Shadow Defender???

v. 1.1.0.325 installed,, a label reading 'Shadow Mode' comes up at the top of the screen when logged into User account.

 

Came across this post re Admin Rights https://www.wilderssecurity.com/showthread.php?t=200772

Since installing SD I took a look at one of the few programs installed in this machine, an earlier version of a stock database app that updates from Yahoo & discovered it requires Admin Rights to be installed as confirmed by the authors. This is also the program whose data file Shadow Defender eats when placed in Exclusions. Attempting to run it in UserX I copied the exe file to UserX. Somehow it ran a few times then gave up the ghost. Since then 2 blue screens. Application Admin Rights a new item for me

Question is, if an app requires Admin Rights to be installed can the program authors gain access to C:\WINDOWS folder /registries. IOW is the program unsafe?

The latest version can be installed in All Users. If the earlier version was a security issue, can the latest version be considered safe?

 

the link above not quite right .. here's the right one
https://www.wilderssecurity.com/showpost.php?p=1156852&postcount=26

quote: I personally wont use anything that requires admin rights

 

Reading up on SuRun & it sounds good if one has the aptitude & patience to do it right but layers of complexity has a nightmarish aspect for those not prepared to donate large blocks of time to get it running properly with everything harmoniously juxtaposed. Cost/benefit ratio.

Since the new OS install & the latest version of SD v. 0.325 two days ago, 3 BSODs, persistent HEUR/MALWARE alerts from Avira (may be false positives on the SD exe) ... however the CPU went abnormal to 25%+ several times when it should not with machine at idle as was the case pre-format when infected, also video screen errors when moving windows around.

As an exercise, opening 40 URLs simultaneously CPU use stays well below 20%. Firefox Bookmarks database is sluggish & moving bookmarks to new positions in folders is haphazard & refuse to go where placed. Replaced a suspect AC plug seating badly, no risky site visits except a political chat forum I sometimes wonder about wherein mudslinging is often the norm.

I have a suggestion re LUA with or without SD, preferably without.

To do this efficiently one needs a way to switch USER>ADMIN>USER as fast as switching between browser windows without repeated use of passwords having already been entered at logon at session start thus accepted as valid for the remainder of the session. As one switches User>Admin to make Rights adjustments, network connections would be disabled automatically & restored on switching back to USER automatically, or retained for downloads as desired. If this could be achieved, USERS could go in & out of Admin more easily than the current method, preferably with a single click & one password if desired.

Could this be done? I'm sure there's a very good reason why it cannot... the idea is anti-SuRun in a way which I understand assigns elevated rights to Users while retaining LUA protections from the net. In the case of an owned PC User is in fact Admin but forced to jump through hoops to download, repair network connections etc... very cumbersome. Users don't need much in the way of rights if they can access Admin fast with pre-confirmed security clearances (not half a dozen screen actions). A sort of reversal of functions where on boot trusted USERS sign in with a master password permitting rapid access to Admin Rights areas.

 

At this stage frequent switches USER>ADMIN>USER are necessary to tweak Security Restrictions to USERS by Administrator.

To speed the process somewhat I placed shortcuts in both Admin & User Quick Launch

ADMIN
Desktop>RtClk>New>Shortcut >Browse>select C:\WINDOWS\system32\tsdiscon.exe>Next>Rename>Assign shortcut key>OK

Choose suitable icon & place in Quick Launch, repeat in USER.

the buttons are one step to a faster more convenient switch USER>ADMIN>USER routine. Simplifying passwords speeds things further.

Next step, if possible, is to extend the routine to a batch file including appropriate PASSWORDS to enable Quick Launch buttons to run switches USER>ADMIN / ADMIN>USER without intervention.