Diskshot™ - an alternative to Shadow Defender

[Deleted member 178]

1. Introduction

Diskshot™ creates a sandbox to your system, and keep it safe from any malicious attacks / unwanted changes.


Basic operation
When you create an image, it keeps your initial data from being overwritten. all changes will be stored in sandbox.

And when it comes to recover your system, all changes within the sandbox is removed.

Also it provides 'commit changes' option, in case you want to make permanent changes.



Pros
MBR, Sector-level, Disk-level protection at once
(Shadow defender does not provide MBR-level protection, you need to use additional software like MBRGuard)
provides TRUE protection against low-level attacks like rootkits
(which Deep freeze, Rollback RX cannot provide, they are bulls**t)
Keeps your data after reboot
(shadow defender removes the data each reboot)
TRIM support
(Especially for SSD performance/lifespan, only Rollback Rx supports this)
Provides pre-boot emergency center
(you can recover your data even when the system is not bootable.)
Supports GRUB multi-boot system
(to do this, install your grub to PBR sector in windows partition, instead of using MBR)
(and you need to use a custom configuration 'FilterBootSector=0', if you want how to do this I'll post it)
Is being actively developed
(Currently the author of shadow defender is MIA )

Cons
No Multilanguage support
(it's a commercial software especially targeting korean companies)
(however I'm planning to provide an 'unofficial' english translation)
No Snapshot/Timeline feature (yet)
(however it will be supported in next version, as the deloper team promised)
No Hibernation

Source (Wilders)

 

[Spirit]

Looks Interesting software I will give it a try soon

 

[Deleted member 178]

Using the tranlated screenshots on Wilders, i managed to use it properly.

tips: even in Korean it is still understandable, some western letters can indicate us the functions:

blablabla in korean (C ) = Create , in fact you activate the virtual environment
blablabla in korean (R ) = Restore the original system

also the icons on the GUI can help.


I tested it , by creating a folder in virtual environment, then reboot, the folder disappeared as expected.

note: unlike Shadow Defender , you need to reboot before going into virtual mode.

there the resource usage:

Also during the "sandbox" mode (aka shadow mode) the size of your system partition is expended. (quite logical)

it seems that Diskshot provide MBR-level protection, read here

 

[Syntax]

Will try this. Thanks for the info.

 

[Spirit]

Hi umbra does it have feature like rollbackrx I mean screenshot and does hmp or av detect this software as threat or clean like rollbackrx

Thanks

 

[loveboy_lion]

Interesting peace of software thanks for sharing umbra

 

[Deleted member 178]

Hi umbra does it have feature like rollbackrx I mean screenshot

Actually it is more like a mix of Shadow Defender & RX, but the developers promised to add a rollback feature like RX.

From my short experience with, it create a kind of baseline, that can be updated after some system updates/changes.

Actually it seems to protect only the system partition and we can't select which files to commit.

and does hmp or av detect this software as threat or clean like rollbackrx

My AVs did not detect it as a threat. In HMP, the service file and some dll was uploaded to the cloud and returned as safe.

 

[Spirit]

+3 for introducing this gem of software and giving brief detail
I am on the way to give it a try

 

[Deleted member 178]

in the next v4, it is planned to add a "Timeline" feature making it similar as RX.