Understanding Rootkits and its affect or rather the ill affects is very important for high end and normal PC users as well. A Rootkit is a curation of malicious software which when authorized for installation can create a havoc in your machine. The rootkit will give the attackers access to the entire system thus making it easier for them to attack your system and in some cases also take the entire system as a hostage.
Delivering the payload is one of the most important step for the attackers, this is something that is carried out by tricking users into believing that they are installing something else, in other words social engineering. The worst part is that Rootkits are extremely difficult to spot as they are clever little pieces of code that hide behind other applications.
The first piece of cautionary advice would be to steer away from downloads that come from unknown sources. If you suspect a Rootkit infection that you think your antivirus software has failed to detect, you should make use of a good Rootkit detector and remover.
We have already taken a look at several free Rootkit remover software. Today, lets take a look at another one called GMER Rootkit Detector and Remover freeware for Windows PC.
GMER Rootkit Detector and Remover
GMER Rootkit Detector and Remover is a light Rootkit scanner tool that comes with a bare basic user interface but yet has been proven useful a lot too many times. The best thing about GMER is that it doesn’t come bundled with a heavy installation file and other unrelated functionalities.
Once you have download the tool just run it and this will open GMER. The main window has options to select the threads, libraries, services, modules, Registry and files you want to scan.
Clicking on the Scan button will begin the scan. The tool scans for It scans for hidden processes, threads, modules, services, files, disk sectors (MBR), Alternate Data Streams, Registry keys, drivers hooking SSDT, drivers hooking IDT, drivers hooking IRP calls and Inline hooks
The tool also includes a “Copy” button that will let you copy the scan results on the clipboard and a “Save” button that would let you directly save the file in the desired text format. Furthermore, you also get to choose the type of scan to be performed, Quick Scan is recommended if you have already scanned the “C:\” once.
The bottom line – it is one of the lightest Rootkit scanner around and yes it does seem to scan every place including hidden one’s. You can download it from here.
Also, check out:
- ZoneIDTrimmer will help you quickly remove the Zone.Identifier alternative data stream
- Phrozen ADS Revealer will reveal possible malicious ADS or Alternate Data Stream files in your Windows file system.