|
Secure
Server
|
|
At
no time is your
information sent through any other server out of our private
network.
All
Secure Servers Are IN-HOUSE
High-Grade Encryption Keys
(RC4, 128 bit)
Serial Numbers: 08:B5:97 / 07:FC:BC
|
|
|
Swat
It Review And Download
|
|
Swat
It Review & Download
LockDown Corp.
I thought that you would like to know that I did a test
on your free SwatIT program today. I am not new to testing
AV and Anti Trojan software. We deal with Trojans every
day as we help people on IRC. We operate the IRC help channel
known as #nohack. I also did a review on LockDown Millennium
a while ago that can be found on my web page
http://www.fruitloop.net/virushelp/firewalls.html
LockDown and SwatIT are the products we recommend time &
time again for newer trojans and users who seem to have
"GTBot Symptoms".
Here is my test on SwatIT
1. I ran four AV programs on the same directories.
2. The AV programs were updated five minutes prior
to scanning.
3. I only used THE NEWEST Trojans that we helped
people clean recently in #nohack.
SwatIT won as it saw the most, the cleaner lost as it
saw the least.
SwatIT & Lockdown Millennium :62
Panda :34
Norton :27
Trend :17
The Cleaner :11
Here are the scan logs and other information:
THE CLEANER DETECTED:
Constructing Cleaner Record for Gone which
was found in C:\Program Files\Qualcomm\Eudora\attach\gone3.scr
Constructing Cleaner Record for SubSeven which was found
in C:\unzipped\sub7bonus\EditServer.exe
Constructing Cleaner Record for SubSeven which was found
in C:\unzipped\sub7bonus\server.exe
Constructing Cleaner Record for SubSeven which was found
in C:\unzipped\sub7bonus\SubSeven.exe
Constructing Cleaner Record for NetBus which was found in
C:\unzipped\sub7bonus\NetBus.exe
Constructing Cleaner Record for The Thing which was found
in C:\my virri\flooderThe Thing.exe
Constructing Cleaner Record for InCommand which was found
in C:\my virri\startup.exe(cleanercallsthisInCommand).exe
Constructing Cleaner Record for The Thing which was found
in C:\my virri\The Thingmircupdate.exe
Scanning Drive E
Constructing Cleaner Record for SlackBot which was found
in E:\GtBots\11cleaner.exe
Constructing Cleaner Record for Litmus which was found in
E:\GtBots\server.exe
Constructing Cleaner Record for Gone which was found in
E:\Trojans\gone3.scr
Final file count: 33456
Scan Complete
*** End Session ***
NORTON DETECTED:
C:\my virri\Nawal.zip is infected with the
Backdoor.SubSeven virus.
C:\my virri\flooderThe Thing.exe is infected with the Backdoor.TheThing.b
virus.
C:\my virri\The Thingmircupdate.exe is infected with the
Backdoor.TheThing.b virus.
C:\Program Files\Qualcomm\Eudora\attach\gone3.scr is infected
with the W32.Goner.A@mm virus.
C:\Program Files\Qualcomm\Eudora\attach\remote32.ini is
infected with the W32.Goner.A@mm virus.
C:\unzipped\sub7bonus\EditServer.exe is infected with the
Backdoor.SubSeven22 virus.
C:\unzipped\sub7bonus\server.exe is infected with the Backdoor.Poly
virus.
C:\unzipped\sub7bonus\SubSeven.exe is infected with the
Backdoor.SubSeven22 virus.
C:\unzipped\sub7bonus\NetBus.exe is infected with the Netbus.170.W95.Trojan
virus.
C:\unzipped\sub7bonus\pr.ini is infected with the W32.LXD.Mirc
virus.
E:\j0sh\PR.INI is infected with the W32.LXD.Mirc virus.
E:\j0sh\MIRC.INI is infected with the Mirc.LXD virus.
E:\j0sh\MIRC2.INI is infected with the IRC.Companion virus.
E:\j0sh\MIRC3.INI is infected with the IRC Trojan virus.
E:\j0sh\MIRC4.INI is infected with the Backdoor.IRC.Flood(2)
virus.
E:\j0sh\WHVLXD.EXE is infected with the W32.LXD.Mirc virus.
