The unofficial Shadow Defender Support Thread.

Discussion in 'sandboxing & virtualization' started by Cutting_Edgetech, Feb 14, 2011.

  1. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    Hi,

    hxxps:// www. youtube.com/channel/UCrtmme_CU7ixcZjkMZ2r_3Q
    Current review......
     
  2. Wendi

    Wendi Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    643
    Location:
    USA
    Not at all surprised by the tester's perfect results, but his remarks to the effect that the ransomware was 'blocked' or 'stopped' is incorrect and misleading...

    In all 10 ransomware infections, upon performing a system restart Shadow Defender was able to restore the system to its prior (clean) state, but during the time the system was infected by ransomware there's a definite possibility that data-theft may have occurred - i.e., before the system was restored by Shadow Defender! That's why (imho) it's critical to implement outbound firewall control (in addition to SD).
     
    Last edited: May 29, 2021
  3. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    @Wendi,

    Agree, but there is only one thing missing if the system become infected with malware.
    With the combination above of security software.... For example of Shadow Defender &
    SpyShelter Firewall.

    Away to remove/clean the malware, ect.....
    Maybe a secondary scanner or just a antivirus without a firewall. Plus, adware cleaner.
    Shadow Defender, restore the system to its prior (clean) state, if it was really clean to began
    with.....
    SpyShelter Firewall,does not remove malware and/or clean......
    Your thoughts?
    Suggestions/thoughts opinions, welcome......
     
  4. Quassar

    Quassar Registered Member

    Joined:
    Oct 19, 2011
    Posts:
    253
    Location:
    Poland
    for this you have backup.

    Even antyvirus dont clean system fully/ well good after infection and system might be unstable even after "cleaning" by antyvirus..
    Becasue antyvirus delete corupted files and new malware files ofc if "detect,find it"
    And for fix system file you need use windows tool or just better make rollback system to state before infection.

    And there is a lot forums where peoples using other tools to find files corupted mostly use FIRST...
    But even this software can't be enought if system is much harm and still need offen reinstall or rollback system if made backup in past.

    So you dont need scanner AV if your system is all time rollback to clean state.
    so you dont bring infection to new,next session and in current session hips/fw protect you to not get infection in that one.

    Just look how much av is helpfull
    if you get infected by ransomware av will help you ? no bc your filles are allready screw.. dellete virus not bring you back files.... and your system still can't be unstable after it so you need rollback or reinstall system.

    If you lose your prive data due of Keyloger or Trojan etc spying behavior... AV will help you ?
    No your private personal data already in darkside of net. and scanning pc not give you guarante trojan was fully removed from your disk and still can be spying somewhere there..
    So solution its once again reinstall or rollback system to not leak rest data if was yet left something to leak.... :(

    This is 2 golden example why better more prevent instead of try cure because for cure can be to late.. "instead chasing butterflies"
     
    Last edited: May 30, 2021
  5. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    @Quassar

    Straight to the point, with great details and with a few examples.
    What rollback software would suggest? For example, Instant Recovery,
    Rollback Rx, and Macrium Reflect.
    Or just do a clean install of Windows to current version?

    Kind regards,
     
  6. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    Remember please that this is the thread about Shadow Defender.
     
  7. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    Hi,

    Appreciate the remember, thank you.......
     
  8. Quassar

    Quassar Registered Member

    Joined:
    Oct 19, 2011
    Posts:
    253
    Location:
    Poland
    Exacly and Shadow Defender its kind or rollback :D

    Just look... how long you work on your system with out reinstall or rollback.
    1 year ?! meaby 2 meaby 3 or even longer... and what if your system is infected after 20day since fresh install and ofc you still dont know it.
    You life with it , use your system whole this time with virus who steal.read your all activity whole this time... and ofc you used few antivirus in this time ofc not all in one time, half year avira .. but you didint like it so you moved to kaspersky now peoples saying defender basic is far enought and you stay with it..
    but unfortunly this malware which is on your pc it still less popular and any AV still don't detect it which you used in past and unfortunly still even now .

