Mini Spy

Loading...

Latest Threads

Loading...
 

How to set up Shadow Defender for convenience & max protection

Discussion in 'How-To Articles, Tips and Guides' started by Umbra Polaris, Jan 8, 2013.

  1. Umbra Polaris

    Umbra Polaris Security Configuration Expert MalwareTips Staff

    Reputation:
    1,000
    Joined:
    May 16, 2011
    Messages:
    10,696
    Likes Received:
    4,137
    Hi, i read a lot of post asking how to set up Shadow Defender properly for convenience and optimal protection. so there is my simple guide:

    Prologue:

    SD can be used in 2 modes:

    1- On-Demand mode

    In this mode you just activate the Shadow mode when you need to test something you think may be harmful to your system , then reboot to exit it; this mode will not reduce/hamper your daily use of your system since all changes made (Windows Updates, bookmarks, installed softs, etc...) outside Shadow Mode will remain.

    2- Permanent Mode

    This mode is active when you allow the Shadow Mode at boot, this mode is the safest one for your system but is the one that will have many unwanted effects, why ?

    - You are always under Shadow Mode so any changes in your system will be negated at every reboot.

    - Any Windows/software/antivirus Updates, created/modified/downloaded files (as well as malwares infections ) will be negated at the next reboot.

    As you see it is the main purpose of SD, virtualizing your actions then negating them at next reboot.

    You will ask me : "So what the benefit of SD if i have to redo every time the works i have done?"

    I will answer by: "Then you have the exclusions and commit functions"

    So now let start to configure SD for max protection but with convenience of use.

    1- Mode Setting

    First you have to decide which partitions/drives to protect from changes, of course the system one must be protected but i recommend also any other partitions/drives you may have !

    Why ? because some malwares infect every files not just the system ones.

    You choose your partitions there:

    [​IMG]

    Then select "Enter Shadow Mode at every boot"; then you will enter rightaway in Shadow Mode and at every boot.

    [​IMG]

    The desktop tip will appears to confirm that you entered in Shadow Mode (the tip can now be hided )

    2- Exclusion List

    IMPORTANT in case of a cryptomalware your excluded folders are vulnerable to it, you must then have those excluded folders protected (out of shadow mode) by a sandbox program or an antivirus for example.

    if you want FULL protection , you MUST NOT have any excluded folders


    The important part is here, the exclusion list

    You will have to set the folders that will be ignored by SD, meaning all changes occurring on them will be kept when you will reboot.

    There is my exclusions:

    [​IMG]

    So what to exclude:

    - Your Antivirus updates : Generally by excluding every folders of it (ask in your product support forum to be sure),

    - Your browser bookmarks (optional) : i put it as optional because i don't like to exclude my browsers, since internet is the best place to be infected i don't want to open some security holes.
    My workaround is to use an online bookmark synchronizer that loads my bookmarks everytime i am online (ex: Xmarks)

    If you still want exclude them you must find where the bookmarks are stored. example for Firefox: "places.sqlite"

    - Your downloads: It is a nonsense to download things then negate them at the next reboot, so i recommend you to create 2 folders (in the non-system partition), for that: the first one , i called it "Downloads " is where all your downloads will be saved (this one will be not excluded); its purpose is to check that your downloaded files are safe/non-malicious (the AVs will take care of that), you can open the files there.
    The second folder will be named "Safe Downloads" , when after checking the files in "Downloads" you are sure they are safe, move them here to keep them. Later you will exit Shadow Mode and locate them as you wish in a non-exclusion folder.

    - Your Works: Create and exclude a folder, put your actual working files there (documents, etc..) until done, then as above relocate them later in the folder that will be protected by Shadow Mode, so you will never loose them in case of infections.

    Note about Windows Update: unfortunately , you can't exclude it , SD can't exclude the registry base, so when an update is available , just exit Shadow Mode, install it, return under Shadow Mode.


    3- Commit Now button:

    The Commit Now button allows you to exclude files/folders on the fly , in case you downloaded/modified a file outside the excluded folders.

    [​IMG]

    You can also do it via right-clicking the file


    Final Note

    As you see , Shadow Defender is a powerful protection tool if used properly, but it is not 100% bullet-proof so you have to be careful on what you download and execute on your system.

    Hope this guide helped you.

    I will add more infos if needed and also about the browsers bookmarks file to exclude.


    Thanks
     
    Last edited: May 24, 2014
    dbz, Neno, purshupro and 7 others like this.
  2. Nige_40

    Nige_40 Guest

    Reputation:
    0
    Many thanks for this Guide Umbra :)
     
  3. Payback

    Payback Regular Member

    Reputation:
    0
    Joined:
    Jan 7, 2013
    Messages:
    325
    Likes Received:
    5
    May I know the meaning of "100 percent not bullet-proof"?
     
  4. illumination

    illumination Community Superstar Trusted Member

    Reputation:
    1
    Joined:
    Jun 20, 2011
    Messages:
    2,679
    Likes Received:
    1,766
    Certain rootkits/malware may be able to bypass Shadow Defender.
     
  5. Umbra Polaris

    Umbra Polaris Security Configuration Expert MalwareTips Staff

    Reputation:
    1,000
    Joined:
    May 16, 2011
    Messages:
    10,696
    Likes Received:
    4,137
    Yes very very few of them may bypass it (based from some videos only, without real proof) but i didn't find one yet; SD protect the MBR ONLY after it loads its drivers, so if a rootkit manage to infect the MBR before that state, SD can't protect the system.
     
