The unofficial Shadow Defender Support Thread.

Shadow Defender Version 1.3.0.455 - August 13, 2013
What's New: One installation package for all supported Operating Systems.
What's Fixed: A bug related to File Exclusion List.

Download

 

Thanks for the Info.

 

Imho a few things have to be implemented:

- remove Elevation of GUI as the program itself offers Password protection.
- Desktop tip set back to Default Position.
- Checkbox to lock Desktop tip in place so it can't be moved by accident
- set Desktop tip to be in the Background as it now covers everything in the foreground. (browser for example)

 

I actually prefer the tip to be always in the foreground. When I use a browser, I need to know if I am in shadow mode. But now it´s not always in the foreground, sometimes it appears behind some windows.

 

Arcanez and Robin A, I'm not trying to re-direct you but just for information there is a "Suggestions" section on The Official Shadow Defender Forum here

 

Thanks for the update!

 

So can anyone say.exactly what that A BUG in the File Exclusion List was?

Thanks sdmod for forwarding to our attention this latest bugfix version.
To touch briefly on the aforementioned suggestion i always liked the old Shadow User program's way of confirming the machine was in shadow mode by replacing the wallpaper with tiled text diagonally aligned which read Shadow Mode.

Not sure if it's worth suggesting right now though since Tony is on a roll mechanically with coding/testing new inner security features yet to be released.

Regards Easter.

 

Hi Easter A little bit of info on the fixed bug here

Regarding confirming the machine is in Shadow Mode
I quite like the existing little icon on the top centre of the desktop when in Shadow Mode and the system tray/notification area icon that changes colour when in Shadow Mode.

Patrick

 

I like it too. So I can always check with one view if I am really in Shadow Mode.

Of course for some users it maybe useful to hide these icons. But they have the possibility to do so (one or both of them) by unchecking the corresponding options in the part "Administration" of the program window ("Enable desktop tip" and "Enable tray icon").

 

I use SD on demand. For me, the light blue icon appearing in the tray area is what I guide myself with. After enabling Shadow mode, I always open the interface and take a quick look around to make sure everything seems OK.

Bo

 

AdwCleaner disables SD -- and other programs too.

Today I ran AdwCleaner v. 3.0.0 (last version), as I do when a new version appears, to check for Adware/Toolbar/PUPs.

When I ran AdwCleaner, I was in shadow mode. I clicked on "Clean" and the attached warning appeared.

One of the program closed was SD. In fact, it was completely disabled. While the scan was in progress, I checked in Task Manager and saw no trace of SD. So, a program running in shadow mode disabled SD completely before running, and left the system unprotected. Not expected.

Note: I checked this a second time and the same happened. MSE was disabled too.

Edit: SD wasn´t really disabled, see post #2789.

 

This has serious ramifications.
Malware could disable SD too then.

 

You were still protected. You can test it: Enable shadow mode, kill SD process in task manager, create a file in the desktop, after you reboot, you will not see the file in the desktop.

Bo

 

I´ll try that. Another check would be to re-start SD after the AdwCleaner scan finishes, to see if it reports that it´s already active.

Edit: I did both checks. Killed SD process in Task Manager, then started SD. It was already active. And also ran AdwCleaner again, and after the scan finished, started SD. The same happened, it was already active. So, if all obvious traces of SD disappear, this is a way to check if it´s still there.

 

A few questions just to be sure if I understand it correctly:

Once shadow mode is enabled, nothing can affect or eliminate the functionality of this mode – neither a software nor a wrong handling by myself (e.g. by killing accidentally the SD process) nor the hard shutdown e.g. of a frozen system? And this applies even "if all obvious traces of SD disappear" (as mentioned by Robin A.)?

In other words: The protection provided by SD will be lost only after the reboot of the computer (of course in case that I decided to reboot in normal mode and not in shadow mode)?

 

Peter, that is correct if you are restricting your remarks to the system volume. While you can exit Shadow Mode on non-system volumes during the current session, the only way to exit Shadow Mode on the system volume is upon shutdown/restart.

Wendi

 

Do I understand you correctly that this problem is resolved?

Patrick

 

Hi Patrick,

It was never really a problem (more like a false-alarm). As Bo points out above (and previously on the Official SD Forum)...

Wendi

 

Thank you, Wendi.

Yes, I had in mind the system volume. Good to know that Shadow Defender is so "strong" in this respect.

 

It's always been that way on this end. At least from version 3.25 anyway.

Jump into ShadowMode and it's like concrete.

 

EASTER,

Shadow Defender is one of my 'favs', but the concrete you mentioned has a few cracks that are in need of patching.

TS

 

Of course. But what doesn't. Given time by Tony's return, just a few more additions will all but seal up any cracks needing addressed.

Regards Easter

 

I'm looking forward to MBR, and track 0 virtualization.

 

Amen!

And i hope he will find it a relatively simple matter to also add "driver blocking" along with both those security improvements, hopefully all in one nice big update.

 

Fwiw, Tony informed me that my suggested enhancement to place Track 0 in Shadow Mode (which would include the MBR) isn't too far away. Otoh, implementing The Shadow's suggestion for a 'Drop Rights & Prevent Driver Execution' option will take a lot longer because he doesn't presently know how to do it and so it will take time to research.

Wendi