Menu
homeErrors

Shadow Defender program: “shadow mode” of Windows even after restarting the computer. Is there life without antivirus? Setting up Shadow Defender

Shadow Defender is an easy-to-use security solution (for Windows operating systems) that protects your PC/Laptop's real environment from malicious activity and unwanted changes.

Shadow Defender can run your system in a virtual environment called "Shadow Mode". "Shadow Mode" forwards every system change to the virtual environment without any changes to your real environment. If you experience malicious activity and/or unwanted changes, perform a reboot to restore your original system as if nothing happened.

With Shadow Defender, you can specify which files and folders are persistently stored in the live environment. This ensures that important files and folders are preserved after a reboot.

Try Shadow Defender for the most effective and easy-to-use security solution.

Shadow Defender program websites

Alternatives to replace Shadow Defender

  • Sandboxie

    Sandboxie runs your programs in an isolated space, which prevents them from making permanent changes to other programs and data on your computer. Safe web browsing. Running your web browser under the protection of Sandboxie means that all malicious software loaded by the browser ends up in the sandbox and can be discarded trivially

    Free (with restrictions) Windows

  • Reboot Restore Rx

    Reboot Restore Rx simplifies PC maintenance in small public computing environments (classrooms, computer labs, kiosks, internet cafes, libraries, etc.). Every time you reboot your computers, they are automatically reset to the predefined baseline settings.

    Free (with restrictions) Windows

  • Rollback Rx

    RollBack Rx Client is a robust system recovery utility that allows home users and IT professionals to easily restore PCs up to a certain time. RollBack Rx makes it easy for users of all skill levels to fix PC problems quickly and easily - saving time, money and PC problems.

    Free (with restrictions) Windows

  • Toolwiz Time Freeze

    Toolwiz Time Freeze is an effective Instant System Restore software to keep your computer system secure and protect your computer from unwanted changes. It can also protect your files and folders from being tampered with with secure password protection. This makes virtualization very easy to use. Basically, it clones your system, creating fully working copies that you can use normally (or abnormally) without risking your "real" system

    Free Windows

  • Clean Slate

    Restores your computer to its original configuration, discarding unwanted computer changes. Just log out or reboot. Clean slate is simple yet powerful.
    Drops unwanted user changes on logout or reboot, no partitioning, effortless Supports critical updates W

Today I want to introduce you to an interesting thing that should definitely come in handy if you support subscriber workstations. Along the way, I will describe the problem itself, its advantages and disadvantages, and smoothly move on to working with a very interesting program.

I have already been faced several times with the need to install Windows OS, a set of software and configure computers so that users can work relatively comfortably and at the same time cannot spoil anything. Install some wrong programs, download files, clutter the desktop, change settings... You can, of course, cut off all the rights. We'll definitely talk about this later. But one of the activities is to provide the user with a “shadow” copy of the hard drive. When all file changes actually change not the original files, but a “cast” that will disappear after a reboot.

ShadowDefender program.

I’ll say right away that the program is not FreeWare, which is a shame. Weighs about one and a half megabytes. Installs with half a kick, after installation it asks to reboot. Well please, reboot! Next we suggest setting it up. Launch the shortcut and go to the administration settings.

Let me explain some options:

  • Start With Windows– autoload at system startup. A useful feature, let's leave it.
  • Enable tray icon– show tray icon. I recommend removing it, there is no point in raising unnecessary questions from the user and attracting attention.
  • Enable desktop tip– show hints. Also useless, so as not to unmask the presence of the program.
  • Enable shell context menu– add a program item to the file context menu. If you are using a program to save your computer, then it is better to leave this item. In the context menu, when you right-click on a folder or file, the “Commit” item will appear - this means writing the changes to the original files, and not to the “shadow copy”. Those. save the work. Well, if you are protecting subscriber computers, then it’s better not to check this box, so that nosy users don’t start saving all sorts of rubbish where they don’t need it.
  • Enable password control– Be sure to set a password for the program.
  • Need password when committing files via shell context menu– literally – requesting a password for a “commit” through the context menu. I think it's clear.
  • Notify me when low free space on the protected volume– shows notifications if there is little space left on the protected disk. Why might this happen? All changes made on the disk in protection mode (Shadow Mode) are recorded in a special “snapshot”, which itself takes up space.

Next we go to the Exclusion List section - exceptions. We add those directories in which changes will be saved independently. For example, I add a folder with anti-virus databases to All Users/…. In general, there are exception places where data accumulation should occur. You can make the user's working directory and add it to exceptions. And everything that will be written to this directory will remain untouched after the reboot, and everything else will return to the moment the “shadow copy” was made.