  6. Welldone

    Welldone Regular Member

    Reputation:
    1
    Joined:
    Dec 29, 2012
    Messages:
    102
    Likes Received:
    46
    Nice guide for using SD.
     
  7. exterminator20

    exterminator20 Giveaway and Hot Deals Expert MalwareTips Staff

    Reputation:
    1,000
    Joined:
    Oct 23, 2012
    Messages:
    4,973
    Likes Received:
    4,853
    Excellent guide for a very powerful,useful and good piece of software.
     
    norman and Cats-4_Owners-2 like this.
  8. illumination

    illumination Community Superstar Trusted Member

    Reputation:
    1
    Joined:
    Jun 20, 2011
    Messages:
    2,679
    Likes Received:
    1,766
    Same here, i have thrown everything at it but a brick, and have not bypassed it yet.
     
    rocky and Cats-4_Owners-2 like this.
  9. Fedora

    Fedora Well-Known Member

    Reputation:
    0
    Joined:
    Feb 23, 2014
    Messages:
    2,545
    Likes Received:
    3,023
    Thank you for this.
     
    Cats-4_Owners-2 likes this.
  10. Cats-4_Owners-2

    Cats-4_Owners-2 Well-Known Member

    Reputation:
    1
    Joined:
    Dec 4, 2013
    Messages:
    1,305
    Likes Received:
    2,789
    Yes, thank you @umbra;:) and @illumination, for goodness sake don't throw:eek: a brick! Shadow Defender sounds like it can handle everything besides "Certain rootkits/malware.." (theoretically) ..but flying bricks we just can't count on!!;):p:D
     
    Last edited: May 20, 2014
    illumination and Terry Ganzi like this.
  11. terene

    terene Active Member

    Reputation:
    0
    Joined:
    Aug 10, 2012
    Messages:
    373
    Likes Received:
    145
    Old but verry useful guide. Thanks
    In the new version of Shadow Defender you can can exclude the registry base.

    shadow_defender_malwaretips.jpg
     
    norman and Cats-4_Owners-2 like this.
  12. Moose

    Moose Well-Known Member

    Reputation:
    0
    Joined:
    Jun 14, 2011
    Messages:
    1,652
    Likes Received:
    586
    Questions,please!:eek:

    > Does Shadow Defender have any problems with Windows 8.1?
    > What Registry Exclusions should one use with Windows 8.1? If any?
    > And how often is Shadow Defender update?
     
    Cats-4_Owners-2 likes this.
  13. Umbra Polaris

    Umbra Polaris Security Configuration Expert MalwareTips Staff

    Reputation:
    1,000
    Joined:
    May 16, 2011
    Messages:
    10,696
    Likes Received:
    4,137
    1- No
    2- none unless specific needs
    3- slow development since it doesn't need much , the updates are mostly new features.
     
    terene and Cats-4_Owners-2 like this.
  14. Moose

    Moose Well-Known Member

    Reputation:
    0
    Joined:
    Jun 14, 2011
    Messages:
    1,652
    Likes Received:
    586
    I appreciate the answers to my questions, from above,Umbra Polaris!;)

    Thanks!:)
     
    Cats-4_Owners-2 likes this.
  15. Surtur

    Surtur Regular Member

    Reputation:
    0
    Joined:
    Dec 11, 2013
    Messages:
    39
    Likes Received:
    83
    Thank you for the guide for using SD.:)
     
  16. Moose

    Moose Well-Known Member

    Reputation:
    0
    Joined:
    Jun 14, 2011
    Messages:
    1,652
    Likes Received:
    586
    > How many PC's does a Lic.,Key cover? Please!:confused:
    > Also, on the Exclusion List how would you treat SandBoxie
    Emsisoft Anti-Malware as an exclusion?

    Thanks!;)
     
    Last edited: May 23, 2014
  17. Umbra Polaris

    Umbra Polaris Security Configuration Expert MalwareTips Staff

    Reputation:
    1,000
    Joined:
    May 16, 2011
    Messages:
    10,696
    Likes Received:
    4,137
    1- normally one PC
    2- sandboxie (paid) could be used to force-sandboxing your excluded folders, since cryptomalware will encrypt them.
    3- if you want full protection, no excluded folders should be set , that means No RT AVs (unless you use SD on demand, means no excluded folders but the use of commit button)

    in edited the OP
     
    Moose, Cats-4_Owners-2 and terene like this.
  18. ALi

    ALi Active Member

    Reputation:
    0
    Joined:
    May 5, 2014
    Messages:
    153
    Likes Received:
    345
    Thank you:)
     
  19. purshupro

    purshupro Well-Known Member

    Reputation:
    0
    Joined:
    Aug 3, 2013
    Messages:
    1,002
    Likes Received:
    655
    Thanks for this guide. I'm planning to make my first shadow mode experiment. So I'm planning to install a third party theme by patching my files with uxtheme patcher and then install the themes. So can any one assist me while i do this, what folders should i exclude/commit if i like the changes.
     

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads: Shadow Defender
Forum Title Date
Your Review Shadow Defender Review Sep 28, 2014
Malware Removal Assistance Shadow defender malware Aug 8, 2014
Troubleshooting Software - Questions and Help! shadow defender eset exclude Jul 28, 2014
Shadow Defender Software Proper configuration for shadow defender. Jul 26, 2014
Expired Giveaways and Hot Deals Shadow Defender (100% Discount) Jul 26, 2014

MalwareTips.com is an independent website.All trademarks mentioned on this page are the property of their respective owners.