Hacktool.Sfind

Hacktool.Sfind

Updated:
13 February 2007
Risk Impact:
High
Systems Affected:
Linux, Microsoft IIS, UNIX, Windows

Behavior


Hacktool.Sfind scans and attacks vulnerable computers.

Symptoms


Computer performance is significantly degraded.
  • The files are detected as Hacktool.Sfind.

Antivirus Protection Dates

  • Initial Rapid Release version 02 October 2014 revision 022
  • Latest Rapid Release version 01 February 2015 revision 020
  • Initial Daily Certified version 10 February 2004
  • Latest Daily Certified version 05 June 2010 revision 003
  • Initial Weekly Certified release date 11 February 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Hacktool.Sfind is a program that gives its user the option to scan a range of IP addresses, for remote servers which are vulnerable to specific types of exploits.
This hack tool can scan for arbitrary open ports, attempt to access FTP servers that have weak passwords, launch a large number of HTTP attacks, and automatically deface Web sites.

The hack tool spawns a large number of threads, which can have a significant effect on the performance of the computer running the scan.

The following instructions pertain to all Symantec antivirus products that support Security Risk detection.
  1. Update the definitions.
  2. Run a full system scan and delete all the files detected as Hacktool.Sfind.
For specific details on each of these steps, read the following instructions.

1. Updating the definitions
To obtain the most recent definitions, start your Symantec program and run LiveUpdate.

2. Scanning for and deleting the files
  1. Start your Symantec antivirus program and run a full system scan.
  2. If any files are detected as Hacktool.Sfind, click Delete.


    Note: If your Symantec antivirus product reports that it cannot delete a detected file, write down the path and file name. Then use Windows Explorer to locate and delete the file.