The anti-rootkits that i am talking about is called GMER, some of the features that it has are as below: # hidden processes # hidden threads # hidden modules # hidden services # hidden files # hidden Alternate Data Streams # hidden registry keys # drivers hooking SSDT # drivers hooking IDT # drivers hooking IRP calls # inline hooks Don't worry if you don't know anything about this features and what it means, you are not alone :-). Most important thing that you need to know is that GMER allows you to lookout for any hidden or suspicious running applications. Start GMER is a lightweight application, it's size is only under 500kb (version 1.0.12). But despite the small size, it has some amazing functions under its hood. Other than being small in size, it is also free to download and use, which adds more awesomeness to it. You may download it at it's official web : Get GMER. You will see a list of files at the page, to download GMER; choose the one on top of the list. The other files are video files, examples of GMER in action. Processes GMER has a really informative process viewing feature. For a beginner, you may not understand all the information GMER may provide about all the running processes in your PC, but there are still a few types of information that may be useful ,such as, you could see where the running process is located (the executable file), how long it has been running and how much memory is it consuming. Other than being informative, it could also kill any running process that you would like to shutdown. This is a very useful feature, as you could kill a running rootkit and scan for the malware that it is hiding using your anti malware application. Click on this link to learn more on how to kill all processes and scan for the hidden malware: Learn More. Some example images that the author has provided are in Polish, but you should have no problem understanding it :) Scanning Rootkits GMER doesn't provide a real time protection, well not directly. What i mean by that is, if for example a rootkit has been downloaded into your system and starts running, GMER won't give out some warning or automatically remove the rootkit or something. To do so, you need to do it manually. GMER could be set to log all running processes or set to prompt you if any unauthorized action was made, but this requires you to identify the level of danger of the unauthorized action. But even so, GMER still has a really solid rootkit scanning capability. At the 'files' section at the official GMER website, there is a video showing GMER kicking kaspersky's ass, when GMER could detect a rootkit which kaspersky fail to. You may download the video here: Get Video. Scanning for rootkits is really simple, and after the scan has been completed, GMER will show a full report of the scan, which is really important. With this report, since rootkits can be a bit complicated,you may ask rootkit's experts to analyse the report and help you to identify if there are any rootkits that GMER has overlooked or if GMER has mistakenly identified an innocent process to be a rootkit. Even the author of GMER offers you this service, helping you to analyse your GMER's scan report. Just fill in this contact form: Contact GMER's author, include the scan report with it, and submit. Overall, i really like GMER and i really suggest it for you to use. I like it's simplicity but yet so powerful. Though it may not be the ultimate anti rootkit available, but there are a few rootkits experts out there that rate GMER to be at the same level as the best anti rootkits. Download GMER right away : Get GMER