That's it. Now we enable Shadow Mode and select “Remain in this mode after reboot.”) Now our system is protected.

And how to work with it?

In general, a program for what is essentially “set it and forget it.” I will consider two options when we install it and the user does not know about its existence, but every time a pristine system appears before him and he and we are satisfied with this.

The second option is when we want to protect the system from ourselves, for example, to test the installation of different programs or viruses. Something like, I think you read the material.

From the user's point of view.

And that's it. The user sits down at the computer. He's on the Internet, working. Downloads files. If you have enough privileges, it will even install software or delete folders with files. Changes the desktop background. It creates a bunch of shortcuts, temporary files, etc. It gets into the registry and screws up.

After the reboot, the system will appear before him in its original form! He can play around again! And all we, as administrators, can do is... rest! After all, viruses, in principle, will no longer infect the system, at least this has not happened to me.

From an administrator's point of view.

We work on a protected machine in strictly defined folders. We save all the results of the work in folders recorded in the Exclusion List. If you suddenly need to save an object in another location, select the Commit item from the context menu and that’s it. Of course, there is no point in saying that the file must be clean. Because by committing the virus we will get a problem


You will also like:

Enable showing hidden files in Windows
Using rsync to sync files locally

Hello my dear readers, today we will look at a wonderful utility called ( Shadow Defender), which will help protect your computer from any threats. The main advantage of this program is that the operating algorithm is fundamentally different from that of all currently known antivirus programs. And this algorithm may not be convenient for all people, but it will guarantee 200 percent protection against viruses.

The meaning of the program is this: the program creates two copies of all system files (or only those that you specify in the settings), it “freezes” one, puts it in a distant drawer, and we directly work with the other system. After rebooting the system, the system with which we worked is completely erased, along with all changes and possible infections, and we continue to work with the unfrozen version.

If your hard drive is divided into several partitions, only the drive on which the system (Windows) is installed should be kept permanently frozen. I advise you to clean other partitions regularly, so that if the system disk is accidentally defrosted, viruses do not migrate to the system disk.

You’ll probably ask, so such a program should “have” a lot of resources, then I’ll tell you, I launched the program and worked for a long time on a very old computer, as far as I remember 256 MB RAM, weak Celeron processor and everything 80 GB memory. Everything worked stably, there were no problems.

This is what the system window of the program looks like.

This program will be convenient primarily for those people who just hang out on the Internet and do everything online, use all services, watch movies, play games, everything online.

If you use the Internet often and constantly save files and important documents, then I advise you to split your hard drive into several partitions and make a snapshot of only the system drive. This is exactly what I used, during the entire time this program was running there was not a single critical failure, even if the computer froze from prolonged use, you simply rebooted it, and everything fell into place, viruses disappeared, and a pristinely clean system appeared. Oh yes, while installing the necessary programs, you should turn on your standard antivirus program in maximum protection mode, and disable the Shadow mode from the system disk. After installing the program, we freeze the system again and work peacefully.

The program is paid, but we are in Russia, there is a cracked version on torrents, and there is a Russifier =) I advise you to set up Shadow Defender to autostart when you boot your computer, so as not to do any unnecessary actions, but just do what you love quietly.

I highly recommend that you try it out if you are currently in search of a worthy virus opponent.

If something is not clear about the program, write in the comments, that’s what they were created for.

And a lot more.

In particular, we touched on such things as (which can also serve as some kind of protection against infection, or at least a way to restore integrity after damage), and specific solutions, like the same.

Today we came to talk about another interesting thing that allows you to preserve the integrity of programs by creating a shadow image.

Let's get started.

How protection works based on dynamic copies

So, let's talk about the utility Shadow Defender, which you already understood from the title and subtitle. The essence of the work is well illustrated on Wikipedia and sounds like:

  • The program creates dynamic copies of files for the selected objects, after which all objects will be protected from unwanted or malicious changes. There is also a setting for creating exceptions for entire folders and individual files, changes to which will occur on the original, in contrast to protected ones, where changes do not affect the physical contents of the file, but make changes in the shadow copy that only issue(emulate) the original file;
  • In a shadowy way is where literally every element in which changes have been made is redirected, and real the environment remains unchanged;
  • After all the changes and restarting the computer, the system will be restored to its original state as it was before enable protection. Before restarting the computer, the utility offers user restore system from a “frozen” environment or leave it in protected mode as it is is at this moment.

In a sense, it is built on the principle of a sandbox, but for emulation and virtualization it uses a slightly different approach to the style of protection. In some ways, by the way, she looks like the most interesting Rollback RX which we wrote about.

