ATTN: New FS/T Scam (Fraps Download)

Discussion in 'Tips/Tricks & Trolls' started by Lethal, Oct 12, 2006.

  1. Lethal

    Lethal ViragoAdmin Emeritus Staff Member

    Messages:
    28,721
    Joined:
    May 27, 2000
    There's a new scam going around involving Fraps. A member offers you a link to download Fraps, either to just give you a "freebie" or so you can run some benchmarks on hardware they are interested in buying from you.

    This download installs a keylogger. They are after your logins for paypal, WoW and anything else they can get their grubby little paws on. Don't do it!

    So far we have banned Jamieson and bmp ex for trying to spread this malware here. If you have a trade pending with either of them, get out of it ASAP.

    If anyone contacts you offering Fraps or any other downloads, please PM me with the full info, including links (please do not post any links here).

    Downloading warez is not only illegal and wrong, but it can cost you dearly if you fall for this scam.
     
  2. Cold Dark Shadow

    Cold Dark Shadow [H]ardForum Junkie

    Messages:
    12,708
    Joined:
    Mar 24, 2003
    thats pretty messed up
    Did alot of members get caught up in it?
     
  3. gilga

    gilga [H]ard|Gawd

    Messages:
    1,866
    Joined:
    Jan 26, 2006
    i got caught in this from jamieson. However i never downloaded fraps, I only visited the site. Am i safe? Running adaware and spybot now. Will report back soon
     
  4. morgwon

    morgwon [H]ardness Supreme

    Messages:
    7,869
    Joined:
    Oct 25, 2004
    wow. Thanks for the heads up.
     
  5. Lethal

    Lethal ViragoAdmin Emeritus Staff Member

    Messages:
    28,721
    Joined:
    May 27, 2000
    gigla, if you did not download anything, you should be okay. Running some AV scans is still a good idea.

    So far I have one report that Trendmicro did not detect it, but AVG did.
    .
     
  6. kobalt

    kobalt [H]Lite

    Messages:
    126
    Joined:
    Sep 14, 2006
  7. Bbq

    Bbq King of Charts

    Messages:
    12,272
    Joined:
    Feb 21, 2006
    Damn man, that sucks. Hope everything works out.


    The so-called-fraps is a file at Rapidshare. I just sent them an email requesting the deletion, and a link to this thread on why.

    -BBQ
     
  8. tvdang7

    tvdang7 [H]ardness Supreme

    Messages:
    4,302
    Joined:
    Jun 8, 2005
    WOW he tried to doit to me today. WTF. damn ppl. good thing i have my own fraps.
     
  9. Vapor03

    Vapor03 Limp Gawd

    Messages:
    237
    Joined:
    Jul 17, 2006
    Damn that sucks, thanks for the heads up.
     
  10. moho

    moho [H]ard|Gawd

    Messages:
    1,306
    Joined:
    Dec 26, 2005
    i (stupidly) fell for it...

    BEWARE: dont let your PC connect to the net after installing this, i recommend a total windows reinstall(what i did). This is too dangerous to even try to fix...
     
  11. bail_w

    bail_w [H]ardness Supreme

    Messages:
    4,224
    Joined:
    Oct 21, 2005
    F-Secure Blacklight Anti-trojan Anti-keylogger program

    Some keyloggers bypass Firewall without asking your premission to denied the connectivty.


    http://www.styopkin.com/keylogger_hunter.html
     
  12. Bbq

    Bbq King of Charts

    Messages:
    12,272
    Joined:
    Feb 21, 2006
    Without turning this into too huge of a technical issue, I think the best way, once you've caught the logger, is to:
    1. Disconnect the computer from the internet. Disconnect the cabling, Turn off the WiFi, whatever.
    2. Back up your data.
    3. From a SAFE computer, change your passwords.
    4. Be prepared to format if your AV does not catch the keylogger.
     
  13. DivineSmack

    DivineSmack Gawd

    Messages:
    736
    Joined:
    Sep 1, 2002
    I wouldn't suggest backing up the data on a compromised or potentially compromised system unless your an expert with computers or an IT admin as your chance of re-infecting the newly re-installed system or any other system is good.
     
  14. Nettwerk

    Nettwerk 2[H]4U

    Messages:
    3,513
    Joined:
    Feb 11, 2005
  15. bail_w

    bail_w [H]ardness Supreme

    Messages:
    4,224
    Joined:
    Oct 21, 2005

    as long as you did not backup anything from the system32 folder, you are fine. because thats where the keylogger.dll stores at :)
     
  16. DivineSmack

    DivineSmack Gawd

    Messages:
    736
    Joined:
    Sep 1, 2002
    Not necessarily. Also anything in folders in the back up process that was infected gets moved on. As I said earlier I suggest you do not back up unless you truely know what you are doing.
     
