App Review Shadow Defender Ransomware Test

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

17410742

Level 4
Verified
Well-known
Apr 27, 2018
172
Great Job @bribon77

exactly why i use it & exactly why i dont use signature based protections.

CCAV + Shadow Defender
CF + Shadow Defender
VoodooShield + Shadow Defender

Take ya pick :)

The endless setups of a crazy amount of software are just not needed.

CCAV, VS, CF > ALL FREE.
SD is a lifetime licence that is super cheap.

Better security, costs less, no endless definitions or product updates needed & much better on resources too.
 

Dave Russo

Level 21
Verified
Top Poster
Well-known
May 26, 2014
1,039
Great Job @bribon77

exactly why i use it & exactly why i dont use signature based protections.

CCAV + Shadow Defender
CF + Shadow Defender
VoodooShield + Shadow Defender

Take ya pick :)

The endless setups of a crazy amount of software are just not needed.

CCAV, VS, CF > ALL FREE.
SD is a lifetime licence that is super cheap.

Better security, costs less, no endless definitions or product updates needed & much better on resources too.
I'm really interested in following one of your set ups,I now have a copy of Shadow Defender ,but how often do you use it in Shadow mode? and what do I have to be careful about? , its ok if you do not respond, just hoping for a hands on person suggestions. Thanks
 
  • Like
Reactions: Nevi and bribon77

bribon77

Level 35
Thread author
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
I'm really interested in following one of your set ups,I now have a copy of Shadow Defender ,but how often do you use it in Shadow mode? and what do I have to be careful about? , its ok if you do not respond, just hoping for a hands on person suggestions. Thanks
I use it punctually to test programs or malwares. the configuration I use is by default, I do not touch anything.

My configuration is here ..
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,004
I use Shadow Defender daily in the shadow mode on boot. It is very useful but:
  1. It cannot protect you against the infections, but only keeps your disk (in shadow mode) untouched.
  2. The malware can spy you, steal credentials and confidential data, infect the router, etc.
  3. The malware can get persistence by infecting the router.
  4. You can be infected by the ransomware, and this can affect the data on the external drives, which are not in the shadow mode.
  5. Sometimes Windows tries to update in the shadow mode.
  6. Sometimes Shadow Defender can cause problems after upgrade (never happened to me).
Yet, Shadow Defender has so many advantages ... :love:

Post edited.
I am not sure about protecting the EFI system partition, but SD should protect it too.
 
Last edited:

Dave Russo

Level 21
Verified
Top Poster
Well-known
May 26, 2014
1,039
I use it punctually to test programs or malwares. the configuration I use is by default, I do not touch anything.

My configuration is here ..
Thank you ,appreciated!

I use Shadow Defender daily in the shadow mode on boot. It is very useful but:
  1. It cannot protect you against the infections, but only keeps your disk (in shadow mode) untouched.
  2. The malware can spy you, steal credentials and confidential data, infect the router, etc.
  3. The malware can get persistence by infecting the router or UEFI.
  4. You can be infected by the ransomware, and this can affect the data on the external drives, which are not in the shadow mode.
  5. Sometimes Windows tries to update in the shadow mode.
  6. Sometimes Shadow Defender can cause problems after upgrade (never happened for me).
Yet, Shadow Defender has so many advantages ... :love:
Thank you ,appreciated!
 

17410742

Level 4
Verified
Well-known
Apr 27, 2018
172
I'm really interested in following one of your set ups,I now have a copy of Shadow Defender ,but how often do you use it in Shadow mode? and what do I have to be careful about? , its ok if you do not respond, just hoping for a hands on person suggestions. Thanks
always in shadow mode.

