GABSharkY

Costello · Jul 20, 2004

A few hours ago, we announced here the release of a new tool, GABSharkY.
If you have downloaded this program, please do NOT open it.
It might contain malicious code - which should not cause damage to your computer.
We should be able to give you more details when we can talk to the author.

Thanks,
the staff.

Update a la Mole -

This program contains a very nasty worm called SDBOT, more info can be found, including removal instructions, at -

http://it.trendmicro-europe.com/enterprise...DBOT.ER&VSect=T

This is a REALLY nasty virus. If you have ever run this program, immediatly do a virus scan.

amy test · Jul 20, 2004

Huh..? Now that's sneaky..

- Wrath of God - · Jul 20, 2004

well is it a virus, or was it intentional?

santakuroosu · Jul 20, 2004

Well thank god i'm always the last one to read those things.

Xanthious · Jul 20, 2004

Thanks much for the heads up. I put it in my download manager to get tonight. Looks like I wont be needing it afterall. Will there be a clean version do you know ?

kiczek · Jul 20, 2004

i would like to say SORRY FOR HOSTING THIS SITE ppl

I was very entusiastic about this new tool and offered him hosting but there is no way I will allow mondayz to use my website anymore

http://gabsharky.kiczek.com

PS fuck you mondayz you piece of shit!

Mega_Mizzle_X · Jul 20, 2004

What a tricky way to get people... And it prays on the trust we have at this community. Bast##d

Zero01 · Jul 20, 2004

I d/l it in my d/l folder, luckily I didn't open it phew, now it's the recycle bin for that file.

Opium · Jul 20, 2004

QUOTE(kiczek @ Jul 20 2004 said:
i would like to say SORRY FOR HOSTING THIS SITE ppl

I was very entusiastic about this new tool and offered him hosting but there is no way I will allow mondayz to use my website anymore

http://gabsharky.kiczek.com

PS fuck you mondayz you piece of shit!

There's no reason for you to appologize kiczek, there's no way you could have known.

Well I did download GABSharkY but i didn't get around to opening it and running it. Strange how being busy pays out in the end

funny old world we live in.

Gaisuto · Jul 20, 2004

Do you guys really know if he did it on purpose?

Outrager · Jul 20, 2004

Wait... so it "It might contain malicious code" but that doesn't matter because it "should not cause damage to your computer."
Or was that just worded totally wrong?

WrathofGod · Jul 20, 2004

I know it dropped the files mentioned on your website but what do they do. By chance have you figured out what there exactly doing?

mole_incarnate · Jul 20, 2004

Heres a tidbit on the winupdate.exe (one of the files it drops), knew I had seen it before -

http://it.trendmicro-europe.com/enterprise...DBOT.ER&VSect=T

Behold, the worm.

This can be fairly nasty, so if you've run this proggy, immediatly do a virus scan.

More info on other files coming.

Okay, all the other files are just normal files to run the program, not malware of any kind, cept maybe loadex.exe, pretty sure ive seen that one before.

This cannot be accidental, this little punk did it deliberatly.

WrathofGod · Jul 20, 2004

Does the program actually work? If so liked to see someone remove the virus

cerberus · Jul 20, 2004

What a sly bastardo! people like that need shooting.

If you want an easy way to remove it use the Stinger tool from NAI. Get it here. Its a great tool, and will scan for 43 major viruses. Get it to be safe.

Gandalf515 · Jul 20, 2004

I opened that tool, and now I'm infected. Íf it was up to me, I'd hang him up with his own balls, that F*****g b*st*rd

djgarf · Jul 20, 2004

These instructions are for Windows XP ONLY!

1. Close all open programs.
2. Press Win+R. This brings up the "Run" dialog.
3. Type "taskmgr" and press enter.
4. Click "Processes."
5. Highlight "winupdate.exe," then click "End Process," followed by "Yes."
If you do not see this file, skip this step.
6. Highlight "explorer.exe," then click "End Process," followed by "Yes."
Your desktop will disappear.
7. Go to "File" and select "New Task (Run)."
8. Type "cmd" and press enter.
9. Type the following commands, pressing enter after each one.
Ignore any 'File does not exist" warnings.

cd windowssystem32
del explorer.exe
del wpa.dbl
del pnbak.dll
del pnupd.dll
del pnstrt.dll
del winupdate.exe
del native.exe
del loadex.exe
cd windows
del explore.exe
del explorer.exe
exit

10. Go to "File" and select "New Task (Run)."
11. Type "explorer" and press enter. Your desktop will be restored.

At this point your system should be cleaned.
To verify that explorer.exe is correct, run Windows Explorer, browse to
c:windows, highlight explorer.exe, right click it and select properties.
Verify that BOTH the "Created" and "Modified" dates say either
"August 29, 2002, 04:41:24" or "May 11, 2003, 21:12:10."

big thanx and shouts go out to qoop on irc for taking the time to install this crap on his pc to work out how to remove it properly

none of the registry entries listed on the trendmicro page were actually present in the registry too

mondayz · Jul 20, 2004

Guys, I did not do any virus in the exe! Seriously!

skubbe · Jul 20, 2004

What was the original filename of GABSharkY, don't remember where i put it on my hd

_Pie_ · Jul 20, 2004

QUOTE(skubbe @ Jul 20 2004 said:
What was the original filename of GABSharkY, don't remember where i put it on my hd

gabsharkyv1-0.zip

GABSharkY

Headmaster

Well-Known Member

God

Well-Known Member

Scratch & Sniff

Well-Known Member

Music and Me...

Well-Known Member

PogoShell it to me ™

Lose 2 Levels.

Well-Known Member

Well-Known Member

Watermelon!

Well-Known Member

Well-Known Member

Member

I Am A Raver

Active Member

Well-Known Member

Well-Known Member

Similar threads

Popular threads in this forum