SpyShelter 10

Discussion in 'other anti-malware software' started by Mops21, Jul 30, 2015.

  1. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
  2. ance

    ance formerly: fmon

    Joined:
    May 5, 2013
    Posts:
    1,359
    Does it work on Win 10 - 64 bit? :doubt:
     
  3. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    Haven't tested in Win 10, but probably not. Turns out that:
    • Zemana Antilogger Free (!) works ok in Win 8.1 x64 but has serious problems with KIS 2016 in browsers resulting in the fact that you cannot type anything in the browser. I am not going to give up Kaspersky protection.
    • Zemana paid version does not work at all and they seem to have abandoned it and update only the free version for some unknown reason
    • HitmanPro.Alert works ok but for browsers only and does not protect other programs
    • Keyscrambler Free works ok in the browsers but there is no trial for the paid versions to see if other progs are also protected - otherwise it looks most professional but of course is anti-keylogger only
    • The worst so far seems to be SpyShelter - does not block anything - although I thought it would be the best according to reviews...
    Very disappointing - you can't trust software these days, even if you pay for it...
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,843
    Location:
    The Netherlands
    On my Win 8.1 system, SS does correctly block all of the SS and Zemana tests. I wouldn't be surprised if SS conflicted with KIS, because KIS is quite complex software with an advanced HIPS. You probably don't need SS when you run KIS.
     
  5. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    That's strange, I shut down KIS completely so there should be no real conflicts. The strange thing is that neither anti-keylog nor anti-screenshot tests worked. Of course some of the other antimalwares may have altered something... However, if SS can be "disabled" that easily I can't really rely on it. Does SS AntiTest.exe show up somewhere in your rules? It seems to be kind of invisible to my SS Firewall.

    Or was it defeated by a recent Windows update?
     
  6. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    @Anguel
    Your opinion are curious...realy :) During quite 6 years of its developing SS was tested many times on different systems and in configurations with many other/different security software and probably there is no test which show that is weak or useless as you said. Its range of anti-logger protections is the widest and you don't find app which offers similar one.
    I think you should read carefuly intsruction of the test and the part about possible issue. The most important is...if we want to test something we have to know what and how we want to check/prove.
    Below there are some examples of alerts in my privat test with TestToll from SS...everyone was passed

    ss test.jpg
     
  7. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    @ichito
    Ok I uninstalled KIS completely and reinstalled SS.
    Now SS finally catches the AntiTest.exe process and asks me what to do (like in your screenshots).
    It works ok without KIS.

    Then I reinstalled KIS and SS does not detect the AntiTest.exe process anymore, like it would not exist so it does not ask what to do.
    I also added SpyShelter GUI and SpyShelter Service to trusted applications in KIS and allow them to do anything.
    I also added KIS avp.exe and avpui.exe to keystroke encryption process exclusion list in SS.
    I also set hooks guard to "better compatibility" mode.
    It does not work: AntiTest.exe still manages to capture all keystrokes and set any hooks and neither SS nor Kaspersky prevent that.
    Don't know what else to test...

    BTW: Zemana confirmed incompatibility of Zemana Antilogger Free and KIS for browser input.
     
  8. scorpionv

    scorpionv Registered Member

    Joined:
    Jan 28, 2016
    Posts:
    33
    I can confirm Spyshelter works very well. Installed the Spyshelter Premium trial on my workstation, and it does catch all kinds of programs. Quite refreshing to see that some webbrowsers take permission to use the webcam, while just visiting a forum (not Wilders Security). Spyshelter blocks this behaviour, alerts the user, and more. Screenshot programs like SnagIt capture blank pages, and a relative harmless keystroke counter is intercepted and reported.

    Initially, Spyshelter asks your permission every few minutes, but it learns quickly. After two weeks, it just sits in the system tray, watching silently.

    No need to say I'm very satisfied. The only unsatisfactory thing is the pricing of the lifetime licences. 3 licenses at 70 USD each or 215 for 5 licences is just too heavy on my wallet. If only they could lower or discount this to about 120 USD.
     
  9. ald4r1s

    ald4r1s Registered Member

    Joined:
    Apr 8, 2013
    Posts:
    53
    @Anguel
    Most likely because pseudo-HIPS in KIS is conflicting with SpyShelter. Try disabling it and restart your PC.

