The unofficial Shadow Defender Support Thread.

I meant sharewareonsale, not your post.

 

I have removed some 'giveaway' 'shareware offer' posts on 'The Official Shadow Defender Forum' and my reasoning is here

Patrick, (Admin) The Official Shadow Defender Forum

 

Thank you for advise.

 

Out of curiosity, how do you run your Shadow Defender?

1. Enter Shadow Mode manually
2. Always in Shadow Mode

 

My PC > Enter Shadow Mode manually (need to make small/huge changes at every boot)
Family PC (wife/two young kids) > Always in Shadow Mode (no chance for the malicious to thrive)

 

There's a link in official site for Shadow Defender Free:
http://www.shadowdefender.com/download/Giveaway/Setup.exe


The installer says version 1.4.0.589, so its probably an upcoming release.

 

I´m unable to find that link in the website.

 

Oddly the url belongs to the official site. The setup.exe is digitally signed and the files within too. What's going on?

 

A few weeks ago a member of The Official Shadow Defender Forum had a problem and Tony sent him a release to try of 1.4.0.589 which solved his problem. Today's file is a different file and named differently. The download folder is though Tony's download folder. There is nothing on the Shadow Defender site about a free release.

Test trial file

File: SD1.4.0.589_Setup_Test.exe
File size: 3.23 MB (3,389,024 bytes)
MD5 checksum: 246821B91860DCF51EA91270AB19772E
SHA1 checksum: 3D8C749E7B068F4DE921700A6CB694B3FE00E4CA

Todays file

File: Setup.exe
File size: 3.29 MB (3,446,472 bytes)
MD5 checksum: 65361EB549D619B8DDA5583BDB46428F
SHA1 checksum: 4DFECF693612655A2165390BB5A7C1684B780F7E

It's all very confusing

Patrick


Used NoVirusThanks MD5 checksum Tool v3.2

My advice is to only download something from The Shadow Defender site when it has been officially released and then you know what you are getting.

 

I'm bumping this old post because is very important to observe this Windows security feature (ASLR)

All relevant SD files still are sans ASLR feature.

 

To: Patrick


Hi Patrick,

Thanks for your information, I will do some research on it.

Best regards,
Tony


-------- Original message --------
From: Patrick <@>
Date: 2015/09/07 19:51 (GMT+08:00)
To: support@shadowdefender.com
Subject: member query 7 Sept 2015

Hi Tony,
Someone mentioned that Shadow Defender doesn't support ASLR
There is some information on it at

http://blog.didierstevens.com/2011/01/18/quickpost-checking-aslr/



https://krebsonsecurity.com/2010/08/anti-virus-products-mostly-ignore-windows-security-features/
You can download video on the bottom of the page

best wishes

Patrick

and another video about emet
Enhanced Mitigation Experience Toolkit
https://technet.microsoft.com/en-us/security/ff859539.aspx

 

Currently Shadow Defender supports

Windows 2000 professional
Windows XP Home
Windows XP Professional
Windows Vista (32-bit)
Windows 7 (32-bit and 64-bit)
Windows 8 (32-bit and 64-bit)
and as far as I know Windows 10
My question is, can Shadow Defender be upgraded to include ASLR and still support all these systems?

Patrick The Official Shadow Defender Forum

 

@sdmod
Thanks for your reply Patrick and most important Tony is going to research it

 

Hi Peter, Can you elucidate a bit? I have just tried to facilitate some action on Mister X's Safeguy bump re ASLR but I don't know much about it and have just used links provided. Tony's doing some research on it and if it is a security problem then presumably a fix for Shadow Defender would require that fix to work within all the versions of Windows that Shadow Defender currently supports. Let me know what you think. Is the article giving incorrrect information?

Patrick

 

Ah! Thanks Peter, I see!, an old redundant article.
My question, is in this case. Is ASLR something Tony should be worrying about? Is it still relevent?
I don't want to waste his time with something unnecessarily. Sometimes when a member on Wilders forum or The Official Shadow Defender Forum has a problem, I will let Tony know but without really knowing in depth what the problem is myself. Just a sort of pointer to a member/user concern.

 

Thanks Pete, much appreciated.

Patrick

 

The problem here is many people won't use them and those who currently do could stop using those options. So I think ASLR should be a standard.

 

Although I have only a vague idea of what ASLR is, I don´t understand what its relation to SD should be. All that SD does is to keep in a "cache" the changes done to the shadowed partition. If ASLR is necessary or desirable, it should be implemented by Windows or another tool.

 

Alright but is there any difference how RAM cache works if I use it on demand? I really need at every boot to update my software and likely make some changes, then I shadow C: on deman.

 

Hi..a new version is released:

http://www.shadowdefender.com/history.html

changelog:

Version 1.4.0.591 - October 9, 2015
Fixed: Optimize MBR protection.
Fixed: Some minor bugs.

Can someone confirm if you have same hash as mine?

MD5: FEF163F502CAAE0434D25136862A9961
SHA-1: F55206125D10C65E595A44DC9FB8566E9A143253
SHA-256: 7F74F6E2031CDB4F4C5730E63E9B33929EAE3D3CCA74D3E00A0ABA60985DADD3


Thanks.

 

Yes.I have the same hash as you.

 

@Wallofasgard
Thanks for the heads up. Same hash here...