GMER

I have recently discovered GMER a small program to detect and remove malware Rootkits. It looks good, versatile and user friendly, but I would appreciate the wisdom of Wilders experienced geeks to comment on it. Is it Good, Bad, or Ugly ?

Many thanks, but if I get any anti-John Bull hassle on this thread, you will have to deal with this lot :-

http://i876.photobucket.com/albums/ab327/johnbull17/RottweilerPupArt.jpg

John Bull

 

It is good antirootkit. Many AV vendors like Kaspersky recommend it in case of TDSS rootkit infection.

 

GMER is one of the Best Rootkit Removal Tools!

Here, it is a list of other Anti-Rootkit Tools (some of them don't work on Windows 7!)

Rootkit Unhooker[FONT=&quot]

Sophos Anti-Rootkit [/FONT] [FONT=&quot] [/FONT]

[FONT=&quot]Teazer Rootkit Razor[/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]AVIRA AntiRootkit Tool (It Requires AVIRA AntiVir Personal ) [/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]Avenger [/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]RootAlyzer [/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]F-Secure BlackLight[/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]TrendMicro Rootkit Buster[/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]Panda Anti-Rootkit [/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]Avast! Antirootkit [/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]McAfee Rootkit Detective [/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]AVG Anti-Rootkit
[/FONT]
[FONT=&quot]
[/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]
[/FONT][FONT=&quot][/FONT]

 

List of Free Anti-Rootkit/Rootkit detection software for Windows: here
Although GMER is not listed, it is still the best. The other antirootkit tools I use are Panda Anti-Rootkit, Helios Lite, and IceSword

 

I am impressed with the praise given to GMER so far.

The only thing is that I have carried out several selective scans and every one has resulted in a response freeze. I have had to crash my system every time to get out of it.

I also carried out a full scan which took 5 hours and then stopped. No reason was given and all I achieved was paying for a computer to be powered for 5 hours.

At the moment I have dumped GMER in the Recycle Bin as a bad memory, but I would like to rejuvenate it on the grounds of the highly recommended testimonies from users. I must be having some adverse problems with my download, but with the experience explained above, it just ain`t coming back unless it`s gonna be a good boy and not a pain in the butt.

John B

 

i did have problems also with the slow scaning and also place Gmer in the recycle bin too

 

On my XP box, GMER froze all programs while it was scanning (took like 2 hrs). I was able to save the log file of GMER scan results. After it was done, yeah, the start menu and taskbar did not come back so I had to do a reboot.

I gather GMER crashing the OS/making it unstable is a common problem with GMER.

 

I am beginning to get a bad image of GMER from the comments so far and yours don`t help a bit. Whilst the principle and general picture of GMER is good, I can do without being ~ Snipped as per TOS ~ by a program that does`nt work.

When the GMER Wizard of Oz gets his house in order, I just may give it another swing. But I ain`t going up the Yellow Brick Road arm in arm with the Tin Man just to get my PC all crapped up by a program that is badly designed and unproven.

Happy days are here again and the sky above is blue again - I`ll go back to leaning heavily on what I have got and leave GMER out in No-Mans land.

 

Gmer worked well here. XP pro 32 bit. Just be careful on entries it picks up. Do some addl research before hitting that delete key.

 

GMER is one of the best anti-rootkits available.
Even AVAST Software valued it enough to incorporate it into their own products.

I wouldn't be so high on it if I experienced these slowdowns, stops, or freezes though.
It always worked great for me on XP, though I don't recall ever using it on Vista.
And GMER is still not compatible with Windows 7, so for me it's only a tool used to check others' machines.

 

The same for me. Once was not so, but since last year GMER freezes the pc at the end of the scanning, especially if I flag all the options, that is also " files ". And we are not the only.

 

you must turn off all running programms, the internet connection and so on, also antivirus protection must be turned off.
radix antirootkit is also an good scanner.

 

Are you suggesting we carry out all GMER scans in Safe Mode ?

Once GMER went into response, it froze there and the only way out was to crash the power off. Apart from giving my PC and all it`s lovely organised files a triple thrombosis, I don`t like doing that. I find a fragmented shambles afterwards.

John B

 

Yeah, I found out about that later. When GMER was running, I was in LUA (with GMER running with admin privileges), SuRun on, Sandboxie running, internet connection on, firefox running etc; maybe thats why I had the trouble.

BTW, hasnt GMER not been updated in 5 years?

 

GMER 1.0.15.15281
http://download.cnet.com/GMER/3000-8022_4-10720107.html gives date added as June 16 2010 and Majorgeeks shows December 16 2009, so it looks very much up-to-date.

John B

 

Anti-rootkit software test #3 from Anti-Malware Test Lab

 

Hi Mr.Brian,
Good link, I checked it and GMER got a gold !
Gold Anti-Rootkit Protection Award

GMER 1.0.15.15281 (10,5 из 12 баллов)
VBA32 Antirootkit 3.12 (beta) (10 из 12 баллов)

Mind you Mr.Brian, it looks all a bit of Russian to me.

STOP PRESS

Following the hunch previously questioned, I did two simple scans in Safe Mode and GMER worked perfect with no problems. One test Registry and the other Files. Panel came up - No infections.

So it looks pretty firm that GMER scans must be done in Safe Mode to avoid problems. At least, that is what I will do based on my experience.

Could anybody please tell me the most likely targets for Rootkit Malware in the GMER selection list ? Shown here :-


John B

 

From the GMER home page FAQs ...
Question: Can I launch GMER in Safe Mode ?
Answer: Yes, you can launch GMER in Safe Mode, however rootkits which doesn't work in Safe Mode won't be detected.

Best advice has already been given...

 

Have used it a few times when fixing PC's but haven't really found anything dangerous with it

 

How do you know if it finds anything dangerous? It must highlight them in red right? Mine gave a long list of programs under the rootkit/malware tab, but all were in black.

 

Yes, the entries in red are the only ones you should concern yourself with.

 

I found Gmer worked best in safe mode other wise it would crash even with security programs disbled.

 

+1 Agreed

I tried it several times when new build come out and got same result

Freezzzzeee It didn't work for me

 

Yes, that's exactly what it did to me, freeze. It's a very tempermental program.

 

CORRECT ! Several other posters confirm crashes and problems running GMER outside Safe Mode.

I don`t give a fig what Rootkit bugs cannot be detected in Safe Mode, if the GMER program does nothing but crash the system under normal running, then it ain`t really a lot of good, is it ?

As for turning off my Firewall and AV whilst still connected to the Internet, you must be joking. It`s a preposterous suggestion. So I shut down my defenses and let GMER sort out the Rootkit bugs whilst an army of other bugs just walk in by invitation through the back door ? That suggestion is unworthy of being posted on a serious security Forum.

Whether you like it or not - it is either run GMER in Safe Mode or dump the program.
If GMER was a professionally designed program, there would not be the number of complaints posted as are seen on this thread, including my own. It would work like a well oiled clock just like a thousand other programs do.

We are not here to justify the problems that GMER has, but to arrive at a users conclusion whether the program is a worthwhile and trouble-free prospect to install on our computers. The current picture is not good.

AND as a grand finale :- Even after a successful GMER scan in Safe Mode, the Start> Shut Down Computer DOES NOT WORK ! I still have to crash it.

John B