Discussion in 'polls' started by Page42, Apr 7, 2015.
Please elaborate on your answer.
Looks like it is still being updated, but I'm unsure if its target rootkits are still very active... TDSS, SST, Pihar, ZeroAccess, Sinowal, Whistler, Phanta, Trup, Stoned, RLoader, Cmoser and Cidox.
I use it every now and then, but only to see if my system is compromised. Highly unlikely, as it seems.
I still use it from time to on infected computers. Is there still any use for it? I have absolutely no idea.
Irregularly if I'm helping someone. It's a simple scan that takes less than two minutes, so better to know than to not.
After moving to 64-bit I've rarely used antirootkit. Gmer few times... Most AM software have some kind of rootkit prevention/detection built-in, so I rely on that.
Haven`t felt the need to use it of late but might give a whizz now that the thought is in my head.
Ironically, for the first time in a few years I used TDSSKiller and it found something: PMAX rootkit on a friend's computer.
Computer still felt too slow, so assumed that there was a bitcoin miner still hanging around, which there was. HMP/MBAM/Rogue Killer got rid of Zero Access and the Bitcoin miners. No obvious bootkits with aswMBR, but just cleaned the PC enough to do some backups before reinstalling.
I may have been too inebriated to make much sense of manual tools.
No. I prefer to use some more powerful and deep program like PowerTool V or XueTr, PCHunter... the results reading sometimes may be not so easy, but I can search in the web to.
Isn't PCHunter just a newer - and renamed - version of XueTr?
Sure, sorry. I posted fast, I meant: PowerTool V or PCHunter, NoVirusThanks Antirootkit...
Yes I do. I make it a point to check for newer versions just as I do for Pidgin Messenger and some other apps like VLC semi regularly. And scan maybe once a month.
Yes I occasionally do.
I just ran it yesterday. MBAM was giving me an alert that it couldn't start the anti-rootkit driver.
I read a lot about it online, and for a brief bit of time I was concerned. Part of that concern led me to run other tools (such as TDSSKiller) to make sure that I didn't have an uninvited guest. It's helpful to have it around.
I would use it primarily to check other peoples PC's, if the need arises. I feel confident that my PC's are clean.
but is powertool still available?
because i was looking for it and i found https://code.google.com/p/powertool-google/downloads/list very old
and https://about.me/ithurricanept with 1.6 64bit and 4.6 32bit
which is the one?
I only used the first, https://code.google.com/p/powertool-google/downloads/list, I don't know the second, not sure it is reliable, and I believe that the project is discontinued. Now I use it like an help to check deeply the system.
I would remove it after I was done. Tools like that in the hands of the unsavvy user can really fudge their machines up. TDSS Killer & Hitman Pro are much more user friendly than something like GMER though... that one you really have to be careful with. It flags everything that even remotely exhibits the behavior of a rootkit and gives only very vague information as to what it is. Instead of providing you with a path so you can see it's coming from a legit app or something it tells you what type of kit it looks like. Like it'll take a Sandboxie file and label it "Trojan.Downloader462" or something. I'm even gunshy about using that one but I do have it just for a worst case scenario. It is the best at detecting & removing even the nastiest of nasties.
Powertool is still developed, you can find it here:
Thread is about TDSSKiller, please.
Yes, I still use it. It continues to be updated and is a fast scan that has found and removed malware a number of times for me.
I use it barely, only when an infection is found and I want to scan with multiple tools, otherwise HitmanPro is a fast and more complete scanner.
Sorry, it was a reply to @mantra and @blacknight (post #17 and #18.)
It's really efficient to deal with certain rootkit infections (like ZeroAccess), so yes I use it for malware removal online.
Yes, for infected computers that I do not own.
Separate names with a comma.