The unofficial Shadow Defender Support Thread.

Discussion in 'sandboxing & virtualization' started by Cutting_Edgetech, Feb 14, 2011.

  1. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,779
    Location:
    U.S.A. (South)
    Without a single doubt.

    Having gone full circle myself more times then one can imagine, it does seem that many of us always end up with that neatly assorted patchwork of several "less demand" security apps which greatly improve overall system performance again, while at the same time deepening the right protection required to keep our good machines safe.

    Wouldn't it be something if someone was genius enough to be able to string together so many of these unique & different combos like are posted around here. :cool:
     
  2. Hi everyone.

    First of all many thanks in reply to my last post.
    You suggested to upload the older versions. That would be great if it's possible to upload (x.325) or even (x.320) for 64bit & 32bit operating systems.

    As I mentioned before the well-known malware scanning services like Virustotal reported suspicious contentns relating to shadow defender.
    Should I ignore the results of the analysis of this Software in case it might just have been a false positive report? :doubt:
    Maybe I should send the file for futher deep analysis to Valkyrie Comodo

    Does someone actually know how those threats Trojan/Downloader.Banload.bjhp and TrojanDownloader.Banload.bjjq effect the operating system if there where some hidden inside this Tool.



    Yours sincerely
     
  3. chris1341

    chris1341 Guest

    sdmod posted links to previous versions here - https://www.wilderssecurity.com/showthread.php?p=1836877#post1836877 - that was more than a year ago so not sure if they work now though.

    The AV detections are almost certainly false positives. Check them with Valkyrie if you want but it is as (more?) prone to FP's as any of the others.

    FWIW I've used Shadow Defender for a number of years, long before Tony went MIA and it always generated FP's. Understandable probably. It's not all that well known outside places like this and it's native land, it has many attributes the heuristic engines of AV's etc might find suspicious, the executables are not signed and it is from China so the suspicious score builds up quite quickly.

    Can you trust the latest versions? Up to you, but........... you don't need to as older versions work extemely well. My main issue would be about buying it, if I did not already own it there is no way I'd give me details to a vendor of dubious origin. Golden security rule really - if you don't trust the vendor don't transact with them.

    Cheers
     
  4. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,087
    Whoknowsnothing1

    sent you private message
     
  5. The Shadow

    The Shadow Registered Member

    Joined:
    Jan 24, 2012
    Posts:
    814
    Location:
    USA
    As requested, I have uploaded Shadow Defender setup files for builds 320 and 325 (32bit & 64bit). These are the very same setup files which were made available for download by the original developer (Tony).

    SD_320-325.zip (4.16MB) (MBAM & PCAV scanners report "no malicious items found")
    Download Link: http://www.sendspace.com/file/ybb5cd
    Note:

    Do NOT click on any of the host's 'Download' or 'Play' Buttons!
    Go to the Blue Box with: "Click here to start download from sendspace"
     
    Last edited: Apr 18, 2012
  6. Hi everyone.

    Once again many thanks to everyone for your kind support.
    Hi Shadowdefender. I already downloaded the uploaded files and checked them again for safety reasons via virustotal.com.
    Unfortunately the files contain much more rogue contents than the latest version.
    So I am somehow confused whether I should use this at all or not. Concerned of getting a malware or spyware on my operating system. :doubt:


    Cheers...
     
  7. chris1341

    chris1341 Guest

    I obviously can't vouch for the file uploaded by ShadowDefender but can say a genuine copies of Shadow Defender .320 and .325 are NOT malware.

    Just uploaded my genuine copies to VT and they generate FP's, but that is exactly what they are.

    Cheers
     
  8. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    870
    Location:
    2500'
    I've downloaded and run (on two machines) the version (325) that ShadowDefender generously made available. I scanned it on my machine and VT and it came up with false positives but I can tell you that I've run it for weeks now without incident on either installation. I would trust them but you have to be comfortable with the decision.
     
  9. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    If you could find a previous 325 versions from folks on here, you can be assured that they are probably safe.
     
  10. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,087
    I've sent most people who are looking for Shadow Defender 1.1.0325 (32 and 64 bit) on this forum my ones which have been virus checked many times, I use the 32 bit version myself but others have used the 64 bit version with no bad feedback. Drop me a pm with your email and I will send them as attachments named SD1.1.0.325_Setup.exee and SD1.1.0.325_Setup(x64).exee
    I do this because some email do not like exe files to be sent
    Thern just rename the file removing the end e

    or give me somewhere to upload the files to

    I do have other versions but 1.1.0.325 seems the best proven

    best wishes

    Patrick (ex Shadow Defender moderator)
     
  11. The Shadow

    The Shadow Registered Member

    Joined:
    Jan 24, 2012
    Posts:
    814
    Location:
    USA
    It has already been established by others in prior posts that the current build (notwithstanding the mystery surrounding the new SD website) produces a few less FP's than prior builds. But they all generate FPs on VirusTotal because of the large number of scanners VT utilizes (over 40) and the very nature of SD's kernal driver.

    The files I uploaded were scanned and reported 'clean' by Hitman Pro, Malwarebytes AntiMalware, and Panda Cloud AV. They are the very same files made available for download by Tony (which I believe is the same source of sdmod's setup files) and they are malware-free regardless of what VirusTotal reports!
     
