SwatIt Anti Trojan and Bot Scanner and Remover
REVIEW
This review was conducted by a dalnet operator known as fruitloop.









 

 


Swat It Review & Free Download

I thought that you would like to know that I did a test on your free SwatIT program today. I am not new to testing AV and Anti Trojan software. We deal with Trojans every day as we help people on IRC. We operate the IRC help channel known as #nohack. I also did a review on LockDown Millennium (this program is now known as Hacker Eliminator) a while ago that can be found on my web page http://www.fruitloop.net/virushelp/firewalls.html LockDown/HE and SwatIT are the products we recommend time & time again for newer trojans and users who seem to have "GTBot Symptoms".

Here is my test on SwatIT
1. I ran four AV programs on the same directories.
2. The AV programs were updated five minutes prior to scanning.
3. I only used THE NEWEST Trojans that we helped people clean recently in #nohack.


SwatIT won as it saw the most, the cleaner lost as it saw the least.

SwatIT & Hacker Eliminator:62
Panda :34
Norton :27
Trend :17
The Cleaner :11

Here are the scan logs and other information:

THE CLEANER DETECTED:
Constructing Cleaner Record for Gone which was found in C:\Program Files\Qualcomm\Eudora\attach\gone3.scr
Constructing Cleaner Record for SubSeven which was found in C:\unzipped\sub7bonus\EditServer.exe
Constructing Cleaner Record for SubSeven which was found in C:\unzipped\sub7bonus\server.exe
Constructing Cleaner Record for SubSeven which was found in C:\unzipped\sub7bonus\SubSeven.exe
Constructing Cleaner Record for NetBus which was found in C:\unzipped\sub7bonus\NetBus.exe
Constructing Cleaner Record for The Thing which was found in C:\my virri\flooderThe Thing.exe
Constructing Cleaner Record for InCommand which was found in C:\my virri\startup.exe(cleanercallsthisInCommand).exe
Constructing Cleaner Record for The Thing which was found in C:\my virri\The Thingmircupdate.exe
Scanning Drive E
Constructing Cleaner Record for SlackBot which was found in E:\GtBots\11cleaner.exe
Constructing Cleaner Record for Litmus which was found in E:\GtBots\server.exe
Constructing Cleaner Record for Gone which was found in E:\Trojans\gone3.scr
Final file count: 33456
Scan Complete
*** End Session ***


 NORTON DETECTED:
C:\my virri\Nawal.zip is infected with the Backdoor.SubSeven virus.
C:\my virri\flooderThe Thing.exe is infected with the Backdoor.TheThing.b virus.
C:\my virri\The Thingmircupdate.exe is infected with the Backdoor.TheThing.b virus.
C:\Program Files\Qualcomm\Eudora\attach\gone3.scr is infected with the W32.Goner.A@mm virus.
C:\Program Files\Qualcomm\Eudora\attach\remote32.ini is infected with the W32.Goner.A@mm virus.
C:\unzipped\sub7bonus\EditServer.exe is infected with the Backdoor.SubSeven22 virus.
C:\unzipped\sub7bonus\server.exe is infected with the Backdoor.Poly virus.
C:\unzipped\sub7bonus\SubSeven.exe is infected with the Backdoor.SubSeven22 virus.
C:\unzipped\sub7bonus\NetBus.exe is infected with the Netbus.170.W95.Trojan virus.
C:\unzipped\sub7bonus\pr.ini is infected with the W32.LXD.Mirc virus.
E:\j0sh\PR.INI is infected with the W32.LXD.Mirc virus.
E:\j0sh\MIRC.INI is infected with the Mirc.LXD virus.
E:\j0sh\MIRC2.INI is infected with the IRC.Companion virus.
E:\j0sh\MIRC3.INI is infected with the IRC Trojan virus.
E:\j0sh\MIRC4.INI is infected with the Backdoor.IRC.Flood(2) virus.
E:\j0sh\WHVLXD.EXE is infected with the W32.LXD.Mirc virus.
E:\j0sh\TEMP.SCR is infected with the Backdoor.IRC.Flood virus.
E:\GtBots\11cleaner.exe is infected with the Backdoor.Trojan virus.
E:\Trojans\netol.scr is infected with the W32.Netol.Mirc virus.
E:\Trojans\gone3.scr is infected with the W32.Goner.A@mm virus.
E:\Trojans\remote32.ini is infected with the W32.Goner.A@mm virus.
E:\vbs\rolvbsnewtwist.txt is infected with the JS.Exception.Exploit virus.
E:\vbs\somethingnewrollikepage.txt is infected with the JS.Exception.Exploit virus.


