BTW, to get back on topic:
You said that SpyShelter 15 can’t block apps from monitoring the clipboard anymore, right? But then how come other security tools can do this on Win 10/11, according to this test?
I’ve just found this recent article about clipboard hijacking Clipboard Hijacking and How to Prevent It | LayerLogix
According to Step 4: Use Antivirus Software some antivirus offer this kind of protection. As explained in detail by the article posted by RasheedHolland the antivirus suites that were tested by AVLab offer clipboard hijacking protection even on the latest Windows 11 25H2. Some with default settings (Comodo, F-Secure, G Data, MKS_VIR, Quick Heal) while others need hardening their settings (Avast, Bit Defender, Eset, Kaspersky, Microsoft, Norton). The only antivirus suite that failed the Clipboard Hijacking Simulation test was Trend Micro.
AVLab also tested the same AV suites vs. Clipboard Swapping Simulation test with different results as compared to Clipboard Hijacking Simulation test.
According to all the tests conducted by AVLab, the best AV suites seems to be F-Secure Total and MKS_VIR Internet Security, as they offer all those protections with their default settings. I wonder why those protection settings aren’t already enabled by default on the other AV suites. In my opinion it’s better have them all enabled by default and eventually disable some of them if they lead to some issues.
I must admit I didn’t know about the existence of MKS_VIR as it isn’t tested neither by AV Comparative or AV Test so after a Google search I found mks_vir : CyberMadeInPoland . The official website is in Polish language only so this explain why it’s a pretty unknown software.
edited I just noticed that AVLab is from Poland so this explains why they tested MKS_VIR too.
1 Like
Thanks for the background information. To clarify, most of the AVs used a so called ‘‘secure browser’’ in order to pass the tests related to Clipboard Swapping and Clipboard Hijacking, but some didn’t. Which means it should still be able to monitor (and block access to) the clipboard via certain APIs. I believe in this test, a malware simulator was used.
1 Like
We will check that out, thanks! And it’s in 2026 too which is great!
Well, um, the report sez using a “dedicated online banking protection module…with online banking protection mode enabled” to protect against “attempts to replace clipboard content…and transfer it outside the system” for starters. Duh.
Everyone else:
I don’t see what anything about that AVLab test has anything to do with a broad market spectrum product like SS15. Or taking Netmeetings to task over it. I ponder if SS12’s clipboard protection alone would smack down clipboard swapping.
Each of those apps run $40+ a year (with first-buy discounts) for the premium versions with renewals twice that, give or take.
Considering the threat vectors of that test, it is likely a firewall set to detect “first attempt to connect” would evoke an allow/block alert. Run SS15 for the Threat Protection and Application Security, System and File Integrity Controls protections. Because clipboard swapping is more than just clipboard.
From 40 years as a fanatic geek and over 20 years in professional IT support, I shudder when I think of letting one of those enterprise-class products take over my PC; that’s what they do. Microsoft already has enough fingers in my digital pie even with about 50 Win10 processes firewall blocked and MS 360 running in a heavily armored browser.
Cheers.
1 Like
Yes indeed, most of these AVs used a dedicated secure browser, it protects against untrusted apps from getting access to the clipboard. I’m not sure if it can even block extensions from hijacking the clipboard. Opera has implemented protection against clipboard hijackers as well.
1 Like
The point is that it should still be possible to block apps (malicious or not) from getting access to the clipboard in Windows 11. If apps can not read the clipboard, they should not be able to perform clipboard swapping and clipboard hijacking. I don’t know how SS 12 would perform in this test, but it was designed to block this kind of stuff.
1 Like