The unofficial Shadow Defender Support Thread.

I'm not sure I understand your question, I do a lot of research work, always in shadow mode as a precaution, and use two methods to save my work: as mentioned using the commit feature, if I'm sure it is not infected, if I'm not sure I usually save it to a flash drive for further scanning by other malware scanners, but most of the time I use the 'commit' command on the right click menu of the file that I want to save. I've never had any problems in many years.

 

Yes, there is the possibility to 'forget', but it is a matter of habit. If the session in shadow mode is long and important in terms of work, I save to a flash drive and commit simultaneously, once I remember, I worked for hours on something and suddenly the machine bluescreened, and I lost everything...

 

I am still not clear why you do important work for hours in shadow mode? I always thought that mode is intended for when you are doing things that may put your pc at risk. I have never used this commit feature due to my black/white attitude but does Shadow Defender ask you what stuff you want to commit? If it is all or nothing, then you are back in the same position as if you had never used shadow mode with all full risk attached.

 

Some are in Shadow Mode all the time and only go out of Shadow Mode for doing Windows Updates.
And there is no need to commit all changes. The user has the option to commit important files via contextmenu (for example files which the user has been worked on [or has downloaded] while in Shadow Mode). All other changes are discarded after the next reboot.

 

A computer connected to the Internet is theoretically always at risk. In practice there is a lot of fear, uncertainty and doubt evoked intentionally by the anti malware industry in order to sell their products.

I personally don't believe it is so dangerous browsing the Internet as long as one doesn't click on/download anything, however doing research work of any kind entails checking a lot of websites, clicking on links and downloading interesting stuff which raises the risk of infection with corrupted websites, malvertisement, drive-by infections which nowadays can be silent and asymptomatic until real damage is done.

Within this context SD is ideal, as far as the OS is concerned, whatever silently infects you will disappear on the next reboot except of course what has been previously committed. One is still vulnerable to personal information theft, hence I use Sandboxie and an antivirus to cover this threat. I only use SD for research and occasionally to test software, for normal browsing I use Sandboxie.

 

If one is running Win 10 I'd be very careful to use this feature of SD. It worked very well with XP, but when I tried with Win 10 it was a disaster, the startup window was different on reboot and it felt like having a different OS. I don't know whether it was due to something I did during the shadow session, but I believe SD is not really designed for this operation which defies its main purpose that is to discard changes.

 

I agree. I had problems with "Commit all" some time ago, in Windows 7, I have not used it since then. I don´t like at all the idea of using Commit as the regular procedure to save changes.

Edit. Checked the logs. I also had problems with Windows 10 (2016), corruption in the Start screen.

 

I would like to learn how Sandboxie is able to provide protection against information theft when SD does not provide that protection?

 

Hi Cruise, you can use Sandbox settings to block programs running in the sandbox from having access to your personal/sensitive files and folders (File Access > Blocked Access). You also have the option to hide folders from sandboxed programs but still allow them writing to them (File Access > Write-Only Access). To make things simple, I keep all important files and folders in 3 files/folders, that way I dont have to go all over the place blocking/hiding whats important.
https://www.sandboxie.com/ResourceAccessSettings#file

Bo

 

Bo, it's not clear to me how Sandboxie can protect you against information theft/leakage when (for example) doing online banking?

 

Sandboxie is not going to help you by hiding your PW or user name as you write it. Sandboxie can not help you that way. Myself what I do to protect myself when I do email, banking or something sensitive, is do it on a fresh browsing session, and after doing it, close the browser and delete the sandbox before going back to regular browsing. I never mix regular browsing with sensitive browsing. To me doing it, is a mistake.

I go even extra. If lets say I am doing regular browsing and after reading your post, I want to reply to it, I close Firefox and delete the sandbox. Reopen Firefox, and come inmediatedly to this forum, login, reply to your post and read other posts perhaps, when I finish, I logout and close Firefox and delete the sandbox. I dont like mixing browsing. I dont even go anywhere after login out, I inmediatedly delete the sandbox and close Firefox. This sort of thing helps if your computer is clean. If its infected, it wont help.

Sandboxie is not an anti keylogger so opening and closing Firefox many times during the day is something I do. I do it for security, that way if I pick up something while browsing, it ll be gone shortly. I delete the browser sandbox many times during the day. For example, if I am watching a game for two hours, after is finished, I diont just keep browsing, I delete the sandbox before going back to some other type of browsing.

