.

X-scan v3.3

<<

CJS

Newbie
Newbie

Posts: 8

Joined: Fri Feb 22, 2008 3:38 pm

Post Fri Feb 22, 2008 4:08 pm

X-scan v3.3

I noticed that X-scan 3.3 was recommended in a thread in these forums (SlimJim100 gave a video of it), so I downloaded it from xfocus.org to try it out.

BUT, my AVG anti-virus claimed it has a worm, specifically the file "common_pass.dic" in the /dat directory. And of course AVG labeled about 21 other different files as "potentially dangerous" but that's not surprising given what the program is supposed to do. Also, I noticed that Mcafee Siteadvisor found numerous "red" downloads from the xfocus website.

I uploaded the common_pass.dic file to virustotal.com to get more opinions, and most of the virus programs didn't complain about it.

I guess I'm just looking for a little more reassurance at this point.  :D
Is this program still considered safe to use?
<<

LSOChris

Post Fri Feb 22, 2008 5:23 pm

Re: X-scan v3.3

well... did you actually read what was in the file?
<<

proudindian

Newbie
Newbie

Posts: 32

Joined: Mon Dec 10, 2007 3:24 am

Post Mon Feb 25, 2008 7:22 am

Re: X-scan v3.3

but the download page is not opening I think...can any1 give proper link of downloading xscan
<<

CJS

Newbie
Newbie

Posts: 8

Joined: Fri Feb 22, 2008 3:38 pm

Post Mon Feb 25, 2008 9:51 am

Re: X-scan v3.3

ChrisG wrote:well... did you actually read what was in the file?


Looks like a data/text file obviously, so why would AVG flag it as a worm? I didn't think text files under any circumstance could be harmful, unless some other program somehow "used" the contents to aid that program in some malicious behavior. Any comments about this?
<<

dean

Post Mon Feb 25, 2008 10:33 am

Re: X-scan v3.3

Antivirus/antispyware/antimalware applications do not just scan a single file and deem it to be safe. If the file is part of a larger package and it is scanned the application will make the determination that you may be infected/compromised based on that file and the package it's part of.

For example: SSH brute force scripts may download and use a standard dictionary file and if this is discovered by your AV it will alert you to that fact.

Antivirus apps don't just scan for viruses. They scan for all forms of potentially malicious software. Eg: keyloggers, BHOs, etc.... I always wonder why Symantec flags netcat as do many other AV apps.

If you are intending to run tools such as that you might want to consider disabling or removing whatever host based firewalls, IDS/IPS, AV, antispyware apps you have running. You are going to have to whitelist/exclude so many files anyway that it's going to render the tools pretty ineffective.

Ideally, you would want your regular workstation you use for daily tasks to not to be used for testing tools, reversing malware, pentesting, etc....

dean
<<

proudindian

Newbie
Newbie

Posts: 32

Joined: Mon Dec 10, 2007 3:24 am

Post Wed Feb 27, 2008 8:21 am

Re: X-scan v3.3

people please help me downloading x scan,i am unable to download it,can you please tell me the procedure...
<<

sgt_mjc

Sr. Member
Sr. Member

Posts: 294

Joined: Tue Feb 05, 2008 8:34 am

Location: AL

Post Wed Feb 27, 2008 8:36 am

Re: X-scan v3.3

Use your tools in a VM. This gives your host protection even without an AV like dean mentioned. Good luck.
Mike Conway
CISSP
CompTia Security +
C|EH
<<

CJS

Newbie
Newbie

Posts: 8

Joined: Fri Feb 22, 2008 3:38 pm

Post Wed Feb 27, 2008 8:37 am

Re: X-scan v3.3

proudindian wrote:people please help me downloading x scan,i am unable to download it,can you please tell me the procedure...

Not sure why you are having a problem, but here is a direct link to the program:
http://xfocus.org/programs/200507/X-Scan-v3.3-en.rar
Hope this helps.

Return to Tools

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software