I need(ed) help with SpyShelter!

So I used it for a day and it drove me nuts. It kept alerting everything it allowed, which was bad enough but what really drove me crazy was, it really slowed the opening of any application, e.g. CCleaner from quick launch nothing would happen. I'd have to try to launch it several times before it would open. It was the same case with other applications and even folders. I tried to turn off all the alerts but never figured that one out. My firewall was Comodo and only the firewall. Did I bail to soon?

 

There's a bunch of apps listed in your signature, but which of those were you also using when you installed Spyshelter?

 

Less alerts mean less security. However, it's configurable with SpyShelter, so try changing Settings->Security->Certified Applications to "Auto Allow - Medium security level" for slightly less security, but also less alerts.

SpyShelter also checks Digital Signatures unless it's set to "Ask user" (ie. ask for every app requesting monitored action), and checking digital signatures takes a couple of seconds usually. This is only done once though when it's added to the B/W List, with subsequent checks being much quicker due to it only checking the hash. The digital signature will be checked again though if the component changes.

Zemana is not needed if you have SpyShelter.

 

Thank you for responses! Privatefirewall had been replaced with Comodo firewall (only) and SS had replaced Zemana.

 

How safe is the medium level really, heard about malware stealing sign certificates

 

Auto-allowing an application just because it has a valid digital signature is very risky. There's a lot of malware out there with valid digital certs. In AVG's Q2 2011 report they noted that they " detected 53,834 pieces of signed malware in the first 5 months of the year comparing to 39,102 during the whole 2010, indicating an increase of over 300%. Although in the last few years we have seen many faked digital certificates in use by cybercriminals, the use of stolen
legitimate keys is a major trend these days."

So trust certificates at your peril. Microsoft, Google and Adobe are OK, but others I wouldn't trust. Comodo CIS is a great example of bad implementation of the approach of trusting digital certs in security software. Their CA list is huge - do they audit each of these companies to ensure that their certificate management policies are strong, with all private keys stored in HSMs, managed under dual control etc..?? Have a guess!

 

can you provide us with some screenshots ..Thanks

 

I tried it once and I didn't care for the way that it dealt with trusted and untrusted programs and a few other pet peeves. After a few days I removed it.

Some time later on, I tried to reinstall the program (newer version) twice and each time it disabled my keyboard (but thankfully not my mouse). I was able to uninstall without a problem each time and my keyboard functioned normally thereafter but I don't think I'd take any chances with it again anytime soon.

ratchet, forgive me if I've forgotten, but have you tried or had any experience with Online Armor? Imho it's a great program with lots of excellent options not found in many other apps which attempt to achieve similar ends.

YMMV of course but when it's working nicely on my XP Pro system it's my favorite of the FW/HIPS/Anti-logger options.

Food for thought. (Us "old" guys need to stick together. )

 

SnooPFree a good legendary anti-keylogger

 

removed ot posts. stay on topic of helping with the util please

 

@Spruce - Just to add further to this, the whole subject of anti-malware apps trusting digitally signed applications has several other layers to consider including the internal list of trusted CAs that the ant-malware app holds, as well as how it checks for revocation, e.g. realtime or against an internal blacklist. Positive features are having an easily editable list of trusted CAs (e.g. PFW) or a Trust Microsoft only setting (e.g. Spyshelter, Zemana). But it's such a big subject that it can't be really be discussed in detail here without going totally OT

@Ratchet, I've never found the level of alerts particularly high when using SS, so it's a bit of a mystery why you're seeing this. Maybe you did bail too early. What apps were you seeing the alerts from? In terms of the slowdowns, I saw this as well when opening an app for the first time. Sometimes it could take forever, but the problem disappeared the second time of opening the app, so it wasn't much of an issue for me. I put it down to a conflict somewhere, but didn't investigate too much because it was only a minor annoyance that quickly disappeared.

 

I used the free version for a while and then had a free license. My only problem with it was that it would sometime forget rules for apps I trusted.

 

Sorry, it's gone!

 

Might be worth trying again...I haven't been experiencing that issue.

 

I believe a bug was
recently fixed in the latest version 5.40 related to this issue - you could sometimes be alerted again when a B/W rule already existed.

 

I believe that the program that ratchet was referring to regarding that issue was Online Armor, not SpyShelter.

 

Some ole guys are right on top of things! lol

 

Well, it's good to know that I'm not a candidate for Aricept just yet.

 

Oops