Shadow Defender kicks @ss

it has been a very long time waiting , man
now i doubt it's even possible

 

Agree

 

The product seems interesting.

But is it really a one-man company ?

I'm not familiar with security programs created by one individual.

With the constantly evolving malware, it would be tough for one individual to keep security software up to date ?

 

Well, they're basically the same as any other program...., ones and zeroes and all that

More seriously though, there are certain genres of application in which this structure can work just fine. Programs that don't need to change on a daily, weekly, or monthly basis are fine as single person efforts and light virtualization fits scheme that very well (as do a number of other categories). A classical AV wouldn't survive with this level of staff backing, a firewall could, and so on.

I've owned and used Shadow Defender since it appeared some time ago. It's a fine effort and, thus far, well supported by the author.

Blue

 

Thanks, maybe I'll give it a try.

 

I'm also keen to have it. On the other hand, if he is on his own, I suspect something as complex as such a task can be time consuming particularly if you want it bug free. Too many programs have been released lately to the public prematurely in a kind of marketing frenzy, resulting in devastating crashes (I've personally had this misfortune twice from two reputable companies).

 

Malware Defender is released by one guy, Xiaolin and it's a best of breed product same with Sandboxie and a few others.

If the security product involved reversing thousands of malware binaries, maintaining a signature database, pushing out daily def updates then yeah a one man shop would be totally impractical.

Utilities like this are quite a bit different, it is possible.

@Osaban, yes likewise i had one recently brick my system so badly even the recovery disk couldn't see the partition.

Anyhow, so far ShadowDefender is working quite well here. I have not tested it fully, but it seems like a good app.

 

The resource usage of Shadow Defender is amazing, Or the NON resource usage. These are 23hrs in shadow mode stats. On a XP32 Q6600 2GB mem.

0:00:00:125 CPU time
I/O Reads 45
I/O Writes 3

Private Bytes 2072k
Peak Bytes 5072k

Also for my slow chugging laptop it's perect! LUA+Shadow Defender+Sandboxie

Non hassle computing/protection

 

Shadow Defender is the best money i have spent on security,just slow on updates.One was mentioned as coming soon but still waiting

 

From what I've read it looks like SD is good for testing software. If you don't like something or it screws the system up, you can reboot and it's gone. My question to those that use SD, what if you like the software you've just downloaded and installed? How do you commit it taking into consideration files may be in more than one place and not forgetting associated registry keys? Do you reboot and install in normal mode?

 

it can be used to test limited brand of none request reboot ones.
for perfect software test it is wise to use eaz fix or its big brother rollback RX

cheers

 

I mentioned this earlier in this thread, that SD is great, but if it only included recovering registry keys it would be so much better.

I have been using it in Shadow Mode 24/7 for maybe 2 months now. I have exclusions to my profile diretory and a few other choise spots. I can use most applications without even realizing SD is in effect becuase they house thier prefs/configs in the user profile.

What I find is that if I install a new software, I can easily reboot and be clean. One benefit is that if you install a software, and you like it, you can commit its directory in program files, and when you reboot you easily find out if it is portable or not. Many are. If I am wishing to install a firewall or av or something a little more aggressive (think MSI installed items lol) then I test in vmWare first before installing on the real machine.

I have found, as a slight hassle, that some programs need thier registry entries from HKLM\Software or HKCU\Software. I can easily export those, but the feature built into SD would be so much better.

In using SD shadowed 24/7, after some consideration as to what I don't want shadowed and making the exclusion list, I find SD to be very trouble free and convenient.

Sul.

 

Would be nice addition to SD.

 

You can right click files and commit past shadow mode protection. But like Sully's good idea, of being able to commit a whole application ... this would be really good stuff - ability to keep applications on trial - commit for keeps or boot down the toilet when you turn the computer off.

 

I should be more careful about what I type.

In the past I've expressed interest in several virtualization/rollback systems.

But the thing is: a good AV or suite will protect you against certain forms of spyware/data theft. For example, you try to make a payment by entering your credit card data, and the website in question is infected with malware ( example: malicious script). An AV could detect this, unlike virtualization software.

Is there any way to run a suite or standalone AV in combination with Shadow Defender ?

I use Windows XP Home Edition SP2, harddisk with only one partition.

I also happen to restore a known clean image if I suspect foul play.

 

Yes, and you should. I love ShadowDefender but especially if you do any committing of files, they have to be scanned first. I always used a AV with it. Something light like Eset would work or even a freebie. Just let it update while in Shadow Mode and when you come out just hit the AVs manual update again. It is just another part of a layer and even there are those behind closed dark doors that say," I will never use a AV again." Guess what, it is still the best first line of defense in my view.

 

Nope tried it, dont want to do that again my friend.

 

Interesting.

Would it work with a suite as well as an AV ?

And are there no issues with the registry ? Some AVs go deep into the kernel.

 

Well, with so many here recommending it (and people I respect), I might have to take a look. I'm surprised this hasn't been asked yet - but how does it differ from Returnil? I use it on my laptop and it works perfectly. It's always nice to see so many thumbs up on a piece of software though, so I'm interested.

 

I believe that I covered that somewhat in Light Virtualization - the first year..... In broad terms, the current version of Shadow Defender is really focused exclusively on partition virtualization while Returnil has a somewhat broader feature set beyond pure virtualization (AntiExecute, version with an embedded AV (F-Prot) emerging in the current beta, wipe of virtualized session on exit, pricing strategy, and so on - a trip the the respective websites is recommended for potential users).

Both products are very solid and I use both, although my own usage tends to be much heavier towards Returnil due to the expanded feature set, parts of which I do tend to use on a regular basis.

Blue

 

Thanks, Blue - I didn't know of that thread, I'll check it out.

 

Is SD compatible with FirstDefense? Can these two be used together,
What about defraging (boot-time)?