Helios Rootkit Scanner

Rootkit detector and cleaner with same name as the old Helios trojans.

http://helios.miel-labs.com/

 

If nothing else I recommend you read the white paper. It has some good knowledge as is well written.

con

 

Thanks for the pointer. An interesting site/app.

 

Thank you

Did you try clicking on the MIEL e-Security link?

My browser form some reason say the site is trying to install an active-x.

Using IE 7.0 I click on the little yellow warning bar at the top and click more info and all seeing eye pops up and say an active-x was loaded anyway LOL
and asks to authenicate.

What is the deal with the active-x on that page?

 

Interesting proggy. The videos were cool to watch.

 

No problem with Active X here, as I'm using Firefox...

 

No problem here either with active-x but was just wondering why the site is using it?

Con

 

Are you sure it is? I just browsed the entire site with IE6 and didn't get any warnings about Active X and I have all settings to "Prompt".

Maybe IE7 is going mad?

 

At the MIEL e-Security link it just wants to show you a little eye candy\advertisement using shockwave

 

Hey Bubba thanks. yes that is what I get with firefox but IE 7.0 may think it is an active X. The strange thing is all seeing I said it actualy installed a couple files. one was a DLL. That isn't common with flash or shockwav is it?

I posted in PG about Pg not noticing it with all options checked except for new or changed apps. Will PG stop active-x?

 

Very, very unstable, many reboots, lots system crashes, if trying to unhook something or advanced detection..
in case you have many hooks (procguard.sys, vsdatant.sys...)

Gmer is so much more stable and mature with handling things.
Gmer is the first pro gui sdtrestorer.

 

Hey System Junki


Yes I have Gmer and ice Sword. I think what the deal was with IE. is it needed a add-on to play the shocwav and that would require an active-x install. Firefox allready hads it.

Have you tried out Helios yet?

 

I haven't had much trouble with all seeing eye but I can look back at the logs I guess to see what happened. Maybe after a few more cups a joe.

 

Correct....and the add on is Adobe\Macromedia shockwave as represented by it's CLSID in the above post...."clsid: D27CDB6E-AE6D-11cf-96B8-444553540000".

 

Does anyone know if this is a ligit file?

 

I know it is a ligit system file normaly but I wonder why all a sudden after all this time it happens. Her is what wintask says about this system file.

http://www.liutilities.com/products/wintaskspro/processlibrary/shmgrate/

It must be one of those morning where I need to update my tinfoil hat again.

 

It is legit.

@controler: I like All seeing Eye.

I tested Helios, but as mentioned above lots instability probs.