1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HackTool.crack

Discussion in 'The Shit List' started by Stumickel, Jun 15, 2008.

  1. Stumickel

    Stumickel Junior Member

    Joined:
    Mar 9, 2008
    Messages:
    185
    Likes Received:
    1,307
    Occupation:
    Adventurer.
    Location:
    Near Chicago.
    I have a few programs where HackTool.crack is identified by AVG as a PUP spyware, usually in a file ending in Patch.exe.

    I have left the infected programs quarantined, but is this a true spyware, or is it a misread by AVG?

    If it is spyware, what does it do?

    I will be grateful for any explanations since I am a relative noob.

    I tried Google, but there is contradictory information and it gets worse, not better, as you go along.

    I will be glad to mention the programs I got from the downloads here on BHW if this is spyware and bash any SOB who is doing this (if such is the case). I want to make sure of the facts first.

    Thanks in advance.
     
  2. Belexandor

    Belexandor Junior Member

    Joined:
    May 4, 2008
    Messages:
    196
    Likes Received:
    193
    Occupation:
    Chairman for the non-profit organization to help h
    Location:
    BHW.
    One should always be careful with any patched or cracked program.

    Now, having said that; many crack,patches and keygens are going to raise a red flag with your AV, especially if you are using AVG.

    I know that this AV has many fans but I personally hate it. It gives way too many false positives for me to use it. I have tried nearly every available AV and security suite available and i always come back to the same thing: either n*or*ton 3*6*0 or endpoint protection by the same company. It has never failed me and only occasionally gives a false positive on some new app that I got from a torrent site or other shady place and want to try out.
     
  3. BozoClown

    BozoClown Junior Member

    Joined:
    Jan 4, 2009
    Messages:
    150
    Likes Received:
    106
    I know when I used to used Norton on my windows partition it would identify cra*cks and pat*ches to well known programs as "hacktool" threats. If you know the programs are just cra*cks/patc*hes, you can ignore the AV. It's just policing where it's non of its business.
     
  4. stealthisblog

    stealthisblog Regular Member

    Joined:
    May 26, 2008
    Messages:
    289
    Likes Received:
    238
    Location:
    New York City
    usually hacktools aren't malware but just tools used for hacking, like port scanners, etc.
     
  5. Stumickel

    Stumickel Junior Member

    Joined:
    Mar 9, 2008
    Messages:
    185
    Likes Received:
    1,307
    Occupation:
    Adventurer.
    Location:
    Near Chicago.
    I have seen some posts where AVG has given false positives. I am wondering about something else in addition to this.

    Just because a program is called "HackTool.crack," that doesn't mean it has anything to do with hacking or cracking.

    Does anyone know anything about this specific program or resource? Some places on Google called it nasty malware. Others said it was light malware, but a good hacker could work it to obtain passwords and other information. In other places on reports posted from HijackThis scans, it appeared as "Not-A-Virus.Hacktool.Crack : No action taken."

    All this is confusing.

    Thanks again to those who comment.
     
  6. BozoClown

    BozoClown Junior Member

    Joined:
    Jan 4, 2009
    Messages:
    150
    Likes Received:
    106
    An AV will rarely give a false positive as a hack-tool. That means if it says hack-tool then it is a hack-tool. Worst case scenario, it is a new virus for which the AV has no definition for. If you know the use of any of your files and it is not an HT but the AV says it is then there is need to worry.

    Otherwise, if you know it is an HT and the AV says it is an HT you should not be surprised that it knows. Alternately to boost your confidence in a file a few MBs big you could submit it to the free online AVs for a check. Again, with HTs your judgment matters more than the AV. If you know what an HT is then you should know whether you should be having it or not.
     
  7. stealthisblog

    stealthisblog Regular Member

    Joined:
    May 26, 2008
    Messages:
    289
    Likes Received:
    238
    Location:
    New York City
    upload it to virustotal.com to see what all the major AV's say, then you can make a better decision as to what it is.
     
  8. Stumickel

    Stumickel Junior Member

    Joined:
    Mar 9, 2008
    Messages:
    185
    Likes Received:
    1,307
    Occupation:
    Adventurer.
    Location:
    Near Chicago.
    Thanks.

    I will try virustotal.com if I can figure out how to get a file called Patch.exe uploaded without receiving a big honking rebuke. :)

    For the record, the AV did not identify the program as a hacktool program. It identified the type of program as a PUP (potentially unwanted program). The name of the PUP was HackTool.crack.
     
  9. FEAR

    FEAR Newbie

    Joined:
    Mar 28, 2007
    Messages:
    35
    Likes Received:
    602
    Occupation:
    Part-Time God
    Location:
    Scotland
    no its not, those sites distribute uploaded files to antivirus companies which kinda defeats the purpose if you are trying to get a trojan/backdoor undetected :D


    @ Stumickel
    that is nothing to worry about, that definition is also known as riskware and its just a generic term for low risk items like hacktools cracks and patches that would not be found on the average machine in a corporate environment for example.
    if you are using installing a cracked application it will be flagged as a potentially dangerous item for this reason but should be safe enough.
     
    • Thanks Thanks x 2
  10. Stumickel

    Stumickel Junior Member

    Joined:
    Mar 9, 2008
    Messages:
    185
    Likes Received:
    1,307
    Occupation:
    Adventurer.
    Location:
    Near Chicago.
    Fear,

    Thank you for the info. If I understand this correctly, HackTool.crack actually stands for a whole bunch of different things, and is a catchall phrase for whatever the antivirus programs think doesn't normally fit certain parameters (like a crack or patch wouldn't).

    That means there is no such program or file as HackTool.crack.

    Did I get that right?

    Carlok,

    Give me some time to fiddle with this and I will upload one or two for you.
     
  11. FEAR

    FEAR Newbie

    Joined:
    Mar 28, 2007
    Messages:
    35
    Likes Received:
    602
    Occupation:
    Part-Time God
    Location:
    Scotland
    yeah exactly mate it just means its either been identified as a hacktool or a crack but since it is actually a crack you downloaded then its fine.