PowerTool is a security tool developed to offer you a simple means of keeping your computer clean of rootkit viruses and fixing kernel structure modifications. Rootkit viruses act on an administrative privileges and hide inside certain processes or applications. They can exploit certain system vulnerabilities that might lead to loss of personal information or even system override. PowerTool scans and analyzes files at kernel level which means that the scans get as thorough as possible. The application displays a comprehensive interface with a tabbed structure which makes it very easy to use and navigate. It’s separated into sections such as ‘System’, ‘Process’, ‘Kernel Module’, ‘Application’, ‘Registry’, ‘Services’ and ‘Startup’ which means that it covers all the crucial system file types that may be subjected to infection. The application doesn't just detect problems, it can also fix them. With it you are able to repair Registry Editor and Task Manager problems and various typical errors. web http://powertool.s601.xrea.com/ download http://d-h.st/sk5I
Thank you. But... may be now I'm not fully awake - in Europe is 9 am now: the MD5 Sum in your link is different from the MD5 Sum of the downloaded exe.
"antivirus/rootkit/bootkit tool"? lmao from my view another useless program to trash windows systems. 2t
I've used it for many years without problems. Sure, a powerful rootkit can take the control of a system, and PowerTool would be useless, but it allows to check deeply your system for ignored and undesiderable programs, process, activties....
Looks like this is more than just a rootkit scanner: For example, you can have PowerTool forbid the creation of processes and threads, disable registry editing and deny creating of any files. Also looks a lot less "cryptic" than many rootkit scanners are. Will have to give it a try.
So is anyone else using it? It seems to be quite an advanced system monitoring tool, but I wonder if it's trustworthy. I also wonder why non of the big AV companies have come up with something like this. On Win 32 I used to use Tuluka: http://www.tuluka.org/
I mostly use it to make copies of files that are locked and in use when I want to inspect them. That includes system files. A few times I've used it to force delete a directory or file. I also use it to keep an eye on the size of What is C:\$extend\$UsnJrnl anda few other locations. Plus it can show hidden registry keys. Example for Macrium Reflect users: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment I don't configure additional protection that's available. I don't use the program much but it has come in handy a few times.
I ran the tool and got it to check the MBR of my disks. It says the SSD has a rootkit infection, but it also says the MBR seems okay ?!? Is there another tool I can use to check my MBR is clean or not?
OK, so you didn't experience any odd system behavior? I'm a bit wary because it's made in China. But it uses a driver, and only signed drivers can run on Windows 64 bit. Which OS are you using? I think it might be a false positive, back in the days I also got some strange readings from GMER. Of course, in theory some app might have modified your MBR. http://www.gmer.net/
I keep driver signature enforcement disabled using ReadyDriver Plus. The PowerTool driver kevp64.sys scans clean (zero detections) on VirusTotal. So does the program's executable. The driver unloads when you exit the program. I've been using PowerTool since v1.6. The only dodgy thing about it is trying to find clean download links as it's hosted on a few different sites. Some of those attempt to download "extras" I've had no issues with it at all and it's portable so runs without installation.
http://free.antivirus.com/us/rootkit-buster/ GMER will almost certainly show a few interesting false positive detections. Trend Micro Rootkit Buster should only flag up known problems.
The OS is the one in my sig: Win 10 Pro x64 insider preview I think you're right about it being a false positive. I haven't used GMER for years. Does it run on Win 10?
Same here - used for at least a couple of years at times. Note for new users. Just because something is flagged up in red it doesn't automatically mean unsafe or in need of repair. Just that it needs checking. Examples: Three red items on main screen seen when the program is launched Some users would panic and click the fix / repair button. However in this case everything is fine. Below are user pinned items that were one pinned to the quick launch toolbar (I've since removed quick launch toolbar) - so they could be deleted but are not unsafe and do not cause problems. Non standard file associations but valid and safe: Image hijack refers to IFEO (image file execution options) The entries below were added by me to make use of the debugger to launch other programs instead of those listed under "name" if those processes ever try to launch. So just be warned that investigation is needed before trying to fix something.
OK, so it won't even run on Win 64 bit, because it doesn't have a signed driver? Then it's a no go for me. It has support for Win 10 according to the website. But yes, these type of tools often give at least one false positive.
Well, according to Trend Root-kit Buster, all is clean : Code: +---------------------------------------------------- | Trend Micro RootkitBuster | Module version: 5.0.0.1198 | Computer Name: TV-PC8 | OS version: 6.2-9200 | User Name: tv +---------------------------------------------------- --== Dump malicious MBR ==-- No hidden MBR found. --== Dump Hidden Files and Alternate Data Streams on C:\ ==-- No hidden files found. --== Dump Kernel Code Patching ==-- No kernel code patching detected. --== Dump Hidden Services ==-- No hidden services found.
I'd be happy with that. PowerTool probably just detected a "non standard" MBR but you'd need an expert on MBR to explain better.
Haven't used it in a while but it always worked fine for me on 64 bit (Win7), and I don't have the signed driver enforcement disabled.
Yes, no problems here, running it on Windows 10 Pro x64 AU 1607. Apart from a false positive on the MBR but that's probable not OS related.