Datpol might want to contact the AV Labs again since most now are scoring an "user decision" alert as a "pass" in the tests. On the other hand, a registry mod alert from a valid app would be scored as a false positive. So I can see why they don't want to participate in the lab tests.
Not many updates for Spyshelter , is that a good thing , like it's working well no bugs ? Or has development slowed down ? For a while it was updating quite often . Just wondering
Encounter the error 'Cannot connect to driver' after updating to OS Build 15063.13 (Windows 10 Creators Update). Is anyone else having the same issue? Thank you.
Yes, see reply #895. Personally I've uninstalled SpyShelter and I'm now relying on a combo of Zemana AntiLogger, HMPA and Comodo Cloud Antivirus (for autosandbox) which is really enough for my needs, I like HIPS but... I don't really NEED it personally. Also, the freedom of not having to answer alert after alert as soon as I want to do something is a kind of newfound freedom that is rather nice, I had forgotten how this felt like. That's just me though.
Well, the point is that SS should be tested against malware that it should be able to block without user-interaction. It should be able to block key-loggers and banking trojans automatically. So that's why I never understood why MRG and AVLab never include SS into their reports. Perhaps you can tell him this, I would like to know what he thinks.
Yes it can be refreshing, but without HIPS you don't really know what type of modifications apps want to make. I believe the most alerts are triggered by registry keys being modified and child processes being launched during app install, it would be cool if SS could ignore this stuff. Only certain reg keys need to be monitored. Without all of this, you would see that alerts would be drastically reduced. I have also disabled a couple of features (open process/thread monitor) to reduce alerts, and you could also use the auto-allow feature.
Hi, Thanks for the reply. I wrote to support yesterday & the reply was 'No Timeline yet'. So most probably it will take quite a while before it is compatible with Windows 10 Creators Update. For those who intend to update their OS, please take note of the issue.
SpyShelter 10.9.1 Released – Windows 10 1703 Support Added Posted on April 11, 2017 in News | Blog Homepage
This was fast. Shortly after the release of Windows 10 Creators Update they are able to provide a working SpyShelter version
Indeed a rather fast reaction, kudos to the devs. I just wish their support would reflect some of that...
Why SS should do it? Only due to possibility to join MRG tests? It would be not reasonable for me: questionable profits and perhaps accusations of preparing software for specific test like Comodo years ago for Matousec's tests and not for real live. At the end the question - how in your opinion SS should get such possibility - be able to block without user-interaction - assuming to use non-signatures technology?
What I meant is that SS offers features like anti-hooking and keystroke encryption, this should auto-block already active malware, like keyloggers and banking malware. Zemana was often tested by MRG in the past, and it also offered a user controlled HIPS. But I'm not sure how they tested it.
One issue that I'm having with SpywareShelter is that Corsair Link, the software that controls liquid coolers, works on a driver-level. Every time I put my computer to sleep and re-awken it Link asks permission for the driver to do its thing. Ok. Great. Except that SpywareShelter cannot create a rule for a file that is only temporarily there, meaning that there can be no rule for it and I get prompted about it every time. It's very annoying. Any idea how to "fix" this?
Can't you just give the app that registers the driver, permission via "edit rules"? I have never encountered such a problem, and doesn't Process Explorer also dynamically loads a driver every time that you run it?
@n8chavez There is few way to solve your problem 1)Add certificat from drivers to trusted vendor .. 2)Make manual allow to folder or exlusion on SpyShelter 3)Check in optios to turn more compatibility with software 4)If you have some issue you can try exlusion process from encryption mode becasue is other stand alone egine which can also make some problems with drives. I use SS since exist its rly light and pure secure software.
No. I can't do that because by the time I try to manually try to create the rule the file is gone and I can't create a rule for a file that is not there. Interesting. I didn't even think about option #1. I will try that as soon as I can. I'm sure that will solve the issue. Thanks all!
Weird, Process Explorer also loads a driver every time it runs, so the driver is never actually registered, and I can make a rule for it.
Where do you turn off alerts for the AntiNetworkSpy hook? Can I turn off the alert without disabling the hook? I get one alert every 3 seconds for Firefox. I'm giving SpyShelter a test drive. Also, can I disable the AntiNetworkSpy Hook only for specific applications?
I finally found the option to disable the alert for AntiNetworkSpy. The developers should allow the user to click on the alert, and redirect them to the location in the GUI to disable the Alert. It was a major pain in the ......! I can see that detouring people from using SpyShelter right away. I still wonder if there is an option to disable AntiNetworkSpy Protection for a particular application. I don't want it manipulating anything with my Flashcard App. I worry it could cause corruption when syncing to the cloud. I have a flashcard set in Spanish with over 200,000 translations that I have been working on for about 7 years. I don't want anything that could potentially cause data corruption when syncing to the cloud.
Hello @Cutting_Edgetech, "Settings" > "Advanced" > "Enable showing tooltips of AntiNetworkSpy module" "Settings" > "Security" > "Processes not monitored by AntiNetworkSpy Module" HTH ...
I finally found that one after looking way too long. Thank you puff-m-d! Its good to know that an application can be excluded from the AntiNetworkSpy Protection module now! Now all that's left is being able to disable AntiNetworkSpy alerts for a specific application.
Isn't that what the feature does? It won't monitor the app, so you won't see any alerts about that specific app. EDIT: You probably mean you don't want to be alerted about the browser (or other app) being modified, but that's not recommended because you need to know that you might be under attack.