I only ever leave SM when there are sufficient windows/app updates
 

ichito

Level 11
Verified
Top Poster
Content Creator
Well-known
Dec 12, 2013
541
I use Shadow Defender daily in the shadow mode on boot. It is very useful but:
  1. It cannot protect you against the infections, but only keeps your disk (in shadow mode) untouched.
  2. The malware can spy you, steal credentials and confidential data, infect the router, etc.
  3. The malware can get persistence by infecting the router or UEFI.
  4. You can be infected by the ransomware, and this can affect the data on the external drives, which are not in the shadow mode.
  5. Sometimes Windows tries to update in the shadow mode.
  6. Sometimes Shadow Defender can cause problems after upgrade (never happened to me).
Yet, Shadow Defender has so many advantages ... :love:
Hi Andy...ad vocem :)
1 - yes, SD have no "anti-whatever" module but actualy it protect giving us something like "honeypot system"
2- yes, SD can't protect against data leaking...every information/data what are sent outside the system are just sent, canot be controlled and never will come back
3 - look at #2
4 - yes, but every local disk...removable also...can be supported by SD and you can enable SM...if you want/need
5 - yes, but it's related to every apps including security apps...you can create needed exclusions...IOS exclusion is also avaliable but not reasonable :)
6 - it's related rather to Win10 and newstill unstable builds.

BTW - SD is...repeting words from Wilders as I remeber - the best piece of code that was ever made.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,004
Hi Andy...ad vocem :)
1 - yes, SD have no "anti-whatever" module but actualy it protect giving us something like "honeypot system"
2- yes, SD can't protect against data leaking...every information/data what are sent outside the system are just sent, canot be controlled and never will come back
3 - look at #2
4 - yes, but every local disk...removable also...can be supported by SD and you can enable SM...if you want/need
5 - yes, but it's related to every apps including security apps...you can create needed exclusions...IOS exclusion is also avaliable but not reasonable :)
6 - it's related rather to Windows 10 and newstill unstable builds.

BTW - SD is...repeting words from Wilders as I remeber - the best piece of code that was ever made.
I totally agree.:giggle:
That is why I use it for so many years. The points I noted, do not diminish its value and usefulness, but rather show what Shadow Defender is not.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,004
how we can understand if router is infected ?
If you removed the malware from the disk, and it reappears magically after connecting to the Internet, then one of the possibilities is infected router. You can also see that your web browser is hijacked in some way without signs of disk infection. You have to look at the router settings if they were changed, especially DNS settings, port forwarding, etc.
But the nasty infections can be virtually invisible for the user, when they spy for credentials and passwords (VPNFilter malware).
In many cases the malware can be removed by disconnecting the rooter from the internet, rebooting it, and changing the default login credentials. Reconfiguring the router to refer directly to the Google Public DNS servers (or another well known public servers) can prevent against DNS cache poisoning. But in some cases, the firmware update is required.
The malware can even upload a custom OS to your router with disabled updates and uploads - in this case flashing the storage directly would be required. But, it will be simpler to buy a new router.
The users can harden the router settings via strong password on the administrative page, enabling MAC address filtering, disabling the remote management, enabling WPA2 encryption (or WPA3 if available) with a strong password, hiding wireless network SSID, using static IP addresses and Net Mask, etc.

Using Shadow Defender with hardened router settings can prevent malware persistence.
 
Last edited:

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
I use Shadow Defender daily in the shadow mode on boot. It is very useful but:
  1. It cannot protect you against the infections, but only keeps your disk (in shadow mode) untouched.
  2. The malware can spy you, steal credentials and confidential data, infect the router, etc.
  3. The malware can get persistence by infecting the router.
  4. You can be infected by the ransomware, and this can affect the data on the external drives, which are not in the shadow mode.
  5. Sometimes Windows tries to update in the shadow mode.
  6. Sometimes Shadow Defender can cause problems after upgrade (never happened to me).
Yet, Shadow Defender has so many advantages ... :love:

Post edited.
I am not sure about protecting the EFI system partition, but SD should protect it too.
Just add to the CONS of SD

  1. It cannot protect against hardware-based attacks like Spectre and Meltdown
  2. It cannot protect the host machine from being fingerprinted unlike using VirtualBox/VMWare
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top