    Now look on Shadow Defender even if you launch system 1 time on day or even 2 times - for example before go to job and once again after it.
    If one year have 365 days you will have 365 fresh sessions.

    That why in this case/situation Shadow Defender 24/7 using its better then even hardstyle multiple scanner like SecureAplus , HitmanPro etc.
    Because its not molest your all files. data by make bussy your I/O taks disk and processor for scaning new operation with dream about find virus and you still dont have 100% chance to find all which i said above.

    Shadow Defender wipe all new changes from up every single boot which is better than holding 1 unknow session whole years and molest it with av which faster or later will fail with detection..
     
    Last edited: May 30, 2021
  9. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,159
    I use Sandboxie, Keyscrambler Premium, Malwarebytes active and a firewall (in my case Sygate Personal Firewall Pro) and check each file that I download on to my pc in each Shadow Defender (Shadow Mode) session and I never save a file or to reboot to a real session from Shadow Mode until it has been thoroughly tested and confirmed (by me) to be safe.
    Note: Remember to confirm your Firewall settings in non Shadowed mode if changed in Shadow Mode session..
    I install programs outside Shadow Defender Shadow Mode only after testing in Shadow Mode and with anti virus etc and running the program to see if it serves my purposes.
    Tony always said that it was important to install Shadow Defender at an early stage when installing your operating system. I imagine that this is to get there before the malware is installed and active when it might make connection to an outside source and then your Shadow Mode session would be pointless when the 'enemy' already has your vital information.
    Shadow Defender does not protect you from revealing information that you give away on the Internet revealing your true identity and personal information which might make you vulnerable in Shadowed and non Shadowed session.
    I do not like software that insists on 'phoning home' as part of it's makeup. I usually block anything like that unless it is essential and proven safe. Anything that proves itself a nuisance I will not have on my system. I don't want to be constantly nagged or reminded of things by a software developer. I don't allow automatic updates.
    That is my way of working...it might not be 100% but it's served me well over the years.

    Thanks to @Dann for kind comments
     
    Last edited: May 30, 2021
  10. Quassar

    Quassar Registered Member

    Joined:
    Oct 19, 2011
    Posts:
    253
    Location:
    Poland
    The most important in securtiy its what you realy need to have and what is the real most important
    and in this scenario you also need know which software how work to get good choice.

    And you cant fully compare AV's to Shadow Defender because thier job its totaly diferent but honestly if you compare cons and pros better stick Shadow Defender but dont forget you no need choice beetwen them you can use well both of them. but for me there is no point.
    And both av and shadow defender its not kind of software which prevent its more kind of diferent way to keep clean state of system.

    For prevent you have Hardering ( disable services which take more risk for infect system and you dont use, add some more restriction/settings etc )
    HIPS which take action during 1st try by launch unwanted action and take control whole system what happen in background.
    Firewall to take contro what try connect to your system and what goes out from it also.

    And also Shadow defender not only protect you about be permanently infected but hold your system always fresh.
    So you no need use from time to time other cleaing tools like ccleaners because temp burdel files will be wiped :D

    So if something broke for sure will be not system but faster pc component or just to time when you not shutdown shadow mode for intall /make updates any other kind of changes in system.
    That why even if you use Shadow Defender you have still do solid backup and dont forget it.

    Technicaly not matter which way you go which kind of layer security/which soft you will use - always do backup!!
     
  11. Wendi

    Wendi Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    643
    Location:
    USA
    If you are always running virtually in SD's shadow mode, reverting back to the clean real system with every restart/shudown, how could the real system become infected? Certainly the virtual system (shadow mode) may get infected; that's why I recommend an additional layer of protection, specifically to prevent rogue outbound traffic. As far as I'm concerned that's all the protection actually necessary!

    Of course image/clone backups (to external storage) must be performed on a regular basis for disaster (of any kind) recovery.
     
