Mini Spy

Loading...

Latest Threads

Loading...
 
  1. Welcome to MalwareTips!
    MalwareTips is a free community where people like yourself come together to discuss and learn about PC security and computers.
    As a guest, you can browse and view the various discussions in the forums, but you can not create new threads or reply to an existing one unless you are a registered member. By joining our free community you will have access to post threads, start private conversations with other members, respond to polls, upload content and access many other special features.
    Registration is fast, simple and absolutely free, so please join us today!

How to set up Shadow Defender for convenience & max protection

Discussion in 'How-To Articles, Tips and Guides' started by Umbra Polaris, Jan 8, 2013.

  1. Umbra Polaris

    Umbra Polaris Testing And Review Expert Staff Member

    Joined:
    May 16, 2011
    Messages:
    10,429
    Likes Received:
    3,733
    Trophy Points:
    1,197
    Hi, i read a lot of post asking how to set up Shadow Defender properly for convenience and optimal protection. so there is my simple guide:

    Prologue:

    SD can be used in 2 modes:

    1- On-Demand mode

    In this mode you just activate the Shadow mode when you need to test something you think may be harmful to your system , then reboot to exit it; this mode will not reduce/hamper your daily use of your system since all changes made (Windows Updates, bookmarks, installed softs, etc...) outside Shadow Mode will remain.

    2- Permanent Mode

    This mode is active when you allow the Shadow Mode at boot, this mode is the safest one for your system but is the one that will have many unwanted effects, why ?

    - You are always under Shadow Mode so any changes in your system will be negated at every reboot.

    - Any Windows/software/antivirus Updates, created/modified/downloaded files (as well as malwares infections ) will be negated at the next reboot.

    As you see it is the main purpose of SD, virtualizing your actions then negating them at next reboot.

    You will ask me : "So what the benefit of SD if i have to redo every time the works i have done?"

    I will answer by: "Then you have the exclusions and commit functions"

    So now let start to configure SD for max protection but with convenience of use.

    1- Mode Setting

    First you have to decide which partitions/drives to protect from changes, of course the system one must be protected but i recommend also any other partitions/drives you may have !

    Why ? because some malwares infect every files not just the system ones.

    You choose your partitions there:

    [​IMG]

    Then select "Enter Shadow Mode at every boot"; then you will enter rightaway in Shadow Mode and at every boot.

    [​IMG]

    The desktop tip will appears to confirm that you entered in Shadow Mode (the tip can now be hided )

    2- Exclusion List

    IMPORTANT in case of a cryptomalware your excluded folders are vulnerable to it, you must then have those excluded folders protected (out of shadow mode) by a sandbox program or an antivirus for example.

    if you want FULL protection , you MUST NOT have any excluded folders


    The important part is here, the exclusion list

    You will have to set the folders that will be ignored by SD, meaning all changes occurring on them will be kept when you will reboot.

    There is my exclusions:

    [​IMG]

    So what to exclude:

    - Your Antivirus updates : Generally by excluding every folders of it (ask in your product support forum to be sure),

    - Your browser bookmarks (optional) : i put it as optional because i don't like to exclude my browsers, since internet is the best place to be infected i don't want to open some security holes.
    My workaround is to use an online bookmark synchronizer that loads my bookmarks everytime i am online (ex: Xmarks)

    If you still want exclude them you must find where the bookmarks are stored. example for Firefox: "places.sqlite"

    - Your downloads: It is a nonsense to download things then negate them at the next reboot, so i recommend you to create 2 folders (in the non-system partition), for that: the first one , i called it "Downloads " is where all your downloads will be saved (this one will be not excluded); its purpose is to check that your downloaded files are safe/non-malicious (the AVs will take care of that), you can open the files there.
    The second folder will be named "Safe Downloads" , when after checking the files in "Downloads" you are sure they are safe, move them here to keep them. Later you will exit Shadow Mode and locate them as you wish in a non-exclusion folder.

    - Your Works: Create and exclude a folder, put your actual working files there (documents, etc..) until done, then as above relocate them later in the folder that will be protected by Shadow Mode, so you will never loose them in case of infections.

    Note about Windows Update: unfortunately , you can't exclude it , SD can't exclude the registry base, so when an update is available , just exit Shadow Mode, install it, return under Shadow Mode.


    3- Commit Now button:

    The Commit Now button allows you to exclude files/folders on the fly , in case you downloaded/modified a file outside the excluded folders.

    [​IMG]

    You can also do it via right-clicking the file


    Final Note

    As you see , Shadow Defender is a powerful protection tool if used properly, but it is not 100% bullet-proof so you have to be careful on what you download and execute on your system.

    Hope this guide helped you.

    I will add more infos if needed and also about the browsers bookmarks file to exclude.


