System Safety Monitor (SSM) allows you to track down Microsoft Windows operating system activity in real-time and to prevent undesirable actions from various malware and spyware programs. SSM’s main goal is to discover and block malicious actions of any application.
features:
SSM keeps track of the activity of all applications already started or being started and allows you to control:
-which application can be started;
-which child application can be started by a selected one;
-which parent applications are allowed to start a selected one;
-whether a selected application is allowed to start if it was modified;
-whether a selected application is allowed to install a driver;
-whether a selected application is allowed to perform code-injection or DLL-injection;
-create/terminate a process (application);
-suspend a process and resume it afterwards;
-watch the list of DLLs loaded by a selected application.
Tracking and blocking changes in the following important operating system parts:
-Windows registry;
-drivers and services state;
-INI-files;
-”Startup” item of Start menu;
-Microsoft Internet Explorer settings.
Window management:
-watches running applications windows;
-runs “black list” of applications windows, closes “unwanted” applications windows automatically;
-browses the list of applications windows created in the system;
-shows invisible applications windows, hides visible ones, enables user input for “locked down” applications windows.
System Safety Monitor Version 2.3
System Safety Monitor 2 beta version was released in 2005. It originally started as a behavior blocker project for home users in 2002. Syssafety Company purchased the software in April 2005 and released the aforementioned beta series in September. The latest freeware version 2.3 has been released and is similar to the previous version yet features some interesting upgrades. It still offers process filtering along with parent-child control of processes. Specific rules can be applied to mediate the start of a process by another process at a particular instance.
System Safety Monitor (SSM) 2.3 continues to be effective against spyware, adware, rootkits, Trojans, keyloggers, dialers, hijackers, and surveillance software. This is conditional on proper user response to the prompts, so beginners take note.
This is a screenshot of the latest version. From this GUI, you can set specific preferences as needed. SSM is a Host Based Intrusion Prevention System designed to protect operating systems from both known and unknown malware including “zero-day” attacks, something that antivirus software updates will not do. SSM will monitor all programs and prevent malware attacks or any suspicious actions.
The new GUI design features a Learning mode to assist with proper configuration. SSM 2.3 is compatible with most anti-malware security suites, though you may want to check just to be sure. SSM 2.3 works at the Windows Kernel level, monitoring in real-time and includes the following features, all of which have been updated:
- Malware and Rootkit Installation
- Driver Loading
- Program Execution
- NT Services Installation and State Change
- Program State and Memory Modification
- Thread and Process Suspension and Termination
- Direct Physical Memory Access
- Low Level Disk Access
- Low level keyboard access (anti-keylogger protection)
- Global Hooks Installation
- System Registry Modification
- Window Opening
- Startup Menu Modification (a definite plus for improving startup speed)
Now the question is: What is new in version 2.3? As stated, the existing features have been updated and the software is easier for beginners to use with the Learning mode feature. New additions include the following:
- New Log Viewer
- Added protection against DirectInput based logging (a recently developed keylogging method)
- New application setting: “Registry access” on application Registry tab (unrestricted access / Checked access / Read Only access)
DirectInput is part of a Microsoft API and it collects input from the user. This input is collected form input devices such as the mouse, game controllers and the keyboard. All data input through these devices is stored for to provide a system for action mapping. Action mapping enables the user to designate particular actions through a particular sequence of inputs from any given device. This data can be recalled easily. Keyloggers that use DirectInput logging are able to extract this data. This means that anything you do with your mouse or keyboard will be recorded and can be stolen. The protection included in SSM prevents this.
Additional improvements and general debugging have been included as well. This new version of SSM has all of the features of the previous version and boasts added protection against new malware innovations.
Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook or Twitter.Related Articles:
System Safety Monitor 2Monitor System Changes With Tiny Watcher
Windows System Monitor What’s Running 3
Microsoft Network Monitor
System Monitor II Gadget, Display Handy System Information On The Desktop