The unofficial Shadow Defender Support Thread.

Discussion in 'sandboxing & virtualization' started by Cutting_Edgetech, Feb 14, 2011.

  1. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    Anyone running Windows 10 have code isolation and/or code integrity enabled? Have you experienced problems with Shadow Defender?

    *Memory integrity (Just now noticed the error. I apologized)
     
    Last edited: Aug 22, 2018
  2. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    Windows 10 x64 v1607, v1709 with SD - without problev.
     
  3. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    Maybe I'm remembering wrong. But does v1709 have code isolation and memory integrity?
     
  4. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    3,336
    Location:
    Location Unknown
    Yes, they did. But with that version it was only for enterprise versions and not for home users.
     
  5. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    I see. Thank you.
     
  6. denis

    denis Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    182
    To Peter mod, having SD and appguard solo, the commit function would not work? It would not work by me so i am thinking maleware to! The powershell thing is blocked.
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    commit is working for me and I don't see anything I've down in Appguard Solo to allow it. Yes I 've got powershell totally blocked.
     
  8. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,160
    See here

    'REM
    Updated: 04/26/2017 by Computer Hope

    Short for Remark, REM is a statement that can be placed in system files such as the autoexec.bat or config.sys by placing "REM" (followed by a space) in front of a line. Doing this would remark the line and not show the line if echo is off.

    @Echo off
    REM Example line that will not be seen with echo off.
    Echo Hello World!


    In the example above the first line would be skipped and the batch file would just echo "Hello World!" to the screen.

    Alternatively, you can also place two colons :):) in front of a line to remark a line in a batch file. With two colons the line will not show regardless if echo off is in the batch file.

    ::This line is never seen
    Echo Hello World!'

    All credit Computer Hope


    PS the two colons meant to be in the text above have appeared as smileys.



     
  9. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,160
    @Wendi

    Wendi I know that my 'way' is probably unique to me and not maybe even based on sound reason or even logic but
    I use 'Commit by Shadow defender in Windows right click context menu regularly, when saving files to my real system.
    I download files/programs in Shadow Mode and may even install them for a trial but I do not want them to have free reign (even in this context) just in case they are malicious or dangerous and maybe can, in some way, (onknown to me), glean something about my real system structure or preferences and transmit that out (eg by somehow bypassing my firewall) and do not want to re-boot out of Shadow Mode unless necessary.
    When I download a file/program that I am not sure of and want to work with it, I virus check it, sandbox it before installation and during installation my firewall will tell me things about the way that program is acting. If it appears clean but is somehow glitchy within my system, even if not malicious, I uninstall it and and/or delete sandbox.
    If it was very glitchy and jammed up my system somehow after uninstall then I just reboot out of Shadow Mode and start again but if it was glitchy and everything appears 'clean' to me after uninstallation and I do not have any strange firewall activity I might just go on in the Shadow Mode session without reboot.
    If the file, after test and meeting my criteria for a save, to real system, I use the right click in Windows Explorer 'Commit by Shadow Defender' for a single file or number of files. I don't usually commit/save lots of files at the same time this way because when I reboot I want to remember and check what I've saved. I only commit the installation file of the program.


    Patrick


     
    Last edited: Aug 22, 2018
  10. Wendi

    Wendi Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    643
    Location:
    USA
    @sdmod. you truly are a belt + suspenders (braces) kind of guy. But as you are sticking with WinXP I certainly understand taking those precautions. :cautious:
     
  11. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    @sdmod-You are as much on XP as I am Win 8.1. In fact, and for all intents and purposes I use 8 the same as it was with XP.

    Those times where I have used Commit Function in Shadow Mode, it is been from the context menu as mentioned. It used to be, and still can if I decide on it, a safe malware lab test facility-minus net connection. Some of the horror unleashed during those testings was atrocious stuff. Sometimes they would file infect everything in the Shadow Defender folders as well and freeze up the whole machine tight. But after a Hard Reset- (pulled the plug) the rock solid SD Filter Driver proved time and again how well the whole program was fashioned. Expecting the worse every time that happened it still is stunning to find Windows right back where it was before all the havoc ensued. This is truly one gem of a virtual program if there ever was one IMO.

