The unofficial Shadow Defender Support Thread.

Discussion in 'sandboxing & virtualization' started by Cutting_Edgetech, Feb 14, 2011.

  1. guest

    guest Guest

    A further requirement is, the developer must sign it with an Extended Validation (“EV”) Code Signing Certificate.
     
  2. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    Yes it is needed indeed:

     
  3. SanyaIV

    SanyaIV Registered Member

    Joined:
    Oct 17, 2013
    Posts:
    278
    Is this with the latest announced release or the test release? I used the latest one announced, not the test release. If that is the case then I don't understand it either... Perhaps the driver was corrupted? Iunno, pretty confused now..

    Edit: So EV certs are needed, aren't those expensive? Either way, does the Shadow Defender drivers have EV certs?
     
  4. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    Version: 1.4.0.648
     
  5. SanyaIV

    SanyaIV Registered Member

    Joined:
    Oct 17, 2013
    Posts:
    278
    That's the one I tried to install.. :confused:
     
  6. guest

    guest Guest

    According to the "WoSign"-website, to be an EV certificate it must be a certificate with at least "Class4", but the developer used a "Class2"-certificate: "WoSign Class 2 Code Signing CA" and therefore it's not an EV certificate.
    Edit: The above info is valid for certificates from WoSign. Other CA's may use different classes/names. EV-Certificates from Verisign: "Class 3" or sometimes this can be seen: "EV Code Signing CA"
    ----
    The drivers from the release 1.4.0.648 and the test version 1.4.0.653 are signed with "Class 2"
     
    Last edited by a moderator: Dec 14, 2016
  7. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    Which files/folders and reg keys to exclude for VoodooShield to preserve settings/whitelisting or any changes when running in shadow mode?
     
  8. guest

    guest Guest

    You have to exclude the folder: C:\ProgramData\VoodooShield\
    All relevant settings and lists are located in this folder.
     
  9. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    Thank you once again mood, very much obliged.
    Do you know some reg keys exclusion to consider?
     
  10. guest

    guest Guest

    If software is dependent on the registry for saving its settings then you have to exclude a registry key.
    But excluding of the folder should be enough, all important settings are there (commandlines3.dat / settings3.dat / snapshot3.dat / ...)
     
  11. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,792
    Location:
    .
    Thank you.
     
  12. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
  13. guest

    guest Guest

    Do you have any exclusions for Webroot?
    I think this is the folder where it saves all settings: C:\ProgramData\WRData\
    Try to make an exclusion for it and see if helps.
     
  14. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    IIRC, Webroot user prompts that Commit WRData folder may be an issue, due to size, for Shadow Defender.
    IIRC, Webroot user prompts Webroot Settings are registry code.
    IDK
    I'm trialing Shut down Protection > enter Shadow Mode + Shut down Protection > exit Shadow Mode.
    Webroot starts with Restart.
     
    Last edited: Jan 1, 2017
  15. Athas

    Athas Registered Member

    Joined:
    Jan 2, 2017
    Posts:
    27
    Location:
    CH
    Hi,

    I'm currently test-driving Shadow Defender on my old WinXP-System, and have worked through large portions of this thread, but some questions remain...

    I have used light virtualization before (the discontinued Wondershare Time Freeze), with great success and no corrupted files. However, I have never use the "commit all changes" function, but always rebooted to the pre-frozen state. Folder exclusion and commit file/folder was not offered by the software, only "exit and commit all" or reboot and lose all changes.

    Now, I can live with the mentioned reality of possible file corruption when exiting Shadow Mode without Reboot, keeping all changes (after all, it seems like Shadow Defender has to compete with applications and drivers when writing configuration files), as I don't intend to use this function anyway....

    ...but I do like the idea of a commit/exclude file/folder function :), and this one I am using right now, without corruption so far (despite one driver-related issue of a frozen system and forced reset)

    Now my question: Has anyone ever experienced corruption when commiting files/folders and/or files/folders in the exclusions list? I will certainly not exlude/commit folders that will be constantly written to, like browser settings, but folders where i store my downloaded files and such.

    Many thanks...
     
  16. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    I'm still using WTF (ver.2) on my XP :)...but SD on Vista also so I think I can say something about my prefereces. I don't use security app based on signatures (SpyShelter Firewall on Vista and Kerio FW+SS Premium+NVT ERP on XP) so I don't need make some exclusion on system disk for downloaded/saved data. Excluded are only two folders on disk D (private documents/data)
    - one for screenshots which are taken while testing some applications
    - second for files downloaded from internet or copied from removable devices...this folder is also "restricted" in SpyShelter's settings.
    So...mentioned above settings are useful for me and work properly for few years already.
     
  17. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    In my experience of SD (about 9 years) committing files and folders on the fly has always been reliable. I did however have problems trying to exclude things, for example bookmarks, it works alright except on a couple of occasions, upon rebooting out of shadow mode I found all my Chrome bookmarks deleted...

    I also believe it is a prevalent opinion here at Wilders that one should refrain from excluding as it lowers the overall protection offered by the shadow session, although I have no evidence to verify this assertion.
     
  18. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I've never had a problem with commit either, but you have to becareful with size. I once without thinking committed a 350gb file. Once started I didn't want to abort. Dang thing took 8 hours.
     
  19. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    I have had a license for years, but I hadn't used this software for some time. It was originally, installed on XP desktop.

    I installed the program on a Surface Book on October 1, and it was fine. I could open the GUI, but today it wouldn't open.

    I took some screenshots which shows its in my startup. However, checking services.msc indicates that it set for automatic startup, but the service hasn't started. I was wondering what could cause this to happen, now....when previously, I could open the program.

    ShadowDefender_GUI won't load_01.JPG ShadowDefender_GUI won't load_02.JPG ShadowDefender_GUI won't load_03.JPG
     
  20. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    Have you tried to uninstall it and re-install? Is it the last version namely -648?
     
  21. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Hi

    No, I haven't tried a reinstall....I shouldn't have to, I believe. Yes, see the second screenshot.
     
  22. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,933
    Location:
    UK
    What happens if you just start the service and do a restart of your machine, does it run then?
     
  23. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Hi stapp

    I tried that, already...nothing changed, that I noticed.
     
  24. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    SD version 1.4.0.648

    My recent thread https://www.wilderssecurity.com/threads/firefox-spyware.391046 showed screenshots of web pages i visited being saved by FF !

    As i always use SD & have it set to use the RAM & not HD, there should have been NOTHING for the recovery software to find. Why did it ? RAM use set to 500Mb & i was Nowhere near that limit.
     
  25. guest

    guest Guest

    After deleting files and launching your recovery software to recover them (in the same shadow-session), it is able to recover these files.
    Setting the Cache of SD to RAM or HDD shouldn't make any difference for the recovery-process.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.