System Safety Monitor

How do you set this program up after downloading? I have Windows XP Home Edition. I would appreciate the help.

 

Run the executable after it is downloaded and install SSM in a directory such as C:\SSM.
Then in your file browser, doublclick the exe file in the SSM folder.
This will place SSM in your system tray. Doublclick it and make sure under options start SSM automatically is checked. Now comes the fun. Minimise it not close and right click the SSM icon. Check watch app activity. It will ask if you want to ok the services and programs that are currently running, so say yes unless you have a trojan running. .
Now as you load applications it is going to ask you what you want to do. Choose the top options to allow the program, unless it is a bad guy. It takes a while to get all the programs allowed, but after the initial day or so it slows down to a trickle.
Look it over for a couple of days to get a feel for what it does. Its a great program. Hold off on enabling plugins until youre ready to do a little trial and error. I'll help if you need it.

 

Under "preferences" -> "options" tab -> "notifications" , I also usually like to have "alert if application was terminated by SSM" and "alert on miscellaneous application activity" checked. The second option will display a notification if a DLL/code injection has been blocked. Just personal preference to have these enabled.

Most Application Activities that SSM prompt you about is concerning Windows Explorer starting an application that is not on your app list.

 

Thank you both for your replies. Root I am planning on cranking it up this week end so I may be calling on your help.

 

Ok Root I have SSM running . On set up I let it set all the running programs as safe. Then I double clicked on all my short cuts . A box came up to select action for this application. I clicked to allways allow this action. Then the program loaded. Is this what I was supposed to do?

 

Also could you tell me how SSM handles program updates? Thank you for your help.

 

I have another question. Right now everything seems fine. When I look in security it has the option for administrator mode and user mode and a place for password. Right now nothing has been selected . What should I do?

 

Yep. Always allow is the easiest way to go and should be safe as long as you know its your program and no some malware. An exception would be to allow just this time for an app that you do not want to give trusted privileges. I do that for IE when I occasionally use it for updates.

You should get a popup box that says the program is not the program you originally authorized, so clik Ok(Ithink). Then you will get a second popup to set your preference for the new version.

If you don't make a lot of changes, password protecting it should be sufficient. I do neither because I am constantly updating and installing programs. Never tried user mode.

Good to hear you seem to be using it without any hitches. Hope this takes care of your question. If not, let me know.

 

Thank you for your help. Have a good weekend and a very Merry Christmas.

 

I suggest you do some testing to see if all Aps you would be concerned about are stopped in administrator mode vs user mode. Read here Redwolfe's experience with firewar:

http://www.wilderssecurity.com/showthread.php?t=17621

also try the leaktests here:

http://perso.wanadoo.fr/jugesoftware/firewallleaktester/eng/index.html

my experience is placing in user mode will definitely stop any Ap not so in Admin mode.

whether you password protect or not is up to you (added protection against local as well as termination Aps which theoretically should not execute if you are in user mode)

you may also want to enable the terminate windows if SSM is terminated up to you...

good read here also:

http://perso.wanadoo.fr/jugesoftware/firewallleaktester/eng/pageweb/software.html

 

I had read the post on firewar . It seems that after going to user mode it stopped firewar in either mode. I may wait a few days ,till I know I have all my trusted apps. allowed then go to user mode. Thank you. If you have any other suggestions ,I'm interested.

 

you may want to reread that thread, the way I recall the sequence of events, redwolfe could not successfully defend against firewar dropping his firewall until it was suggested he move SSM from admin to user mode...

not a big deal just right click in & out unless you set a password

 

Thank you peakaboo. I didn't know it could be switched back and forth so easy. This is from the post that was referenced. [ thanks, peakaboo.. that worked, switching it from administrator to user mode.. now it is stopping firewar even in administator mode.. 'don't know why it wouldn't, before. ssm is running smoothly.. ]

 

Has anyone donated to SSM? I'm a little leary. Yesterday while attempting to get to the web site my firewall popped up blocking my credit card info.

 

Hi WIlliam,

just curious you went here:

http://maxcomputing.narod.ru/ssme.html?lang

which led you here for the donation:

http://order.kagi.com/cgi-bin/store.cgi?storeID=6CXAX&&

which allowed you to securely enter your credit card info:

https://order.kagi.com/cgi-bin/store.cgi

what did your firewall say?

mine didn't even burp.

lots of adstuff, Java aplets, JS etc which proxo kills on that 1st site but nothing bad as far as I could tell

 

Actually I was waiting for the site to load when the firewall popped up. I have DSL and last night his site was very slow. It reminded of the old Windows 98 days wilth dial up.

 

This is the page that I had clicked on.http://kormushkin.narod.ru/ . I had gotten this from somewhere.

 

I have Norton firewall and I don't remember exactly what it said . I know it said that it was blocking credit card info.so I told it to block it.

 

interesting...

you got to the correct site after redirect:

http://maxcomputing.narod.ru/ssme.html

be interesting to see the log from Norton on that exception if you're logging

maybe Max will see this and address

 

Interesting. There is a thread at DSL about gettting a similar warning at the DSL forum.
http://www.dslreports.com/forum/remark,8861288~mode=flat
Perhaps a problem with Norton.
Just a thought.

 

It was probably a false alarm. I went into Nortons log and I couldn't tell where it was. It is very unusual for my firewall to stop something like that.

 

Root can you tell me what the Registry plug in does and do you think that it is needed? Hope you had a nice Christmas.

 

As far as I can tell it is meant to guard certain registry entries that load at startup.
I can't use it because it is giving me constant logging entries for some reason or another. Haven't got around to investigating it yet.

 

I don't know if I want to try it. I have had a strange thing happen a couple of times. After leaving the computer and then comming back the SSM was keeping the win\defrag.exe from running. No one had told it to defrag. I think the screen saver caused it , but I don't know why. The screen saver had been ok' ed

 

I would guess that your defrag has some kind of schedule then, possibly to defrag when the screensaver kicks in.

I am reasonably sure SSM will not start anything on its own.