    @scorpionv
    From my point of view, having a lifetime license nowadays is a huge privilege since very few vendors offer it. I have been using SpyShelter for almost 5 years now, so I would say that lifetime license definitely is a solid investment when compared to 1 year license prices.
     
  10. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    I also tried running SS as a service - no change, same behavior. It still does not even notice the test tools (it's own and Zemana's).
    I have no idea what KIS is doing there but if SS is as good as you describe it should at least notice that there is something wrong. It lets all hooks be set, it lets all keys be logged.
    I have also contacted SS support yesterday but have not received any response.
     
  11. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
    SpyShelter 10.6.8 released
    Posted on January 29, 2016 in News | Blog Homepage

    The significant change featured in version 10.6.8 is a complete removal of Skins in SpyShelter.

    Skins were present in SpyShelter since it’s early days. Over the years, SpyShelter received a great number of new features and upgrades, and they all required adjusting the graphic user interface for each skin. This created a lot of problems, very time consuming problems. Our studies have shown that most of SpyShelter users prefer the default skin, therefore we decided to focus on developing SpyShelter in one universal User Interface. SpyShelter Default skin was always the standard one, and the recent interface changes made other skins obscure.

    In the end, SpyShelter is a security application. It has to get it’s job done, therefore we want to focus all of our resources on upgrading core features our software and improve one interface.

    SpyShelter 10.6.8 (29/Jan/2016)

    – Added support for Windows 10 Insider builds 11099 & 11102
    – Fixed truncated captions issues in User Interface
    – Fixed visual issues with corrupted grid lines in lists
    – Removed Skins select feature

    -----------------------
    will new skin very nice but it use more ram cpu.
    i contacted them to restore no skin mode that's simple and good.i always use no skin mode
    what do you thinks?
     
  12. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    176
    No skin don't bother me , it's how it works that counts .
     
  13. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
    will hope it will back
     
  14. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,287
    Location:
    Québec, Canada
    Congrats on removing skins.
    SS runs in the tray most of the time anyway.
    I see no point in skinning in a security app, no offense to users who like that.
    Just my POV.
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,843
    Location:
    The Netherlands
    I had a couple of GUI problems with the new skin, but I still need to check out the newest version. Personally I prefer the AlterMetro skin, so I'm not happy with this decision. To be honest, I think the developers are focusing on the wrong things, there are still lots of other things that need to be improved, I'm not seeing any real improvement and innovation.
     
  16. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    I liked another one but now I have to prefer its deffault skin...and I can always come back to previous :)
    BTW - this move of developer was correct and I think they in fact shouldn't waste the time to resolve problem from second plan.
     
  17. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
    yes,in recent version some part of update is always for skin.and now we have one skin and they put more time to add core features as they say
    so this move good.
    but i hope no skin mode come back. :)
    and this new skin have cause lag and cpu usage go to 40% when switch between rule in general tab
     
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,843
    Location:
    The Netherlands
    LOL, I thought that scrapping the skinning feature should have fixed performance problems, but seems it has become worse, at least for you. I'm not sure what's going on, why don't they focus on improving the GUI (log window) and protection features? For example the log window is currently quiet useless, events from trusted apps and system apps should not be displayed, plus we need a separate column for allowed/blocked behavior.
     
  19. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,602
    Location:
    North Carolina, USA
  20. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
    yes.see this video

    https://uptobox.com/05it5y7yyc0e
    http://www81.zippyshare.com/v/MC8qZqkr/file.html
    270kb
    it just feel running an antivirus!

    thankyou
     
    Last edited: Feb 7, 2016
  21. ald4r1s

    ald4r1s Registered Member

    Joined:
    Apr 8, 2013
    Posts:
    53
    Finally Redstone support :thumb:

    What is this ****** link? Since when do we do sms-premium services here?
     
  22. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
    well i try to upload here but wont upload.if you want see don't need to buy premium services.just click create download link then download it.its free don't worry
     
  23. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,570
    The file can be downloaded,but if cookies are not allowed for the site and you don't have adblocking enabled ,I get all sorts of popups from mbam blocking malicious urls .
     
