Need help with system safety monitor full

Discussion in 'other anti-malware software' started by theshadow247, Apr 8, 2007.

Thread Status:
Not open for further replies.
  1. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    in ssm.2.3.0.612.i was looking in prefrences registry and found a box with a check mark in it named malware.and the number 12.should i be worried about this.does that mean i have maleware in my registry.iam running kis.6.0.2.621 with ssm full superantispyware and powershadow.a scan with both kis and superantispyware come up clean.also when i started my system ssm poped up with a box asking me to allow a program that i installed just before the restart and in the box had the name malware so i didnt allow it but the program wouldnt load...
     
  2. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    on my second snapshot i just installed the same file and this is what ssm poped up with process reg dll temp is about to delete a object wich belongs to registry groupe malware.and another box pops saying its adding a object to reg group malware...
     
  3. Clweb

    Clweb Registered Member

    Joined:
    Dec 28, 2002
    Posts:
    127
    Location:
    France
    When you double-click on the "Malware" line, a box opens and all the items (registry entries) classified in the "Malware" group by SSM are listed.
    It does noot mean that any modification of such an item results from the action of a malware.
    The number 12 is in the Priority column.
    Unfortunately the Help file says not many about this.

    Anyway, your snapshots are missing. :doubt:
     
    Last edited: Apr 9, 2007
  4. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    The Malware Group in SSM's Reg protection Rules seems to contain Keys/Values known to be used by specific malware. If you double click each item in the list you can discover what 'malware' is being protected against.

    The choice of Keys in this Group looks rather odd. For example, it is protecting both these Keys:-

    HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLS

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLS

    On the basis that they are created by Win32.Highway. However it is normally the AppInit_DLLS Value on the HKLM tree that you'd protect, since it loads .dlls into many processes on boot-up. I can only assume that Win32.Highway creates AppInit_DLLS as a Key? o_O
     
  5. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    thanks for the reply's.Clweb.and.TopperID.after reading the to replyes and searching for info on ssm i found out the same thing that TopperID.said.thanks again
     
  6. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    thanks for the reply's.Clweb.and.TopperID.after reading both replyes and searching for info on ssm i found out the same thing that TopperID.said.thanks again
     
Loading...
Thread Status:
Not open for further replies.