Spyshelter Released Free Version And Updated v4.17

Hmm seems very interesting, i am going to try this one out for a while.

 

Well, I downloaded the Zemana Tests and the SpyShelter Security Test Tool
-SpyShelter Free PASSED them all !!!
-DataGuard AntiKeylogger FREE FAILED them all !!!

 

Thx for taking the trouble of prooving my (and Bellgamin's) point. It is a great freebie

 

Still BSOD's at install/reboot XP VM.

Selecting "Last known good config" and the VM boots.

The Rogue "Virus Protector" goes straight through SS?

 

-http://www.youtube.com/watch?v=TqPitmo5_tc&feature=digest-

 

@ All

SpyShelter is an anti keylogger application with HIPS like features. A HIPS looks at attack vectors (e.g. access to the physical memory or a dll injection). When you do not know the forensics of a malware it is not much use to test it against it.

When you would have a sample of the Zlob trojan, Threat Expert reports the following behaviour http://www.threatexpert.com/report.aspx?md5=ffdcea0ed88d47bc21d71040f9289ef4 SpyShelter should react on the registry key creation when it is an autostart key and the service registration. Simply doing the Languy, Matt stuff of grasping a list of malware domain links, is <self sensorship>

@ Franklin

Come on man, you are to knowledgeable (at least you earned my respect) to post something like https://www.wilderssecurity.com/showpost.php?p=1698494&postcount=29 Where is the Buster Sandbox Analyser report, so I understand the context / relevance of that post?

You have to enable all the protection options of the freebie
See https://www.wilderssecurity.com/showpost.php?p=1697855&postcount=15


Protection provided by SS against (I am sure tested myself):
see https://www.wilderssecurity.com/showpost.php?p=1698427&postcount=1


@Aigle

Something to try your set of PoC's against (thanks in advance)


Regards Kees

 

Sandboxie/BSA isn't installed on that VM.

Kees, if you care to take another look at the pic I posted you will see that SS had denied "setup(3).exe" (Virus Protector executable) from starting. Put ya glasses on man!

Can confirm Languy's finding in the rogue "Security Tool" still starts after hitting deny.

Dunno why some seem to be getting their knickers in a knot as the authors of SS are aware of this thread and any probs pointed out can only help the app get better.

Installed SS via Sandboxie/real system to get a BSA report.

 

In regard to posted picture: had not seen that, my bad

In regard to buster sandbox analyser. I had hoped you could show the analysis of the rogue with buster, not spyshelter

Just had seen a video of some guy testing a cloud AV and he could not find the data base update This sort of coloured my reaction. I am happy to see your are not posting <self censorship> these test, I have to look and read better before accusing a good member.

 

I have never seen BSOD with Spyshelter on Vmware or real system.
SS is not blacklist/herulistic based anti-malware software. It is Antilogger+HIPS
It can block many dangerous behaviour but maybe rogue software hasnt got dangerous behaviour.


Kees1958 right;

 

Virus Protector drops heaps of invalid exes/dll's and which are as fake as itself which it uses for it's fake detections scan.

BSA Report:
View attachment Analysis.TXT

 

Franklin thanks

What an execellent tool BSA

 

I decided to try the free version and got some weird clipboard related behavior after awhile. Copy and cut broke completely and paste (using the keyboard) resulted in the letter v being pasted. I use CLCL so this was the prime suspect, but setting an exclusion didn't help. Oh well.

 

I had a similar problem. I use "Lock My PC", a 3rd party app, to lock my work PC after 10 minutes of inactivity. Αlthough I added it to the exclusions (and all the program folder subsequently) I couldn't make it to work. From the time that the PC was locked, it was impossible to unlock it, the program didn't intercept the password keystrokes.

 

I installed SS on an XP machine with G-Data AV, Online Armor and Zemana in place. Installed fine, but system locked up after reboot. Not sure which was the culprit, but as I would be getting double protection with Zemana anyway I was able to uninstall SS without issue in safe mode.

 

Online Armor and Zemana are already a bit overlaped, so maybe add SS also is not a good idea.




Staff note: A new version update thread has been started, so, we closed this one. Continue in this thread.