    Last edited: Apr 19, 2012
  12. Scott W

    Scott W Registered Member

    Joined:
    Sep 21, 2008
    Posts:
    637
    Location:
    USA
    Fwiw, last night I downloaded and extracted the setup files provided by ShadowDefender (Post #680) and can verify that 'his' 1.1.0.325 setup file and 'my' 1.1.0.325 setup file are identical (and I have been running build 325 for quite some time without any issues).
     
    Last edited: Apr 19, 2012
  13. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,087
    Sorry, I hadn't noticed post #680

    my own checksums are

    32 bit

    SD1.1.0.325_Setup.exe

    101CDC867F7771FAAE6810483EF16439

    64 bit

    SD1.1.0.325_Setup(x64).exe

    35EDF53C0B4D3B8960047CFBFCBAE7E3

    Patrick (ex Shadow Defender mod)
     
  14. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,688
  15. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,087
    The reason that there are two 1.1.0.325 versions is that I found a problem (I thought) with the first release of 1.1.0325 and notified Tony (the developer) later on the day of it's release...Tony made some changes and did a re-release using the same number again but I discovered soon after that the problem was not with Shadow Defender but with own system that had a glitch, I contacted Tony as soon as I discovered it and so the original version (my checksum) is the correct version as it was first released and as Tony intended it originally.

    Patrick (ex Shadow Defender forum global moderator)

     
  16. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,688
    I've been running 1.1.0.325 w/o any issues and has always worked flawlessly with the checksum posted.
    My intension was not which version is better only that both are legit and both released by the original developer.
     
  17. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    870
    Location:
    2500'
    Another legitimate .325 MD5:

    2d3eb4cd8c784cddbdca78ccda1793bf


    From virustotal:

    SHA256: 150d6cf0b5bc7c4ba1b688f93e5d411c3ecce3a360ba4ee232721e0b96e5cc60
    SHA1: ab8444173a1b465783d28beda6d87468d027cbc3
    MD5: 2d3eb4cd8c784cddbdca78ccda1793bf
    File size: 809.2 KB ( 828624 bytes )
    File name: Defender.exe
    File type: Win32 EXE
    Detection ratio: 0 / 42

    Analysis date: 2012-02-16 08:18:41 UTC ( 2 months ago )
    0
    0
     
  18. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,087
    I'm sure all the 1.1.0325 versions work perfectly well but I'm just explaining why my checksum was the original intended version.

    32 bit

    SD1.1.0.325_Setup.exe

    101CDC867F7771FAAE6810483EF16439

    64 bit

    SD1.1.0.325_Setup(x64).exe

    35EDF53C0B4D3B8960047CFBFCBAE7E3

    Patrick (ex Shadow Defender forum global moderator)
     
  19. Scott W

    Scott W Registered Member

    Joined:
    Sep 21, 2008
    Posts:
    637
    Location:
    USA
    I do recall that there were two different 1.1.0.325 versions. For some reason (perhaps just a goof-up) there was a setup.exe.0 file inside the first version. Someone (sdmod?) must have brought that to Tony's attention because a few weeks later the 2nd version was released without the setup.exe.0 file which turned out to simply be 'excess baggage' - as they say in basketball, 'no harm, no foul' (both versions seemed to function very well).

    Scott
     
    Last edited: Apr 20, 2012
  20. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,376
    Location:
    Milan and Seoul
    As other members mentioned they are false positives. I uploaded to VT my SD installer (I am among the early users of SD) which I got when Tony (the original developer) was still around, and it scores several hits, Emisoft, Ikarus, Sophos among others which are well known companies for being 'trigger happy' in terms of FPs.

    Emisoft specifically will detect as malware any legitimate program that uses devices commonly used by malware, and won't rectify their claim as it would make it vulnerable to malware using the same device. When I tested Emisoft recently, it found Rollback Rx on my machine as a rootkit.

    VT results are useful for unknown files, but should be taken with a pinch of salt for known files.
     
  21. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    @ sdmod

    Hi i've been using v1.1.0.326 for some now with no probs on XP/SP2 :) Just wondered what your thoughts are about it, as you mostly seem to recommend v325 ?

    TIA
     
  22. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,779
    Location:
    U.S.A. (South)
    I had no problems either with SD in the past or current. Thanks in order for those other version set up files but another question like CloneRanger's

    What is the chief improvement with v.325 over v.320 since as stated most prefer to favor the v1.1.0.325 version.

    Curious note for me since i long been an advocate for the PowerShadow app which i never had any problems with either running on XP Pro SP2.
     
  23. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,294
    I've ran the .326 version with no issues back when I was running SD.
     
  24. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    As I mentioned on a previous post: On my new X79 system when you look at the System Status tab in SD the "Space Used by SD" value always stays at zero even when I add/remove files or install/remove programs to the protected SSD. It still works, but it doesn't tell me how much space its using. Has anyone else encountered this?
     
  25. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,087
    As I remember there were some problems with 1.1.0.326 reported at the time of it's release and many people reverted to 1.1.0325 as the last good version.

    Patrick (ex Shadow Defender moderator)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.