It is thanks to Sony that the concept of rootkits were made available to a larger audience. While they have been known before that for a while, it was not really a issue that many computer users had to deal with before that. When Sony started to ship some of its music CDs with rootkit like software - which was only protecting CDs if you inserted them into a Windows PC by the way - a larger audience became aware of the threat.
GMER is one of the programs that you can use to scan your system for rootkits. While it is not as convenient to use as the recently released Malwarebytes Anti-Rootkit, it is a highly respected program in its field.
GMER is a portable program that you can run after you have downloaded it on your system. It uses a random program name to prevent malware from blocking its execution. It scans the system for threats right away and displays those that it has found in its interface.
I highly recommend running a full system scan instead of the quick scan. While it will take a lot longer to complete, it is more thorough as well.
It is usually necessary to verify the findings before you take any actions. It is best to verify the findings with other rootkit software before you take any action. Usually, if it is a program you trust it is more likely a false positive than a hit.
A right-click opens a context menu with options to deal with the findings. Options are context sensitive, which means that they are only active when it makes sense. The delete service option for instance is only active if the selected type is a service. The same is true for processes or files.
The top bar displays links to system information that may help you investigate a potential rootkit. You can get a listing of all processes running on the system along with options to terminate processes, display the loaded modules, use a file browser or list all the services installed on the system.
GMER 2.0 What's New
The new version includes the following new features and improvements:
- Added support for Windows 8
- Added full support for Windows x64
- Added Trace I/O function
- Added disk "Quick scan" function
Update: Version 2.1 of GMER has been released. It added third party software component scans to the program, improved services and Registry scanning, and fixed a Windows 8 lock issue.