  17. bail_w

    bail_w [H]ardness Supreme

    Messages:
    4,224
    Joined:
    Oct 21, 2005

    huh??? infected??? obivously you not going to keep the (fraqs) right?
     
  18. KENNYB

    KENNYB 2[H]4U

    Messages:
    3,139
    Joined:
    Jul 26, 2004
    Hmmm... one of his past for sale threads gave me a bad vide. I can't say exactly why, but sometimes you just know. He wasn't too forthcoming with information.
     
  19. zetachi

    zetachi Gawd

    Messages:
    787
    Joined:
    Oct 3, 2005
    can you post their IP's. I'm a mod over @ Pcper and read a thread there. We'd like to keep a lookout incase they try this with different names.

    thanks

    Z
     
  20. Whipsmack

    Whipsmack Gawd

    Messages:
    675
    Joined:
    Oct 17, 2005
    human race saddens me sometimes :(
     
  21. salvationpcs

    salvationpcs Gawd

    Messages:
    707
    Joined:
    Mar 26, 2006
    There is a keylogger out there that is supose to be undetectable however it isn't really. What it does is when you open the file/program that it is attached to it installs the full program into your computer however you don't know about it.Since doing this it well bypass alot of the firewalls and junk however when it sends the email out some firewalls well see that and warn you about it however at the time mine didn't so i was sending information "freely" to him without knowing about it. It won't read up as a virus since it isn't a virus, It jsut gets what you type and sends it back to the host. It well read up as an "Unwated Program".

    I got scamed with this (not form frags but from somethign else. The guy ended up taking my paypal money which i did end up getting back. Took about 45 days cause of alt of paper work and he gave me hassles saying i scamed him and alot of other junk contacting my girl and cussing her out saying i was hte one who scamed or whatever.

    I researched how it could be done and when i researched a "undeticed keylogger" it came up with a website for "perfect keylogger" which from there i learned more about it. I used McAfee anti-virus scan and it read up as a unwated program. I also read that the keylogger can be installed jsut by extracing the files fomr the zip folder into another one so you really don't have to run the program or anything jsut unzip and u could get it. However i don't know what he used and i am jsut shareing my knowledge of this and hope it helps.

    If you want anymore infromation about this i would liek to help if you have been scamed by this. I have been throw it already and it is done i hope this is helpful. Just drop me a PM and i well be glad to help as much as i can.
     
  22. filthysanchez

    filthysanchez 2[H]4U

    Messages:
    2,669
    Joined:
    Jul 19, 2006
    try pressing ctrl+shift+alt+x
    that opened up the keylogger i had before, and made it so i could uninstall it.
     
  23. Emission

    Emission [H]ardness Supreme

    Messages:
    4,218
    Joined:
    Dec 6, 2005
    Having an iron defense like Zone Alarm Security Suite helps, or any of the Zone Labs products (excellent Firewalls/AVs/Lots of other secure things). Thats what I use, it checks every single program that wants access to the internet, so its easy to spot a fishy program trying to get through.

    Case in point, keep your defenses up, or even use Linux for that matter.
     
  24. J-Mag

    J-Mag 2[H]4U

    Messages:
    3,640
    Joined:
    Dec 21, 2004
    Wow that bastard tried to get me to download FRAPs so he could see a result on my 7900gtx.

    Here is his quote
    "Hi im deeply interested and will pay ASAP.
    First i need you to do this for me:
    you ship to canada ?
    you accept paypal ?
    you have verfied paypal ?
    Can you do me a benchmark with FRAPS then send me the logs ?
    Here is FRAPS registered, download it and install, then run and look for run benchmark, then copy it and past it here, PLEASE COPY ONLY THE (FRAMERATE -FPS-) Thanks alot."

    I thought it was weird that he didn't even mention the application and settings he wanted me to test so I replied back with those questions and also told him that I already had FRAPs

    He comes back with: "preferably COD2, to check the performance, then copy paste the logs from fraps i gave you ."

    After that I thought the guy was shady because he wanted me to use HIS FRAPS and not the one I already had installed, LOL!
     
  25. Absentee

    Absentee [H]ardForum Junkie

    Messages:
    9,416
    Joined:
    Aug 27, 2004
    just out of curiosity:
    his emphasis or yours?

    Hoorah for being safe on a Mac!

    anyway....I'll keep a look out for anybody else handing out fraps links....
     
  26. J-Mag

    J-Mag 2[H]4U

    Messages:
    3,640
    Joined:
    Dec 21, 2004
    Mine, I just wanted to point out that that line is what made me suspicous because there is no difference between FRAPS log file of the free version vs full version.