E:\j0sh\TEMP.SCR is infected with the Backdoor.IRC.Flood
virus.
E:\GtBots\11cleaner.exe is infected with the Backdoor.Trojan
virus.
E:\Trojans\netol.scr is infected with the W32.Netol.Mirc
virus.
E:\Trojans\gone3.scr is infected with the W32.Goner.A@mm
virus.
E:\Trojans\remote32.ini is infected with the W32.Goner.A@mm
virus.
E:\vbs\rolvbsnewtwist.txt is infected with the JS.Exception.Exploit
virus.
E:\vbs\somethingnewrollikepage.txt is infected with the
JS.Exception.Exploit virus.
SWATIT & LOCKDOWN
BOTH DETECTED:
GT Bot Napster
2.e - E:\j0sh\SCRIPT.INI
GT Bot Var.g - E:\j0sh\SCRIPT1.INI
GT Bot Fake AntiVirus.a - E:\j0sh\PR.INI
GT Bot.d - E:\j0sh\MIRC2.INI
GT Bot Var.g.d - E:\j0sh\MIRC3.INI
GT Bot Aurora.d - E:\j0sh\WHVLXD.EXE
GT Bot C.c - E:\j0sh\TEMP.EXE
GT Bot Aur0ra.c - E:\j0sh\TEMP.SCR
GT Bot Free Bnc - E:\GtBots\free_bnc.exe
GT Bot Free Bnc - E:\GtBots\remover.exe
GT Bot Virus-Cleaner Dropper - E:\GtBots\Virus-Cleaner.exe
GT Bot Windows Update Dropper - E:\GtBots\windowsupdater.exe
GT Bot Speed Dropper - E:\GtBots\speed.exe
GT Bot Quick Silver Dropper - E:\GtBots\Quick-Silver-Set-Up.exe
GT Bot Cleaner New - E:\GtBots\Cleanernew.exe
GT Bot False Cleaner Dropper - E:\GtBots\cleaner.11exe
GT Bot Fake Netbus - E:\GtBots\Netbus.exe
GT Bot FTP Finder Dropper - E:\GtBots\ftpsitefinder.exe
SpeedClean - E:\GtBots\SpEEdClean.exe
GT Bot DmSetup Remover Dropper - E:\GtBots\cc-verify-and-cracker.exe
GT Bot False Cleaner Dropper - E:\GtBots\cleaner.exe
GT Bot Fake Cleaner 3.2 Dropper - E:\GtBots\cleaner3.2.exe
GT Bot Dalnet Cleaner.c - E:\GtBots\DALNetCleaner.exe
GT Bot Baby Pic Dropper Packed - E:\GtBots\baby-f-pic.jpg.exe
GT Bot Fake Cleaner 4.1 - E:\GtBots\cleaner4.1.exe
GT Bot FTP Finder Dropper - E:\GtBots\Warez-ftp-searcher.exe
GT Bot FTP Finder Dropper - E:\GtBots\1ftpsitefinder.exe
GT Bot Blaster - E:\GtBots\Blaster.exe
GT Bot Fake Netbus - E:\GtBots\N2etbus.exe
GT Bot CC Verify Dropper - E:\GtBots\DMSsetup-remover.exe
GT Bot Gay Teens - E:\GtBots\gay_teens.exe
GT Bot CC Verify Dropper - E:\GtBots\XxX-Pics&movies-finder.exe
GT Bot Gay Teens - E:\GtBots\internetbooster.exe
GT Bot Fake Cleaner 4.1 - E:\GtBots\cleaner2.1.exe
GT Bot FTP Finder Dropper - E:\GtBots\2ftpsitefinder.exe
GT Bot Z0ne Dropper - E:\GtBots\11setup.exe
Bloodznet Flooder - E:\GtBots\bnflooder.exe
GT Bot PhornoScript - E:\GtBots\PhornoScript.exe
GT Bot MINE Dropper - E:\GtBots\mine.exe
GT Bot Bot.b - E:\GtBots\bot.exe
SlackBot v1.01b - E:\GtBots\11cleaner.exe
DarkMirc - E:\GtBots\DarKmiRC.exe
GT Bot Blaster - E:\GtBots\4Blaster.exe
Litmus 2.0 Irc DDOS Bot - E:\GtBots\server.exe
BiTarts - E:\Trojans\bitarts_crackitall.exe
BiTarts - E:\Trojans\bitarts_evaluation.exe
Tremble Mouse Mover - E:\Trojans\haha.exe
Happiman 2000 Password Grabber - E:\Trojans\pwgrabber.exe
Annoying - E:\Trojans\annoy.exe
Test.exe Joke Virus - E:\Trojans\test.exe
Kl0ne-X - E:\Trojans\Kl0ne-X.eXe
Windows Spoofer 97 - E:\Trojans\myspoof.exe
Win32Goner@mm Worm-IRC - Trojan - E:\Trojans\gone3.scr
Win32Goner@mm Worm-IRC - Trojan Script - E:\Trojans\remote32.ini
Porn Dialer Premium Rate-Not A Trojan.a - E:\dialers\celebmovie3.exe
Rol.VBS.d - E:\vbs\rolvbs-#lolal.txt
Win32Goner@mm Worm-IRC - Trojan - C:\Program Files\Qualcomm\Eudora\attach\gone3.scr
Win32Goner@mm Worm-IRC - Trojan Script - C:\Program Files\Qualcomm\Eudora\attach\remote32.ini
