Use tags such as (!WAC) in ur name and it will automatically update your messenger nickname to the currently played song.


Please read the readme for more commands

Edited by Chrono:Attachment removed, it was a trojan

Yeh finally, i was hopiung they would put a WMP player oneinto plus aswell as teh Winamp one

Having a problems says cant find NetAPI32 when i try to run teh setup exe any ideas?

I clicked "setup", nothing happened the cursor was set to busy for a few second, that was it...

Nothing happens here either . . . and why does it has to make connection to the internet??

a new task is running too in task manager. "wupdated", plus it added itself to msconfig....on startup tab.

Why does it say: "© Microsoft Corporation. All rights reserved."

K, this doesn't really look like a sort of plugin for a program . . . it doesn't work and it makes connection to internet, gonna block it

it added a file to, "C:WINDOWSsystem32", should be safe to delete it. the file is called "wupdated"

I suggest that a mod or admin remove the download link of it. Could be a trojan or summit

dodgy program, dodgy microsoft

Can someone remove the file? It's a trojan. Zero1 debugged it and it has a built in bat file.

" EnumShare   TermProcess hack3r wingiz      ddos.no-ip.info
   #s0t lol irc.gamesnet.net 
  #s0t   
       wupdated.exe   
   
   Configuration Loaded .*        .    "

And get the user banned for posting trojans

Hey all,
I have looked at the exe, and what it seems to do is look for the serial of a few games, and connect to irc. Moderators/Admins i suggest you delete this topic
Take a look at the code i extracted from the exe below:

code:

---

ScanNetBIOS GetLocalIP  GetCmdIP    GetNextIP   GetRandIP                                                           

                                                                                                                   

                                                                                                                   

                                                                                                                   

                                                                                                                   

EnumShare   TermProcess hack3r wingiz      ddos.no-ip.info    #s0t lol irc.gamesnet.net    #s0t   
       

wupdated.exe   
   
   Configuration Loaded .*        .                                                            

                                                                                                                   

                                                                                                                   

                 WinMain checksum    LookupAddress                                                               

SendSyn SYNFlood    decryptstr  addlog  addalias    addthread   irc_connect ident   rndnick irc_receiveloop

irc_parseline   irc_spyparseline    irc_send    irc_sendf   irc_sendf2  irc_privmsg replacestr  udp ping   

webdownload redirect    redirectloop    redirectloop2   netinfo sysinfo cpuspeed    cyclecount  visit   uninstall   

synthread   Done with SYN flood [%iKB/sec]
%%comspec%% /c %s %s @echo off
tart
if not exist ""%1"" goto done
del /F ""%1""
del ""%1""
goto start
one
del /F %temp%
.bat
del %temp%
.bat
%s\r.bat url visited. invalid URL. error visiting URL. */*         
                     !       &       2       7

      B       G       K       P       d       @B     cpu: %dMHz. ram: %dMB total, %dMB free. os: Windows %s (%d.%d,

build %d). uptime: %dd %dh %dm. box: %s. user: %s. %s [%s] ??? XP 2000 ME 98 NT 95 connection type: %s (%s). local

IP address: %d.%d.%d.%d. connected from: %s N/A LAN dial-up bad url, or dns error. update failed: error executing

file. downloaded %.1f kb to %s @ %.1f kb/sec. updating... PRIVMSG %s pened %s.
            �@downloaded %.1f kb to %s @ %.1f kb/sec. update (%s - %dkb transferred) file download (%s - %dkb

transferred) PRIVMSG %s :couldn't open %s.
PRIVMSG %s :finished sending pings to %s.
PRIVMSG %s :error sending pings to %s.
PRIVMSG %s :finished sending packets to %s.
PRIVMSG %s :error sending packets to %s.
%s%s %s%s%s %s %s :%s
%s
[%s]: <%s> %s
[%s]: * %s %s ACTION
ACTION [%s]: %s sets mode: %s MODE [%s]: %s is now known as %s. [%s]: %s has

quit(%s). wtf %s?
[%s]: %s has left %s. [%s]: %s has joined %s. JOIN [%s]: nick %s already in use. 433 [%s]: Users in %s: %s spy

created on %s:%d, in channel %s.
spy (%s) sp spy icmp.dll not available sending %d pings to %s. packet size: %d, timeout: %d[ms]
ping (%s) p ping sending %d udp packets to: %s. packet size: %d, delay: %d[ms].
udp (%s) u udp [%s] * %s %s c_a c_action [%s] <%s> %s c_pm c_privmsg redirect created on port %d to %s:%d.
redirect (%d->%s:%d) rd redirect downloading %s...
download (%s) dl download clone created on %s:%d, in channel %s.
clone (%s) c clone SYN flooding [%s:%s] for %s seconds
syn couldn't execute file. e execute downloading update from %s...
update (%s) %s\%s.exe up update de delay PART %s c_p c_part JOIN %s %s c_j c_join c_n c_nick MODE %s c_m c_mode

c_r c_raw %s %s %s :%s rp repeat MODE %s
m mode cy cycle
ACTION %s
a action pm privmsg aa addalias v visit couldn't resolve host %s -> %s dn dns se

couldn't open file. file opened. o open pr prefix NICK %s c_rn c_rndnick c_q c_quit thread(s) killed. k killthread

raw PART %s
pt part j join n nick removing bot... rm remove si sysinfo ni netinfo lg log %d. %s = %s -[alias list]- al aliases

%d. %s -[thread list]- t threads sdbot 0.5b with SYN flood by [sd] ab about i id sdbot 0.5b with SYN flood ready.

