SSM and Hidden Processes

Discussion in 'other anti-malware software' started by WilliamP, Nov 28, 2006.

Thread Status:
Not open for further replies.
  1. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    I have had a SSM pop up saying that I had hidden processes running on my computer. It has happened several times. What is SSM trying to tell me? How can I find out what the processes are? I have posted on the SSM forum but haven't had any answers. Thank you.
     
  2. Get

    Get Guest

    This is what Syssafety says on their site:
    --
    "Rootkit is a technique/tool to hide processes, files, registry keys other system objects from the system and third-party monitoring or scanning tools. Once a Trojan program or some other malware is hidden it can freely do bad things, like personal data stealing or system corruption staying invisible for users. SSM has a new Rootkit detection feature which allows revealing hidden processes for most known Rootkit techniques. NOTE: right now SSM Rootkit detector scope is limited by hidden processes only."
    --
    That's not to say that you're infected, but it's possible. I use SSM-free, but I think in the paid version you can also open the log (Options-tab-> under Log click the "View"-button). Maybe it makes things a bit clearer.
     
    Last edited by a moderator: Nov 28, 2006
  3. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    I checked the logs and couldn't find anything. I don't really feel that it is infected. I just feel there should be a way to find out what SSM is talking about.
     
  4. Get

    Get Guest

  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    The hidden processes are shaded in red. I get those warning occasionally on log in. But once the system is logged in they are gone. I've checked my system thoroughly, so I assume it's something that when starting up appears hidden.

    Pete
     
  6. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    Thanks for the replies. As far as Root Kits ,I have Unhackme and ran it. I tried gmer once and couldn't get my head around it. Pete I think you are probably right. I have noticed that when I get the pop up if I go to learning mode then stop learning mode ,it will tell me that there is things that could be removed . After I ok it I don't get the Hidden Processes pop up.
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    Hi William

    That pop up about things being removed is some what different. I always answer that no. The reason I get it is I will plug in a USB mobile drive, and then I run an unlocking program. Once the drive is removed that process is hanging out there in SSM. By not removing it, it is there for the next time I plug in the drive.

    Pete
     
  8. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    Thanks Pete. From what you said it won't hurt to remove them. Correct? Have you ever tried gmer. I'm trying it again. I am pretty sure that I don't have a problem but I would like to be able to know how gmer is used. Can't find any info.
     
  9. Get

    Get Guest

    http://www.gmer.net/faq.php
     
  10. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    Thanks Get . I have read that, but it doesn't provide a lot of information.
     
  11. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
Thread Status:
Not open for further replies.