1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DO NOT OPEN SENUKE what ever you do!!

Discussion in 'BlackHat Lounge' started by oni3350, Sep 26, 2009.

  1. oni3350

    oni3350 Regular Member

    Joined:
    Sep 24, 2008
    Messages:
    361
    Likes Received:
    194
    Occupation:
    Internet Marketer/ Black Hatter
    Location:
    Perth, Western Australia
    Home Page:
    There was a thread going around here the other day about the senuke site being down due to these fucking hackers.

    Well i open up senuke just before, and it opens up as it normally does, it loads up the home blog and everything looks normal.

    About 1 minute later AVG pops up with a threat detected and then windows crashes and restarts.

    Comes back up and then the threat detection window pops up with this: [​IMG]

    then i have nothing loading on my computer and no bandwidth happening due to me loading any internet pages and i notice my internet modem lights flashing as they usually do when data is being transferred. So i immediately pulled the plug and i kept on deleting that stupid beep.sys file

    Right now im on my dads computer using his internet and my computer is still on probably with more shit being being created.

    I think the beep.sys file is being reproduced again and again by the C:\WINDOWS\system32\winlogon.exe

    Now im thinking about deleting this, but will i even be able to log back onto windows!!??

    I also tried to get into the beep.sys file through .txt and it said it was protected and no information came up.

    Can anyone see what this is? from the information in the screen shot?

    Is there anyway i can fully get rid of this shit without having to format my PC, coz i really really dont wanna format my PC again.
     
  2. RudeMaudlin

    RudeMaudlin Registered Member

    Joined:
    Apr 8, 2009
    Messages:
    65
    Likes Received:
    335
    Location:
    Australia
    Oh thanks for this one. A lot of my friends are using SENUKE ( I better tell them before its too late)
     
  3. jammie

    jammie Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 24, 2008
    Messages:
    773
    Likes Received:
    453
    combofix & malwarebytes will fix them, don't worry.

    Don't run combofix if you're on a somewhat illegal version of windows though. It will destory your serial key etc. and windows will not be very nice. It also took out my sound drivers and some other ones, so be warned.

    gets rid of everything though.
     
  4. kilaz

    kilaz Jr. VIP Jr. VIP

    Joined:
    Aug 15, 2009
    Messages:
    876
    Likes Received:
    382
    Home Page:
    ya the SENuke site is hacked again.. see this thread..
    Code:
    http://www.blackhatworld.com/blackhat-seo/black-hat-seo/121543-has-senuke-site-been-hacked.html
     
  5. sdtopensied

    sdtopensied Regular Member

    Joined:
    Sep 1, 2009
    Messages:
    211
    Likes Received:
    113
    Occupation:
    Software Developer
    Location:
    Western Hemisphere
    This probably not what you want to hear, but you'll probably spend less time reinstalling windows than you would trying to track down every infected file/bot/Trojan/etc on your computer.

    Moving forward, my advice would be to get Virtual PC, it's a free download from Microsoft, create a virtual hard drive and install windows and all of your bh tools on that. Then, make a backup copy of your VHD and stash it away for safe-keeping.

    I do this with linux/apache/mysql/php so I can test my scripts before actually deploying them.

    You can also use this setup to browse all your porn sites if you live in a house where that's not ok. This is also a good way to compartmentalize your e-shoring campaigns...one virtual machine per girl.
     
    • Thanks Thanks x 1
  6. oni3350

    oni3350 Regular Member

    Joined:
    Sep 24, 2008
    Messages:
    361
    Likes Received:
    194
    Occupation:
    Internet Marketer/ Black Hatter
    Location:
    Perth, Western Australia
    Home Page:
    guess im gonna have to format my PC then

    Ive been searching on google for this particular version which is Rustock.R and there is not much info on it. I think its new

    Also im not gonna risk having there still be shit on my PC that will transfer my data... Coz i did notice my internet lights flashing as i said, so i think it was comunicating to some place.

    Oh well, il be back up to normal again in about 5 hours... after all the programs i need to install on my system again!

    thanks
     
  7. hiding_whitehat

    hiding_whitehat Junior Member

    Joined:
    Jan 3, 2009
    Messages:
    148
    Likes Received:
    112
    Combofix is EXTREMELY DANGEROUS to use on your comp, whether you're on an illegal version of windows or not, if you don't know what you're doing.

    Don't just try running Combofix. Go to the forums at MalwareRemoval.com and one of their volunteers will help you for free.
     
  8. virus_1720

    virus_1720 Jr. VIP Jr. VIP Premium Member

    Joined:
    May 9, 2008
    Messages:
    1,686
    Likes Received:
    1,197
    Location:
    BHW
    its working fine for me now. Check it yourself
     
  9. kilaz

    kilaz Jr. VIP Jr. VIP

    Joined:
    Aug 15, 2009
    Messages:
    876
    Likes Received:
    382
    Home Page:
    SeNuke might be working for you but their site is still currently hacked so I wouldn't use it till things get fixed.
     
  10. jamesbelaugh

    jamesbelaugh Regular Member

    Joined:
    Feb 28, 2007
    Messages:
    222
    Likes Received:
    67
    Where do you download combofix?
     
  11. CPAchick

    CPAchick Regular Member

    Joined:
    Jul 22, 2009
    Messages:
    410
    Likes Received:
    191
    Gender:
    Female
    Location:
    UK
    Is it just me who thinks SENuke hasn't done enough to tell it's paying customers just WTF is going on? There was a window yesterday when the forum was open and Areeb could've said something worthwhile about what to do or not to do, but zippo! NOTHING!!

    All he said was something about iframe, his team were working on vulnerabilities and everything was back to normal! The hell it is!

    You pay $127 for a month using the software and it gets hacked and no email, no notice in the forum!

    I appreciate there's a scheduled update happening on the 28th and with the hacking etc they're pretty busy, but we are their life blood!! :(
     
  12. Longover

    Longover Power Member

    Joined:
    Jun 9, 2008
    Messages:
    658
    Likes Received:
    347
    I found a way to stay at least a little safe when using Senuke. For now I am just blocking the sites through my host file because of the little browser that opens up with senuke. Of course, you have to be aware of the site iframe before loading Senuke...
     
  13. oni3350

    oni3350 Regular Member

    Joined:
    Sep 24, 2008
    Messages:
    361
    Likes Received:
    194
    Occupation:
    Internet Marketer/ Black Hatter
    Location:
    Perth, Western Australia
    Home Page:
    What host file?

    How do you do that?
     
  14. solution2u

    solution2u Junior Member

    Joined:
    Dec 29, 2008
    Messages:
    165
    Likes Received:
    56
    i usually use system restore 1st. If cannot fix, then i will google for the virus name to search solution.
    Posted via Mobile Device
     
  15. consus

    consus Junior Member

    Joined:
    Apr 18, 2009
    Messages:
    164
    Likes Received:
    236
  16. blackmagiquellc

    blackmagiquellc BANNED BANNED

    Joined:
    Oct 30, 2008
    Messages:
    752
    Likes Received:
    739
    maybe they need a stronger competitor now

    hmmmm :)

    hopefully issues will get solved soon - stay tuned