Discussion in 'sandboxing & virtualization' started by Cutting_Edgetech, Feb 14, 2011.
Thank you. I used in the past Power Shadow and Returnil, never SD.
Just installed it thanks
Already have paid version on another machine.
Is anyone using Shadow Defender to secure their system in place of AV's? Are there any known bypass methods?
Also if you are using it what File Exclusions are you making? Im currently excluding my IMAP .OST/PST Outlook mail files, my StickyPassword mail database, Box Sync folder, and my school work.
Can someone please provide me the MD5 & SHA1 Checksum for the SD versions 22.214.171.1245 and 126.96.36.1998?
Hi to everyone.. Excuse my bad english.. I`m from Perú and i find this forum searching for my problem..
Y have 16 pc with windows 10 x64 and i instal the versión .663 with horrible results.. i enable/disable windows update, instant boot.. hibernation.. and nothing work.. the programs deletes alone.. or mising files.. BSOD every time i restar or shutdown.. even when i unfrozen the unity.. (only C i had format many times the pc's from 0 and the same result, even i have problems when i clone DD.. mising someting of the NTFS..
i read here people with windows 10 whitout problems.. and the 665 or 668 versión are recomended.. i will install again SD in that versions to prove if works.. but.. any explications? what wrong i do? im thinking the hardware are incompatible.. but that can be possible? i hope this works fine whit your helps.
thanks (and again sorry for my bad english)
When you use SD, in principle you don´t have to enable or disable anything. What problems are you getting when you just install SD, reboot, enable Shadow Mode, work normally and make changes to the OS, and then reboot? What computer are you using?
Shadow Defender still stuck in this unreleased .668 "beta" for months, so to speak:
So I wonder, is it still in development or not?
It has not been unusual in Shadow Defender's development to have periods of mystery and conjecture. There have been gaps of time where nothing seems to happen.
Shadow Defender itself is already at a very high state of development and if you get a stable version with no complaint or bug reports and have a saleable product, to make consistant money over a period of time, then it might be a case of 'let sleeping dogs lie'.
My communication has been sporadic at best with Tony and at times non existant. I have never had an explanation from him about his situation. For the last number of months I have not had a reply to any of my emails to Tony.
When he is 'active' Tony seems very 'present' and usually will reply to a bug report in a day or two. His manner is very straightforward in a practical way but I find that he only replies to what he wants to reply to and some reports or comments in the midst of others being dealt with, seem to be ignored and that also goes without any explanation. I have tried to address these issues with Tony but have never really got a satisfactory outcome. It feels like he just doesn't want to address certain things. I'm not sure why.
New versions of Shadow Defender always appear without fanfare.
I still think that Shadow Defender is a remarkable piece of software, and I use it every day and would not like to be without it.
Thanks a lot for your kind reply. Now I understand behind the scenes. I think too SD is a great remarkable software.
I would have to agree. In it's present form SD is a one of a kind special piece of software.
This version still seems to have the problem where the system becomes unresponsive. I can repeatedly get my system into this limbo state by trying to install a large docker image while the system is in a shadow state even though the docker container folder & files are on the exclusion list. Upon a hard restart (due to the system being unresponsive), I seem to lose a lot of data, including those within my exclusion folders. my chrome browser (which has my profile folder excluded as well) does not save my tabs, and I'm only able to regenerate them from my browser history. Now I have to run some Windows 10 repair checks just to make sure my OS is still in a valid state.
Sad to say, but currently I have to keep my system in it's unshadowed state until this can get fixed.
Just some thoughts and questions to try to get an idea of what is happening and I'm no expert in some of these matters..
What is your operating system 32 or 64 and how much ram do you have?
Do you have plenty of room on the drives for these large downloads to be moved about?
How big is/are your drive/s
Do you have an anti virus anti trojan or anti rootkit running alongside the download?
If so, which anti virus?
What are you using to download your files?
Do you have any other kernel level software running at the same time as you are in Shadow Mode?
Do you have any drive/system monitoring software running when this is happening?
Do you have the 'Notify me with the free space on the protected volume' box ticked in Shadow Defender 'Administration'
Have you tried downloading these large files but using a different anti virus?
Have you tried anti virus running only on demand when downloading these files?
Do you have any limit in any software that you are using during the download that might choke on the size?
Do you have any software running that might be starved of resources during a large file download operation?
Does your PC ever appear hot?
Are your fans adaquate during the download?
During the download and looking in Task manager which are your most resource hungry items?
Has this situation occured during any other normal operations apart from these large downloads, movement of files or installations?
I personally don't touch anything in the SD configuration (except enable hibernation in shadow mode), as excluding anything has proved to be very unreliable over reboots in normal mode. Committing files is what I do when in shadow mode, and save bookmarks in a text file which will be committed before exiting shadow mode. I'm using Win 10 (64) on two machines and SD (version.665} behaves exactly the same in both. Some testing, and trial and error will tell what one can do consistently, although I have never ever experienced OS problems due to SD.
