How to undo quarantined items with SpyShelter

I installed trial SpyShelter yesterday. Today, starting PC, I got a warning and chose to deny (CefSharp.BrowserSubprocess.exe), which messed up Windows 11.
Under “App launch” in SpyShelter it says “Deny” in red and this is also checkmarked. However, the choices “Allow” and “Remove rule” have no effect!
How can I revert the quarantine??? to get my PC to work again?

Hello,
I’m a user like you and as a test I quarantined a executable file in SpyShelter rules tab. Clicking on “Allow” or “Remove rule” worked as expected so I’m sorry but I really don’t know why it isn’t working for you. Maybe SpyShelterCarl could help to solve your issue.

@knutfg

Sorry for the issue. Please note we do have an option to avoid allow/deny notifications completely where SpyShelter itself makes the decisions. To do so please go to our “Protection” tab, then at the top middle choose Easy mode.

To solve the issue please go to our “Rules” tab. Click “quarantined” under search and you should see the .exe appear that’s quarantined.

Click the words “Quarantined” to its right in the row. Click where it says “Deny” next to “App Launch” then choose “Remove Rule”.

@knutfg

You responded to the email from the Discourse forum instead of responding in the forum itself, but I received your reply and responded to you back via email. Please check your email to see my response so I can help you, or feel free to follow up here instead.

If anyone else is having a similar problem in the future, please go to our Protection tab, then at the top middle switch our Protection to “Off”. It should disable all Application Control features and solve any issues with SpyShelter rules immediately while you make changes to the rules under our “Rules” tab.

Click “Quarantine” at the top of the “Rules” tab under the search box, then find the quarantined app, then click its icon, then where it says “Deny” set it to “Remove Rule”.

Then if everything is OK you can switch our Protection feature back on, or consider using our “Easy” mode under the Protection screen if you don’t want to deal with Allow/Deny windows. Our “Easy” mode will automatically kill known threats, but will not ask you to Allow/Deny anything.

As an FYI:

Cefsharp.browsersubprocess is used by .NET for embedded Chromium browsers in stand-alone apps.

It’s on my Widows 10 for running Garmin Express in managing data and features on PCs for their watches via USB. It’s unsigned (go figure) and I had to allow it, SS15 being in its suspicious mode.

As you’re running Win11, you might check if whatever app you’re using is the latest version.

Otherwise, Carl wrapped it up quite well!

2 Likes