The unofficial Shadow Defender Support Thread.

Without a single doubt.

Having gone full circle myself more times then one can imagine, it does seem that many of us always end up with that neatly assorted patchwork of several "less demand" security apps which greatly improve overall system performance again, while at the same time deepening the right protection required to keep our good machines safe.

Wouldn't it be something if someone was genius enough to be able to string together so many of these unique & different combos like are posted around here.

 

Hi everyone.

First of all many thanks in reply to my last post.
You suggested to upload the older versions. That would be great if it's possible to upload (x.325) or even (x.320) for 64bit & 32bit operating systems.

As I mentioned before the well-known malware scanning services like Virustotal reported suspicious contentns relating to shadow defender.
Should I ignore the results of the analysis of this Software in case it might just have been a false positive report?
Maybe I should send the file for futher deep analysis to Valkyrie Comodo

Does someone actually know how those threats Trojan/Downloader.Banload.bjhp and TrojanDownloader.Banload.bjjq effect the operating system if there where some hidden inside this Tool.



Yours sincerely

 

sdmod posted links to previous versions here - https://www.wilderssecurity.com/showthread.php?p=1836877#post1836877 - that was more than a year ago so not sure if they work now though.

The AV detections are almost certainly false positives. Check them with Valkyrie if you want but it is as (more?) prone to FP's as any of the others.

FWIW I've used Shadow Defender for a number of years, long before Tony went MIA and it always generated FP's. Understandable probably. It's not all that well known outside places like this and it's native land, it has many attributes the heuristic engines of AV's etc might find suspicious, the executables are not signed and it is from China so the suspicious score builds up quite quickly.

Can you trust the latest versions? Up to you, but........... you don't need to as older versions work extemely well. My main issue would be about buying it, if I did not already own it there is no way I'd give me details to a vendor of dubious origin. Golden security rule really - if you don't trust the vendor don't transact with them.

Cheers

 

Whoknowsnothing1

sent you private message

 

As requested, I have uploaded Shadow Defender setup files for builds 320 and 325 (32bit & 64bit). These are the very same setup files which were made available for download by the original developer (Tony).

SD_320-325.zip (4.16MB) (MBAM & PCAV scanners report "no malicious items found")
Download Link: http://www.sendspace.com/file/ybb5cd
Note:
Do NOT click on any of the host's 'Download' or 'Play' Buttons!
Go to the Blue Box with: "Click here to start download from sendspace"

 

Hi everyone.

Once again many thanks to everyone for your kind support.
Hi Shadowdefender. I already downloaded the uploaded files and checked them again for safety reasons via virustotal.com.
Unfortunately the files contain much more rogue contents than the latest version.
So I am somehow confused whether I should use this at all or not. Concerned of getting a malware or spyware on my operating system.


Cheers...

 

I obviously can't vouch for the file uploaded by ShadowDefender but can say a genuine copies of Shadow Defender .320 and .325 are NOT malware.

Just uploaded my genuine copies to VT and they generate FP's, but that is exactly what they are.

Cheers

 

I've downloaded and run (on two machines) the version (325) that ShadowDefender generously made available. I scanned it on my machine and VT and it came up with false positives but I can tell you that I've run it for weeks now without incident on either installation. I would trust them but you have to be comfortable with the decision.

 

If you could find a previous 325 versions from folks on here, you can be assured that they are probably safe.

 

I've sent most people who are looking for Shadow Defender 1.1.0325 (32 and 64 bit) on this forum my ones which have been virus checked many times, I use the 32 bit version myself but others have used the 64 bit version with no bad feedback. Drop me a pm with your email and I will send them as attachments named SD1.1.0.325_Setup.exee and SD1.1.0.325_Setup(x64).exee
I do this because some email do not like exe files to be sent
Thern just rename the file removing the end e

or give me somewhere to upload the files to

I do have other versions but 1.1.0.325 seems the best proven

best wishes

Patrick (ex Shadow Defender moderator)

 

It has already been established by others in prior posts that the current build (notwithstanding the mystery surrounding the new SD website) produces a few less FP's than prior builds. But they all generate FPs on VirusTotal because of the large number of scanners VT utilizes (over 40) and the very nature of SD's kernal driver.

The files I uploaded were scanned and reported 'clean' by Hitman Pro, Malwarebytes AntiMalware, and Panda Cloud AV. They are the very same files made available for download by Tony (which I believe is the same source of sdmod's setup files) and they are malware-free regardless of what VirusTotal reports!

