SpyShelter 10

Discussion in 'other anti-malware software' started by Mops21, Jul 30, 2015.

  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,749
    Location:
    The Netherlands
    I believe you already discovered that the "file and folder protection" feature will fail to protect files, if ransomware uses the "process hollowing" technique. In other words, you shouldn't rely on SS to protect against ransomware.
     
  2. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,612
    Location:
    Poland - Cracow
    The clou is the word "IF"...this is the only one method and case I know...and perhaps you also...that someting can bypass SS in anti-ransome protection. It's to less to say that SS fails.
     
  3. Tomin2009

    Tomin2009 Registered Member

    Joined:
    Sep 13, 2012
    Posts:
    83
    I've a few samples bypassed Spyshelter Premium
    I have a few samples bypassed Spyshelter Premium, if you want to have a test, I'd like to sent the samples to you with PM.

    Video link : https://www.upload.ee/files/7166180/Video_2017-06-27_184845.wmv.html
     
  4. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,612
    Location:
    Poland - Cracow
    @Tomin...this is still the same trick with injection code into explorer.exe...and still the same decision "deny". Did you tried tips I've suggested in post #974?
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,749
    Location:
    The Netherlands
    To clarify, I'm not saying it's a flaw, because SS was never designed to protect against ransomware. It's designed to protect against stuff like keyloggers and banking trojans. But people need to be aware of this, and SS should also beef up security. I don't understand why it doesn't protect against process hollowing, any HIPS should be able to do this out of the box, without relying on user input.
     
  6. Tomin2009

    Tomin2009 Registered Member

    Joined:
    Sep 13, 2012
    Posts:
    83
    I will have a try and then record a video here.

    And i have to say if I choose apply to all and deny at the first popup window. Don't you think is it the same with Spyshelter Firewall's anti-execuate feature?

    https://www.upload.ee/files/7187397/AutoAllow_Mode.rar.html

    https://www.upload.ee/files/7187420/Ask_User_Mode.rar.html
     
    Last edited: Jul 3, 2017
  7. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,870
    Location:
    North Carolina, USA
    Hello,

    SpyShelter version 10.9.3 has been released.
    Homepage
    Download
    Blog
    Changelog
     
  8. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    305
    Location:
    router
    thanks for update:thumb:
     
  9. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,870
    Location:
    North Carolina, USA
    Hello @co22,

    You are most welcome ;) ...
     
  10. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    125
    Thanks !
     
  11. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,870
    Location:
    North Carolina, USA
    Hello,

    SpyShelter version 10.9.4 has been released.
    Homepage
    Download
    Blog
    Changelog
     
  12. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    125
  13. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,612
    Location:
    Poland - Cracow
    This info from changelog is interesting
    Does it means that SS Free can be upgraded from 10.8.6 to 10.9.4?
     
  14. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    2,899
    This only means that older changes of SpyShelter Free are still mentioned in the changelog :)
     
  15. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,612
    Location:
    Poland - Cracow
    First time after ca one year? There was already few version without such info...:thumbd:
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,749
    Location:
    The Netherlands
    As expected, no exciting new changes. It's a good tool, but I'm very disappointed with the lack of innovation.
     
  17. Nizarawi

    Nizarawi Registered Member

    Joined:
    May 26, 2008
    Posts:
    133
    installing spyshelter with kaspersky total freez my computer, and return a lot of Microsoft-Windows-DistributedCOM error in windows events --> windows 10
     
  18. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    495
    If you send an email to support
    helpdesk@spyshelter.com
    They might be able to tell you which protections to turn off, so the two programs will stop conflicting. But you will lose protection, even if it works.
    Basically, you are trying to combo two programs that both have a robust HIPS component, and this doesn't work very well.
    There is only room on your system for one HIPS.
     
  19. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    495
    I am having trouble with "folders with write access".
    I put Chrome into restricted apps, and in order to print a web page, I need to add the "spool" folder, located in Windows/System32, to "folders with write access".
    But Spyshelter doesn't see that folder, when I try to add it. See screenshot, showing Windows explorer on the left, and Spyshelter window on the right.

    In file access violations, the folder does display. But when I hover over it, the second half of the path is displayed in chinese characters, and it doesn't work to add it to "folders with write access".
    I have a standard English installation of Windows, there is no chinese on my system.

    Capture.PNG
     
  20. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    495
    Another issue:
    I installed SpyShelter on my admin account, with a 1 year license.
    In my standard account, on same PC, SS says it is registered as a trial version, and the rules I made in admin account are not being applied.
     
  21. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    495
    I reinstalled, this time with support for east asian languages.
    The second half of the path still appears in chinese, when hovering, but from the "access violations" tab I was able to add it to the list of "folders with write access". It appears there, half in chinese. Weird, but at least it works.
     
  22. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    305
    Location:
    router
    SpyShelter 10.9.5 released
    Posted on October 17, 2017 in News | Blog Homepage

    SpyShelter 10.9.5 is now available.

    Biggest and most anticipated change in newest version of SpyShelter Anti-Keylogger is
    the added compatibility for the most recent version of Windows 10, i.e. Fall Creators Update.

    SpyShelter 10.9.5 also includes a bunch of overall security improvements
    as well as some GUI fixes, such as fixing tray notification display issues which some users have experienced.
    Licensing issues on non-administrative accounts should no longer happen.

    In following days, a new SpyShelter product will join the family.

    Stay tuned for more updates and make sure to follow us Facebook & Twitter!

    SpyShelter 10.9.5 (17/Oct/2017) Changelog:

    – Added Windows 10 Fall Creators Update compatibility
    – Notification Balloons updates and fixes
    – Other corrections

    https://www.spyshelter.com/blog/spyshelter-10-9-5-released/
    https://www.spyshelter.com/download-spyshelter/
     
  23. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    125
    Thanks , new product sounds interesting .
     
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,749
    Location:
    The Netherlands
    Wow, I really wonder what type of product they will come up. I'm guessing it won't be related to anti-spyware, so it will probably be anti-ransomware.
     
  25. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    495
    I agree with your guess.
    In the mean time, is there an antiransomware program that works well with spyshelter?
    I am concerned that if the antiransomware program actually springs into action, it will be somehow blocked by SS, then allowing the ransomware to do its thing. I think it would take some testing to know.
     
Loading...