The unofficial Shadow Defender Support Thread.

Discussion in 'sandboxing & virtualization' started by Cutting_Edgetech, Feb 14, 2011.

  1. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    The support for SSD and the introduction of RAM cache?
     
  2. daray

    daray Registered Member

    Joined:
    Dec 21, 2009
    Posts:
    15
    I've noticed some weird behavior with the latest version too, but slightly different to what others seem to be experiencing.

    For me, while working in Shadow Mode, occasionally programs would reset themselves to default (e.g. Windows Update suddenly forgetting all the updates I had hidden, and prompting me to install them). It would be back to normal on restart (enter shadow mode on boot). Also noticed some data corruption in "excluded" directories on the shadowed partition.

    All in all, stability is important enough to me that I have had to uninstall it until Tony gets it fixed.

    OS is Win7 x64, running off a SSD (and happens regardless of whether RAM cache is enabled or not).
     
  3. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,035
    If I'm not mistaken I think that Feandur meant, What has changed between the older versions where this problem was first noticed and 1.1.0.325 which was bug free?





     
  4. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    411
    Location:
    Australia
    sdmod

    correct!


    Can any discovery be drawn from the change in coding at that change and the change in coding recently?

    And could the solution be in the bug fix back at that earlier time?

    sdmon, perhaps you might know that earlier time and the "buggy" and subsequent "non buggy" versions involved?

    But, of course, only Tony would know what the change itself was.

    - cheers,
    feandur
     
  5. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    You may be on to something here...
     
  6. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,035
    I can consistantly reproduce this problem with a completely fresh re-install of 1.2.0.355 and I don't have a solid state drive.
    For me, when I first noticed this problem, was way back around the period between version 1.1.0252 and 1.1.0.275, first problems with Alcohol 120% and Daemon Tools, (as I remember it was some sort of conflict), then Nero Burning Rom losing it's registration after coming out of shadow mode and rebooting to normal mode, also avg, and other kernel driver type apps losing settings and going to default, although Tony fixed something concerning Nero. I occasionaly saw the same sort of behaviours through various versions but 1.1.0.325 it seems to be fixed.
    You can see Shadow Defender history here
    Tony says that there is no difference between the driver in 1.1.0.325 and the driver in 1.2.0.355 but (with respect) I am not convinced,
    There is some difference between 1.1.0325 and 1.2.0.325. I have a hunch that it is a kernel driver problem...I think either a conflict with other kernel drivers in apps (where there is a conflict of interest) or maybe because the softwares "under" with less status than the Shadow Defender kernel driver that have specific requirements to run to their fiull extent and status are being blocked by Shadow Defender kernel driver.

    That is my view, not a programmers view or an expert view but but a semi educated hunch.

    1.1.0325 (as near as I can tell) a stable version

     
    Last edited: Jan 16, 2013
  7. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Out of curiocity, how many of you people that DO HAVE THE ISSUE, run EMET or have DEP set for "ALL programs"?

    I just ask, because i spent the previous day, troubleshooting one program that was losing settings (unrelated to SD), i ended up reinstalling Windows from scratch and turns out it was the "DEP for all programs" that was making the application go insane.

    Just a shot in the dark.
     
  8. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,546
    As I posted above, I had an issue with Nero while using SD 355 x64. My EMET global setting for DEP is "Application Opt Out".
     
  9. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    Yup, I have EMET. My issue was Chrome losing its bookmark bar entries. I say 'was' because I've reverted to running SD as on-demand only until the problem is fixed.
     
  10. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,546
    What do you mean "on demand only"? Not permanently? I can´t use SD permanently, because sooner or later I have to modify the system. And, anyway, what´s the difference with respect to the problems described? If you use it "on demand", the same problems may arise, I think.
     
  11. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Interesting. 2 out of 2 so far. What i am trying to say, is that maybe Shadow Defender running under DEP, goes bananas? Again, a shot in the dark...
     
  12. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    I use the latest SD version on Win7 x64 alongside Comodo Firewall 5, Avast 7 and MalwareBytes Antimalware 1.70 without any problems. I use Firefox and Thunderbird but they are both portable/standalone versions running from another disk so this reported SD problem wouldn't affect them anyway. I've had no problems with any settings getting lost whatsoever, but then again I also use Rollback RX so any such problems would be easily reverted with a reboot.

    Maybe these problems have to do with the individual hardware/software configs of different users, If this is the case then it would be pretty hard for Tony to create one patch that fits all.
     
  13. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    i.e. I only now turn on SD when I have a specific need for it, rather than run it always-on during windows sessions. Less usage = less need to exit shadow mode to perform maintenance on my real system = less chance of corruption
     
  14. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    411
    Location:
    Australia
    sdmod:

    I never left Version 1.1.0.278 - still using it daily on Win XP SP3 [x32 bit].

