SpySweeper injects sis.dll into PG

Discussion in 'ProcessGuard' started by emwebb, Jul 9, 2005.

Thread Status:
Not open for further replies.
  1. emwebb

    emwebb Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2
    Location:
    North Carolina USA
    Hi, running Process Explorer allows you to view the dlls within a selected process. In every process, WebRoot's Spysweeper has injected a dll named "ssi.dll". This includes pgaccount.exe, procguard.exe and DCSUserProt.exe.

    I'm not having any problems, but am concerned that PG's global DLL injection function doesn't warn me about this DLL.

    Any thoughts?

    Thanks,
    Eric
     
    emwebb, Jul 9, 2005
    #1
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    You have spysweeper.exe on your protection list and it is a trusted program, therefore it can do pretty much as it likes with the permissions it needs to do it's job. In my protection list spysweeper has the following attributes. i.e. Protect from Termination and Modification - Authorised to Modify and read and Allow install of driver/services.

    With authorised to modify it can load it's .dll into other programs including those on the protection list.

    HTH Pilli
     
    Pilli, Jul 9, 2005
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...