{"id":5429,"date":"2013-02-08T15:16:34","date_gmt":"2013-02-08T20:16:34","guid":{"rendered":"http:\/\/thundercloud.net\/infoave\/new\/?p=5429"},"modified":"2013-02-08T15:16:34","modified_gmt":"2013-02-08T20:16:34","slug":"the-fbi-has-locked-your-computer","status":"publish","type":"post","link":"https:\/\/www.thundercloud.net\/infoave\/new\/the-fbi-has-locked-your-computer\/","title":{"rendered":"The FBI has locked your computer"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"line-height: 1.6em;\" alt=\"Cloudeight InfoAve\" src=\"http:\/\/thundercloud.net\/infoave\/images\/2013\/fbi-moneypak.png\" width=\"600\" height=\"421\" \/><br \/>\nThe FBI MoneyPak Trojan is one of the worst and most widespread computer-locking Trojans that ever menaced internet users. The FBI MoneyPak is a Trojan often called RansomWare.<\/p>\n<p>FBI MoneyPak comes bundled with applications that may look legitimate, but aren&#8217;t. Always be sure you download from well-known and well-respected sites. If you become infected, the FBI MoneyPak Trojan will lock down the computer and tell you that your computer was involved in viewing p\/\/ornography, downloading copyrighted materials or other illegal activities. And unless you pay $100 via MoneyPak payment system, your system will remain locked and you&#8217;ll be going to jail.<\/p>\n<p>The FBI MoneyPak ransomware is a scam. It locks your computer down and tries to scare you into sending $100 via MoneyPak to unlock your computer keep you out of jail.<\/p>\n<p>You won&#8217;t go to jail whether you pay the $100 or not. But you won&#8217;t be able to unlock your computer until you pay the ransom &#8211; unless you know the secret we&#8217;re going to teach you in a minute. It&#8217;s pretty easy to get rid of this RansomWare, but not if you panic and not if you don&#8217;t follow instructions carefully.<\/p>\n<p>And another thing you have to watch out for when dealing with this Trojan, are sites which offer FBI MoneyPak removers. Most of these are scams, and downloading them will only infect your computer with something else. Be careful of any program offered by off-the-wall sites which offer a download to help you remove the FBI MoneyPak Trojan.<\/p>\n<p>The FBI MoneyPak Scam uses a malicious program called WinLocker to lock your computer. You won&#8217;t be able to see your desktop, because the only thing you&#8217;ll see is the MoneyPak payment page. They want $100 to unlock your computer and keep you out of jail.<\/p>\n<p>Another thing in newer versions of the FBI MoneyPak Trojan is that if you have a Webcam on your computer, the Trojan has a code which will turn on your Webcam and you&#8217;ll see yourself on the screen with the message that the FBI is recording everything you do. Oh! No! Really, it&#8217;s a trick. The FBI is not recording anything; the FBI has nothing to do with this Trojan. But you can imagine that thousands of people have paid the ransom because they got scared and panicked. This scam has netted the perpetrators millions of dollars.<\/p>\n<p>We don&#8217;t want you to fall for this scam. Be careful where you download from. Stick with reputable sites. Don&#8217;t download &#8220;free&#8221; copyrighted songs or movies, unless you&#8217;re sure of the source. Don&#8217;t download Flash updates from off-the-wall sites. Don&#8217;t download codecs for you media players from shady sites.<\/p>\n<p>What to do if you do get the FBI MoneyPak Trojan<\/p>\n<p>1. Do not panic<br \/>\n2. Shut your computer off using the power switch &#8211; DO NOT REBOOT<br \/>\n3. Wait 2 minutes<br \/>\n4. Turn your computer back on using the power switch<br \/>\n5. Immediately after pressing the power switch, start pressing the F8 key continuously and rapidly until you see the Safe Mode boot menu<br \/>\n6. From the boot menu select &#8220;Safe Mode with command prompt&#8221; *** This is important *** if you choose any other version of safe mode, the FBI MoneyPak\u00a0\u00a0\u00a0 Trojan will load. Be sure to select SAFE MODE WITH COMMAND PROMPT<br \/>\n7. You will see Windows loading files &#8211; it may take a long time.<br \/>\n8. When everything is loaded, you&#8217;ll see a black screen with a command prompt which looks like this: &gt;<br \/>\n9. At command prompt type RSTRUI.EXE (WINDOWS XP users see the note below)<br \/>\n10. Windows System Restore will load &#8212; but it may take a long time &#8211; don&#8217;t panic, be patient.<br \/>\n11. Select a restore point at least 2 days prior to the date you think you were infected<br \/>\n12. Run System Restore<br \/>\n13. Once System Restore is finished, you&#8217;ll boot into Windows and you&#8217;ll be back to normal.<\/p>\n<p>Windows XP users. At the command prompt type CD: C:\\Windows\\System32 (exactly like that) and press Enter. The command prompt will now look like this C:\\Windows\\System32&gt; . At that prompt, type RSTRUI.EXE and press Enter. Then follow the instructions above starting with #10.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The FBI MoneyPak Trojan is one of the worst and most widespread computer-locking Trojans that ever menaced internet users. The FBI MoneyPak is a Trojan often called RansomWare. FBI MoneyPak comes bundled with applications that may look legitimate, but aren&#8217;t. Always be sure you download from well-known and well-respected sites. If you become infected, the FBI MoneyPak Trojan\u2026 <span class=\"read-more\"><a href=\"https:\/\/www.thundercloud.net\/infoave\/new\/the-fbi-has-locked-your-computer\/\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/5429"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=5429"}],"version-history":[{"count":1,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/5429\/revisions"}],"predecessor-version":[{"id":5430,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/5429\/revisions\/5430"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=5429"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=5429"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=5429"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}