It is thanks to Sony that the concept of rootkits were made available to a larger audience. While they have been known before that for a while, it was not really a issue that many computer users had to deal with before that. When Sony started to ship some of its music CDs with rootkit like software - which was only protecting CDs if you inserted them into a Windows PC by the way - a larger audience became aware of the threat.
GMER is one of the programs that you can use to scan your system for rootkits. While it is not as convenient to use as the recently released Malwarebytes Anti-Rootkit, it is a highly respected program in its field.
GMER is a portable program that you can run after you have downloaded it on your system. It uses a random program name to prevent malware from blocking its execution. It scans the system for threats right away and displays those that it has found in its interface.
I highly recommend running a full system scan instead of the quick scan. While it will take a lot longer to complete, it is more thorough as well.
It is usually necessary to verify the findings before you take any actions. It is best to verify the findings with other rootkit software before you take any action. Usually, if it is a program you trust it is more likely a false positive than a hit.
A right-click opens a context menu with options to deal with the findings. Options are context sensitive, which means that they are only active when it makes sense. The delete service option for instance is only active if the selected type is a service. The same is true for processes or files.
The top bar displays links to system information that may help you investigate a potential rootkit. You can get a listing of all processes running on the system along with options to terminate processes, display the loaded modules, use a file browser or list all the services installed on the system.
The new version includes the following new features and improvements:
Update: Version 2.1 of GMER has been released. It added third party software component scans to the program, improved services and Registry scanning, and fixed a Windows 8 lock issue.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.