Tuluka is a new powerful AntiRootkit, which has the following features:

• Detects hidden processes, drivers and devices
• Detects IRP hooks
• Identifies the substitution of certain fields in DRIVER_OBJECT structure
• Checks driver signatures
• Detects and restores SSDT hooks
• Detects suspicious descriptors in GDT
• IDT hook detection
• SYSENTER hook detection
• Displays list of system threads and allows you to suspend them
• IAT and Inline hook detection
• Shows the actual values of the debug registers, even if reading these registers is controlled by someone
• Allows you to find the system module by the address within this module
• Allows you to display contents of kernel memory and save it to disk
• Allows you to dump kernel drivers and main modules of all processes
• Allows you to terminate any process
• Is able to dissasemble interrupt and IRP handlers, system services, start routines of system threads and many more
• Allows to build the stack for selected device
• Much more..