GMER is an application that detects and removes rootkits .
It scans for:
hidden processes
hidden threads
hidden modules
hidden services
hidden files
hidden Alternate Data Streams
hidden registry keys
drivers hooking SSDT
drivers hooking IDT
drivers hooking IRP calls
inline hooks
GMER also allows to monitor the following system functions:
processes creating
drivers loading
libraries loading
file functions
registry entries
TCP/IP connections
The latest version of GMER 1.0.12.11867
Version History:
This is list of changes for each release of GMER:
1.0.12
- Added kernel & user mode code sections scanning ( inline hooks )
- Added code restoring
- Added \WINDOWS\gmer_uninstall.cmd stript
- Improved "GMER Safe Mode"
- Improved hidden process scanning
1.0.11
- Added "Simple mode"
- Added threads tab
- Added hidden Alternate Data Stream ( NFTS Stream ) scanning
- Added hidden threads scanning
- Improved hidden process scanning
- Improved hidden modules scanning
- Improved hidden files scanning
- Fixed devices scanning
http://www.gmer.net/gmer.zip中文简介:
GMER是一款来自波兰的多功能安全监控分析应用软件.它能查看隐藏的进程 服务,驱动, 还能检查rootkikt,启动项目,并且具有内置CMD 和注册表编辑器 ,GMER具有强大监控能,能很好的保护你的系统安装!GMER还具备自己系统安全模式,清理顽固木马病毒很得心应手!
GMER能查看:隐藏的进程、隐藏的服务、隐藏的注册表键、隐藏的驱动程序、
SSDT(System Service Descriptor Table) 钩子驱动程序
IDT (Interrupt Descriptor Table) 钩子驱动程序
IRP (IO Request Packet) 调用驱动程序
GMER也可以监控以下系统活动:创建进程、加载的驱动、加载的函数库、文件创建、注册表键值、TCP/IP连接
GMER还带有在线杀毒的扩展功能(在线网页杀毒无法汉化)
GMER提供卡巴斯基(5系列引擎)和ArcaVir 两种在线杀毒可供选择
1、
http://arcaonline.arcabit.com/skaner.html(推荐)
2、
http://www.kaspersky.com/downloads/kws/kavwebscan.html(推荐)
在GMER “配置” 中选择反病毒扫描器,选择使用的在线杀毒软件和升级下载地址,安装控件,更新病毒库后即可开始免费杀毒!
注意:GMER使用范围 windows NT/W2K/XP
