A new build of kX-Ray anti-rootkit tool has been released for 32-bit XP OSs. Among new things in the last few months comes sysenter unhooking, hidden module detection such as DLLs, complete usermode API scanning etc. etc. It is definately my current favorite anti-rootkit tool. Any reason why it is more or less unknown to this forum? I know the author does not publicize it much and it is more of an underground tool but still it rocks. The force process kill options alone make it worth the download because they are brutal and can kill absolutely everything I have thrown at it!

-{ Quote: "
kX-Ray v1.0.0.80 Public 32-bit XP-Only Build
=============================

-Ring3 API Hooks was extended to support IAT (Import Address Table) hook detection
-Fixed a minor bug involving Ring3 API hook engine
-Other touch-ups throughout various areas

|3 /^ () ( |<
" }-

Download kX-Ray v1.0.0.80 (32-bit XP-Only Build) (http://bugczech.fu8.com/bin/kX-Ray_v1.0.0.80_XP32_beta.zip)

-{ Quote: "Any reason why it is more or less unknown to this forum?" }-
Its been posted here. The Sysinternals forum home of Rootkit Revealer has a lot more information (malware forum), a few of the devs who's arks are regularly updated post there : rootrepeal, Kernal Detective, cmcark and there are also posts from other well know ark writers.

Thanks for the head up.

-{ Quote: "It is definately my current favorite anti-rootkit tool. Any reason why it is more or less unknown to this forum? I know the author does not publicize it much and it is more of an underground tool but still it rocks. The force process kill options alone make it worth the download because they are brutal and can kill absolutely everything I have thrown at it!" }-Cool!

Maybe a stupid question but does it work on Vista 32 bits environment ? :-[

-{ Quote: "Maybe a stupid question but does it work on Vista 32 bits environment ? :-[" }-

According to the download link in the first post, it looks like it's 32 bit XP.
I was going to dl it but the link is dead.

-{ Quote: "According to the download link in the first post, it looks like it's 32 bit XP.
I was going to dl it but the link is dead." }-

Yes, I know that, but I was wondering if there is no chance to run under vista 32 bits

New build, and more info etc http://forum.sysinternals.com/forum_posts.asp?TID=17648&PN=6

The other versions ( generally ) worked ok for me on XP 32, this time see screenie, so ?

Thanks for the link StevieO.

That didn't go well.
I'm thinking I'll stick with Radix.

the Tester

Hi, pleasure.

Yeah, shame about that. No worries he'll fix it, always does. I think it's one of the better ARK's, so worth sticking with.

S