GMER

GMER is an application that detects and removes rootkits . It scans for: hidden processes hidden threads hidden modules hidden services hidden files hidden Alternate Data Streams hidden registry keys drivers hooking SSDT drivers hooking IDT drivers hooking IRP calls inline hooks
GMER also allows to monitor the following system functions: processes creating drivers loading libraries loading file functions registry entries TCP/IP connections GMER runs on Windows NT/W2K/XP/VISTA You can download GMER here

官網：http://www.gmer.net/index.php