    Thanks
    Last edited: May 24, 2014
    purshupro, norman, Jack and 5 others like this.
  2. Nige_40

    Nige_40 Guest

    Many thanks for this Guide Umbra :)
  3. Payback

    Payback Regular Member

    Joined:
    Jan 7, 2013
    Messages:
    325
    Likes Received:
    5
    Trophy Points:
    47
    May I know the meaning of "100 percent not bullet-proof"?
  4. illumination

    illumination Well-Known Member

    Joined:
    Jun 20, 2011
    Messages:
    2,531
    Likes Received:
    1,491
    Trophy Points:
    468
    Certain rootkits/malware may be able to bypass Shadow Defender.
  5. Umbra Polaris

    Umbra Polaris Testing And Review Expert Staff Member

    Joined:
    May 16, 2011
    Messages:
    10,429
    Likes Received:
    3,733
    Trophy Points:
    1,197
    Yes very very few of them may bypass it (based from some videos only, without real proof) but i didn't find one yet; SD protect the MBR ONLY after it loads its drivers, so if a rootkit manage to infect the MBR before that state, SD can't protect the system.
  6. Welldone

    Welldone Regular Member

    Joined:
    Dec 29, 2012
    Messages:
    75
    Likes Received:
    28
    Trophy Points:
    38
    Nice guide for using SD.
  7. exterminator20

    exterminator20 Giveaway and Hot Deals Expert Staff Member

    Joined:
    Oct 23, 2012
    Messages:
    3,914
    Likes Received:
    2,892
    Trophy Points:
    818
    Excellent guide for a very powerful,useful and good piece of software.
    norman and Cats-4_Owners-2 like this.
  8. illumination

    illumination Well-Known Member

    Joined:
    Jun 20, 2011
    Messages:
    2,531
    Likes Received:
    1,491
    Trophy Points:
    468
    Same here, i have thrown everything at it but a brick, and have not bypassed it yet.
    rocky and Cats-4_Owners-2 like this.
  9. Fantasy

    Fantasy Well-Known Member

    Joined:
    Feb 23, 2014
    Messages:
    2,182
    Likes Received:
    2,420
    Trophy Points:
    817
    Thank you for this.
    Cats-4_Owners-2 likes this.
  10. Cats-4_Owners-2

    Cats-4_Owners-2 Well-Known Member

    Joined:
    Dec 4, 2013
    Messages:
    977
    Likes Received:
    1,964
    Trophy Points:
    573
    Yes, thank you @umbra;:) and @illumination, for goodness sake don't throw:eek: a brick! Shadow Defender sounds like it can handle everything besides "Certain rootkits/malware.." (theoretically) ..but flying bricks we just can't count on!!;):p:D
    Last edited: May 20, 2014
    illumination and Terry Ganzi like this.
  11. terene

    terene Active Member

    Joined:
    Aug 10, 2012
    Messages:
    373
    Likes Received:
    145
    Trophy Points:
    112
    Old but verry useful guide. Thanks
    In the new version of Shadow Defender you can can exclude the registry base.

    shadow_defender_malwaretips.jpg
    norman and Cats-4_Owners-2 like this.
  12. Moose

    Moose Well-Known Member

    Joined:
    Jun 14, 2011
    Messages:
    1,407
    Likes Received:
    447
    Trophy Points:
    218
    Questions,please!:eek:

    > Does Shadow Defender have any problems with Windows 8.1?
    > What Registry Exclusions should one use with Windows 8.1? If any?
    > And how often is Shadow Defender update?
    Cats-4_Owners-2 likes this.
  13. Umbra Polaris

    Umbra Polaris Testing And Review Expert Staff Member

    Joined:
    May 16, 2011
    Messages:
    10,429
    Likes Received:
    3,733
    Trophy Points:
    1,197
    1- No
    2- none unless specific needs
    3- slow development since it doesn't need much , the updates are mostly new features.
    terene and Cats-4_Owners-2 like this.
  14. Moose

    Moose Well-Known Member

    Joined:
    Jun 14, 2011
    Messages:
    1,407
    Likes Received:
    447
    Trophy Points:
    218
    I appreciate the answers to my questions, from above,Umbra Polaris!;)

    Thanks!:)
    Cats-4_Owners-2 likes this.
  15. Surtur

    Surtur New Member

    Joined:
    Dec 11, 2013
    Messages:
    9
    Likes Received:
    8
    Trophy Points:
    4
    Thank you for the guide for using SD.:)
  16. Moose

    Moose Well-Known Member

    Joined:
    Jun 14, 2011
    Messages:
    1,407
    Likes Received:
    447
    Trophy Points:
    218
    > How many PC's does a Lic.,Key cover? Please!:confused:
    > Also, on the Exclusion List how would you treat SandBoxie
    Emsisoft Anti-Malware as an exclusion?

    Thanks!;)
    Last edited: May 23, 2014
  17. Umbra Polaris

    Umbra Polaris Testing And Review Expert Staff Member

    Joined:
    May 16, 2011
    Messages:
    10,429
    Likes Received:
    3,733
    Trophy Points:
    1,197
    1- normally one PC
    2- sandboxie (paid) could be used to force-sandboxing your excluded folders, since cryptomalware will encrypt them.
    3- if you want full protection, no excluded folders should be set , that means No RT AVs (unless you use SD on demand, means no excluded folders but the use of commit button)

    in edited the OP
    Cats-4_Owners-2 and terene like this.
  18. ALi

    ALi Active Member

    Joined:
    May 5, 2014
    Messages:
    148
    Likes Received:
    341
    Trophy Points:
    172
    Thank you:)

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads: Shadow Defender
Forum Title Date
Shadow Defender Software Proper configuration for shadow defender. Saturday at 10:42 PM
Giveaways, Contests and Sweepstakes Shadow Defender (100% Discount) Saturday at 3:15 PM
Troubleshooting Software - Questions and Help! Shadow Defender Help Jun 5, 2014
War Room TimeFreeze vs. Shadow Defender Apr 19, 2014
War Room Deep Freeze,Sandboxie and Shadow Defender? Mar 29, 2014

MalwareTips.com is an independent website.All trademarks mentioned on this page are the property of their respective owners.