The unofficial Shadow Defender Support Thread.

As others here have expressed, my feelings are that any exclusion list in SD provides a back-door for malware! That's why a cloud-based AV is an ideal 'partner' for SD.

Re MS updates, I get notified when there are new updates avaiiable, so if I see the notification icon in my tray I do a restart (at my convenience) and install the updates.

Wendi

 

thanks for your reply... how about the time? do you have idea how to exclude it? every restart my date and time changes.. i hate it..

 

That's weird, time and date should not be affected.

 

That is weird; it may have something to do with AVG! How about more details? ...Windows version? ...SD version? ...32/64 bit?

 

yea its weird..

yea..hmm i dont think so is about avg... im using windows7 64bit.. SD: Version: 1.1.0.325

 

64-bit version of SD?

 

I'm not going to read the whole thread but has anyone had success using Shadow Defender on Win 7 x64 with SSD drives?

TIA,

TH

 

I use it on an X79 system and it works well. The only problem I found is that when you look at the System Status tab in SD the "Space Used by SD" value always stays at zero even when I add/remove files or install/remove programs to the protected SSD. It still works, but it doesn't tell me how much space its using.

My main specs:
Asus P9X79 PRO
i7 3930K (OCed at 5.1GHz )
32GB Corsair Vengeance RAM
120GB Vertex 3 Max IOPS as SD-protected system drive
Win7 Ultimate x64

 

Hi
I'm having problems with NOD 5.
It updates and everything fine, but after the machine is rebooted after a few updates theres a bit that doesn't change

Here is what i mean I've circled it in red. Its updated in the picture because i wasn't in shadow mode.
http://desmond.imageshack.us/Himg813/scaled.php?server=813&filename=78467388.jpg&res=landing

I have the following exclusions
C:\program files\ESET\*
C:\Documents and Settings\All users\Application Data\ESET\*

Is there another exclusion i'm missing

 

I think that ESET definition updates also involve registry changes, which is why the update history is not preserved after a reboot. Although you can exclude files and folders, you can't exclude registry entries, so I don't think there is a solution.

When I was using NOD32 in conjunction with Shadow Defender, I didn't bother to make folder exclusions for that very reason. I found it easier to just let NOD32 update itself on every restart. NOD32 updates itself so quickly and seamlessly anyway that I didn't find it any great inconvenience.

I found that most antivirus programs that I've tried make changes to the registry during updates. A notable exception is Webroot SecureAnywhere which holds all program settings, etc, within a single folder rather than using the registry. By making an exclusion for that one folder, all program activity history is preserved. Also being a cloud antivirus, it doesn't need to download definition updates to remain up to date.

WSA will run quite happily alongside NOD32 if you want to try it in order to evaluate it.

 

SD and Thunderibird

Got a quick question for you experts...

I'm thinking of installing SD on my wife's computer to save on resources being allocated to other security products.

Before I do so, can anyone tell me what files or folders I would need to "exclude" if I want to set it up so that her Mozilla Thunderbird is able to retain new emails she might receive while in shadow mode? (She is running XP Pro SP3)

I realize that "exclusions" potentially weaken protection but she does have the email client protected by Sandboxie so they would be working in tandem.

I just want to keep things as simple and streamlined as possible and this would go a long way toward doing so. Also, she does no financial transactions and stores no sensitive data on her computer.

Thanks in advance.

 

Re: SD and Thunderibird

Thunderbird stores all of its data: emails, extensions, program settings, etc in the user profile. The default location of Thunderbird profiles on Windows XP is: -

C:\Documents and Settings\<userid>\Application Data\Thunderbird\Profiles\

where <userid> is the name of the Windows XP User Account.

By adding this file path to the list of SD exclusions, all data stored in the Thunderbird profile(s) for the user account will automatically be saved when running in Shadow Mode.

 

Re: SD and Thunderibird

Thanks, my friend, I'll give it a shot and see how it works. Should make her a happy camper with a relatively bulletproof installation.

 

Re: SD and Thunderibird

You're welcome.

BTW if you haven't tried it, MozBackup is a great free utility for backing up Thunderbird and Firefox profiles and it works with the latest versions. I use it with both Thunderbird and Firefox. You can get it here: http://mozbackup.jasnapaka.com/

 

Blues, while you can of course exclude your wife's user (Thunderbird) profile as described, imho a far more secure solution would be to move Thunderbird's mail storage location to another volume and refrain from using SD exclusions!

