How to Use GMER to Remove a Rootkit

By Craig McPherson

i Jeffrey Opp/Demand Media

Rootkits are a particularly nasty type of spyware that compromises the security of any user of your system or network. Rootkits came to prominence in the mid 2000s when Sony BMG, in an attempt to curb music piracy, included a Rootkit in some of their CDs. As a result of this, a user who played the infected CD on their computer risked infection. Anyone with the knowledge of the Sony Rootkit installation was able to gain access to an infected system. Since then, Rootkits have evolved into an extremely dangerous and ever-mutating form of spyware. Fortunately, GMER's Rootkit Detector and Remover streamlines the process of removing the offending software.

Step 1

i Jeffrey Opp/Demand Media

Visit GMER's website (see Resources) and download the GMER executable. Click the "Download EXE" button to download the program with a random file name, as some rootkits will close "gmer.exe" before you can open it.

Step 2

i Jeffrey Opp/Demand Media

Double-click the icon for the program. Click the "Scan" button in the lower-right corner of the dialog box. Allow the program to scan your entire hard drive.

Step 3

i Jeffrey Opp/Demand Media

When the program completes its scan, select any program or file listed in red. Right-click it and select "Delete." If the red item is a service, it may be protected. Right-click the service and select "Disable." Reboot your computer and run the scan again, this time selecting "Delete" when that service is detected.

Step 4

i Jeffrey Opp/Demand Media

When your computer is free of Rootkits, close the program and restart your PC.