Hi I'm having a little play with System Safety Monitor (again ) and I'm not sure what to make of this. I'm having a look in the Registry module (curiosity only as this the area of my most ignorance) and in the Registry Objects list there are some keys that have descriptions that would appear to be malware/trojans according to Google. For example:- HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WOW\boot Description - Infostealer.Coced240b HKCU\SOFTWARE\Microsoft\Internet Explorer\Main Description - Backdoor.Pointex HKCU\SOFTWARE\Microsoft\Command Processor Description - WORM_HITON.A This is on a what I believed to be a clean back-up Any ideas on what any of this means. I can't even find that 2nd key in regedit. Is it something I'm not understanding about the Registry Module in SSM I'd rather ask here in the first instance than at SSM forum as I know I'll get an independent viewpoint. Is it suspicious ? Thanks in advance.