Download, install and run Shadow Defender

The program is paid, so we will write a separate article on its free analogue. For now, we suggest you just try to use it, in order to familiarize yourself with this principle of protection in order to understand what, in addition to long-suffering antiviruses, interesting solutions exist in terms of computer security.

Installation, traditionally, is simple, although it does not support the Russian language (like the program itself). True, for some reason it’s not clear, the installer contains an ancient request for user information:

After installation you will be asked to reboot. Do it manually (by selecting the second circle) or automatically (by selecting the first). Before automatic mode, do not forget to close and save anything valuable.

After the reboot, you should have an icon in the tray (where the clock is) and on the desktop (if you did not uncheck the corresponding box):

Do you want to know and be able to do more yourself?

We offer you training in the following areas: computers, programs, administration, servers, networks, website building, SEO and more. Find out the details now!

By double-clicking on which the program will launch, more precisely, first not the program itself, but directly the offer to register it ( Register), buy ( Buy) or use for now 30 -ti day sample ( Later).

Using the program and launching shadow protection

Let's focus on the last point, which is the second (central) in the screenshot:

After this, the program window will open Shadow Defender where you will be asked to select the disks you want " Send to the shadows", that is, just protect by emulating and creating a virtual copy, as it is described in the principle of operation (clickable):

Select the required disks and click the " button Enter Shadow Mode" to start the process. By the way, if you have a LOT of RAM, then part of it can be used to speed up write operations, for which there is a corresponding window on the right above the buttons.

After clicking the corresponding button, you will receive a warning with a not entirely clear selection of options " Enter Shadow Mode on Boot" (enter boot protection mode) and " Exit Shadow Mode on Shutdown" (exit the mode when turned off) and a warning like:

Please save your documents before entering Shadow Mode. To continue click "OK".

Note: In Shadow Mode any changes of the files and folders in Exclusion List will be committed to the original volume with no warning whatsoever.

Which can be roughly translated as:

Save your documents before entering Shadow Mode. To continue, click " OK».

Note: in this mode any changes to files and folders in the exclusion list will be transferred to the original volume without any warnings.

Click " Cancel" and go to the "tab" File Exclusion List" to configure exceptions (using the " buttons Add File" And " Add Folder") or make sure that they are not there:

After this, you will be asked to wait and, if everything was successful, it will notify you that the operation is completed and the disk is protected:

This can also be seen in the list of disks, where the protected ones will be marked with a special icon:

And on top of the desktop there will be a corresponding inscription:

Now let's talk a little about tabs and settings.

Setting up and describing program tabs

In the same program Shadow Defender, on the "tab" System Status"It will be possible to see the status of the work, i.e., how much is employed for protection needs ( Space Used by SD), what exceptions there are, etc.:

Chapter " Registry Exclusion List" will allow you to set, as in the case with " File Exclusion List", exceptions, but unlike the last one, for records or:

Using the "tab" Commit Now" and corresponding buttons " Add File" And " Add Folder" (or by right-clicking in the Explorer context menu) You can record changes to any folders or files at the current moment, that is, this is not entirely an exception to the rule, but “binding” changes to the current volume.

I don’t know how clearly I explained it, maybe the hint will be clearer:

Add the files and folders to the list above, then click " Apply" button, all changes of the files and folders will be committed to the original volume immediately, and once changes happen, you need to commit them again

Approximate translation:

Add files and folders to the list above, then click the " Apply", all changes to files and folders will be immediately transferred to the original volume, and after the changes take place, you need to commit them again

That is, in this way it is possible to record different stages of change, so to speak, and save some of them at a certain point in time.

Well, the tab Shadow Defender administration allows you to set settings..

Like the following:

  • Start with, - run at system startup;
  • Enable tray icon, - show tray icon;
  • Enable desktop tip, - show a notification on top of the desktop (see the text of the article);
  • Enable shell context menu extension, - add an item to the context menu;
  • Enable password control, - enable password protection;
  • Need password when committing files via shell context menu, - enable password protection commit via the context menu;
  • Notify me with low free space on the protected volume, - notify about the small amount of free space on the protected disk;
  • Encrypt write cache, - encrypt write cache;
  • Check for updates automatically, - check for updates automatically;
  • Enable hibernation in Shadow Mode, - work in hibernation mode.

Actually, you can leave them as is or customize them at your discretion. I think everything is clear here.

How to check that Shadow Defender is working?

