1. /
  2. Security Response/
  3. Hacktool.Rootkit


Risk Level 1: Very Low

September 27, 2001
April 19, 2010 4:26:18 PM
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP
Hacktool.Rootkit is a detection name used by Symantec to identify malicious software programs that allows attackers to break into a system and hide the attack from the users.

Hacktool.Rootkit may include a back door allowing a remote attacker to access the compromised computer. They can be made up of a variety of programs and scripts that gain root access on a system and attempt to hide evidence of the intrusion.

There are two main types of rootkits:

User-mode rootkits:
User-mode rootkits manipulate processes, services, and applications by targeting system calls sent from applications run by a user.

Kernel-mode rootkits:
The kernel-mode rootkit is more sophisticated since it takes control of the operating system by hooking and manipulating system calls and APIs at a lower level.

Once installed, a rootkit may perform any of the following actions on the compromised computer:
  • Avoid Detection
  • Hide files and folders
  • Hide malicious code
  • Hide network connections
  • Hide system processes
  • Log keystrokes
  • Modify systems
  • Open a back door

If a Symantec antivirus product displays a detection alert for this threat, it means the computer is already protected and the Symantec product will effectively remove this threat from the computer.

Antivirus Protection Dates

  • Initial Rapid Release version September 27, 2001
  • Latest Rapid Release version November 27, 2015 revision 025
  • Initial Daily Certified version September 27, 2001 revision 007
  • Latest Daily Certified version November 27, 2015 revision 022
  • Initial Weekly Certified release date September 27, 2001
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Angela Thigpen

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report