 SWATIT & HACKER ELIMINATOR BOTH DETECTED:
 GT Bot Napster 2.e - E:\j0sh\SCRIPT.INI
GT Bot Var.g - E:\j0sh\SCRIPT1.INI
GT Bot Fake AntiVirus.a - E:\j0sh\PR.INI
GT Bot.d - E:\j0sh\MIRC2.INI
GT Bot Var.g.d - E:\j0sh\MIRC3.INI
GT Bot Aurora.d - E:\j0sh\WHVLXD.EXE
GT Bot C.c - E:\j0sh\TEMP.EXE
GT Bot Aur0ra.c - E:\j0sh\TEMP.SCR
GT Bot Free Bnc - E:\GtBots\free_bnc.exe
GT Bot Free Bnc - E:\GtBots\remover.exe
GT Bot Virus-Cleaner Dropper - E:\GtBots\Virus-Cleaner.exe
GT Bot Windows Update Dropper - E:\GtBots\windowsupdater.exe
GT Bot Speed Dropper - E:\GtBots\speed.exe
GT Bot Quick Silver Dropper - E:\GtBots\Quick-Silver-Set-Up.exe
GT Bot Cleaner New - E:\GtBots\Cleanernew.exe
GT Bot False Cleaner Dropper - E:\GtBots\cleaner.11exe
GT Bot Fake Netbus - E:\GtBots\Netbus.exe
GT Bot FTP Finder Dropper - E:\GtBots\ftpsitefinder.exe
SpeedClean - E:\GtBots\SpEEdClean.exe
GT Bot DmSetup Remover Dropper - E:\GtBots\cc-verify-and-cracker.exe
GT Bot False Cleaner Dropper - E:\GtBots\cleaner.exe
GT Bot Fake Cleaner 3.2 Dropper - E:\GtBots\cleaner3.2.exe
GT Bot Dalnet Cleaner.c - E:\GtBots\DALNetCleaner.exe
GT Bot Baby Pic Dropper Packed - E:\GtBots\baby-f-pic.jpg.exe
GT Bot Fake Cleaner 4.1 - E:\GtBots\cleaner4.1.exe
GT Bot FTP Finder Dropper - E:\GtBots\Warez-ftp-searcher.exe
GT Bot FTP Finder Dropper - E:\GtBots\1ftpsitefinder.exe
GT Bot Blaster - E:\GtBots\Blaster.exe
GT Bot Fake Netbus - E:\GtBots\N2etbus.exe
GT Bot CC Verify Dropper - E:\GtBots\DMSsetup-remover.exe
GT Bot Gay Teens - E:\GtBots\gay_teens.exe
GT Bot CC Verify Dropper - E:\GtBots\XxX-Pics&movies-finder.exe
GT Bot Gay Teens - E:\GtBots\internetbooster.exe
GT Bot Fake Cleaner 4.1 - E:\GtBots\cleaner2.1.exe
GT Bot FTP Finder Dropper - E:\GtBots\2ftpsitefinder.exe
GT Bot Z0ne Dropper - E:\GtBots\11setup.exe
Bloodznet Flooder - E:\GtBots\bnflooder.exe
GT Bot PhornoScript - E:\GtBots\PhornoScript.exe
GT Bot MINE Dropper - E:\GtBots\mine.exe
GT Bot Bot.b - E:\GtBots\bot.exe
SlackBot v1.01b - E:\GtBots\11cleaner.exe
DarkMirc - E:\GtBots\DarKmiRC.exe
GT Bot Blaster - E:\GtBots\4Blaster.exe
Litmus 2.0 Irc DDOS Bot - E:\GtBots\server.exe
BiTarts - E:\Trojans\bitarts_crackitall.exe
BiTarts - E:\Trojans\bitarts_evaluation.exe
Tremble Mouse Mover - E:\Trojans\haha.exe
Happiman 2000 Password Grabber - E:\Trojans\pwgrabber.exe
Annoying - E:\Trojans\annoy.exe
Test.exe Joke Virus - E:\Trojans\test.exe
Kl0ne-X - E:\Trojans\Kl0ne-X.eXe
Windows Spoofer 97 - E:\Trojans\myspoof.exe
Win32Goner@mm Worm-IRC - Trojan - E:\Trojans\gone3.scr
Win32Goner@mm Worm-IRC - Trojan Script - E:\Trojans\remote32.ini
Porn Dialer Premium Rate-Not A Trojan.a - E:\dialers\celebmovie3.exe
Rol.VBS.d - E:\vbs\rolvbs-#lolal.txt
Win32Goner@mm Worm-IRC - Trojan - C:\Program Files\Qualcomm\Eudora\attach\gone3.scr
Win32Goner@mm Worm-IRC - Trojan Script - C:\Program Files\Qualcomm\Eudora\attach\remote32.ini
SubSeven v2.1 M.U.I.E.mobpack - C:\unzipped\sub7bonus\server.exe
JPG.NetBus Dropper - C:\unzipped\sub7bonus\NetBus.exe
GT Bot Fake AntiVirus.a - C:\unzipped\sub7bonus\pr.ini
New Napster Porn GT Bot.g - C:\unzipped\sub7bonus\gates.txt

 Here is a screen capture from Trend



Here is a screen capture from Panda



I'll also conduct this same type of test at a later date with more AV's involved, it should be interesting.

This is my second report of this nature in two weeks. Norton gave me an autoreply with no follow up, the cleaner said "send me what you have". The fact is, I use to submit all of my new "catches", but only to watch them be ignored. Lockdown does NOT ignore them. You always add everything we submit.

I would also like to take this time to thank you and your staff for allowing the public to use your product FREE of charge, and with remarkable results. I myself recommend your product on a daily basis as well as the Staff of the Dalnet #Nohack channel. Again thanks for taking the time to read and see the tests that i have done. Have a nice holiday :) -- FruitLoop

Download Swatit Free Trojan Scanner Now

You can download and try SwatIt now free of charge by clicking
on the download link on the left.

Infected With Karma Worm and Sending Spam Messages
on IRC? click here

home - about - screenshots - links - contact

©2003 SwatIt.Org