Back to Top

Tuesday, February 20, 2007

No love for RkUnhooker

It seems that the author of RkUnhooker (you know, that guy named EP_X0FF) got very upset about my comments and first he wrote a comment to my blog - which I published a little late and I apologize for it. Then he got into personal mode and made a threatening post on his forum.

My thought are: if I deface my own site, do I get the source code? :-D On a more serious note: after this incident would you consider running his program on your computer? Consider this: by running RkUnhooker you give somebody who clearly has anger management problems and sees violence as a viable response system wide access (because his soft needs Admin level privileges to be able to load the driver)! I looked through the current version of the software and it doesn't contain any malicious code - and no, PECompact doesn't protect your program from reverse engeneering, and packing your executable is a bad idea in itself - but this may change in the future judging his posts (the last post says in Russian: we are already working on it). You should make sure that you are not part of the solution and avoid his software.

The last install kit which I checked had a size of 147611 bytes, a MD5 of f79f711bd54bfc9f297eeefee69f8705 and a SHA1 of ccb2558366cb076451fe6f58c4c5081eae52f168. Do not run anything from him if possible!


  1. looks to me like there's plenty of link love from/for both of you...

    interesting how my pointing out the hypocrisy of making/distributing X's when one is supposed to be anti-X didn't strike nearly as sensitive a nerve as your teenager remark, though...

    i guess you must be getting a bit of traffic out of this...

  2. probably yes, but that's not the point :)

  3. hey cdman maybe malware or ootkit writes agree with you...

    BTW final users shouldn't care about discusion between third part guys.

  4. indeed, the point is that this person and his software are not to be trusted... white hats don't call for website defacements and DDoS attacks... that's very much a black hat behaviour...

  5. There is no love for comment spam in my blog.

  6. Anonymous6:02 AM

    GMER might call It soviet style retribution