Up %dd %dh %dm. s status QUIT :%s
QUIT :later
q quit QUIT :later disconnect QUIT :reconnecting reconnect user %s logged out.
lo logout d die Found Tiberian Sun CDKey (%s).
Software\Westwood\Tiberian Sun Found Red Alert 2 CDKey (%s).
Serial Software\Westwood\Red Alert 2 Software\IGI 2 Retail\CDKey Found Command & Conquer Generals CDKey (%s).
Software\Electronic Arts\EA GAMES\Generals\ergc Found FIFA 2003 CDKey (%s).
Software\Electronic Arts\EA Sports\FIFA 2003\ergc Found NFSHP2 CDKey (%s).
Software\Electronic Arts\EA GAMES\Need For Speed Hot Pursuit 2\ergc Found The Gladiators CDKey (%s).
RegNumber Software\Eugen Systems\The Gladiators Found SOF2 CDKey (%s).
mtkwftmkemfew3p3b7 sof2key %s\base\mp\%s InstallPath Software\Activision\Soldier of Fortune II - Double Helix

Found NWN CDKey %s.
= Key1= r nwncdkey.ini %s\%s Location Software\BioWare\NWN\Neverwinter Rainbow Six III RavenShield CDKey (%s).
SOFTWARE\Red Storm Entertainment\RAVENSHIELD Found Battlefield 1942 Road To Rome CDKey (%s).
SOFTWARE\Electronic Arts\EA GAMES\Battlefield 1942 The Road to Rome Found Battlefield 1942 CDKey (%s).
ergc SOFTWARE\Electronic Arts\EA GAMES\Battlefield 1942 Found Project IGI 2 CDKey (%s).
SOFTWARE\IGI 2 Retail Found Counter-Strike ( Retail ) CDKey (%s).
Software\Valve\CounterStrike\Settings Found Unreal Tournament 2003 CDKey (%s).
CDKey Software\Unreal Technology\Installed Apps\UT2003 Found Half-Life CDKey (%s).
Key Software\Valve\Half-Life\Settings cdkey getcdkey NICK %s
rn rndnick 63 ) $chr( $server $rndnick $chan $user $me $%d $%d- user %s(%s) logged in.   password accepted. l

login NOTICE %s :
PING %s


PING NOTICE %s :
VERSION %s


VERSION
# 332 PRIVMSG joined channel %s. 353 QUIT PART NICK screw you %s! NOTICE %s :%s
user %s logged out. KICK @ 302 USERHOST %s
005 001 pong NOTICE JOIN %s %s
PONG %s
jamesbrown WHOIS %s
PING ! -s    :

NICK %s
USER %s 0 0 :%s
PASS %s
%d, %d : USERID : UNIX : %s
connected to %s. [%d-%d-%d %d:%d:%d] %s syn flood: %s:%s [%iKB/sec] send error!:%d
Error: Cannot initalize

winsock. bot started. raw PRIVMSG $1 chr(1)$2-$chr(1) ctcp syn $1 80 60 s1 ping $1 10000 $2 50 p2 udp $1 10000

2048 50 u1 action $chan smacks $1 smack mode $chan +o $user opme main thread

Software\Microsoft\Windows\CurrentVersion\RunServices Software\Microsoft\Windows\CurrentVersion\Run \%s

InternetGetConnectedStateEx InternetGetConnectedState WININET.DLL Mozilla/4.0 (compatible) Process32Next Process32

First CreateToolhelp32Snapshot RegisterServiceProcess kernel32.dll IcmpSendEcho IcmpCloseHandle IcmpCreateFile

ICMP.DLL C:\ %S \IPC$ . %s net use * "%s" "%s" /user:"%s"
net use * "%s" "%s" /user:""
net use * "%s" "" /user:""
\

\\ [SCANNING] Address: %s    Port: 139
!@#$%^&* !@#$%^& !@#$%^ !@#$% !@#$ 654321 123456 1234 123 111 1 server

secret password password123 pass pass123 hidden asdfgh asdf  wwwadmin user system sqlagent sql root owner guest

database administrator admin  wedit.exe -p %d  lcc runtime: GP fault.       Stack trace     Current instruction: 0

x%x
Fault occurred outside a function scope

     ...
Corrupted stack. Impossible to show trace
unknown
%3d %s [%s]

%s %s %d
  %d after unknown line       

---

I removed the attachment and the thread will be closed, Ill notify wdz, thx Zero1.