    Last edited: May 31, 2021
  12. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Now that i've gave up the ghost so to speak transitioning to Windows 10 (but NOT entirely just yet), Shadow Defender is as it's been for some time now. On Demand Only. Since those days of foulware hunting are pretty much behind i still keep SD close like a guard dog in case for those rushes to duty & courage if i happen on a powerful sample or two that raise enough panic to grab attention enough for me to send it into the Shadow Defender Arena for sport and research.

    Aside from that on this newly christened Windows 10 20H2 i'm running ERP 4.0 which is akin to double duty for UAC but way more granular to the liking. WiseVector Stop X is silently positioned in tandem with Microsoft Defender which i never thought i would see the day i could actually rely on it. Well on 10 its built in and does enough. Secure Folders is also a throwback alternative that is hard to part with even on a newer system.

    Also Drive Snapshot backup images are the final lifeline which rounds out the core of this system and any others that might be added in the future. Gotta have them backups, No Brainer

    That said i seen and experienced rock solid performances of SD plenty enough against the baddest of the bad only to rise to the occasion as it always has for me and return a session right back to clean state. So while unlike some of you i don't run it to go online to stay safe or dump my safe sessions whatsoever but it is every bit a integral component that i can turn to without giving a second thought to it's capabilities to meet and defeat challenges.
     
  13. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    @Quassar, @Wendi, @Wendi,

    Nice feedback on Shadow Defender.......
    Learning a lot, keep it up.......
     
  14. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
  15. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    Great more feedback on Shadow Defender. Thank you for sharing, @ichito....
    Appreciated......
     
  16. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Thanks @Wendi I agree. It's been mentioned and strongly suggested before just as you on occasion before, however it is worth that REMINDER AGAIN as a wise decision to add that particular extra layer in order to "absolutely" prevent any possibility to some outbound run while in Shadow Mode.
     
  17. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    Hi,
    Just wondering,
    Does anybody know if you can use Comodo Firewall for containment feature with browser and Shadow Defender?
    Like a safety net.....?
     
  18. pvsurfer

    pvsurfer Registered Member

    Joined:
    Sep 1, 2004
    Posts:
    1,617
    Location:
    USA
    I'm not a CF user, but I believe you can configure CF's alert settings so as to be notified whenever the firewall encounters an unknown request for network access.
     
  19. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    We used to have posted to this forum some years back a freelance developer or two who's little outgoing firewall alert programs were ideal just for a program like SD to prevent if something tried to ring the phone to some outside destination when in Shadow Mode.

    Wouldn't a front-end to the firewall for Windows like @alexandrud's Windows Firewall Control suffice for that purpose?
     
  20. pvsurfer

    pvsurfer Registered Member

    Joined:
    Sep 1, 2004
    Posts:
    1,617
    Location:
    USA
    @EASTER, @Moose World, as a long-time SD user I have found the free version of SpyShelter performs outbound traffic control very well (and in addition, if desired, it also provides an effective HIPS)!

    Apparently @Wendi also complements SD with SS to monitor/control outbound network requests.
     
    Last edited: Jun 5, 2021
  21. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    @pvsurfer,

    Thank you for sharing, really appreciate the info and update........
     
  22. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Thanks @pvsurfer- I may have a look and test run sometime with it.

    Shadow Defender is On Demand only here- (is been that way mostly for my 8.1 units) Its always also been extremely stable. When testing malware especially file infectors, it proved solid as iron which is saying a lot since there must be every conceivable form of malware known/unknown to exist that SD can handle.
     
  23. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
    @EASTER, and it has also been very stable on my Windows 10 for at least two years now:)
     
  24. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,571
    If you have several internal drives for backup, should all of these backup drives be in Shadow Mode in addition to the C: drive?
     
  25. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    So long as you or your backup isn't writing to them that you want to retain I really don't see why not. I mean it's always an excellent preventative while online even though they are storage for your backups. I would if it was me also on occasion transfer those, or some of the most recents or even dated ones out and over to a isolated storage for really superb confidence. :)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.