GMER is an application that detects and removes rootkits.

It scans for:

hidden processes
hidden threads
hidden modules
hidden services
hidden files
hidden disk sectors (MBR)
hidden Alternate Data Streams
hidden registry keys
drivers hooking SSDT
drivers hooking IDT
drivers hooking IRP calls
inline hooks

GMER runs on Windows XP/VISTA/7/8/10

http://www.gmer.net/

I used Rootkit Unhooker and Tuluka in the past, but they don't work on 64-bit systems. This seems good enough.

I get this when click on link above

Secure Connection Failed

I pasted the wrong link :freesty: It's fixed now.

By the way, this isn't a "normal" antivirus or antimalware program. It just reports behavior that can be abused for malicious purposes and lets you take action if you think it's necessary. I ran it on my computer yesterday, and it correctly discovered that my Windows kernel has been patched (which I did to disable driver signature verification) as well as a few hooks from legitimate programs. Turns out a driver from a virtual CD drive I tried and uninstalled four months ago is still loaded also, maybe it's time for a reboot...

Can you explain what options do you enable and search? or just leave it as default?

Yes, I used the default quick scan. Since it checks the most important system directories and everything that's currently running, it should still find any "bad" stuff.