Now how can you check that it works? Yes, in general it is very simple. For a simple check, just create any file on the disk that you protected or make any changes (delete/copy/move a folder, file or anything else):

In my case, I will delete the folder with the name of the game of the same name Overwatch, where settings, demos, etc. are stored. Let's make sure that the folder no longer exists and create an empty folder called " Sonikelf_shadow":

Now let’s go to the program itself and disable the protection mode (i.e. “shadow” or “virtual” mode) with the corresponding button:

What I will receive is a notification like:

Some volumes you selected cannot exit Shadow Mode (maybe some files ared used by other applications), a reboot or shutdown is needed for the change to take effect.

Do you want to reboot or shutdown now (After a reboot or shutdown, OS will exit Shadow Mode automatically)?

Which, roughly speaking, can be translated as:

Some selected volumes cannot come out of shadow mode (the files may be in use by other applications) and require a reboot or shutdown for the changes to take effect.

Do you want to reboot or shut down your computer now (after reboot or shutdown, the OS will automatically exit shadow mode and unload used programs/files)?

Which in itself is logical, because I switched the system disk to shadow mode, which, logically, is used by the system itself, the browser and other programs and applications Windows. Accordingly, the following options will be offered:

  • Exit Shadow Mode and reboot now(exit protection mode and reboot now);
  • Exit Shadow Mode and shutdown now(exit protection mode and turn off the computer now);
  • Reboot or shutdown later(do this manually later).

I will select the first item, wait for the reboot and... I will see that after it all the changes that I made (deleted the folder, created a new one) were rolled back:

This affected, of course, all the changes on the disk that I protected (i.e. the system one) and, accordingly, even the tab in the browser I still had was the one that was open at the time of switching on Shadow Mode V Shadow Defender"e, because the browser stores and caches data in system folders on this disk.

I think that after such a “feint” with your ears, the principle of operation should already be clear to you. I will add something else in the afterword, to which, in fact, we will now move on.

Afterword

Overall, - Shadow Defender This is an amazing tool for protecting data and quickly rolling back any changes, including malicious ones. With some skill, this is a good way to protect confidentiality, they say, if anything happens, then I am not me and the horse is not mine. You can buy it, if necessary (or from the developer’s website, although not everything is so transparent and convenient there).

However, this approach has a significant flaw - it does not protect against theft of any personal data. That is, if, while working in protected mode, a Trojan penetrated you and managed to leak credit card data or something else onto the Internet, then when the system is rolled back, the Trojan may no longer be on the disk, but the data seems to be already leaked and at the same time, due to the rollback, you may not even know about it, because the virus is no longer there, and you didn’t even notice when it was there :)

Among other things, this in some way creates a load on the disk (and the computer as a whole, especially if you encrypt the write cache, etc.), consumes a certain amount of space and other resources, which is worth keeping in mind.

Well, it’s paid, yes. Although, frankly speaking, . However, there are also free analogues that we may tell you about over time.

In an article about an alternative approach to security using Shadow Defender, we decided to tell readers on our site what kind of utility it is. Indeed, recently people are increasingly beginning to abandon antiviruses and switch to proactive shadow protection.

What kind of software is this

It is worth noting that this is not an antivirus. Many webmasters boldly claim that if you install Shadow Defender, you won’t need an antivirus at all. In general, yes, but Shadow Defender takes a slightly different direction. The antivirus blocks the entry of malicious code, removes it, and scans pages on the Internet. Overall, it does a ton of work. Because of this, it “eats” RAM. The hero of our review approaches this issue in a more cunning way. It simply “fools” the malware.

Essentially, Shadow Defender is not a computer protector. But if used skillfully, it can completely replace an antivirus. The entire operating principle of the utility comes down to creating an OS image.

Shadow Defender scans the operating system. It remembers the location of all files, their number, size. After that, it takes a snapshot of the system. It includes not only the number of files, but also all settings. Externally, the user does not notice any changes. But in fact, after setting up and turning on the program, it works not with the root Windows, but with a virtual image.

Thus, the user exposes not the real OS but its double to the attack. This provides enormous opportunities in terms of protection.

First of all, we can forget about the “Unverified Publisher” threat that Windows often reports to us. Even if you purposefully install a virus on your PC, it will not cause any harm.


Also, you don’t have to worry about accidentally deleting some important system files. Moreover, you can even uninstall Windows. Virtual, of course.

It is worth noting that the program will work even after a reboot. Because of this, there is a problem of data not being saved. You can play the game, and its “save” will simply disappear. To prevent this from happening, you need to add some folders and files to exceptions. For an inexperienced user, this is a difficult process, since he does not know which file is responsible for saving Word documents or his games. But if everything is configured correctly, there will be no problems with protection.