    Never have had any problems with it, so will probably leave well enough alone, given XP has only another year of life.

    Running x64 bit Win 7 and Win 8 boxes though without benefit of Shadow Defender at the moment and missing it! :'(



    Wonder what Tony changed between 1.1.0.252 and 1.1.0.275 [which is stable on XP].

    Also wonder what Tony changed to make SD x64 bit compatible [the 1.1.0.314 and above series].

    Are all the affected programs x32 bit? Is there a bug in in the x64 bit compatibility that now needs a revision?


    - just speculating.

    -cheers
    feandur
     
  15. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I 've done a quick test. Enabling, using applications, rebooting and SD seems to work right for me again. :D

    1 game kept its savegames, Filezilla kept its queue list, and a feed reader continued from where i had it left.

    I still have to update MBAM to see if it will remember the updates.

    I think there could be a conflict in your systems with something. Or maybe i haven't used SD long enough yet.

    P.S.: After a catastrophic corruption of my SSD data, i have DEP enabled only for Windows and i don't use "Commit", only exclusion list.

    EDIT: Just updated MBAM and the new database was correctly saved after a reboot too.
     
    Last edited: Jan 17, 2013
  16. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,105
    Can anyone reproduce this in a virtual machine (eg. VMware or VirtualBox) ?

    If so, you could upload the VM and Tony would also then be able to reproduce and debug the issue.
     
  17. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,766
    Location:
    Nicaragua
    I ll try to be very specific. On two computers, an XP and W7, both 32bits. No SSD. Always using SD on demand, using version .346. No antivirus or firewall. I haven't experienced any issue with settings or anything else in either PC during the two weeks that I used the program.

    I don't use SD for security but for trying programs only but since I am a new user, I have been testing the program doing surfing, downloading files and doing what I normally do to see its behaviour. Its been very nice.

    HTH

    Bo
     
  18. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    411
    Location:
    Australia
    bo elam : -
    Hmmm !.......is x32 bits the answer??

    Anyone using x32 bits and having any problems?

    -almost worth a poll.

    - cheers,
    feandur
     
  19. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    I'm on 32bit
     
  20. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
  21. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,035
    Last edited: Jan 18, 2013
  22. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    Thanks, but it was actually Feandur's idea. If enough people vote maybe we can draw some conclusions regarding which OS/kernel the problem is more prevalent with.
     
  23. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    411
    Location:
    Australia
    Scoobs72, Are you using either of these two setups....

    **SSD only; or
    **SSD Hybrid ( SSD {32G or 64G as cache only, not OS} + HDD

    The following posts also have me interested........

    Arcanez
    Post 1552:
    <<My comment: So is there an issue between slow RAM and fast SSD, particularly at the reboot stage??>>

    Osaban
    Post 1628:
    << So, could the write to RAM function introduced in v346 be fraught with secondary issues??>>

    CyberMan969
    Post 1663
    <<But at what speed? Will the RAM be slower than SSD in this process, and what is the implication, if any, with that?>>

    chris1341
    Post 1622
    <<Is the clue what is, or is not put into Shadow mode??>>

    Crane_Mann
    Post 1761

    <<paging file is where?>>


    My thing is that problems seem to have arisen in just the last two versions when used with RAM writing in conjunction with hybrid SSD's.

    Could a solution be to try SD on a system with no RAM caching [only write to disc] and use only a single SSD disc where the swap file and OS is installed [I guess on a very large SSD then]?? It may help if appguard, EMET and other OS hardening methods were turned off to avoid conflict perhaps.


    -cheers,
    feandur
     
  24. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    No, just a good old fashioned HDD.
     
  25. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    411
    Location:
    Australia
    Well I'll be.....

    So, I think, Scoobs72, that you're on Win 7, x32bit, HDD.....?

    That being the case....then so much for my RAM / SSD theory !

    The only thing I can point to now is that you found the fault in both v 346 and v 355.
    https://www.wilderssecurity.com/showpost.php?p=2169380&postcount=1860

    But then you are / or were on EMET, an OS hardening service.

    Soooooo, either there is a fundamental bug in 346 / 355, or there is a conflict with EMET, or both !.

    - I think I've said 'nuff on this topic. It's really back to Tony.

    I won't be using any of the v 1.2.0.xxx branch any time soon until things change for the better.

    In the mean time this one may be worth watching.....
    AX64 Time Machine - hybrid imaging/snapshot software
    https://www.wilderssecurity.com/showthread.php?t=339999

    <<Caution still in alpha>>


    - cheers,
    feandur
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.