Battle Drive Vaccine, Rollback RX or Shadow Defender

H

hjlbx

  1. Shadow Defender = light virtualization ("whole disk" except some MBR sectors - you need virtual machine to protect all real physical system boot sectors and even then it isn't 100 % bullet-proof); protects MBR even against Petya\Satana
  2. Drive Vaccine = steady-system-state operating at the disk sector level; protects MBR even against Petya\Satana
  3. Rollback Rx = snapshot and steady-system-state operating at the disk sector level; protects MBR even against Petya\Satana
  • Shadow Defender: Use to evaluate software and\or test malware (pseudo-virtual machine; returns system to pre-Shadow Mode state), but cannot install software that requires reboot
  • Drive Vaccine: Keeps system configuration static (returns system to a single baseline snapshot upon reboot), but baseline snapshot can be easily updated
  • Rollback Rx: Can create multiple system snapshots (evaluate soft, beta test, malware test), can switch easily between snapshots or keep system configuration static and return to a single system snapshot upon reboot
NOTE SSD:

There are reports that Horizon DataSys products do not support SSD TRIM.

General rule (these are just guidelines I adopted talking to @TheRollbackFrog - whom is extremely knowledgeable about all matters disk related.

System + any other partition < 15 % of SSD capacity; uninstall HDS product and run TRIM every 6 to 12 months
System + any other partition < 25 % of SSD capacity; uninstall HDS product and run TRIM every 6 to 9 months
System + any other partition < 50 % of SSD capacity; uninstall HDS product and run TRIM every 3 to 6 months
System + any other partition < 75 % of SSD capacity; uninstall HDS product and run TRIM every month (not practical)

Windows Updates general rule...

For large, MBR modifying (major) Windows Update - like cumulative updates; uninstall HDS product and install Windows Update (will lose all existing snapshots).

Reimaging using Macrium Reflect, Acronis, Paragon, etc general rule...

You'll probably lose your snapshots (there is reportedly a procedure using Macrium Reflect but I don't know it; ask @TheRollbackFrog as he knows.
 
Last edited by a moderator:
H

hjlbx

Which one do you think is closest to bulletproof? are DV and RBRX equal as far as the security?

Only paid RX products have snapshot encryption protection once password is enabled.

All RX products use the same technology - so one RX product is not technically more secure than the other.

You can do everything with Rollback RX that Drive Vaccine RX does.

Drive Vaccine RX is a steady-system-state soft - which you can do the same in RB RX settings.

It comes down to personal preference, convenience... between the three.
 
H

hjlbx

Now would you recommend RX PRO if I allready have Shadow Defender? Will they conflict? Will they use up too many resources?

1. Yes\No (not necessary to combo; duplicate protection)
2. No
3. No (both very low resource usage)

Rollback RX Pro has the ability to encrypt the snapshots when the password is enabled. Therefore, it is more secure than Shadow Defender.

You can set Rollback RX to restore your system to the same, clean baseline snapshot upon every system reboot - which is essentially the same as Shadow Defender.

However, you can use Shadow Defender "on-demand" for malware testing - while keeping existing snapshot.
 

Tempnexus

Level 3
Thread author
Verified
Nov 25, 2015
136
1. Yes\No (not necessary to combo; duplicate protection)
2. No
3. No (both very low resource usage)

Rollback RX Pro has the ability to encrypt the snapshots when the password is enabled. Therefore, it is more secure than Shadow Defender.

You can set Rollback RX to restore your system to the same, clean baseline snapshot upon every system reboot - which is essentially the same as Shadow Defender.

However, you can use Shadow Defender "on-demand" for malware testing - while keeping existing snapshot.
How large are the snapshots? Are they as large as True Image ones?
 
H

hjlbx

How large are the snapshots? Are they as large as True Image ones?

Size of snapshot depends upon what you have installed on your system partition.

NOTE: You'll have to ask @Umbra about non-system partitions.

My C:\ drive snapshot = 15.4 GB with subsequent snapshots in the 185 to 685 MB range.

The size of all snapshots depends upon what you install.

NOTE: I have essentially a LTSB Windows system partition with few large programs. I install very little on my system compared to most typical users.
 
D

Deleted member 178

RX use your real system as "baseline" , so: baseline size + 100-300mb,

then redirect everything written from that baseline to a hidden space of the HDD called "Snapshot" , which size is :

Total space usage of anything written since baseline + 100-200mb

I use the word written, because RX save everything new (tmp files, event logs, Windows Defender signatures, etc...) not only installed programs.

RX's snapshots are incremental, means if you write file called AAA on snapshot 1 , create snapshot 2 and then delete File AAA on snapshot 3; file AAA is still present on Snapshot 1 and 2.

During installation of RX , you have the choice o select which partitions to protect , more partitions you add, more space a snapshot will take.

for more infos on RX : Rollback RX users guidelines

RX is the ultimate one for software/malwares testers , however a bad use can smash your system and wreck your partitions for good.
 

Tempnexus

Level 3
Thread author
Verified
Nov 25, 2015
136
RX use your real system as "baseline" , so: baseline size + 100-300mb,

then redirect everything written from that baseline to a hidden space of the HDD called "Snapshot" , which size is :

Total space usage of anything written since baseline + 100-200mb

I use the word written, because RX save everything new (tmp files, event logs, Windows Defender signatures, etc...) not only installed programs.

RX's snapshots are incremental, means if you write file called AAA on snapshot 1 , create snapshot 2 and then delete File AAA on snapshot 3; file AAA is still present on Snapshot 1 and 2.

During installation of RX , you have the choice o select which partitions to protect , more partitions you add, more space a snapshot will take.

for more infos on RX : Rollback RX users guidelines

RX is the ultimate one for software/malwares testers , however a bad use can smash your system and wreck your partitions for good.
Thank you all so far I have decided not to go with the solution I am staying with Shadow Defender. But it's very good to know for my future endevours.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top