I spent a little time today looking around at this dilemma of mine. It seems that an update was made to Hacktool.SuperScan on January 28, 2007, which was Sunday. The definition which caused this hell installed on Monday the 29th, so that fits. Now I just wonder why and if they will ever do anything about it.
I am looking at this from the wrong perspective. What I need to find out is a way that actually works to setup and area for tools, obviously a spot I choose not a default location, too crackable. I have tried to set a directory as ignore, or don’t scan, what ever it is, and it doesn’t matter, Symantec still deletes the files. I admin systems, I test security, I have special needs from a Anti-Virus engine. The biggest need is, “Stop deleting my tools!” It’s no wonder why so many people end up disabling anti-virus protection; it’s too limited toward smart people. Symantec’s take must be, all computer users are dumb, they need our protection, and the will only get it our way.
Let the search begin for an anti-virus program for smart people.