SpyShelter 10

Discussion in 'other anti-malware software' started by Mops21, Jul 30, 2015.

  1. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    Realy?? Two questions:
    - how many time a month have you wrote to him?
    - there was different issues or always the same (process hollowing?)
    BTW...what are the apps that correctly detected process hollowing?
     
  2. guest

    guest Guest

    HMPA and i think ESET and Comodo detect and block too.
     
  3. hjlbx

    hjlbx Guest

    1. It was only a few times per month
    2. Different issues reported as discovered
    3. ESET, Emsisoft, HMPA, Vipre, etc

    Hollow process is essentially code injection, but SpS has a problem with consistent detection and prevention of code injection on 64 bit systems.
     
  4. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    125
    Location:
    Finland
    Im using Spyshelter Premium and im quite happy with it. Its only software, when, for example Steam is doing its update and of course when steam.exe is changed, it prevents steam to start until i tick "allow". On ESET, the same behauvior causes a pop up that an .exe has changed, but in the background steam updated itself and started and that ESET "do you want to block it" etc...So, ESET is an excellent AV and Firewall. For HIPS and Keylogging Spyshelter and HMPA for Exploit protection rather than ESET one. Personally i prefer layered solution, so if your AV or IS easy to get killed by a malware, you still have 3rd party kernel based keylogger and hips to prevent direct disk access, combine that with Vlad's and Dan's VD you're pretty covered i think :)
     
  5. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    125
    Location:
    Finland
    @hjlbx, have you tried an executable by using SS restricted mode?
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    He's not using SS anymore, but it's mostly useful to protect certain apps against exploits. If they don't have access to certain parts of the file system and registry, it should be difficult to successfully run malware. But I got annoyed by it, because when you need to save files, you obviously need to make certain folders writable.

    Yes it's a good product overall, I've noticed that when I block certain things when installing software, it really does block them. So normally speaking it will also block malware that make use of the same methods.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    Yes that's a pity. You would hope that support would be more open to bug reports and requests. Actually, they are open to this, but sometimes it feels like they are too quick to dismiss reports.

    No way, I will never use Comodo products again, they might be technically quite advanced, but I always had weird problems with it. That's why I decided to settle for SS, which might not be perfect, but is quite stable and will block most stuff.

    Actually, when I switched from Win XP to Win 8, I ran without HIPS for 3 months, because I wasn't happy with SS, but there simply isn't a better alternative when it comes to a standalone HIPS. PrivateFirewall is too clumsy and Zemana has decided to kill the user controlled HIPS, and now acts more like a behavior blocker combined with a cloud AV.
     
  8. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    Yes...it is...but SS has also the feature to protect folders. I didn't test such way but I think those certain writable folders you can add to list of protected with "personal" attribute so it will means that only allowed processes can read/write the content of it. The rest will be prompted.
     
  9. Using the latest free version on my Asus Transformer, (auto-allowing Microsoft+auto blocking susipicios behaviour, only HIPS enabled)

    a) Chromium "open other process with update intend (40) is not shown anymore"
    b) Loading of driver of ProcessExplorer is not blocked anymore

    Not mentioned in the release info, but they must have implemented some changes of the HIPS
     
  10. hjlbx

    hjlbx Guest

    I think Datpol is silently making changes to the HIPS - instead of posting what exactly was fixed and on which bit systems in the release change logs.

    Why Datpol would go that route I do not know - because advanced users that are interested in knowing about fixes are essentially left in the dark - unless those users are willing to put forth real effort to test the soft to determine what might have been fixed.
     
  11. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    One month ago we were talking about this issue on our Polish forum...it started due to my fault but the finish was quite surprising and maybe this is answer for your question :)
    https://safegroup.pl/temat-spyshelter-firewall_4263?pid=209531#pid209531
     
  12. I am from Hol-land not Po-land, so maybe you could translate.
     
  13. hjlbx

    hjlbx Guest

    Don't even bother to try Google Translate. It is terrible at translating Polish. I already tried...
     
  14. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    :argh: :D
    "Don't even bother to try"...sorry guys...still have big fun while reading yuor comments :p
    Place, don't feel ofended ;)
     
  15. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,760
    Just for you :)
    Attempting to sumarise ichito's post there. In [square brackets] are my comments.

    On Vista I used about 30 versions of SS since v9 ... When I use SS I don't need anything else except few on demand such as Shadow Defender, no conflicts.
    I installed new version and looks like SS keeps up with my writing [my note: communication with SS or typing?], perhaps the cause was Firefox where versions newer than 47.1 don't have CoolPreviews which is to me useful.

    Two things:
    Delay of typing just started - see attached [my note: I'm not logged in there, cant see, looks like ProcessExplorer]
    Another issue - strange behaviour of SS, which I told SS about, is that it does automatic block of PRocessExplorer, even though it's used by many and now comes from Microsoft. Loading and registration are blocked, but the process itself is allowed for two further actions [my note: image is of SS log, and I have trouble translating the last sentence]
    Another, Third issue - headers of log are in English.

    ichito - what the heck is "sterownik" in English? Driver? I never learned computer-speak in Polish, hence my troubles.
     
  16. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    41,759
    I think yes.
    sterownik = driver
    sterownikowi (sterowniki (?)) = drivers
    niektóre sterowniki do = some drivers
     
  17. Poppey

    Poppey Registered Member

    Joined:
    Nov 23, 2015
    Posts:
    36
    Location:
    Germany
    I have installed SpyShelter Firewall 10 and have problems to start VoodooShield. When I deinstalled SpyShelter, VoodooShield starts automatic with Windows 10. When I installed SpyShelter, VoodooShield do not start with Windows. It is also not possible to start VoodooShield manual. You see a little work at the mouse pointer but VoodooShield do not start. When I close SpyShelter it doesn't help. I have to deinstall it. Do I have some special configuration in SpyShelter?
     
  18. hjlbx

    hjlbx Guest

    SpyShelter and Voodooshield are both HIPS and will conflict with each other. I have seen SpyShelter do this with other softs with HIPS functionality - like Webroot.

    Anti-executable is a specific type of HIPS.

    VS is an anti-executable.
     
  19. Poppey

    Poppey Registered Member

    Joined:
    Nov 23, 2015
    Posts:
    36
    Location:
    Germany
    Ah ok, so it is not possible to have both programs running?
     
  20. hjlbx

    hjlbx Guest

    No, I suspect not, but I have never tried a SpS-VS combo. SpS prevented other HIPS-like softs from working properly though...
     
  21. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    404
    Location:
    router
    there is no conflict here between SSF and Voodooshield in windows7
    backup spf rule
    try full uninstall spyshelter and Voodooshield
    reboot
    install SpyShelter Firewall -reboot-set in ask user
    then install Voodooshield-when spyshelter ask or allow deny allow them or go to install directory of Voodooshield
    and allow its all exe

    i a enjoying from spyshelter and how very well it work
     
  22. hjlbx

    hjlbx Guest

    He ain't using Windows 7...
     
  23. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    404
    Location:
    router
    i know that's why i put windows 7
    if it not work on 10 he must contact support so if it is really bug they will fix it
     
  24. hjlbx

    hjlbx Guest

    Datpol will recommend to remove Voodooshield. It is stated on their homepage that SpS might interfere with other security softs that have HIPS-type functionality.
     
  25. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    404
    Location:
    router
    https://www.spyshelter.com/help/#spysheltercomp
    anyway it work here as i tested and restarted pc
    Voodooshield seems to be only command line blocker and anti exe
     
    Last edited by a moderator: Oct 7, 2016
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.