    I since don't use it for malware testings like that. But as you and others long have already seen, this is a keeper for the long term.
     
  12. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,796
    Location:
    .
    Yes, I use it on a daily basis while using my computer all day long and keeps Windows in a pristine state after reboot so I rarely need to restore a system image. My Windows 8.1 seems always shinny and new. Virtually no wear and tear.
     
  13. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,328
    Location:
    Here, There and Everywhere
    Problem: Updated SD from 1,4.0.558 to current version 1.4.0.680. After update, Windows 7 won't boot - it goes straight to recovery options.
    Anybody else run into this problem? Thought I would check here and see if there were others this happened to before I tried to do anything and make it worse. Thoughts? Thanks!
     
  14. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,328
    Location:
    Here, There and Everywhere
    @sdmod Hoping to get your attention to my last post. Still don't want to mess with things before I have heard if others have had this issue and whether there is an easy fix. Thank you so much!
     
  15. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,160
    Have you turned off Fast startup (aka: hiberboot, hybrid boot, or hybrid shutdown)?
    Tony (Shadow Defender developer) recommends that you do.

    If you can not boot into Windows

    but can get into Safe Mode.

    Uninstall Shadow Defender in safe mode

    re-boot

    turn off Fast Startup

    then re-install Shadow Defender

    If it works let me know

    Patrick


     
    Last edited: Sep 4, 2018
  16. login123

    login123 Registered Member

    Joined:
    Jul 12, 2007
    Posts:
    184
    back on page 193 there were some posts about the dangers of unallocated space on the HDD.
    https://www.wilderssecurity.com/thr...r-support-thread.293075/page-193#post-2621034
    There may be another issue not mentioned then.

    Recently xp crashed when I tried to delete some files associated with the old Rootkit Unhooker software written by EP_xOFF.
    The layered security setup here failed, was the 1st time anything got past Powershadow. Eventually I booted into safe mode to finish fixing things.

    After the problem files were finally deleted I ran chkdsk. Chkdsk showed several new errors, including repairing indexes and unallocated space.
    There is more, but the point is that those files only acted up when I tried to delete them. I didn't know they were locked, didn't know there was unallocated space on the HDD, so probably would not have known if something was active there. EP_xOFF suggested (I think) that phony drivers could hidden there.
    So maybe unallocated space is dangerous even though exes don't run there. Certainly trying to securely delete it woke a sleeping bear.
    Just something to think about.
     
  17. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,938
    Location:
    UK
    No problem here running 680 on a Win 7 machine Lockbox.
    How did you update it? (It's been quite a while since I did it so cannot remember offhand)
     
