Shadow Defender and Windows Defender on Windows 8.1

Status
Not open for further replies.
ifacedown

ifacedown

Level 19
Thread author
Verified
Jan 31, 2014
903
959
1,767
42
filipinopreacher.esy.es
Hello,

I am using Windows 8.1 Pro Update 1, 32bit.

I have also Shadow Defender installed, with "Enter Shadow Mode on boot"

Now, what folders do I need to exclude on Shadow Defender so I can update Windows Defender on Shadow Mode? I have excluded the C:\Program Files\Windows Defender but still when I update on Shadow Mode and exit on Shadow Mode, the update is lost (in Normal Mode).

What registry/folders do I need to also exclude?

Please help. Thanks.
 
and
jef8d55ok1.jpg

:)
 
i wonder which reg key/folder will avoid us to redo a scan after an update while in shadow mode or not
 
Let me ask... I am new to Shadow defender... If I try install a software in Shadow Mode, will the installation be completely "undone" when I exit Shadow Mode? Not even a single trace?
 
ifacedown said:
Let me ask... I am new to Shadow defender... If I try install a software in Shadow Mode, will the installation be completely "undone" when I exit Shadow Mode? Not even a single trace?
Click to expand...

yep, same for malware infections (except some very rare ones like Bioskit; nothing is perfect)
 
ifacedown said:
Hello,

I am using Windows 8.1 Pro Update 1, 32bit.

I have also Shadow Defender installed, with "Enter Shadow Mode on boot"

Now, what folders do I need to exclude on Shadow Defender so I can update Windows Defender on Shadow Mode? I have excluded the C:\Program Files\Windows Defender but still when I update on Shadow Mode and exit on Shadow Mode, the update is lost (in Normal Mode).

What registry/folders do I need to also exclude?

Please help. Thanks.
Click to expand...

With the registry, open regedit, click "Edit" at the top, go down to "Find" type in windows defender and click "find next", once the first one appears you can then tap "F3" to go to the next one it has found and keep doing that to see them all.. Search through the keys it has found keeping an eye on the right hand side of the editor, im assuming you will be able to tell which key is the one for updating and scans by reading the keys, and or just exclude all those you find for it to make sure.
 
illumination said:
With the registry, open regedit, click "Edit" at the top, go down to "Find" type in windows defender and click "find next", once the first one appears you can then tap "F3" to go to the next one it has found and keep doing that to see them all.. Search through the keys it has found keeping an eye on the right hand side of the editor, im assuming you will be able to tell which key is the one for updating and scans by reading the keys, and or just exclude all those you find for it to make sure.
Click to expand...


Some that I found:

HKEY_CLASSES_ROOT\AppID\{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}
HKEY_CLASSES_ROOT\CLSID\{13F6A0B6-57AF-4BA7-ACAA-614BC89CA9D8}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}
HKEY_CLASSES_ROOT\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}
HKEY_CLASSES_ROOT\CLSID\{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}\ProgID
HKEY_CLASSES_ROOT\CLSID\{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}\VersionIndependentProgID

I can't see anything that is relevant to 'update' based on the descriptions.
 
ifacedown said:
Some that I found:

HKEY_CLASSES_ROOT\AppID\{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}
HKEY_CLASSES_ROOT\CLSID\{13F6A0B6-57AF-4BA7-ACAA-614BC89CA9D8}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}
HKEY_CLASSES_ROOT\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}
HKEY_CLASSES_ROOT\CLSID\{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}\ProgID
HKEY_CLASSES_ROOT\CLSID\{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}\VersionIndependentProgID

I can't see anything that is relevant to 'update' based on the descriptions.
Click to expand...

Try just typing "windefend" into the search
 
go to

HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\WindowsDefender

Click the drop down on windows defender and you will see "realtime protection/updates/scans" ect to add to your exclusion
 
illumination said:
go to

HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\WindowsDefender

Click the drop down on windows defender and you will see "realtime protection/updates/scans" ect to add to your exclusion
Click to expand...
I have excluded many registry keys but still, after an update and exiting shadow mode:

Virus and Spyware Definitions: Created 245 days ago
 
ifacedown said:
I have excluded many registry keys but still, after an update and exiting shadow mode:

Virus and Spyware Definitions: Created 245 days ago
Click to expand...
If you have them all, the only thing i can think of, is that with Defender updates being tied in with the OS updates, you would probably have to exclude windows updates as well.. From there, maybe one of the other members here can help, as i would not be sure where to go at that point.
 
Had one more thought come to mind.. Try turning shadow defender of, rebooting, then open the user interface and add the exclusions, while it is off, update defender, then turn shadow defender back on and reboot and see what happen.. I have never set exclusions while it is on, i have always done it while off..
 
You cant add exclusions while in Shadow Mode must be done outside.

Btw cloud AV are best with SD , no exclusions needed ^^
 
Status
Not open for further replies.

You may also like...