Spyshelter 4.5 releases

Discussion in 'other anti-malware software' started by bellgamin, Jul 30, 2010.

Thread Status:
Not open for further replies.
  1. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Spyshelter 4.5

    Spyshelter update dated 29 Jul 2010 to version 4.5. Change log...

    - Added new feature (Restricted mode for 32 bit systems)
    - Fixed bug which with occasional exception on alert
    - Security updates
    - Small language corrections and other bug fixes
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE: SS's new "Restricted mode" sounds something like OnlineArmor's "Run Safer" or "Drop My Rights". I'm not sure if I fully understand its potential. If you have comments or clarifications about this new mode please post them.
     
    Last edited: Jul 30, 2010
  2. ViVek

    ViVek Registered Member

    Joined:
    Aug 7, 2008
    Posts:
    551
    Location:
    Moon
    Re: Spyshelter 4.5

    Thanks fo info about update bellgamin

    This new new feature - Restricted mode -looks promising
     
  3. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Re: Spyshelter 4.5

    I rather enjoyed this Q&A from the SpyShelter FAQs...

    Can I install SpyShelter on more than one computer?
    Yes. You can purchase a SpyShelter license for each physical computer that you have.
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    Re: Spyshelter 4.5

    is this protected mode for the free version also?
     
  5. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Re: Spyshelter 4.5

    @ Page42

    Classic :D
     
  6. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Re: Spyshelter 4.5

    I thought so too. :)
     
  7. majoMo

    majoMo Registered Member

    Joined:
    Aug 31, 2007
    Posts:
    938
    Re: Spyshelter 4.5

    Yes. :cool:

    Aditional info:

     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    Re: Spyshelter 4.5

    Thanks Majomo;)
     
  9. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Re: Spyshelter 4.5

    I suggest caution in using restricted mode. I put Firefox into that mode. When I later tried to restart FF, it rebooted my computer. Then Prevx disappeared & I had to reinstall it. Then I again tried to use FF & my computer again rebooted. So I restored a recent image (made prior to installing SS 4.5) & now all is okay.

    It might have been the result of a tug of war between Prevx (which is set to to activate Safe Online every time I start FF) or the fact that I use Runit (a launcher) to start FF. In any event, BEWARE!. Something could be amiss..
     
  10. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    Re: Spyshelter 4.5

    i have my browser,media player and messenger in protected mode and so far so good
     
  11. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Re: Spyshelter 4.5

    Good! Have you tried closing your browser then restarting it?
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    Re: Spyshelter 4.5

    yes i did maybe i am lucky here:D
     
  13. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    Re: Spyshelter 4.5

    If you simply put firefox into Restricted mode, then it would run without any problem.

    But if you put firefox inside SandboxIE then it would not run/open...SpyShelter blocked all the modules/process of Sandbox because it was hooking firefox. Here are the screen-shots ... All the screen-shots were arranged sequence wise ... :p
     

    Attached Files:

  14. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Re: Spyshelter 4.5

    Anyone knows whether restricted mode is simular to restricted user (1 tad more restrictive than limited user in XP)?
     
  15. Morro

    Morro Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    353
    Location:
    Netherlands
    Re: Spyshelter 4.5

    I have the same problem with Firefox/PrevX SafeOnline and this new function of Spyshelter. I can start Firefox but when i want to go to the forums from Bethesda for instance then Firefox locks up. So at the moment this new function is not for me.

    But i did not have the reboot problem and neither did i have to re-install PrevX Safeonline. It was enough for me to remove Firefox.exe from the restricted list.
     
  16. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    Re: Spyshelter 4.5

    the only problem i found was that SS slowed down my browsing speed when IE is restricted:) and i didnt like it,but the idea is great like if you have defensewall or OA or even sandboxie lowering rights
     
  17. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Re: Spyshelter 4.5

    Come to think of it I had a triple whammy on Firefox: (1) I had it set as Run Safer under Online Armor, (2) I had it set as Restricted under SpyShelter, and (3) I had it set to Safe Online under Prevx.

    No bloody wonder their hooks got ensnarled with each other! :argh:

    Now I am wondering & wondering & wondering... o_O

    WHAT is the difference (if any) between Online Armor's Run Safer -- and - SpyShelter's Restricted?

    Does anybody here have a theory?
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Information I have gleaned from SS folks (paraphrased so as to avoid direct quotes) . . .

     
    Last edited: Jul 31, 2010
  18. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Re: Spyshelter 4.5

    Educated guess

    From what Spyshelter allready performs system wide:

    a) blooking hook setting
    b) blocking memory/process modification
    c) blocking access to autostart entries (the few Spyshelter protects)

    Plus policy management:

    d) running in a medium righs = limited user container:


    Some remarks
    Whenever protection is extended you reach a point in which auto-allowing signed applications makes the defense weak (for instance IE8 is signed, but it is vulnarable to attacks itself because IE runs external code through active X, Java and Javascript etc). The guys from Spyshelter are expaning their Anti_keylogger to HIPS. They now seem to make the shift to extending SpyShelter to a general purpose anti-keylogger and targeted enhanced protection (like Appguard does for instance). WHich is smart because it is a good approach to make the program relatively silent.

    1. Impose strong hook monitoring on all programs, allowing signed programs (in general or only from Micorsoft), so deselect all other options of SpyShelter.

    2. Provide extra border security at threatgates (in general internet facing programs), in restricted mode they can put their autorun, process/memory protection in combo with policy management. This is not the same but simular to for instance AppGuard, hence the option to exclude protection of certain folders (giving write access to the monitored application).

    For members running Vista/Windows UAC and plain FireFox with no extra security except noscript/ad-block this might be a good one (remember allways make an image backup before trying Versions ONE features on security or at least set a restore point).
     
    Last edited: Aug 1, 2010
  19. Morro

    Morro Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    353
    Location:
    Netherlands
    Re: Spyshelter 4.5

    LoL i guess not. :)

    But i was wondering about something myself. I used EMET on Firefox, could the changes made by EMET cause problems to for this restricted function of Spyshelter i wonder.
     
  20. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Re: Spyshelter 4.5

    Rogue Security Tool.

    Deny/remember at both prompts and.....

    One.JPG Two.JPG

    Three.JPG
     
  21. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Re: Spyshelter 4.5

    LOL :D
     
  22. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Re: Spyshelter 4.5

    Mhh seems that SpyShelter has the same issue as old WinPooch had. Registry entries can be changed in several ways, Pooch only covered hooks which directly changed the registry.

    Companies should value power users as Franklin, debuggging their software for free :thumb:
     
  23. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Re: Spyshelter 4.5

    Thanks for this excellent post! :thumb:

    PLEASE test Zemana Antilogger.exe against this same rogue.
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    Re: Spyshelter 4.5

    i tried winpatrol plus and winpatrol did his job very nicely againts the security tool rouge;)
     
  25. Eru

    Eru Registered Member

    Joined:
    Mar 23, 2010
    Posts:
    92
    Location:
    Poland - Sosnowiec
    Re: Spyshelter 4.5

    For reminder SpyShelter is a Anti-logger not Anti-virus application :p
    On screens it blocks Security Tool form changing the registry value but not form executing :p
     
Loading...
Thread Status:
Not open for further replies.