Rootkit detection

You might want to do a little checking on this product. GMER - Rootkit Detector and Remover

From what I found on the net his the hackers tryed to kill the distribution of his program by dos attacks on any servers that had it.

It would make a very nice addition to the commodo defence line.

Thanks for that Ghostmaker.
We are aware of gmer, however we haven’t seen any new development on it yet and is yet to be vista and x64bit compatible.

thanks
Melih

Hi Melih,
GMER is Vista compatible with some limitations though (e.g, can not boot into GMER safe-mode), and the latest version was released 2007.06.26
The developer of GMER, Paul Laudanski Przemyslaw Gmerek, is one of CastleCops’ admins sponsors.

Thanks for the info nubiatech.
what is the problem with GMER in safe mode then?

Melih

GMER has a feature where a system can be rebooted into “GMER safe mode” (not Windows safe mode). This feature is not supported in Vista.

GMER safe mode is basically a minimalist Windows with GMER as the only window running on a blue background. There are only 4 processes running on the system : gmer.exe, csrss.exe, system, and system idle processes (PID 0).

From inside GMER you can run command processor (cmd.exe) or RegEdit (regedit.exe), in addition to being able to manipulate services start types (manual, auto, disable, system, and boot).

I have read this topic and then used Gmer. The result is clean! Why?

Because, for me, there are 2 main reasons for a clean PC:

1- Using a secure browser (I cannot forsake Firefox).
2- Using a strong firewall (I love CFP).

Melih is rightful in his last interview. “Era of scanning and detecting” was ended. CFP with HIPS is the utmost point.

aXes

however, not everyone haf enuf knowledge 2 prevent. ‘scan n detect’ is so ez 4 everyone.
i support da idea of adding a user-friendly rootkit scanner, like panda’s or avg’s, to CAVS3.