SubSeven v2.1 M.U.I.E.mobpack - C:\unzipped\sub7bonus\server.exe
JPG.NetBus Dropper - C:\unzipped\sub7bonus\NetBus.exe
GT Bot Fake AntiVirus.a - C:\unzipped\sub7bonus\pr.ini
New Napster Porn GT Bot.g - C:\unzipped\sub7bonus\gates.txt
Here is a screen capture from
Trend
Here is a screen capture from Panda
I'll also conduct this same type of test at a later date
with more AV's involved, it should be interesting.
This is my second report of this nature in two weeks. Norton
gave me an autoreply with no follow up, the cleaner said
"send me what you have". The fact is, I use to submit all
of my new "catches", but only to watch them be ignored.
Lockdown does NOT ignore them. You always add everything
we submit.
I would also like to take this time to thank you and your
staff for allowing the public to use your product FREE of
charge, and with remarkable results. I myself recommend
your product on a daily basis as well as the Staff of the
Dalnet #Nohack channel. Again thanks for taking the time
to read and see the tests that i have done. Have a nice
holiday :) -- FruitLoop
Continue With The Download
Product
Limitations
SwatIT
is a free Trojan scanner. It will not scan the contents
of compressed files, neither does it provide background
scanning. It is simply a "dumb scanner" with
no intelligence or generic detection methods. SwatIT
was released for those that simply can not afford to
purchase a commercial program, but still need to clean
their hard disk from known Trojan infections.
Like
most Scanning programs that are Reliant on File
Signature Only, an undetected or unknown Trojan
to Swat It's Signature File would go unnoticed and would
not give any alert. This is a problem and one which
is shared by many other products which also have such
limitations when it comes to dealing with the unknown.
A point to remember is that just because a scanner does
not detect any Trojans, it does not mean that you do
not have any. Trojans have a period after release in
which they can be used for a short time until it becomes
known and detection created for it. It is technically
possible for a Hacker to infect a machine with a Trojan
and keep updating that Trojan with new undetected ones.
In a case like this a Hacker would always be one jump
ahead of a scanner. In some cases people create or alter
Trojans that are undetected and do not distribute them
much which means some of these will never be discovered.
However there are ways to combat this problem and tackle
it head on. A little user interaction is required to
make simple decisions about what to trust and what not
to trust. The answer to the problem is just one word
and that word is Generics. The use of Generic
Detection allows the newest Trojans that are completely
unknown or have not yet even been written to be identified
as a possible threat. You can learn more about the Generic
Detection System and how it works by following this
link and reading our Hacker Proof Guarantee. Here
The information below will be sent to LockDown Corp.
using a secure server connection. When you type in your
name and email address, LockDown Corp. will notify you
of free program updates and provide you with important
security bulletins. You will also be registered as a
licensed Swat It user.
|
Copyright
2002 LockDown Corp. Email
sales@Lockdowncorp.com
Site best viewed with IE v5.0 or above
|
