I need(ed) help with SpyShelter!

Discussion in 'other anti-malware software' started by ratchet, Jul 9, 2011.

Thread Status:
Not open for further replies.
  1. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    So I used it for a day and it drove me nuts. It kept alerting everything it allowed, which was bad enough but what really drove me crazy was, it really slowed the opening of any application, e.g. CCleaner from quick launch nothing would happen. I'd have to try to launch it several times before it would open. It was the same case with other applications and even folders. I tried to turn off all the alerts but never figured that one out. My firewall was Comodo and only the firewall. Did I bail to soon?
     
  2. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,108
    Location:
    Sofa (left side)
    There's a bunch of apps listed in your signature, but which of those were you also using when you installed Spyshelter?
     
  3. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Less alerts mean less security. However, it's configurable with SpyShelter, so try changing Settings->Security->Certified Applications to "Auto Allow - Medium security level" for slightly less security, but also less alerts.

    SpyShelter also checks Digital Signatures unless it's set to "Ask user" (ie. ask for every app requesting monitored action), and checking digital signatures takes a couple of seconds usually. This is only done once though when it's added to the B/W List, with subsequent checks being much quicker due to it only checking the hash. The digital signature will be checked again though if the component changes.

    Zemana is not needed if you have SpyShelter.
     
  4. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    Thank you for responses! Privatefirewall had been replaced with Comodo firewall (only) and SS had replaced Zemana.
     
  5. Spruce

    Spruce Registered Member

    Joined:
    Dec 18, 2010
    Posts:
    291
    How safe is the medium level really, heard about malware stealing sign certificates o_O
     
  6. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,108
    Location:
    Sofa (left side)
    Auto-allowing an application just because it has a valid digital signature is very risky. There's a lot of malware out there with valid digital certs. In AVG's Q2 2011 report they noted that they " detected 53,834 pieces of signed malware in the first 5 months of the year comparing to 39,102 during the whole 2010, indicating an increase of over 300%. Although in the last few years we have seen many faked digital certificates in use by cybercriminals, the use of stolen
    legitimate keys is a major trend these days."


    So trust certificates at your peril. Microsoft, Google and Adobe are OK, but others I wouldn't trust. Comodo CIS is a great example of bad implementation of the approach of trusting digital certs in security software. Their CA list is huge - do they audit each of these companies to ensure that their certificate management policies are strong, with all private keys stored in HSMs, managed under dual control etc..?? Have a guess!
     
  7. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    can you provide us with some screenshots ..Thanks:D
     
  8. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    858
    Location:
    Blue Ridge Mountains
    I tried it once and I didn't care for the way that it dealt with trusted and untrusted programs and a few other pet peeves. After a few days I removed it.

    Some time later on, I tried to reinstall the program (newer version) twice and each time it disabled my keyboard (but thankfully not my mouse). I was able to uninstall without a problem each time and my keyboard functioned normally thereafter but I don't think I'd take any chances with it again anytime soon.

    ratchet, forgive me if I've forgotten, but have you tried or had any experience with Online Armor? Imho it's a great program with lots of excellent options not found in many other apps which attempt to achieve similar ends.

    YMMV of course but when it's working nicely on my XP Pro system it's my favorite of the FW/HIPS/Anti-logger options.

    Food for thought. (Us "old" guys need to stick together. :shifty: )
     
  9. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    SnooPFree;) :thumb: :thumb: a good legendary anti-keylogger:thumb:
     
  10. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    removed ot posts. stay on topic of helping with the util please
     
  11. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,108
    Location:
    Sofa (left side)
    @Spruce - Just to add further to this, the whole subject of anti-malware apps trusting digitally signed applications has several other layers to consider including the internal list of trusted CAs that the ant-malware app holds, as well as how it checks for revocation, e.g. realtime or against an internal blacklist. Positive features are having an easily editable list of trusted CAs (e.g. PFW) or a Trust Microsoft only setting (e.g. Spyshelter, Zemana). But it's such a big subject that it can't be really be discussed in detail here without going totally OT

    @Ratchet, I've never found the level of alerts particularly high when using SS, so it's a bit of a mystery why you're seeing this. Maybe you did bail too early. What apps were you seeing the alerts from? In terms of the slowdowns, I saw this as well when opening an app for the first time. Sometimes it could take forever, but the problem disappeared the second time of opening the app, so it wasn't much of an issue for me. I put it down to a conflict somewhere, but didn't investigate too much because it was only a minor annoyance that quickly disappeared.
     
    Last edited: Jul 10, 2011
  12. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    I used the free version for a while and then had a free license. My only problem with it was that it would sometime forget rules for apps I trusted.
     
  13. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    Sorry, it's gone!
     
  14. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    858
    Location:
    Blue Ridge Mountains
    Might be worth trying again...I haven't been experiencing that issue.
     
  15. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    I believe a bug was
    recently fixed in the latest version 5.40 related to this issue - you could sometimes be alerted again when a B/W rule already existed.
     
  16. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    858
    Location:
    Blue Ridge Mountains
    I believe that the program that ratchet was referring to regarding that issue was Online Armor, not SpyShelter.
     
  17. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    Some ole guys are right on top of things! lol
     
  18. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    858
    Location:
    Blue Ridge Mountains
    Well, it's good to know that I'm not a candidate for Aricept just yet. :p
     
  19. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
Loading...
Thread Status:
Not open for further replies.