{
	"id": "def07758-da1e-4999-a392-5fddfadde62d",
	"created_at": "2026-04-06T00:13:20.761848Z",
	"updated_at": "2026-04-10T03:20:58.522576Z",
	"deleted_at": null,
	"sha1_hash": "75502c41b23eb02b9604f0f5bf246c7c0bf10e73",
	"title": "GMER - Rootkit Detector and Remover",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 42696,
	"plain_text": "GMER - Rootkit Detector and Remover\r\nArchived: 2026-04-05 17:28:15 UTC\r\nNews\r\n2013.01.04\r\npcworld.com: Detect and remove rootkits with GMER\r\n2013.01.03\r\nNew version 2.0.18327 with full x64 support has been released.\r\n2011.03.18\r\nNew version 1.0.15.15565 has been released.\r\n2010.11.24\r\nNew version 1.0.15.15530 has been released.\r\n2009.03.08\r\nNew version 1.0.15.14878 has been released.\r\n2008.03.30\r\nALWIL Software has released AVAST 4.8 containing anti-rootkit based on GMER technology.\r\n2008.01.18\r\nVersion 1.0.14.14116 released.\r\n2008.01.11\r\nbbc.co.uk: Warning on stealthy Windows virus\r\n2008.01.08\r\nwashingtonpost.com: New Nasty Hides From Windows, Anti-Virus Tools\r\n2008.01.02\r\n2007.06.26\r\nVersion 1.0.13.12540 released.\r\nhttp://www.gmer.net/\r\nPage 1 of 3\n\n2007.03.14\r\nJust another DDoS story - One Person's Perspective by Paul Laudanski\r\n\"... Around the middle of February 2007, CastleCops itself became the target of a large scale DDoS. Not new to\r\nthis kind of attack, it is the first time CastleCops experienced such a large throughput at nearly 1Gbit/s ...\"\r\n2007.03.09\r\nAndy Manchesta added catchme into SDFix tool.\r\n2007.02.26\r\nThanks to Marco Giuliani for preparing Italian version of help !\r\nhttp://www.pcalsicuro.com/main/2007/02/guida-a-gmer/\r\n2007.02.21\r\nNew version of catchme with Windows Vista support released.\r\nCatchme has been integrated with combofix developed by sUBs. Keep up the good fight sUBs !.\r\n2007.01.20\r\nAfter over a month of fight my web page is up and running.\r\nThank you Paul Vixie and ISC, Matt Jonkman, guys from register.com, MR Team and everyone who helped me.\r\nSpecial thanks to Paul Laudanski who won this battle.\r\nYou can read about it here: [1], [2]\r\n2006.12.13\r\nMy doman DDoS-ed for the first time.\r\n2006.12.06\r\nI developed sample rootkit \"test.sys\" which hides its file from all public rootkit detectors:\r\nBlackLight\r\nSophos ARK\r\nRootkitRevealer\r\nIceSword\r\nDarkSpy\r\nSVV\r\n...\r\nGMER\r\nhttp://www.gmer.net/\r\nPage 2 of 3\n\nRootkit doesn't create hooks ( SSDT, IRP, SYSENTER, IDT, inline, FSF ) and its modifications are not visible.\r\nYou can see it in action in these movies: test.wmv, test2.wmv ( 0.9MB, 0.7MB Windows Media Video 9 codec ).\r\nThe detection of this type of rootkit will be added into the next version.\r\n2006.11.28\r\nVersion 1.0.12.12011.\r\n2006.10.17\r\nNew tool - catchme released.\r\n2006.06.20\r\nwashingtonpost.com: New Rootkit Detectors Help Protect You and Your PC\r\nSource: http://www.gmer.net/\r\nhttp://www.gmer.net/\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"http://www.gmer.net/"
	],
	"report_names": [
		"www.gmer.net"
	],
	"threat_actors": [],
	"ts_created_at": 1775434400,
	"ts_updated_at": 1775791258,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/75502c41b23eb02b9604f0f5bf246c7c0bf10e73.pdf",
		"text": "https://archive.orkl.eu/75502c41b23eb02b9604f0f5bf246c7c0bf10e73.txt",
		"img": "https://archive.orkl.eu/75502c41b23eb02b9604f0f5bf246c7c0bf10e73.jpg"
	}
}