A thread was recently started that contained an attachment that claimed to reduce packet loss. This file was called lynxfix.rar. Having been alerted by a forum member I examined it carefully and believe it is almost certainly a CD Key Stealer!
Inside I found a reference to this website;
Which redirects to this website;
Which in turn contains downloadable links to these files;
HarvesterServer2505.zip NEWS.txt CDKeyHarvester200504.zip CDKeyHarvester200503.zip ServerOptimiZer2005(makes_undetactable).zip rnsys1998-2004(screenshots.jpg).zip ServerOptimiZer(makes_undetactable).zip
The file news.txt references these games;
Harvester supported Games:
Doom 3 Halflife Gunman Chronicles Counter Strike Retail C&C: Red Alert 2 C&C3 Tiberian Sun C&C Generals C&C Generals Zero Hour Medal of Honor Medal of Honor Spearhead Medal of Honor AA Breakthrough Medal of Honor Pacific Assault Battlefield 1942 Battlefield 1942 The Road to Rome Battlefield 1942 Secret Weapons of WWII Battlefield Vietnam Battlefield 2 Soldiers of Anarchy Hidden & Dangerous 2 Rainbow Six Ravenshield Unreal Turnament 2003 Unreal Turnament 2004 Need For Speed: Hot Pursuit 2 Need for Speed Underground Call of Duty Call of Duty v1.3 Call of Duty United Offensive Fifa 2002 Fifa 2003 Fifa 2004 Soldier Of Fortune 2: Double Helix Shogun: Total War - Warlord Edition James Bond 007 - Nightfire Industry Giant 2 IGI 2 - Covert Strike Global Operations Freedom Force Quake 3 Arena NBA 2004 Farcry Chrome Legends of Might and Magic LotR Battle for Middle Earth NascarRacing 2002 NascarRacing 2003 NHL 2002 NHL 2003 NOX The Gladiators Never Winter Nights Star Wars Battlefront Star Wars Republic Commando
If any of you have downloaded this file please delete it immediately. Also if you get a warning message that your CD key is in use contact EA and inform them of this incident and request that your CD Key be replaced, link to this post as a reference if you wish.
Let this be a warning, be careful when running strange files on your computer without conforming the authors veracity, and ALWAYS use a firewall.
its time to beat some ass! why do people do these thing?
OMFG.... Holy crap, I've run it already... :eek:
Excellent research AK, too bad it's late for some people... I was suspicious of it in the first place so I didn't DL.
SOB!! I had a feel something was fishy when i saw the only person praising it had signed up that very day.
So it is a virus!!! A BF2 virus that is. I was also suspicious of it but I downloaded it anyway. I opened it up and had a look at the readme even though I knew I wasn't interested(I use tweaks from www.speedguide.net with a slight alteration of my own preference for better internet performance). I saw it was an executable so I deleted it.
Mods: You should add " rnsys.de " (it's RNSYS, not MSys) to the "bad word" list so that they cant repost the term anywhere on these forums. Be vigilant for any other posts that may be sublinks to this smacktard. You should make it policy to post the IP of the people who post links like this. a few of us would be interested. Unfortunately, most referances to this site are in german and I cant read german... But, I have the whois info on the domain owner.. not sure if im allowed to post it, but if they chime in that I can i will. again, give us the IP addy so we can do a route trace.
Sky CaptainOMFG.... Holy crap, I've run it already...
[color=navy]If you have run the program, I'd just get a new key for every game you've installed from the manufacturer. That way you can be sure you won't have any trouble in the future. Of course, I'd make sure that file isn't anywhere on my hard drive before installing the new keys. And, if they give you any trouble, tell them you can prove you bought it then press them hard. They'll give one to you.[/color]
And remember most times they'll ask for pictures of you're CD, CD-Key and you're box when trying to get a replacement key so if you don't have a camera than see about asking a friend. Also even if they don't ask for pictures, it always helps.