GMER?

[Daveski17]

Does anyone use GMER (root-kit detector)? If so, is it better than an on-demand scanner/remover like SUPERAntiSpyware or MBAM?

[jmonge]

the malwarebytes and superantispyware scaners are signniture and few false positive Gmer scaner is not base on signiture for sure will detect very nasty stuff the other 2 may missed but it is very risky if you make a mistake can end up with a unbootable pc after all but if you know what you are doing gmer is a malware destroyer

Is Gmer still incompatible with Win 7? I got blue screens from time to time

[Daveski17]

Quote:

Originally Posted by jmonge

the malwarebytes and superantispyware scaners are signniture and few false positive Gmer scaner is not base on signiture for sure will detect very nasty stuff the other 2 may missed but it is very risky if you make a mistake can end up with a unbootable pc after all but if you know what you are doing gmer is a malware destroyer

OK thanks. I wasn't thinking of using it yet to be honest as I know you have to be careful with it. I wanted to learn more about other people's experiences with it first. I have SUPERAntiSpyware so I should be OK.

[jmonge]

yes superantispyware is a top notch antimalware software and it kicks some butts

[Logos]

Avast 5 anti-rootkit component is using Gmer

[Ibrad]

Quote:

Originally Posted by Logos

Avast 5 anti-rootkit component is using Gmer

I think 4.8 is using it also.

http://blog.avast.com/2009/07/17/ava...5-hidden-gems/
Yes avast anti-rootkit is based on GMER.

[mantra]

under xp sp2 it crashes after few seconds
it start to scan , after an error
and gives me a bsod

1.0.15

sad

got it here http://www.techsupportalert.com/best...ootrepealquick

[blacknight]

Quote:

Originally Posted by mantra

under xp sp2 it crashes after few seconds
it start to scan , after an error
and gives me a bsod

I use XP SP3 and the last version of GMER crashes every time just before the end of the scan: my system freezes and I must reboot. Once it ran right.

[CloneRanger]

The reason it might be giving problems, could be due to not deleting/disabling previous files associated with it. That's why you could get alerts like these







Look in Services etc, do the above, and retry. I used to be able to run different versions of GMER, but he's obviously changed something in later versions. Still a very good ARK though

Running XP SP2 myself.

[mantra]

Quote:

Originally Posted by blacknight

I use XP SP3 and the last version of GMER crashes every time just before the end of the scan: my system freezes and I must reboot. Once it ran right.

today i was downloading files
and gmer freezes my pc , the only way is a hardware reset(reset button)
i was not able to reboot like you

but this could damage the hard disks (reset while they are writing and working)

[mantra]

Quote:

Originally Posted by CloneRanger

The reason it might be giving problems, could be due to not deleting/disabling previous files associated with it. That's why you could get alerts like these

Attachment 217875

Attachment 217876

Attachment 217877

Look in Services etc, do the above, and retry. I used to be able to run different versions of GMER, but he's obviously changed something in later versions. Still a very good ARK though

Running XP SP2 myself.

i did a search with jv16 power tool in the registry GMER , did not find entries
it could be off topic but for the users that have issues for the last version of gmer -->http://www.techsupportalert.com/best...er-remover.htm

RootRepeal could be a good alternative

[blacknight]

Quote:

Originally Posted by mantra

today i was downloading files
and gmer freezes my pc , the only way is a hardware reset(reset button)
i was not able to reboot like you

but this could damage the hard disks (reset while they are writing and working)

When I use GMER I always stop surfing and every other not needed application, but at the same once I had not the issue, now I have it.

[mantra]

Quote:

Originally Posted by blacknight

When I use GMER I always stop surfing and every other not needed application, but at the same once I had not the issue, now I have it.

was you able to reboot via software (start ->reboot) or did you use the reset button?

[CloneRanger]

@mantra

Quote:

i did a search with jv16 power tool in the registry GMER , did not find entries

But did you check SERVICES and DRIVERS as well ?

[mantra]

Quote:

Originally Posted by CloneRanger

@mantra



But did you check SERVICES and DRIVERS as well ?

CloneRanger no
may you tell me which services and drivers should i check ?
did not find a guide about them

thanks a lot

[blacknight]

Quote:

Originally Posted by mantra

was you able to reboot via software (start ->reboot) or did you use the reset button?

Sorry, I had to more correctly write " reset " and not " reboot ": I also can only reset the system after it freezes.

[CloneRanger]

@mantra



In my screenie i'm using GMER v1.0.15.15281.exe but it was downloaded as dt9egt3v.exe directly from GMER's www, and runs as that. He and other coders started randomising their ARKs filenames a while back to help prevent malware targetting them

So don't expect to automatically see references to GMER, as you might not. Instead you need to search for odd looking file names. In my case in the screenie you see pxtdapob.sys loaded in Modules, and there you see it listed as GMER.

Also you may have some software blocking GMER from loading/starting/running. I have to allow it in ProcessGuard and Zemana for instance.

Hope that helps

[mantra]

Quote:

Originally Posted by CloneRanger

@mantra

Attachment 217918

In my screenie i'm using GMER v1.0.15.15281.exe but it was downloaded as dt9egt3v.exe directly from GMER's www, and runs as that. He and other coders started randomising their ARKs filenames a while back to help prevent malware targetting them

So don't expect to automatically see references to GMER, as you might not. Instead you need to search for odd looking file names. In my case in the screenie you see pxtdapob.sys loaded in Modules, and there you see it listed as GMER.

Also you may have some software blocking GMER from loading/starting/running. I have to allow it in ProcessGuard and Zemana for instance.

Hope that helps

hi
i did many tests
i cleaned the temp file
never had the file pxtdapob.sys
it still crashes


thanks

[CloneRanger]

@mantra

Hi, sorry to hear it still won't run

Just for the record, in case you try again with this version or a later one, and for others viewing.

You might not see a .sys named as pxtdapob.sys as i said it could be randomised to anything, but it will be strange looking.

Also for those that can run it, but might still have problems



I suspect one or more of your security software or OS settings "may" be causing the conflict, as i'm able to run it successfully on XP SP2. Having said that, i have NOT installed any OS updates, so that's one possible reason why it runs fine on my comp ?

[mantra]

Quote:

Originally Posted by CloneRanger

@mantra

Hi, sorry to hear it still won't run

Just for the record, in case you try again with this version or a later one, and for others viewing.

You might not see a .sys named as pxtdapob.sys as i said it could be randomised to anything, but it will be strange looking.

Also for those that can run it, but might still have problems

Attachment 217972

I suspect one or more of your security software or OS settings "may" be causing the conflict, as i'm able to run it successfully on XP SP2. Having said that, i have NOT installed any OS updates, so that's one possible reason why it runs fine on my comp ?

when i start it , it starts to scan and freeze my pc

[CloneRanger]

@mantra

Well i'm not sure what it could be but hope that you will have more success with future versions