Shadow defender

Discussion in 'Application Software' started by Pasta88, Dec 8, 2018.

  1. Pasta88

    Pasta88 MDL Expert

    Jun 17, 2009
    1,017
    21
    60
    Hi, Just wondering if any peeps here use shadow defender? If you do, what do you think of it. Even if you dont use it, maybe some of you have heard things about it.

    Thx
     
  2. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    6,284
    13,945
    210
    I use it every day. All I can say its driver is great doing it's job: protecting drives and/or partitions, MBR included.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Sajjo

    Sajjo MDL Expert

    Feb 6, 2018
    1,027
    1,124
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    6,284
    13,945
    210
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Sajjo

    Sajjo MDL Expert

    Feb 6, 2018
    1,027
    1,124
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    6,284
    13,945
    210
    #6 Mr.X, Dec 9, 2018
    Last edited: Dec 9, 2018
    Be careful with this statement.

    Any file will be written, altered, deleted or created even on the shadowed drive or partition. Even by any program and any form of malware too. The medular point here is to understand that when you reboot the machine, all changes done during the session are and will be gone. Again a machine reboot is mandatory to discard any changes done by malware or goodware.

    That said, Shadow Defender does not prevent malware to run cause it is not designed for such end. Shadow Defender is designed to discard changes to the filesystem on the protected shadowed partition only after a machine restart.

    If malware runs while in shadow mode, it could do the same harm like stealing credentials, leak information, etc. But after a machine restart any malware sitting on the filesystem will be gone, BUT the harm it does as mentioned is NOT mitigated nor prevented. So you still need additional protection to STOP malware on its tracks.

    Attacks like ransomware, like those malicious cryptomalwares, could be easily reverted as any change on the files sitting over the filesystem can be reverted at restart if the drive/partition was shadowed during the session.

    In addition, Shadow Defender, as it reverts or discards any bad or good changes to the filesystem at reboot time, your machine virtually can remain in a pristine state indefinitely. Hence less reformats and os reinstalls are needed. Fwiw I've been using my W8.1 installation for 1 yr. now and it's working like a fresh install.

    Shadow Defender prevents persistence of malware or any other software or changes to the filesystem protecting the drive from track 0, including MBR, on MBR or GPT disks.

    Shadow Defender does not protect from malware that injects code to BIOS firmware, like BadUSB attacks do.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Sajjo

    Sajjo MDL Expert

    Feb 6, 2018
    1,027
    1,124
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...