Welcome to Modder Paul Huckers Free ScamBait Tools!


Hello friends!  As promised, I am offering a limited set of my scambaiting tools for you to use during your scambait sessions!

If you need help or have questions about these tools, email me at modderphuckers@gmail.com and I'll quickly respond!

The tools are listed in the table below with a description of what they do.  All tools are stored in a hidden folder: c:\drivers

  dxdiag.exe Direct X Diagnostics tool will falsely show information stored in a text file called dxdiag.txt  
  manage-bde This is a fake version of manage-bde which showes that Bitlocker is running and your drive is Protected  
  msconfig.exe Msconfig.exe falsely shows that all services are running (which is impossible)  
  msinfo32.exe Msinfo32.exe falsely shows that all drivers are loaded and running (which is impossible)  
  netstat.exe Netstat.exe falsely shows there are no foreign connections and falsely states that "This system is secure."  
  notepad.exe Notepad.exe is a fake Notepad that change letters randomly when the scammer tries to type, LOL.  
  Syskey.exe Sykey.exe produces a fake Scammer Detected popup (works on both Win 7 and 10).  To close it type shift + 8  
systeminfo.exe Systeminfo.exe produces a false system report to fool the scammer.
  Wordpad.exe Wordpad.exe will open Fake Notepad!  Have Fun!  

I worked very hard to create these utilities to stall scambaiters and stretch out the phone call while they try to figure out how to mislead you.

Please use a virtual machine for this: if they do any damage to it you can safely restore it from a snapshot.  Also it's a good idea
to create a snapshot of the VM before you install the  ScamBait tools; otherwise you will need to download and run the removal tool.

To install the tools, download the appropriate Win7Bait or Win10Bait executable to the Virtual Machine's desktop, then right click and Run as Administator.  The installer will install various files on the desktop, one which is called RunMe7.bat or RunMe10.bat.  That file must be run as Administrator as well.  If you are using Windows 7 make sure you install the dotNetFx40_Full_x86_x64 installation beforehand or Fake Notepad will not work.

After you run the RunMe7.bat or RunMe10.Bat all the files including the installer will be deleted and you are ready to go!

Example Usage
Windows Key + R, then type "wordpad" and Fake NotePad will open.
Windows Key + R, then type "msconfig" and the fake msconfig will open.
If you open a command prompt and type netstat, the fake netstat program will run.

I included a fake syskey for Windows 10 because many stupid scammers think syskey still works!

Important note for Windows 10 users: its a good idea to hide the search bar on the taskbar because if they search for wordpad it
 will still show the old wordpad and not do anything (same with notepad).  By hiding the search bar, they are forced to type Win+R
 and type wordpad.  To hide it, right click an empty area of the taskbar select search, then select Hidden.


Note: for both Windows 7 and Windows 10 the color scheme MUST be set as default or the corner icons for msconfig and msinfo32 will look wrong.  I created icons based on the default color scheme.  Also, too: the virtual machines MUST BE 64-Bit versions of Windows 7 or Windows 10.  I have download links for the ISO install files if you need them to create a virtual machine on VMware Workstation, Virtual Box, or Hyper-V.



Windows 7 64-Bit ISO

Windows 10 64-Bit ISO

The Windows 7 64-Bit ISO actually has all versions of Windows 7... make sure you select Windows 7 Professional.
If you are in North America, make sure you install Windows 7 Professional 64-Bit (do not choose the N version)
If you reside in Europe, install the Windows 7 Professional 64-Bit N version.

Basically, once you right click and run as Administrator on the RunMe7 or RunMe10 batch files, a folder called drivers will be created on the C drive
and the fake utilies will be copied over to that folder, then the drive and it's contents will be hidden  After that the original
commands these fake utilies replaced are renamed o_netstat.exe, o_msconfig.exe, o_msinfo32.exe, etc.
The folder c:\drivers is appended to the environment path so when the scammer types
 windows key + r, and type msinfo32 the fake program will pop up, running from c:\drivers.

If you need to remove the ScamBait tools, download and run removetools.exe from the link below.  Afte you run removetools.exe there is a remove.bat on your desktop.
Right click remove.bat and run as administrator and the tools will be removed and windows programs affected will be restored.

Remove ScamBait Tools

Fake Target Gift Card and Google Play Redeem Plugins!


Happy ScamBaiting!


If you want to donate to my cause and help fund me for this endeavor, there are PayPal donation links below.  I am going to release a much larger set of scambaiting tools soon, along with videos and guides on how to disguise virtual machines so the scammers won't bail out on you if they figure out you are using one.  I'll also be including my fake bank with the ability to transfer files from one account to another: this will make refund scams a blast!  It will also allow you to invoke a fake ad with their current phone number that pops up continuously to drive them insane like you've seen in my videos!


Donate to my ScamBait Tools Project!

(I have a PayPal Secure Merchant Account)