to that state on the next reboot. You can freeze and thaw as needed to update the system with any changes you’d like to keep. The latest version 8.3 supports Windows 10
2.5 Returnil System Safe
The free version of Returnil System Safe is free and necessary antivirus protection for every home PC user. For small businesses, public access PCs and education institutions we offer many more useful features to enhance users’ computer security experience. For example, Returnil System Safe Pro offers unique system rollback feature, which allows users to remove viruses by going back in time to the latest clean version of an infected file. Or while working in the virtual environment, you have the option of saving documents and files, so that your data will not be lost when the system is restarted. Our products provide administrators with an easy way to manage and protect their IT infrastructure with our comprehensive remote client management application, Returnil Commander. With Returnil System Safe Pro you will drive down your IT costs while improving productivity of your computers.
It seems it stopped update. The latest version on their website is 2011.
Reference:
- 影子系统PowerShadow官网
- http://www.faronics.com/products/deep-freeze/enterprise/
- http://www.sandboxie.com/
- http://www.shadowdefender.com/
- 無限再生!Windows 8.1開機即還原