You know, sometimes we read someone say, "I keep my browser open for three days with 50+ tabs open, the browser runs fast, etc", in my personal opinion, doing something like that is highly insecure and a horrendous practice.

Bo

 

That is a safer procedure, but there's still the possibility of exploit vulnerability while performing information-sensitive web activities, especially financial operations, so I believe it's prudent to also run real-time anti exploit software!

 

I dont use nothing but Sandboxie but I guess is OK if you want to run anti exploit software. Another thing thats very important to keep your credentials and personal files safe is to minimize the amount of addons you install. A malicious addon can hijack your browser and use it to phone home after stealing your credentials. So, using as few addons as possible and only installing well known addons that have been around for a long time and are used by many people is what I do. I use 2 extensions, no plugins in my everyday browsing sandbox. Flash is still needed for some activities, for that, I have a separate sandbox where I install Flash and only use it for activities that require Flash. Every couple of days or so, I delete this dedicated sandbox and replace it with another one.

Also about addons, to me personally, NoScript is the reason I use Firefox. I wouldn't trade using NoScript for any paid security program (except SBIE). In my personal opinion, NoScript has done such a good job for me while browsing that I have never gotten to the point were Sandboxie has actually saved my butt from malware that hopped along during a browsing session. I say this because I never seen anything funny jumping around while browsing, fake scanners, ransomware or had a program get exploited. Before SBIE, before NoScript, I know I got every once in a while a program in my hard drive exploited. Then, I couldn't figure how it happened, why it happened since I had a "great" antivirus running real time and why the malware was being detected now and not when the infection actually took place (days or weeks earlier). This are things that dont happen with SBIE or NoScript and good practices. I think you should start thinking about something like NoScript.

Bo

 

Unfortunately, Chrome doesn't support NoScript, but I may just try FF with NS.

 

You could still use Chrome with either uBlock Origin (advance mode) or ScriptSafe.

 

Do you mean by committing all changes? I believe you use Window 7, don't you? It worked well with XP, never tried with Vista, and with Win 10 I had a corrupted start screen, confirmed by Robin A. Not a big deal anyway, the only reason I used this feature a couple of times was laziness, I thought it was quicker to commit everything rather than rebooting and re-installing a program I was testing...

 

I am not using Shadow defender now but I never liked the idea of committing an entire session. Never tried it. Bur felt very comfortable committing files individually by right clicking, whether they were new files or files and folders that were modified in Shadow mode. For exclusions, I only excluded from Shadow mode Firefox bookmarks.That worked fine.

Bo

 

I tend to use Shadow Defender 'commit' quite a lot for any files or programs that come into my machine after checking them for virus etc and then running them in shadow mode to test, knowing that if they are awkward or badly written or just not to my taste that I can get rid of them without a trace on reboot. If I like a program, then after that test I'll just save and commit the executable installation file to install at my leisure knowing that it is probably safe for my system.
I run my browsers sandboxed (Sandboxie) wthin Shadow Defender Shadow Mode. I only update my anti virus definitions when I surface for air.
I used to only use Shadow Mode for short sessions but now I will stay in Shadow Mode for days at a time having found a version which has suited me and my system and remained stable over a long period of time. I also use Shadow Defender for editing which often leaves various iterations of the video/music/images of the edit on the drive cluttering things up. With Shadow Defender I just, (after some thought and care) 'commit' my choice selections after editing.
Certain programs I just install as and when I need them as 'one offs' in Shadow Mode, particularly when I think they are the sort of programs that might generate clutter.
I'm not in the habit of comitting large numbers of files at one time but sometimes will commit little bunches. In the distant past there were problems with 'commit' that sometimes when you commited multiple files you would not see some of them after reboot from Shadow Mode. So I'm just cautious.
One thing to bear in mind when editing anything in Shadow Mode is that it is not enough just to save, you must remember to commit your final product before Shadow Mode session ends as it's easy to get 'absorbed' in your work and forget. If you are tired when doing a long text document in shadow mode and you think of leaving it for another day, then save and commit and remember to save and 'commit' again when you have re-engaged with that work and completed it

 

I'm a bit disappointed. I installed an application in Shadow Mode, yet when I restarted and exited Shadow Mode the icons for the app I installed while virtualized were still on the desktop. My desktop is not set as an exclusion. Something's hinky with SD.

 

I am using Windows 10, but fastboot was already disabled.