Where's RkU??

rku.xell.ru
Gone down ?taken Off?
Currently get taken to a "suspended page" message

 

I get the same plus if you read the title address bar

http://serv6.slavhost.ru/suspended.page/

I have no idea.

SysInternals is been Locked Down (Read-Only) due to daily Spam attack to add to all this sudden mystery.

 

Hello.

Due to obvious reasons we will have to change our web hosting-provider. We will deal with this problem and I will post here any news.

D/L site available here

http://www.rkunhooker1.narod.ru/

Please understand that this is free web server, so it is s l o w, and D/L speed is also limited.

 

OK EP

We watch and wait
Thanks for the message.

What the hell has happened at Sysinternals ??

I saw those posts with the pathetic pRon; hope they sort it out.

Danger for here?

Gmer > CC > Sysinternals > RkU

 

Agreed. This to my knowledge, and i mean years, is the very first time i seen such an attack of all things SPAM completely take a web-site off-line or at least (read-only) in the security community.

If i we're a betting man and i'm not, i would venture to say that SysInternals will likely change forum software to make it more automated for them to intercept/prevent such attacks in the future.

 

I received such SPAM / Personal attacks messages last six months, practically every day (via Private Messanger) and every time it was a new user. Looks like user database on SysInternals are overflown with sleeping bots

What about Rootkit Unhooker project site, currently (for some time) it will be hosted on narod.ru by our friends. So RkU internal update-checking system will not work.

If you have questions / suggestions about Rootkit Unhooker work / or logs feel free to use this email for contact with us rkunhooker@inbox dot ru

 

TR/Agent.6656: That's how Antivir calls RKU...
Obviously a FP?...

 

Yes it is FP.

 

Thanks EP for that update. It's of course very normal to change hosts but makes for concern when it happens without publicly being advised in advance.

 

Actually it was a big surprise even for us.

 

Looks like SysInternals website is down for the count since that lockdown appears ongoing.

Web software plays a role too i think, some are better adepth at keeping auto-spamming at bay more then others.

This is been an interesting 2007 since security websites this year have been particularly either DOS'd or Spammed intensively more so then i ever seen before.

 

Additional mirror for RkU opened here

http://rku.nm.ru

should be a little faster than narod.ru, in theory

 

Super! and thank again for bringing us up to date with the new URL.