The unofficial Shadow Defender Support Thread.

Hi..

Me too..
I'm using the license of SD v331 as well and it works okay in SD v325..
Just love SD a lot, awesome software..
Its simply the best..


Best Regards,
cJ

 

CONFIRMED! with emphasis on Green as good to go.

I need to add another EXTREMELY IMPORTANT! plus in SD's favor to report.

With nProtect (Only) when i manually tampered/bugged or otherwise changed digits in the MBR and saved them, it did block a few choice HexEditors: HOWEVER when making those same changes with the HexEditors WinHex and especially http://www.sweetscape.com/010editor/ nProtect FAILED and so i had to do an image backup to restore the system again.

When i corrupted the MBR Table with those same 2 HexEditors using ONLY ShadowDefender, to my SURPRISE! after the reboot from shadowmode, it was as though nothing ever happened and indeed rechecking the values with those HexEditors proved that fact out.

I am overjoyed and thrilled to peaches, as i know many others are too, that we didn't let SD escape into the has-been world of excellent apps gone to rest.

Keep SD alive, this puppy is still for Real!

 

Just an observation. It would be more informative and meaningful if you would state your Windows version and SD version when posting.

Thanks!

 

Good call Cruise!

Win7 x64 running SD build 331 x64
WinXP x86 running SD bld 325 x86

 

Well I'm experiencing a big problem with SDx64 build 325 (signed version) on Win7 x64 Home Prem. It installed on my new laptop's HDD without any issues and I'm able to place my PC into Shadow Mode and all seems to be well ...however, soon after opening IE9 the browser totally locks-up as well as my laptop! And when it does that it doesn't even respond to Ctrl-Alt-Del. I'm guessing I have a conflict somewhere, but I am not running any other ISR/LV programs!

Cruise

 

What else to you have for security apps.

 

Norton Internet Security 2012 and that's it, insofar as security programs.

Cruise

 

Oh ok.I doubt thats the problem but never know.I have windows 7 32 bit and Shadow Defender 3.25 that was freezing my entire system trying to go in shadow mode that I had to force shut down.I uninstalled it then reinstalled and its been perfect since.I since removed it to try Deep Freeze but still have SD on another system win 7 32 bit and its perfect on that one.

 

Hi djohn, I thought you're using DF (surely you're not using both DF & SD concurrently)?

Cruise

 

No Deep Freeze is on my system now and SD on the kids computer as mentioned in my above post.When I had SD on my system, I had the trouble on first install and not on the kids computer and there both exactly the same machines - models-same setups and software.

 

SD x86 is working great on my old WinXP system. Based on your experience, I'll try reinstalling SD x64 on my Win7 system and see if the problem persists.

Thanks,
Cruise

 

Your welcome! Hope it works for you - crossing fingers.

 

No joy - samo samo (going back to WTF)!

 

You could try version 1.1.0.320 of Shadow Defender.
I had also problems with locking-up/freezing of my system when using 1.1.0.325 on Windows XP in my case. So I went back to 1.1.0.320 which worked without any problems. And I stayed with it when changing to Windows 7. (Did not have the courage up to now to try 1.1.0.325 because I still fear that the system could lock up again. )

 

The truth is i 'm not familiar with the certification specifics. On my 32-bit W7 Ultimate (i assume you 're on the 64-bit version, judging from the file-size difference of diskpt.sys), there is no "Digital Signatures" tab in "diskpt.sys Properties" window. There is, though, a security certificate file named "diskpt.crt" which cannot be manually installed/imported. The same goes for both (23/2 & 24/2) 32-bit versions of SD .325 setup files.

Any help would be appreciated.

 

You are probably using the slightly older file. I haven't used it but other people said that the driver of the slightly older v225 has no VeriSign certificate, whereas the silent update has. I'm sorry that I can't be of more help. I posted a link with my files anyway, those are VeriSigned.

 

Hi CyberMan969.

The 24/2 version i 'm referring to is, actually, the setup file that you posted.

Both versions share the exact same diskpt.sys file. Maybe it 's a 32-bit ~ 64-bit thing. I don't know...

Anyway, thank you for replying.

 

I have a question about Shadow Defender and other more recent security products.

Is it wise to exclude the Shadow Defender folder in program files within various other security products, just in case more modern security products protect too well and sees SD's commit.exe or the daemon as malware ?
Or does this rarely happen ?

Comodo's killswitch (enhanced taskmanager) sees files in memory from SD as "FLS.unknown" and not as a safe app.
Probably SD isn't very widely used in the past, so could be that the cloud simply has too few amount of users actually using SD.
But since killswitch sees those files as unknown or maybe even suspicious then other products might come to the same conclusion.

Anyway, I'd like to hear your opinion about setting exclusions for SD files.

OS: Windows 7 64-bit
SD version: 1.1.0.325 (silent update).

 

No exclusions set for SD files here, only have Shadow Defender set as "Trusted" within Defensewall and all runs like clockwork.

 

I have AppGuard and Shadow Defender on one system and AppGiuard with DeepFreeze on another with no Exclushions and both are running perfect.

 

You're welcome guard. I haven't used the x32 setup of SD for ages, both setups were from the same exact release and I find it strange that only the x64 version is VeriSigned.

 

Strange, but true. After extracting the SFX setup files of SD:

1. SD v1.1.0.325 x32

MD5: 101cdc867f7771faae6810483ef16439

First seen by VT: 23/2/10

diskpt.sys is not signed

2. SD v1.1.0.325 x64

MD5: 35edf53c0b4d3b8960047cfbfcbae7e3

First seen by VT: 23/2/10

diskpt.sys is signed

3. SD v1.1.0.325 x32

MD5: 4ed0f50233680ffc37fbe5cf8057c634

First seen by VT: 24/2/10

diskpt.sys is not signed

4. SD v1.1.0.325 x64

MD5: -

First seen by VT: 24/2/10

I can't find that 64-bit version -i don't know whether it exists or not.


I shall let it go, now...

 

How would I go about excluding the bookmarks in chrome or other browsers and my sessions manager when running in shadow mode?

 

Okidoki, on second thought it might not differ much if you exclude or not, since SD is so light and only has a few visible files in the installation folder in program files folder.

 

I don't know with other browsers, I only know with Mozilla Firefox, that at least this must be excluded to remember changes with bookmarks.
If someone can advice you with more detail it would be appreciated.

"C:\Users\<USER>\AppData\Roaming\Mozilla\Firefox\Profiles\lvvdsdi5.default\places.sqlite"

<USER> = your own username.
<lvvdsdi5.default> = different for everyone. so yours might look different.

you have to search for the file: "places.sqlite". As fas as I know this the absolute mininum to remember your bookmarks if you add any while in shadow mode.
commit or set exclusion for this in Shadow Defender. For the whole session I don't know exactly what to exlude or not.

Ehmm, again, if anyone knows anything more with the other browsers or also mozilla, please do or correct or add additional info.