Greetings.. thanks for the answer.. I used SD in the past with Win XP and never had problem.. I know how works.. in state shadow mode.. or mode thaw.. the problem is in Windows 10.. i proved in 4 versions.. olds.. newer.. and the result it's the same.. I install..configure pass.. and frozen.. then when i reboot.. sometimes I have BSOD.. sometimes reboot fine.. are days without crash.. other yes.. even some days someone programs disapears.. or "uninstall".. or simply don`t work.. or work bad.. no open or have errors.. and when i reboot.. more BSOD.. and still same with the errors.. sometimes i put in mode thaw.. and reboot frozen.. and again i configure with mode thaw.. and then reboot mode thaw.. or i have more BSOD.. I proved many configurations after all.. (in the begin i dont configure anything and i had that problems..) For discard i install another similar program Time frozen from toolwiz.. and this work a little better.. just have BSOD very random times.. in middle a game.. or just with chrome.. or only play Minecraft.. it's very very disgusting.. (With SD only have BSOD at reboot or when i put on the pc) so.. for that i think are the hardware.. someting in the mother board.. i dont have nothing special.. it's only a pc with a MSI card.. 4 gb of ram.. and 500 gb hard disk.. and i have 16 pc's with this specifications and all have this problem.. i used Clonezilla for cloning the hard disk and with Shadow defender i had problems with the NTFS.. aparently this dissapear.. (with Time Freeze don't have this error) i don't know what more do.. soon i will format from 0.. and will appresiate if help me Shadow defender works.. thanks to all
Do you have FastBoot/FastStart turned off?
check out this part of the thread
I proved with fastboot activated.. sames problem.. desactivated.. sames problem.. even.. i format from 0 and desactivate fastboot after install Shadow Defender and same result.. i desactivated even hibernation and hibrid suspension.. the only thing left desactivated are the suspension..
Problems like you are having is what scares me a bit about installing Shadow defender (or any program like it in W10). I had a great experience with this type of programs in XP and W7 but my feeling is that SD is not for W10. You should know, there are people doing OK with SD in W10. But me, I just dont feel confident about using it in W10. I dont even want to test and see what happens. I don't want BSOD. You said you tested in a bunch of computers and they all gave same results. Be careful. Saludos.
Thanks for the followup, Patrick.
To answer your questions:
OS is Win 10 Pro, 16gb ram, 330GB/512GB free
Only AV running is the built-in AV, Windows Defender Antivirus
In this specific instance, I'm using docker, so the downloads are happening via command line through a docker command.
The only other kernel level software running that I can think of is Sandboxie, but no sandboxes are active when this happens. Ths sanboxie.ini and Sandbox folders are in the exclusion list.
I have no drive/system monitoring software running when this happens, though I do use Task Manager to try and see what's going on when this occurs.
The 'Notify me with the free space...' option enabled in the SD Admin area.
I have not tried to use a different Antivirus software when this happens. From my understanding, docker will download the packages to the (already excluded) container file, and so I'm assuming the AV won't act up bc it won't understand the container format that docker is using.
I have not tried antivirus running only on demand when downloading these files. (I will try this - and disabling AV even - and let you know).
I do not have any limits in any software during download. The drive is formatted NTFS, and I have no software restrictions set otherwise.
PC does not appear hot when this is happening. The system just stalls - mouse works, the shell still seems functional, but I can't seem to launch programs, and rebooting the system shows the reboot screen and sits there. I've let it run for an hour before giving up.
Fans are adequate and spinning slowly during the download.
I'll try the download again and look in the Task Manager to report the most resource hungry items later tonight.
The only other situation this occurred in the past is when I moved GBs from my NAS to an external (unshadowed) drive, but in the 2 times I've done this on v668 I've had no issues, so something did get changed for the better. I'll also try this again this evening and report back as well.
Please let me know if you have any other questions and I'll be happy to answer.
Thanks BoarAnt, much appreciated.
This post is so scary I don't even know where to begin. We're talking about Shadow Defender, right? What is it with "mode thaw" and "frozen" *****? And what is it with the contrived broken English bit? I dunno...
Much more to say but the mods will already slam dunk this reply. An alias is one thing but...
Well, we have you to thank Patrick for sticking with the support of it for what seems like since forever.
You been tireless in your efforts and determination to see to it that this program kept to it's legacy as IMO one of the best and longest running apps of it's kind and users worldwide have at one time or another perhaps benefitted i'm sure in you seeing to their complete satisfaction in it.
You just can't ask for more but you been a beacon. Thanks
Just as a followup to this, I tried it without AV enabled and still got the same system unresponsiveness.
Viewing the Task Manager, the most active Processes during the docker pull were vpnkit.exe (Docker), System, Task Manager, Services and Controller app, WMI Provider Host, and Antimalware Service Executable. All seemed to trade places until the end when the system hangs, then the most active ones are System and WMI Provider Host (both 1%). I do see a curious Process Name called "System Interrupts" being active (1%) during this stall. On the Performance tab of Task Manager, the CPU was at 5%, Disk at 1%, and Memory was at 7.8GB/16GB full.
Separate names with a comma.