Advice Request How effective is Shadow Defender as a malwarehub tester?

[Noxx]

I'm not personally interested in running a virtual machine, but I'm interested in testing some malware. Would Shadow Defender be sufficient enough (alongside a lot of other protection) to do that? If not, I won't even bother unless I eventually get around to setting up a VM. Thanks for any feedback.

- Noxx

 

[hjlbx]

I'm not personally interested in running a virtual machine, but I'm interested in testing some malware. Would Shadow Defender be sufficient enough (alongside a lot of other protection) to do that? If not, I won't even bother unless I eventually get around to setting up a VM. Thanks for any feedback.

- Noxx

Shadow Defender is sufficient to protect physical system from persistent infection.

However, some malwares will not start their malicious actions until after a system restart - and in that case the malware will be gone.

I have used Shadow Defender for a lot of malware testing without any problems.

It is recommended not to use hard reboot since some files can remain on system; use on\off button only as a last recourse to exit Shadow Mode if Shadow Mode is frozen.

 

[illumination]

If you will be doing this on a production machine keep in mind, while Shadow Defender is solid, it will not stop the malware from connecting outbound with your personal information.
It has been said in the past that certain rootkits can bypass SD, but I have actually not seen anything get by it yet, but like everything, there is a possibility.

 

[Noxx]

Both of your information was very helpful. I might just not bother, but it's nice to know that it's possible for others so long as you're careful.

 

[Der.Reisende]

I use SD too for hub testing (about 1,5 months with it now), has served me well till now (had a TeslaCrypt ransomware infection during the testing period, also some bootkits and other nasty PUP stuff... All clean - confirmed by HMP, QTS360 full scan, ZAM Premium full scan and some MBR tool after a simple restart).
Impressed by the tool and trust it.

@hjlbx: How to understand that (sorry ): It is recommended not to use hard reboot since some files can remain on system; use on\off button only as a last recourse to exit Shadow Mode if Shadow Mode is frozen.
Am I right it is ok (safe) to just shut down / restart PC as you would do it normally (by Windows Menu for example) and only press the power button for longer time to "kill" the current, frozen [Windows] session?

EDIT: @illumination is absolutely right with this statement.
My (old) malware testing PC isn't a production machine.

 

[Deleted member 2913]

Restart or Shutdown, any works with SD to revert to clean or Restart is required i.e if you shutdown & start then a further restart is required?

 

[Rishi]

Shadow mode starts in two ways : manual or on Boot and ends in one way : a system shutdown(which is accomplished by restart/reboot also)

Screenshot

Yes data transmission and network protection is not covered by SD, so best way to implement is use on an old machine(which can/cannot supportVM) with no personal data and a separate connection/ no networking to avoid mishaps.

 

[frogboy]

It is very good at protecting your machine i use it here to test malware but as @illumination says watch out for your info.

 

[jamescv7]

Definitely effective against any threats, considering that Shadow Defender is a full proof of concept to avoid any leakage and issues. And so far from many numerous reviews conducted on Youtube and others, its too unreliastic where usually its a human error when mishandle SD.