 

Fwiw, last night I downloaded and extracted the setup files provided by ShadowDefender (Post #680) and can verify that 'his' 1.1.0.325 setup file and 'my' 1.1.0.325 setup file are identical (and I have been running build 325 for quite some time without any issues).

 

Sorry, I hadn't noticed post #680

my own checksums are

32 bit

SD1.1.0.325_Setup.exe

101CDC867F7771FAAE6810483EF16439

64 bit

SD1.1.0.325_Setup(x64).exe

35EDF53C0B4D3B8960047CFBFCBAE7E3

Patrick (ex Shadow Defender mod)

 

Also a good (Legit) 32-bit version of Shadow Defender 1.1.0.325 is.........

MD5: 4ED0F50233680FFC37FBE5CF8057C634

Explanation on the difference can be found here on this page post# 182........

https://www.wilderssecurity.com/showthread.php?t=293075&page=8

 

The reason that there are two 1.1.0.325 versions is that I found a problem (I thought) with the first release of 1.1.0325 and notified Tony (the developer) later on the day of it's release...Tony made some changes and did a re-release using the same number again but I discovered soon after that the problem was not with Shadow Defender but with own system that had a glitch, I contacted Tony as soon as I discovered it and so the original version (my checksum) is the correct version as it was first released and as Tony intended it originally.

Patrick (ex Shadow Defender forum global moderator)

 

I've been running 1.1.0.325 w/o any issues and has always worked flawlessly with the checksum posted.
My intension was not which version is better only that both are legit and both released by the original developer.

 

Another legitimate .325 MD5:

2d3eb4cd8c784cddbdca78ccda1793bf


From virustotal:

SHA256: 150d6cf0b5bc7c4ba1b688f93e5d411c3ecce3a360ba4ee232721e0b96e5cc60
SHA1: ab8444173a1b465783d28beda6d87468d027cbc3
MD5: 2d3eb4cd8c784cddbdca78ccda1793bf
File size: 809.2 KB ( 828624 bytes )
File name: Defender.exe
File type: Win32 EXE
Detection ratio: 0 / 42
Analysis date: 2012-02-16 08:18:41 UTC ( 2 months ago )
0
0

 

I'm sure all the 1.1.0325 versions work perfectly well but I'm just explaining why my checksum was the original intended version.

32 bit

SD1.1.0.325_Setup.exe

101CDC867F7771FAAE6810483EF16439

64 bit

SD1.1.0.325_Setup(x64).exe

35EDF53C0B4D3B8960047CFBFCBAE7E3

Patrick (ex Shadow Defender forum global moderator)

 

I do recall that there were two different 1.1.0.325 versions. For some reason (perhaps just a goof-up) there was a setup.exe.0 file inside the first version. Someone (sdmod?) must have brought that to Tony's attention because a few weeks later the 2nd version was released without the setup.exe.0 file which turned out to simply be 'excess baggage' - as they say in basketball, 'no harm, no foul' (both versions seemed to function very well).

Scott

 

As other members mentioned they are false positives. I uploaded to VT my SD installer (I am among the early users of SD) which I got when Tony (the original developer) was still around, and it scores several hits, Emisoft, Ikarus, Sophos among others which are well known companies for being 'trigger happy' in terms of FPs.

Emisoft specifically will detect as malware any legitimate program that uses devices commonly used by malware, and won't rectify their claim as it would make it vulnerable to malware using the same device. When I tested Emisoft recently, it found Rollback Rx on my machine as a rootkit.

VT results are useful for unknown files, but should be taken with a pinch of salt for known files.

 

@ sdmod

Hi i've been using v1.1.0.326 for some now with no probs on XP/SP2 Just wondered what your thoughts are about it, as you mostly seem to recommend v325 ?

TIA

 

I had no problems either with SD in the past or current. Thanks in order for those other version set up files but another question like CloneRanger's

What is the chief improvement with v.325 over v.320 since as stated most prefer to favor the v1.1.0.325 version.

Curious note for me since i long been an advocate for the PowerShadow app which i never had any problems with either running on XP Pro SP2.

 

I've ran the .326 version with no issues back when I was running SD.

 

As I mentioned on a previous post: On my new X79 system when you look at the System Status tab in SD the "Space Used by SD" value always stays at zero even when I add/remove files or install/remove programs to the protected SSD. It still works, but it doesn't tell me how much space its using. Has anyone else encountered this?

 

As I remember there were some problems with 1.1.0.326 reported at the time of it's release and many people reverted to 1.1.0325 as the last good version.

Patrick (ex Shadow Defender moderator)