I checked Datpol website. They fixed sysnative file redirect a while back by adding it in SpS file explorer. It is OK.
I have recently had a similar issue with c:\windows\system32\AtBroker.exe, SpyShelter Firewall was unable to remember my choice to allow AtBroker.exe to execute C:\Windows\System32\sethc.exe. This resulted in continuing pop-ups, in the end I had to manually add this rule to Application Execution Control, since then I have had no recurrence of this issue. I have reported this bug to Datpol, hope this issue is resolved soon.
How did you add the rule manually? Was AtBroker.exe already present in the list and you only had to add sethc.exe to it? I'm wondering since I can't figure out how to manually add the base application, the executor if you will, in this case AtBroker.exe. I know how to add the application to be executed, but not the application that is to do the executing. Also the lack of manual editing of the path and the lack of support for wildcards in said path makes me somewhat frustrated.
Oh yes there is a workaround for c:\windows\system32\AtBroker.exe was a pain. 1. Open SpyShelter Firewall GUI 2. Go to Rules>General>Create rules for a component(second icon just below General tab(icon which looks like a small green plus) or right click on the title Component name. 3. Either enter full path into Component path: or left click ....(button)> to open SpyShelter's File Explorer>locate c:\windows\system32\AtBroker.exe or type in the full path in File name:> press open. 4. Go to Execution of an application>select allow>press ok Note: it will not create rules (HIPS rules) for the AtBroker.exe, but if you now go to Application Execution Control tab, you will find AtBroker.exe amongst the list. Please Note: These steps above will create an allow rule for AtBroker.exe to execute any program. An allow * rule. Which it is advisable to keep, thank you @ichito for your advice! Below is for reference only and uses AtBroker.exe as an example, useful for creating individual rules for other exe's if SpyShelter refuse's to remember them. 5. Right click AtBroker.exe>Create a Rule>...(button)>once SpyShelter file explorer's has opened enter full path into file name: c:\windows\system32\sethc.exe>press open>now the full path is shown in Creating a new rule for atbroker.exe>press ok.(make sure action: Allow is selected) Rule for Atbroker.exe to execute c:\windows\system32\sethc.exe has been created!! 6. PLEASE NOTE: If you wish to monitor,keep track or control what's being executed by AtBroker.exe make sure you remove Allow * rule for AtBroker.exe, else it can execute any program, without giving you an alert to allow,deny or terminate.
Your Welcome, the more people report bugs/issues to Datpol the better. Hopefully these bugs/issues will get resolved in a future version.
Atbroker.exe is connected with e.g. remote access, few system features and some complete different devices (sound, screen, keybord...) and SS which install as I remember 38 hooks can detect actions from different physical sources because of many different reasons. Maybe making stable allowing rule for it in mentioned above way can resolves specific issue but for me it's quite danger to do so...I think user by this way can give full access to the system actually without control.
Hi @ichito, very informative, thank you. I shall make an edit in my post regarding advising to allow AtBroker.exe to be able to execute any program ie allow * rule. EDIT : I have edited my workaround for AtBroker.exe, so that it is advisable to allow AtBroker.exe to execute any program.
Well either you turned on ICMP traffic filtering or you just have few firewalls installed and one is locking other out. Have you checked ICMP checkbox? If so there is no issue, it works like that for ICMP. It 's allowed/blocked for all IPs and this is how SpS FW works. AFAIK ICMP is handled in special way by SpS FW, so traffic for ICMP packets will be allowed/denied for ALL ports despite of your defined rules.
Hello, SpyShelter version 10.8.2 has been released: Homepage: https://www.spyshelter.com/ Download: https://www.spyshelter.com/download-spyshelter/ Blog: https://www.spyshelter.com/blog/ Changelog: https://www.spyshelter.com/blog/spyshelter-changelog/ Note: As of this posting, there are instances on the site where it still states version 10.8.1 (whether not updated yet or typos), for instance on download page where it states 10.8.1 but 10.8.2 is actually downloaded.
Hello ald4r1s, Thanks, that fixed it for me also. The changelog still shows 10.8.1 instead of 10.8.2 though (this appears to be a typo).
Hello ald4r1s, Thanks. I went back and did a force reload of the changelog page for the dozenth time and finally see version 10.8.2... I amended my original post to reflect this ...
It seems like they are not focused on true usability and security improvements, very disappointing. Don't get me wrong, it's still a good tool, but I have a feeling that innovation has stagnated.
I think that you did not read the changelog or you are just trolling. There's a lot of bug fixes and usability improvements in this release. Did you even read the changelog/check those changes?
Hi all Can you check my german translations for this please see the Picture into the circles Decrease self-defense to improve compatibility with third-party software Verringern Sie Selbstverteidigung zur Verbesserung der Kompatibilität mit Software von Drittanbietern Configure external file analyzers Konfigurieren Sie externe Datei-Analysern Enable showing tooltips of autoallowed signed files Aktivieren Sie die Tooltips aus auto erlaubt signierte Dateien zeigen List of processes which are not monitored by AntiNetworkSpy module Liste der Prozesse, die durch AntiNetworkSpy Modul nicht überwacht werden With best Regards Mops21
No trolling, you probably haven't read some of my older posts. It's cool that SS is still being actively developed, but I'm waiting for stuff like: - A better log window - A better firewall - Better rule management - Better data protection
Hello, SpyShelter version 10.8.4 has been released: Homepage: https://www.spyshelter.com/ Download: https://www.spyshelter.com/download-spyshelter/ Blog: https://www.spyshelter.com/blog/ Changelog: https://www.spyshelter.com/blog/spyshelter-changelog/