  24. scorpionv

    scorpionv Registered Member

    Joined:
    Jan 28, 2016
    Posts:
    33
    Tested SpyShelter Premium with good results, but for now, I'm not that thrilled about SpyShelter Firewall.

    The Firewall part just blocks some programs, without asking me to create a rule, auto-creating a rule or even showing a balloon message that it is blocking something.
    The Log Window / Log File shows the firewall 'Blocked execution of an application', but no rule is created, so there is no easy way to allow the program to run. The 'Auto-block suspicious behaviour' switch does not affect this behaviour, it is a firewall thing. To get the program running, I have to create a rule by hand and allow all.
     
  25. scorpionv

    scorpionv Registered Member

    Joined:
    Jan 28, 2016
    Posts:
    33
    Found some time to investigate:
    1. Part of the blocking is done by the Application Execution Control in SpyShelter. This blocking does NOT show up in the Log Window, and NOT in the more detailed log file. The Application Execution Control is a rather sketchy dialog, with application names, and a permission to execute or not. The blocking stops when you allow an application to run in the Application Execution Control. Yes, it makes sense, but in my opinion, an application block based on this rules should still show up in the Log Window, because now you don't have any clue why a program is blocked.
    2. Another part is related to shared network folder access over a VPN connection. I can't get it to work with the SpyShelter Firewall enabled. As soon as I disable the Firewall part, it works like a charm. I added local and remote network to the Trusted Network Zones list, but to no avail. Only 'Allowed' in the log file, see below. Any suggestions?

    Code:
    10-2-2016 14:04:40,C:\Windows\explorer.exe,53,Allowed ;Execution of an application ("C:\Program Files (x86)\Cisco Systems\VPN Client\ipsecdialer.exe" )
    10-2-2016 14:04:40,C:\Program Files (x86)\Cisco Systems\VPN Client\ipsecdialer.exe,53,Allowed ;Execution of an application ("C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe" )
    10-2-2016 14:04:40,C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe,48,Allowed ;Outgoing network access 
    10-2-2016 14:04:43,C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe,53,Allowed ;Execution of an application ("C:\Program Files (x86)\Cisco Systems\VPN Client\ipseclog.exe" Logs\LOG-2016-02-10-14-04-43.txt)
    10-2-2016 14:04:43,C:\Program Files (x86)\Cisco Systems\VPN Client\ipseclog.exe,54,Allowed ;Receiving incoming network packets 
    10-2-2016 14:04:43,C:\Program Files (x86)\Cisco Systems\VPN Client\ipseclog.exe,48,Allowed ;Outgoing network access 
    10-2-2016 14:04:49,C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe,53,Allowed ;Execution of an application ("C:\Program Files (x86)\Cisco Systems\VPN Client\\VAInst64.exe" e CS_VirtA)
    10-2-2016 14:04:55,C:\Windows\System32\svchost.exe,53,Allowed ;Execution of an application (C:\Windows\System32\mobsync.exe -Embedding)
    10-2-2016 14:05:24,C:\Windows\System32\services.exe,53,Allowed ;Execution of an application (C:\Windows\System32\svchost.exe -k WerSvcGroup)
    10-2-2016 14:11:56,C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe,53,Allowed ;Execution of an application (C:\Windows\system32\netsh.exe interface ipv4 delete address name="31" addr=xx.xxx.xxx.xxx gateway=all)
    10-2-2016 14:11:56,C:\Windows\System32\csrss.exe,53,Allowed ;Execution of an application (\??\C:\Windows\system32\conhost.exe "-17595041634520262981828852738-2022758086-2087023925-10601994402004348274-123292621")
    10-2-2016 14:11:57,C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe,53,Allowed ;Execution of an application ("C:\Program Files (x86)\Cisco Systems\VPN Client\\VAInst64.exe" d CS_VirtA)
    10-2-2016 14:12:07,C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe,53,Allowed ;Execution of an application ("C:\Program Files (x86)\Cisco Systems\VPN Client\\VAInst64.exe" e CS_VirtA)
    10-2-2016 14:12:14,C:\Windows\System32\svchost.exe,53,Allowed ;Execution of an application (C:\Windows\System32\mobsync.exe -Embedding)
    
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.