  18. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,160
    I think that most problems encountered are not 'across the board', they are to do with the non interoperabilty or inconsistancies of software relationships in various/varying environments. A lot of the choices that we make when building our systems and automatic updates mean that we often end up with a system with software/hardware relationships that are unique to us and when problems arise there is no universal fix that will suit all. Often people will, on having a problem suddenly, blame it on a software that they are using at the time and say something like ' I was running eg Shadow Defender at the time so it must be Shadow Defender that is causing the problem. The architecture, structure and infrastructure of many of our systems is changing all the time and adding this or that can change the dynamics of the ways that these softwares interact with each other. Over many years I've noticed that have caused problems with Shadow Defender were caused by softwares introduced suddenly into the system that vied for power or control over the files and environment. Those kernel level things like system monitors, anti virus etc. Things that are live and on the move when system changes occur and need to claim control, take priority, to achieve that.
    Most of the major issues encountered by Shadow Defender have been addressed by Tony some time ago.
    Modern Operating systems because of almost being in a constant beta stage are inherently unstable, the developers run roughshod over previous standards if it suits their agenda and create unnecessary redundancies without censure because of business consensus momentum created by marketing campaign and propaganda. Constant carrot and stick. In our high tech world 'The next big thing' is always encroaching on the life and operability of the 'current big thing'. It makes my head spin to think about it. I am a utilitarian by nature and prefer more 'pedestrian' operating systems...the benefit of that is that I can see and digest what is in front of me and it does not morph without permission into something, that has potential, gaining the momentum of some kind of 'consensus', to be to my detriment.
    One day you wake up and your operating system is out of vogue and your Shadow Defender (or whatever) suddenly doesn't work anymore or meet the demands and requirements of the new landscape foisted on to you. You think to yourself 'but I liked what I had'...'it suited me'...'I was comfortable with it'...'it was useful'.
    All gone in the blink of an eye. I'm not against change per se but I like it to suit the human digestive capabilities with plenty of user consultation and less 'spin'.

    Patrick
     
    Last edited: Sep 4, 2018
  19. boldrake

    boldrake Registered Member

    Joined:
    Apr 18, 2016
    Posts:
    17
    holy words, I fully agree with you. :)
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    @sdmod- That write-up was everything on this end experienced since 98-XP so forth and so on.

    IMO one of the nice things that makes SD so unique (and maybe other Ring0-Low Level Programs) is a solid well coded Filter Driver that must attach to a seemingly unusual position in a user's preferred WIN O/S and conflicts sometimes will ensue, in an effort to override the same position etc.

    Then there is this below (quoting a portion of your reply) as you so well point out. Frankly on my 8.1 system, SD does virtualization absolutely as perfect as ever with ole 578 and I just don't like taking a chance to upset the delicate balance that's been stable and reliable for so long, and I mean years now.

    If that version can handle 2018's Ransomwares (which it dumped out like a dump truck)-and even withstood a file infector virus I turned loose in Shadow Mode that toasted even Shadow Defender's own folder of files :eek: and forced a hard reset (pull the plug scenario), and on boot up again came back on CLEAN AS A WHISTLE :isay: that was more than enough proof on this end to keep that version and pass on the newer one's. Old adage, "if it's not broken, it don't need fixin"

     
  21. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    1,037
    Hi @ Wilders

    I have a problem when I am using Shadow Defender (latest version 680) I am using Win 10 latest version x 64. I hope someone can help solve it.

    I have been using SD quite regularly to test new software (Not malware) just ordinary programs. Yet on a number of occasions when I shut down (via SD interface) there is no proper shutdown and reboot. My monitor goes to black screen and standby whilst my PC is still lit. As I said no reboot. After many minutes the only way I can shut down is a hard shut down .

    I have tried an Sfc /scannow - no problem. Then scanning the disk for errors no problem.

    Anyone any ideas how to approach resolving my issue?

    Thanks

    Terry
     
  22. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,938
    Location:
    UK
    Do you have FastBoot/Fast Startup turned on?

    If yes, turn it off.
     
  23. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    1,037
    Hi stapp

    Thanks for your reply.

    Yes I do have FastBoot turned on. Did it recently to combat slow boot (It works on my machine).

    Could you amplify why you think fastboot would cause this problem?

    Thank you for your help.

    Terry
     
  24. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,938
    Location:
    UK
  25. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,160
    Although I don't know a lot about these things.
    As far as I remember the fast startup puts the Windows kernel into a state of hibernation and this can effect certain software like encryption and others detrimentally
    . Tony (the Shadow Defender Develeporer) has recommended that Shadow Defender users turn fast startup (also known as Hybrid Boot hiberboot, or hybrid shutdown) off.
    The fast startup on/off debate about problems is not something unique to Shadow Defender users and is widely discussed on the Internet.


     
    Last edited: Sep 5, 2018
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.