Unsolved
This post is more than 5 years old
15 Posts
0
6418
Hacktool.Rootkit Virus
My Norton AV scan has just detected and deleted Hacktool.Rootkit Virus from my system. I have read the blerb about this trojan on the Symatec website, and am suitably anxious that my PC may have been seriously compromised to a hacker.
Even though the Norton AV is saying that the risk is resolved, do I need to do anything else? I've already gone offline and changed user passwords. Can I be sure that it is gone? Should I go back to a system restore point. I created one last week after I thought I'd cleaned everything up after a previous spyware/virus infection. See thread:
http://www.dellcommunity.com/supportforums/board/message?board.id=si_hijack&thread.id=92268
Could this latest virus have anything to do with that? I have no idea to how it has got in.
Please help,
Zetgirl
Zetgirl
15 Posts
0
September 1st, 2008 12:00
Hi Bugbatter,
Great to hear from you,
I didn't actually follow that other advice, so never did download the SDFix item.
Ran MBAM after the Norton AV today, and it did not pick anything up.
Have been running these scans regularly after the last scare, and today is the first time that the AV has picked anything like that up.
Zetgirl
Bugbatter
20.5K Posts
0
September 1st, 2008 12:00
* We may be using some specialized tools during our fix. Certain embedded files that are part of legitimate programs or specialized fix tools such as process.exe, restart.exe, SmiUpdate.exe, reboot.exe, ws2fix.exe, prcviewer.exe and nircmd.exe may at times be detected by some anti-virus/anti-malware scanners as a "RiskTool", "Hacking tool", "Potentially unwanted tool", or even "malware (virus/trojan)" when that is not the case.
Such programs have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. These detections do not necessarily mean the file is malware or a bad program. It means it has the potential for being misused by others. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them.
You were at one point working with someone on another forum who had asked you to download SDFix. That could have been picked up as such by Norton. When I use tools, I remove them after use. You did not finish on the other site, so that helper's tools may have been left on your system
Have you updated and run MBAM to see if that finds anything?