 

I agree - I was just answering the question as posed. I keep both my Firefox and Thunderbird profiles on a separate data partition. As you say, no need for SD exclusions; plus it simplifies the task of system and data backup and recovery.

 

Many thanks to you both. I'm familiar with and use MozBackup.

I'm not terribly concerned about security on her installation, it's more about utilizing less real-time security and thus cutting back the drain on the limited resources available on that particular machine.

She has Sandboxie and PrivateFirewall running in concert with SD and they all seem to work together quite well.

Hitman Pro and MBAM are both on hand for scans. (And as I say, there is not critical or sensitive data on the system.)

Thanks for both the quick help and suggestions.

 

Quick update: The missus states that the combination of SD with PF and Sandboxie is a winner. Her computer is now much quicker and more responsive.

 

Blues,

I'm curious as to which security program(s) were removed from your wife's PC (and replaced by SD), resulting in much improved performance?

Scott

 

Scott, keep in mind that this is an old ThinkPad that she uses almost exclusively for email and browsing...it only runs on 512 megs of RAM.

At one time she had WinPatrol Plus, MBAM, Sandboxie and MSE running in real-time on it. Prior to PrivateFirewall she had Online Armor (Free) installed.

I'd removed MSE (completely) sometime back followed recently by WinPatrol Plus and now MBAM Pro. (WP and MBAM are available on demand, however.)

I switched out OA for PrivateFirewall a good while back due to its much more resource friendly characteristics.

The low demand put on the system by the combination of PF, SD and SBIE has proven to be a nice solution to the issues (lag) she was experiencing.
I didn't want to invest anything in this old rig as I'll buy her something new to go along with her tablet in the near future.

So, bottom line is that just taking off MBAM Pro and substituting SD to go along with PF and SBIE made a large difference in the system performance.
I had a feeling it might but was reluctant to get too excited before experimenting.

 

Blues, I understand completely (as I had a similar experience with my daughter's lappy). She had Norton Internet Security running on a 7-year old XP system with 512 megs which was taking forever to startup and ran slow afterwards. So I removed NIS and replaced it with Panda Cloud AV, Windows firewall and SD, which resulted in a dramatic performance improvement.

Scott

 

It's a beautiful thing when you can accomplish those goals with small, elegant, yet effective apps.

 

Hi everyone.

First of all I am not a native english speaker so sorry for my mistakes if I make some.

Regarding Shadow Defender I am currently a newbie. I found this software accidentally by searching for Security Tools.

So I have some questions relating to this tool.

I have already read some posts in this forum about the maker of Shadow Defender and the oddity of the further development which stopped in the year 2010.
Because the maker of this tool is not running the Website www.shadow-defender.com anymore and there has never been an official support at all.
Many speculated in the past some hackers or a shady company may have hijacked his website and adopted this tool. Specially since the newer version is not safe anymore.Therefore many prefer using the older versions.

So I decided to download the 64bit Version for my Windows 7 operation system.
But first I made a malwarescan on "www.virusscan.jotti.org" and also on "www.virustotal.com".
On both sites they found that this Software contains the Trojan/Downloader.Banload.bjhp and TrojanDownloader.Banload.bjjq

So my question is if it is still safe using the latest version of this software?
What about the reliability of this tool at all, specially the latest verison?

Does someone still have the older versions?
I have already tried to use the links which are shown in this forum but none of them are running anymore.
Is it maybe possible to upload a clean version for both operating systems (32bit/64bit)?
That would be very nice.

I also found a similar tool Safeshield which was absolutely clean relating to suspicious contents.
I have to mention that it is also a signed software compared to Shadow Defender.
The interesting thing is the development of this tool stops in the year 2010 as well...

Now if it's really veritable what Shadow Defender in fact is able to do than it makes any Antivirus and Firewall obsolet.
It's really amazing that no one knows about this tiny software. It seems to be a so called hidden champion.



Yours sincerely

 

Hello Whoknowsnothing1, welcome to Wilders!

I can only relate my experience and to that extent I have found build 331 to be completely safe. While I do not deny that the present website (i.e., those that run it) is certainly a mystery, the latest x.331 version (from that site) has been running without incident on my system for several months. However, if you would feel safer running the last non-beta build produced by the original developer (x.325), or some other build, let me know and I'll upload it.

But I might add that I believe it's a good idea to have a real-time AV working along with SD. Although SD will discard any malware upon restarting, who knows how that malware might compromise your identity/security while it is actively running!

 

SafeShield is based on Returnil
https://www.wilderssecurity.com/showthread.php?t=276779