% if action == 'start':
% include('languages.html', language=language)
% if connection:
WARNING! You appear to be connected to the Internet. You should disconnect from any cable or wireless network during this test.
% end
What is this?
This is a simple tool that tries to identify potential spyware infections on your computer.
When launched, it will try to look for certain indicators in memory. If you have any running applications (such as Skype, the browser, etc.) please close them in order to increase performance and decrease chances of false positives. The execution will take a few minutes, so please be patient.
Scan now!
% end
% if action == 'running':
Scanning...
The scanning is in progress. It might take several minutes, please be patient and do not interrupt the application before it has naturally finished.
Refresh
Should refresh automatically every 5 seconds
% end
% if action == 'results':
% if errors:
WARNING!
Some
errors occurred that might have affected the outcome of the scan:
% for error in errors:
% if error == 'NOT_AN_ADMIN':
- You need to run the application as an Administrator!
% elif error == 'UNSUPPORTED_WINDOWS':
- You are running an unsupported version of Microsoft Windows.
% elif error == 'NO_DRIVER':
- Can't find a suitable driver to be used.
% elif error == 'SERVICE_NO_START':
- Can't start the service, try to restart the application or the computer if that didn't help.
% elif error == 'SCAN_FAILED':
- The scanning failed, try reinstalling the tool. If that doesn't help, provide the log file to your point of contact to investigate the issue.
% end
% end
% else:
% if infected:
DANGER!
I managed to identify the potential presence of some spyware! You should turn off this computer, never connect it again to the Internet or any external device and seek assistance.
You can find additional instructions on what to do next and on how to get in contact with us at https://www.resistsurveillance.org/emergency
Following is what I discovered:
% for detection in results:
- {{detection}}
% if detection == 'BlackShades RAT':
This is a common trojan which is free to download from the Internet and available to just about anyone. It should be normally detected and quarantined by major AntiVirus software. Although it is impossible to guess who might be targeting you, you should seek for assistance nevertheless.
% elif detection == 'DarkComet RAT':
This is a common trojan which is free to download from the Internet and available to just about anyone. It should be normally detected and quarantined by major AntiVirus software. Although it is impossible to guess who might be targeting you, you should seek for assistance nevertheless.
% elif detection == 'FinFisher FinSpy':
This is a very sophisticated backdoor produced by a German company and sold to government agencies worldwide. You might be targeted by yours or a foreign government. You should be really careful in your next steps in order to not further jeopardize your situation.
% elif detection == 'Gh0st':
This is a common trojan which is free to download from the Internet and available to just about anyone. It should be normally detected and quarantined by major AntiVirus software. Although it is impossible to guess who might be targeting you, you should seek for assistance nevertheless.
% elif detection == 'Njrat':
This is a common trojan which is free to download from the Internet and available to just about anyone. It should be normally detected and quarantined by major AntiVirus software. Although it is impossible to guess who might be targeting you, you should seek for assistance nevertheless.
% elif detection == 'Hacking Team RCS Scout' or detection == 'Hacking Team RCS Backdoor':
This is a very sophisticated backdoor produced by an Italian company and sold to government agencies worldwide. You might be targeted by yours or a foreign government. You should be really careful in your next steps in order to not further jeopardize your situation.
% elif detection == 'ShadowTech RAT':
This is a common trojan which is free to download from the Internet and available to just about anyone. It should be normally detected and quarantined by major AntiVirus software. Although it is impossible to guess who might be targeting you, you should seek for assistance nevertheless.
% elif detection == 'Xtreme RAT':
This is a common trojan which is free to download from the Internet and available to just about anyone. It should be normally detected and quarantined by major AntiVirus software. Although it is impossible to guess who might be targeting you, you should seek for assistance nevertheless.
% end
% end
% else:
Looks good.
I wasn't able to identify the presence of any obvious spyware. Please note that this does not necessarily mean your computer is clean. If you have strong suspicion of being targeted, please do seek assistance.
You can find additional instructions at https://www.resistsurveillance.org/emergency
% end
% end
% end