Security Russian system monitor application manual

Many readers are interested in System Safety Monitor (SSM. It is a Russian system monitoring software that monitors system-specific files (such as registries) and applications. Program To protect system security. Some features are more powerful than the winpatrol we have previously introduced.

Install and start (you can manually run syssafe.exe) SSM in the installation directory, click Close this windows (Close Window) in the pop-up logo window to close the window. At this time, the SSM has been started and started to monitor. We can see the software icon in the system tray.

SSM protects your windows

Since SSM claims to be System Safety Monitor, we need to look at SSM's best practices.

Tips

Enable it with Windows

SSM can be used to monitor and protect system security only when it is enabled at any time. Therefore, you must set it to automatically start with windows. Right-click the software Icon of the system tray, select preferences (Parameter options), open the System Safety Monitor-preferences window, and click the options tab. Select general on the left and change the SSM startup mode (SSM Startup Mode) item on the right to start automatically as aservice (loaded as a Service) (see figure 1 ).

1. Enable SSM monitoring

Step 1: Open the System Safety Monitor-preferences window and click the Plugins tab.

Step 2: Check that the Enable plugins (Enable Plug-ins) item has been selected. At this time, SSM can set the start group and services in the Start menu (Start Menu), registry (Registry Startup item), INI files (system INI file), and iexplore (IE) to implement comprehensive monitoring (see figure 2 ).

2. Add any monitoring item

Compared with winpatrol, which we strongly recommended previously, SSM is better in that it can be customized. For example, if you want SSM to monitor a registry [hkey_classes_root \. ABS], you can manually add the "default" key.

Step 1: Under the Plugins tab, select registry> configuration on the right side of the window.

Step 2: Right-click on the right pane, select Add new item (add new project), and enter hkey_classes_root \. API, enter "default" in name, and enter the "default" key value in value, that is, Photoshop. brushesfile: Select 0 string under value type.

Step 3: after the setting is complete, after the key value is modified, the SSM will pop up a warning window (see figure 3). Press the F2 key to stop the modification and press the F3 key to agree to the modification.

The modification to a key value is already so easy for those network viruses. I have tested SSM with a variety of viruses, such as "securities piracy", and it can easily cope with it.

Powerful program monitoring

Another powerful and useful monitoring feature of SSM is application monitoring, which can monitor every step of the process. In addition, no matter how the program is enabled, whether it is directly opened by double-clicking, or indirectly opened by other programs, or even error programs (including viruses) that are quietly executed due to system vulnerabilities ), regardless of the program format (such as EXE/DLL), SSM reports the user as long as it finds that a new program is enabled, and the user determines whether the program runs.

1. Practical SSM program monitoring

Nowadays, many software installation programs, while installing the software for the user, will also "default" install some things that the user does not need (advertisement/plug-in, etc ). Once you install the software, you can plug it into the hard disk without knowing it ". At this time, SSM can play a blocking role.

By default, SSM does not enable program monitoring. You need to enable monitoring by yourself. The method is simple. You only need to right-click the software icon in the system tray and select watch app activity (monitoring application.

The author then runs the software containing the advertisement plug-in, such as the "QQ auto-timer". Besides the original program, the SSM prompts that there are new programs to be run during installation (see figure 4 ).

Here, SSM program monitoring provides five different options for program opening. The corresponding Shortcut Keys Are F1 to F5. Each item has its own meaning: F1 is "always allowed", F2 is "always blocked", F3 is "only allows system administrators, other users are not included. F4 is "only allowed this time" (the default option), F5 is "only blocked this time", and here press F2 or F5.

The installation continues, but there is an advertisement plug-in. You can use the same method to intercept it.

If it is a virus, SSM is also unambiguous: I also like to download e-books when I am idle. But what if the downloaded ebook is infected with viruses and the anti-virus software does not detect them?

It doesn't matter. There is also SSM. Some time ago, I downloaded an ebook in the EXE format from the Internet. After opening this ebook, the SSM program monitoring naturally requests users to choose from because they want to read books, so I chose F1, F3, or F4, but it was surprising that the SSM warning was popped up, and the program was about to run. When the book was opened, there was naturally a problem, press F2 or f5.

After analysis, we found that this ebook was originally shelled and bound with a virus. Although it bypasses the virus and fireproof viruses, SSM will never disappoint you.

Tips

Click scan in the interface shown in 4 to enable anti-virus software to disinfect the program. However, you must first set the antivirus software directory in SSM. Otherwise, the locate is displayed. The anti-virus software setting method is as follows: Open the System Safety Monitor-preferences window, click Options, click MISC on the left side of the window, and then set it in Antivirus On the right side of the window (see figure 5 ).

2. Add and modify application rules

If you want to set different rules for different programs, you can perform detailed settings in SSM.

Step 1: Open the System Safety Monitor-preferences window and click the Application Rules tab.

Step 2: all running programs are listed here. Modifying the default allowed (F3) of rule (rule) to blocked (F2) will prevent the program from running.

Step 3: Double-click a program to open the advanced rule settings window for the program. You can further set whether the program can be called by other software or call other software (see figure 6 ).

Tips

SSM outside of monitoring

★"Blacklist": if you do not want others to use your MSN Messenger and Outlook Express, you can open the System Safety Monitor-preferences window and click the filters item under the Windows tab, add "MSN Messenger" (without quotation marks) and "inbox-Outlook Express" (without quotation marks), right-click the SSM icon of the system tray, select filter windows captions.

In this way, the two programs disappear as soon as they are opened. You can enter the title bar of other program windows as needed.

★Export the configuration file: Click Save Current Config File as under the service label in the System Safety Monitor-preferences window to back up your configuration file, so that you can use