Author Topic: XRay PC (Read 4364 times)

polonus · « **on:** March 06, 2006, 05:36:59 PM »

Hi anti-malware fighters,

XRayPC, not a program that removes spyware and malware, but beautifully detects processes that are running and which of those are legit and which are suspect. Get it from here:
http://www.x-raypc.com/ How to use: http://www.x-raypc.com/help.php
I think it could be used next to HijackThis and Toolbarcop or BHODemon, a nice program in this range.

polonus

CharleyO · « **Reply #1 on:** March 07, 2006, 02:37:19 AM »

***

I downloaded it and ran it once. I like what it does. Even though I recognized all the entries, I wanted to see what the online analyzer would give. But, I get an error message shortly after clicking the Online Analyzer button ... "Error trying to reach the triage server" ... even though I have given it passage rights through ZA Free. I even removed the program from ZA once and tried again giving Xray all rights (internet & server) in ZA. Same results ... same error message.

What am I doing wrong?

***

polonus · « **Reply #2 on:** March 07, 2006, 01:27:12 PM »

Dependant on OS. In Win XP works OK even on a mem stick, maybe image server was down?

polonus

CharleyO · « **Reply #3 on:** March 07, 2006, 04:45:36 PM »

***

Yes, I am using XP Home. Yeah, maybe the image server was down. I will try it again.

***

CharleyO · « **Reply #4 on:** March 07, 2006, 05:19:03 PM »

***

No Luck. I have tried everything I can think of to do. I even deleted the program and downloaded it again. Here's a screen shot:

justin1278 · « **Reply #5 on:** March 09, 2006, 03:22:36 AM »

Hello,

I to am getting the same error message.

polonus · « **Reply #6 on:** March 10, 2006, 10:59:48 AM »

Hi Charley and Justin,

You should analyze per process, if it is not known it can be uploaded. Another thing is the log that can be safed is identical to a HijackThis one, so it can be analyzed with the same online analyzers as well.

greets,

polonus

With a Windows XP SP2 with Software FW this program gives no problems for me.

D

CharleyO · « **Reply #7 on:** March 10, 2006, 10:32:01 PM »

***

Thanks for that post, Polonus. Now, it works!

I do not know why I did not think of doing that.

I feel like such a ...... DUH???!!!

***

polonus · « **Reply #8 on:** March 11, 2006, 01:27:04 PM »

Hi CharleyO,

Well so much the better you got it working, because it is nice as a second opinion or addition to the famous HijackThis and Eddy's HiLoa proggies. I don't have all these proggies on the comp but on the mem stick.
Good to have is ShareEnum from sysinternals too. There you can see all the processes' privileges, what is not completely secure. I have that there too.
And HijackThis and XrayPC feel much better with Process Explorer in the neighbourhood. Next use FileAlyzer and a good Hex Viewer, and you have all the basic analytical tools to encounter any file, packer and code and all, hashes included.
Enjoy,

friend polonus

Author Topic: XRay PC (Read 4364 times)

polonus

XRay PC

CharleyO

Re: XRay PC

polonus

Re: XRay PC

CharleyO

Re: XRay PC

CharleyO

Re: XRay PC

justin1278

Re: XRay PC

polonus

Re: XRay PC

CharleyO

Re: XRay PC

polonus

Re: XRay PC