SpyShelter 11

Discussion in 'other anti-malware software' started by puff-m-d, Apr 17, 2018.

  1. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    411
    Location:
    router
    no,just after finish installation
     
  2. Nizarawi

    Nizarawi Registered Member

    Joined:
    May 26, 2008
    Posts:
    137
    any lifetime offer for spyshelter firewall ?
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    To clarify, did you pass this info to the developer? Because I'm afraid that the things that you mentioned are not of any help. SS doesn't display active network connections (see first link), you can only see connections that have been made in the past. If you disable services and drivers with a tool like AutoRuns, SS will not alert about it.

    http://www.softpedia.com/get/Network-Tools/Network-Monitoring/TCP-Monitor.shtml
    http://www.softpedia.com/get/System/System-Info/AutoRuns.shtml

    That's the thing, I don't have a clue about what will be blocked, so I have never used this setting. I want to be able to choose what type of behavior should be auto-blocked. For example, I don't want to respond to outbound connection alerts, that's why I started using WFC.

    https://www.binisoft.org/wfc.php
     
  4. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    411
    Location:
    router
    SpyShelter 11.2 released
    Homepage
    Download
    Blog
    Changelog
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    It's still boring as hell. When will they come with new features?
     
  6. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Like ... which features do you pine for?
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I already mentioned this in other topics, but there's so much to fix. Like a better logging window, protection against process hollowing, ability to auto-block instead of alerting. Not to forget, a better network monitor and better data protection.
     
  8. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    Use it ...at present you will not find anything better in the "real world" :) I think we should evaluate applications not according to our ideas / suggestions, but so as they are in fact.
    ;)
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    You're kidding me right? Software should always be improved, especially paid software. For example, it would be cool if you could exclude certain folders when you have protected data on a whole partition.
     
  10. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    "Kidding"?..."yes" but due to one reason - to not to be so serious :)...and "no" because I'm rather sure that we have no competitor for SS on the market. I mean apps that can be similar configurable in its features/protection and are still developed. Yes...I egree with you that SS needs some improvement and new features that can draw attention and new users and...for sure...keep old users/customers.
    BTW - is it not reasonable to organise data and folders on local disk to avoid exclusion?...to group some of them?...maybe move some folders to other disk?
     
  11. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    176
    Thaks got the new version , one thing I LIKEiL is how quickly they respond to email they got back to me within 10 minutes of me sending an email question , that alone is worth the price of the firewall , plus the firewall has run smoothly now for 3 years , easy to set up with many good features I Uuse it on ll my computersso far it's worked well
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Exactly, and I haven't seen any new features in years, except for folder protection. I guess it will take too much time for the developers. What also would be cool is if you could allow apps to only access certain protected folders. Right now it's an "all or nothing" approach.
     
  13. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    176
    STILL , if you know what you're doing it's one hell of a good program to protect computers , there is a learning cure but well worth the effort
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I never said it wasn't any good, but there is no innovation. One thing they could easily fix is the logging system, but they just don't care. Also, nowadays a lot of malware tries to steal data like passwords from several apps, see link. SS should really protect against this, but it doesn't.

    https://blog.trendmicro.com/trendla...-shows-off-new-trick-password-grabber-module/
     
  15. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
  16. Space Ghost

    Space Ghost Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    190
    Location:
    Poland
    I think Internet Security module should do the job https://www.spyshelter.com/internet-security/
     
  17. Soft Life

    Soft Life Registered Member

    Joined:
    Aug 10, 2018
    Posts:
    94
    Location:
    United States
    hey, if you're on the fence with spyshelter do it. This thing detects the slightest sniffing on your PC and alerts you. if you want your clipboard watched this will do it.
     
  18. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    176
    have you tested this ? very surprised SS would not protect against this , but can find no tests thst state it passes or fail this new password stealingapp
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I will try to explain with an example, see link. SS will probably block the techniques used in plugin 3, 4 and depending on the type of code injection also 5. Both it won't protect against plugin 1 and 2, since this type of malware simply searches the file system and registry for password files.

    So SS should have had a feature that blocks unauthorized apps from accessing these files. Outpost Firewall did offer such a feature. This is the type of innovation that I'm missing. SS will also not block "process hollowing" automatically.

    https://blog.talosintelligence.com/2018/07/smoking-guns-smoke-loader-learned-new.html
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Here is some more info, this TrickBot malware is using a trusted system process (svchost.exe) for certain password grabbing functions. Because SS doesn't block process hollowing, it's likely that it won't be able to stop it.

    https://www.fortinet.com/blog/threat-research/deep-analysis-of-trickbot-new-module-pwgrab.html

     
  21. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
    Office programs and macros, every1 should know not to use them by now, especially with stuff like Google Docs available, why even use office at all
    So if the infection vector is not there, I don't see how does it matter for spyshelter
    If you want malware to not run on your PC, get an anti-exe
     
  22. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    @Rasheed187
    I think "Plugin1" and Plugin2" can be stopped using feature "protect files/folders" (Settings/Security). In both cases we have browsers and email clients so we can not only restrict such apps but also protect and by this way we can controll access to them...I think we should choose "Personal" category and option "read/write". That trick allows to get the alert about each attempt to access (especialy on "ask user" level).
     
  23. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    176
    thanks I'LL try and set something like that up
     
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Then you must figure out which files to protect and you can't protect the registry with the file protection feature, so it won't work. It's the job of the developers to implement it in a non intrusive way, because you don't want to get alerts from trusted apps.

    That's not the point. SS needs to come in action if AV or user fails. If you're confident that you will never get malware on your system, then you don't need SS.
     
  25. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
    What about read/write protection for
    C:\Users\*\AppData\Roaming\Google\Chrome
    C:\Users\*\AppData\Local\Google\Chrome
    and make exception only for Chrome? Will that work?

    I did that, and also the registry key mentioned in the article for MS Outlook. So far, no problems.

    Anyways, they can only get your login credentials if you store your passwords in your browser, and we all know that's a bad idea.

    @Floyd 57 In order for this exploit to work, you need to do 2 no-nos: run MS Office apps freely, and also allow powershell and other interpreters to run freely.
    But it's the principle that counts. We expect SpyShelter to protect us from data theft no matter what, because that's what SpyShelter is all about.
     
    Last edited: Nov 19, 2018
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.