Brother got hit with the FBI Moneypak Virus

[T_Yamamoto]

And he texted me while I was being tutored. Here is the exchange of texts that occurred. He is a tech noob and is 15.
---
Brother: This fbi thing came up I can't use comp unless I pay 200 dollars. What do I do!

BRO ILL NEED TO BORROW AROUND 180 DOLLARS FOR A CARD THING TO PAY FOR THE RELEASE. ILL PAY YOU BACK LITTLE BY LITTLE

Its for downloading css
---
Me: bullcrap
---
Brother: I CAN'T GET INTO MY COMPUTER HELP! DUDE I'M ABOUT TO CRY.its legit fbi
---
Me: sucks
---
Brother: BRO PLEASE
---
Me: its a virus noob
---
Brother: I just need togo a cvs or right aid to pay
---
Me: omg its a virus
---
Brother: IF ITS A VIRUS HOW DO THEY KNOW IT SAID I DOWNLOADED CSS! HOW DO I GET VIRUS OFF
---
Me: its a virus. FBI moneypak virus
---
Brother: HOW DO I EGT IT OFF
---
Me: I'll do it when I get home
---
Brother: oK ill turn it off
I can't cntrl alt delete and the screen is frozen.
---
Me: press the power button
---
Brother: I did.... I looked it up and I saw what it is. I need antivirus
---
Me: LOL. Yeah. I'll get you a Microsoft essentials.***
---
Brother: I got scared
---

***my brothers subscription to Norton expired.

Thus concludes the story of how my brother believed this fake thing and also almost shat in his pants.

 

[CrackRabbit]

You should have trolled him a bit before telling him.

 

[KaOTiK]

To think, if he had $200 he would of lost it

 

[T_Yamamoto]

You should have trolled him a bit before telling him.

No. My brother doesnt take trolling well when he gets in trouble.

To think, if he had $200 he would of lost it

Yeah. He would have gone out and bought that card thing.

 

[Krazy4Real]

You should have trolled him a bit before telling him.

this. You let him off too easy.

 

[Zeze]

Even I don't think I was that uncautious with PCs when I was 15.

 

[KeithTalent]

Even I don't think I was that stupid when I was 15.

Fixed.

KT

 

[VulgarDisplay]

One of my co-workers has the exact same virus. He's bringing his laptop for me to fix tomorrow.

 

[Kaido]

I had somebody I know do that with the fake antivirus virus a few months ago. Except they put their credit card number in 😱

Always wondered what would happen when you did that...turns out that after you put in your cc #, you reboot and it nukes your MBR. No more booting!

 

[Kaido]

One of my co-workers has the exact same virus. He's bringing his laptop for me to fix tomorrow.

I threw my virus fixit notes up here, fwiw:

http://pastebin.com/jg1LzPMU

 

[KaOTiK]

One of my co-workers has the exact same virus. He's bringing his laptop for me to fix tomorrow.

You should tell him it was legit, but you were able to haggle the FBI down to $100 that you had to pay right away so he has to reimburse you 😀

 

[T_Yamamoto]

this. You let him off too easy.

Well he is my brother. :/

Even I don't think I was that uncautious with PCs when I was 15.

Well he's not very techy

One of my co-workers has the exact same virus. He's bringing his laptop for me to fix tomorrow.

GG

I had somebody I know do that with the fake antivirus virus a few months ago. Except they put their credit card number in 😱

Always wondered what would happen when you did that...turns out that after you put in your cc #, you reboot and it nukes your MBR. No more booting!

LOL.

I threw my virus fixit notes up here, fwiw:

http://pastebin.com/jg1LzPMU

I'm gonna try with malbytes through safe mode.


I have dinner now so after that

You should tell him it was legit, but you were able to haggle the FBI down to $100 that you had to pay right away so he has to reimburse you 😀

XD

 

[blurredvision]

Worked on a computer with this virus at work a month ago or so. Bad thing was that this showed up in normal and safe mode, no matter what user account was used. When booting into Windows, I could see and use the desktop for about 15 seconds before the FBI screen popped up. Nothing would get rid of it, although I was able to figure out that I could still focus to other programs (alt+tab window would show over top of it) and use them like normal, just couldn't see them.

I put ComboFix on a thumb drive and was able to launch it before the warning came up. It had to install the recovery console (or whatever it is that it needs to install sometimes), I was able to press tab and hit enter through the prompts to select Yes/OK/Next. This got it off there.

 

[SheHateMe]

I miss bullying my little sister *tear*

 

[techs]

When people show up at the place to buy these Moneypaks for 200 bucks do the stores say anything or are the cashiers secretly laughing their asses off?

 

[sygyzy]

You should have trolled him a bit before telling him.

Why troll his brother when he could troll us, which is what he does on a daily basis.

 

[T_Yamamoto]

Worked on a computer with this virus at work a month ago or so. Bad thing was that this showed up in normal and safe mode, no matter what user account was used. When booting into Windows, I could see and use the desktop for about 15 seconds before the FBI screen popped up. Nothing would get rid of it, although I was able to figure out that I could still focus to other programs (alt+tab window would show over top of it) and use them like normal, just couldn't see them.

I put ComboFix on a thumb drive and was able to launch it before the warning came up. It had to install the recovery console (or whatever it is that it needs to install sometimes), I was able to press tab and hit enter through the prompts to select Yes/OK/Next. This got it off there.

It loads up in safe mode with a white screen -_-
Im going to try safe mode w/ networking

 

[Charles Kozierok]

Okay, that's pretty funny. 🙂

 

[T_Yamamoto]

Booted into Safemode w/ command prompt and did some crazy shit, was able to install malwarebyte, now scanning xD

 

[Pray To Jesus]

Brothers are like each other after all. Who woulda thunk it?

 

[T_Yamamoto]

Brothers are like each other after all. Who woulda thunk it?

we are nothing alike 😛

im the one on the left. that blazer like this was a costume (on a stand next to this set, its for little kids, but who cares_

 

[MayorOfAmerica]

d00d, u so 1337! I cant believe what a n00b ur bro iz!!!!1!!11!!!!!!!

 

[JulesMaximus]

My wife's computer got that a few months ago. Pain in the ass to get rid of it.

 

[T_Yamamoto]

My wife's computer got that a few months ago. Pain in the ass to get rid of it.

It is. I didn't know what I was doing, but somehow I got rid of it:whiste:

 

[The_Dude8]

How does one get the FBI virus? What programs did he download