Symantec Hacktools

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hello All,

I have symantec antivirus corporate, and it is detecting some Hacktools.
  Specifically, it lists the threats just as "Hacktool", with nothing
else.  So, my question is, are these actually threats with viruses in
them, or is symantec deciding to remove keygens and the like from my
machine?  If the latter, how can I turn this behavior off?

Thanks!

Re: Symantec Hacktools



Quoted text here. Click to load it

I don't know if it would work in your case or not, but I would go to
Start.>Search, and put in Hacktools.  If found, then delete it.  Other than
that I would restore back before this begin showing up.  Neither may work,
but that's what I would do.  Someone else may have a better suggestion.



Re: Symantec Hacktools

Richard wrote:
Quoted text here. Click to load it

Thanks for your reply, Richard.  Actually, I think you might be
misunderstanding me.  I'm not necessarily trying to get rid of the
hacktools.  I'm wondering if symantec is detecting something on my
computer that I actually want on there.  Are all hacktools dangerous?
Or, if I download a keygen for example, might symantec detect it as a
hacktool when it doesn't contain a virus at all?

Re: Symantec Hacktools


| Hello All,

| I have symantec antivirus corporate, and it is detecting some Hacktools.
|   Specifically, it lists the threats just as "Hacktool", with nothing
| else.  So, my question is, are these actually threats with viruses in
| them, or is symantec deciding to remove keygens and the like from my
| machine?  If the latter, how can I turn this behavior off?

| Thanks!

They are not trojans and they are not viruses.

They are potentially umwanted programs/utilities and are flagged as hacktools
because they
may be used maliciously not thet they are malicious.

The real question is, and you left this out, what is being flagged ?

If they are keygens, they ae NOT legitimate utilities and assumably if this is
SAV Corp.
then Keygens should *NEVER* be used in a corp. environment.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Symantec Hacktools

Quoted text here. Click to load it

Hacktool:
http://www.symantec.com/security_response/writeup.jsp?docid=2001-081707-2550-99

-jen



Re: Symantec Hacktools

Allie wrote:

Quoted text here. Click to load it


When are these ever present when stolen software isn't involved?

Quoted text here. Click to load it

Keygens ARE hacker tools (to allow pirating of software).  So are some
Nirsoft utilities.  They might be called hacker tools, PUPs (Probably
Unwanted Programs), SPRs (Security or Privacy Risk programs), or some
other name.  You sure there isn't a setting in the anti-malware
program's scanner options to exclude hacker tools?  Often they have a
list of well-known PUPs so not including them in their scanner gets rid
of the false positives; however, if it is a PUP that you installed and
upon which an alert is firing then you need to report it as a false
positive.  Symantec AV doesn't tell WHAT type of suspect file on which
it is alerting, like the name that Symantec gave to the malware it
thinks it found?  

Did you ever search your hard drive for something called "hacktool"?  Or
is "Hacktool" the type of suspected malware file?  If all the alert
dialog said was what you said it did, wasn't there a Details or other
button to get more information?

Since you are using the corporate edition of Symantec NAV, why not
contact your IT folks about the problem?

Re: Symantec Hacktools

VanguardLH, 4/4/2009,12:35:08 PM, wrote:

Quoted text here. Click to load it

Many corporations that use SAV provide a copy for home use to their
employees.  Mine does, although I have chosen to use AntiVir instead.



Re: Symantec Hacktools

badgolferman wrote:

Quoted text here. Click to load it

Typically that occurs if those same employees are toting their laptops
into work or allowed to connect to the corporate network through a VPN.
They don't want infected hosts coming into their network even if they do
use a more secure zone into which those hosts login.  If the company is
doling out instances of its volume license for SAV then they still
provide the support for it.  They are not allowed to distribute copies
of the license outside the organization.  They are doling them out to
employees for off-site use so the license still remains with the company
(and the employees have to surrender the license when they leave the
company).  So, again, contact the IT folks back at work.  It's their
property and their headache.

Re: Symantec Hacktools

@usenet.osg.ufl.edu:

Quoted text here. Click to load it

I try to run a clean ship, but once in a while some of these so-called
viruses or malware can come in handy, and some antiviruses will delete or
quarantine them without even asking. Two, in particular that get nailed a
lot are SmitFraudFix.exe and Revelation.exe. Revelation is indeed a hack
tool but you'd be surprised at the number of customers I've had who want to
reinstall their email on another computer or into a different client and
don't know their own password. Revelation is a lot faster than having to
call their ISP, wait on hold forever, and then forget what their first
pet's name was... :-)
Then there's one I've renamed "topsy.exe" that's been around since Windows
95 (maybe even 3.1) that turns your screen display upside down. Harmless.
But after all these years it has become a "virus".
I keep originals of all these on a CD or on floppy disks with the write tab
locked.

--
--- If voting could really change things it would be illegal. ---

Re: Symantec Hacktools

wrote:

Quoted text here. Click to load it

Before AVG puked out on my Win98, I constantly got annoyed when I
scanned because it insisted that Revelation.exe is a virus or trojan
or something bad.  I know it;'s not.  It's been very useful at times.
AVG did not allow me to IGNORE it, which is annoying in itself.

I also have one of those things to turn the screen upside down, and
have had problems with that too.  (different filename though).

As far as keygens, I'd just put them on other media since they are not
something used often.  But I like having Revelation.exe handy on the
harddrive.



Re: Symantec Hacktools

letterman@invalid.com wrote:
Quoted text here. Click to load it

Last time I used AVG, it had a white list.

wolf k.

Re: Symantec Hacktools


Quoted text here. Click to load it

Problem is, when you're using it on someone else's computer, you're at
the mercy of *their* antivirus.

--
--- If voting could really change things it would be illegal. ---

Re: Symantec Hacktools

Quoted text here. Click to load it

No. Assuming of course that they are not infected with a virus unknown
to the AV. If the AV detects a virus in a file it will report or act on
the virus it found.

Quoted text here. Click to load it

No, you are probably doing so by configuration.

Quoted text here. Click to load it

I don't know about the options available in this particular AV, but you
could store all your hacktools in an encrypted folder.




Re: Symantec Hacktools

FromTheRafters wrote:
Quoted text here. Click to load it

Thanks all.  I did find where you could turn off the hacktool detection.
  I hope by doing so I'm not opening up my computer to malicious software.

Re: Symantec Hacktools

Quoted text here. Click to load it

Of course you are, but as long as the hacktools are ones you already
know about there is no problem. If someone else places one on your
machine (for nefarious reasons) you won't get warned.



Re: Symantec Hacktools

FromTheRafters wrote:
Quoted text here. Click to load it

Thanks - yeah, good point.  Though, there is a setting for logging the
message and just doing nothing about it, which is what i set.  So, i'll
get warned, but it won't take any action other than that.  Probably a
good compromise.

Re: Symantec Hacktools

Allie,
Since I also have this issue I'd be interested to know how you
resolved it.
Have you excluded all hack tools as a general category or have you
found a way to exclude applications individually?
Thanks,

Re: Symantec Hacktools

On May 18, 10:57=A0am, gudra...@gmail.com wrote:
Quoted text here. Click to load it

I never really resolved it.  I only log hacktools, but there are a
bunch of variants listed as high risk which i didn't want to mess with.

Re: Symantec Hacktools

Quoted text here. Click to load it

Well you may be. I have seen cases where SAV finds the hacktool in the
windows system area and gives the impression everything is fine. Then
when scanned with an independant OS and AV, you will find a rootkit
and a key logger running in memory. So if you see a hacktool.rootkit,
especially in the in the windows system area, I would not blow it off.

Site Timeline