GMER is an application that detects and removes rootkits .It scans for:* Hidden processes* Hidden threads* Hidden modules* Hidden services* Hidden files* Hidden Alternate Data Streams* Hidden registry keys* Drivers hooking SSDT* Drivers hooking IDT* Drivers hooking IRP calls* Inline hooksGMER also allows to monitor the following system functions:* Processes creating* Drivers loading* Libraries loading* File functions* Registry entries* TCP/IP connections
[课程]Linux pwn 探索篇!