Posted by Dan Steiner on Dec 12, 2012
Has your computer been locked by a window claiming to be the Department of Justice? Does it claim that you’ve committed illegal activities and you must pay a fine? Do you see a message that says “Your Computer has been blocked” with a United Stated Department of Justice logo? Am I really in trouble? Is this a scam? Is the United Stated Department of Justice window real? The answer is NO – it’s a scam.
The United Stated Department of Justice Virus is a new fake ransomware virus that blocks access to your computer desktop. The virus claims that you’ve committed a number of crimes and illegal activities on your computer, and that you must pay a fine via MoneyPak (or another payment method). This is a new technique that scam artists and hackers are using to steal money from you. The United States Department of Justice or any other government branch will never demand money online. Normally, this virus can be removed without any serious issues. The virus can be removed and your computer can return to normal functionality.
“Your computer has been blocked by The Department of Justice Virus”
The work of your computer has been suspended on the grounds of the violation of the law of the United States of America.
Your Computer has been blocked by the United States Department of Justice
Your IP Address, web cam and voice recorder are used to scare you.
Your web cam is automatically turned on and you will see your own user icon on the locking page.
Update (December 20, 2012) - There is a new strand of this virus floating around. If the below removal guide does not work, please see the updated guide here that will walk you through removing the new version of The United States Department of Justice Virus.
Use this guide at your own risk. We take no responsibility for data loss or damage to your computer. We offer expert virus removal services if needed that can help you avoid the hassle.
Step 1: Reboot your Computer into Safe Mode with Networking. This can be accomplished by turning your computer all the way off, and then tapping your F8 key until you reach the advanced startup options menu. Using your arrow keys to move up and down and the enter key to select it.
Step 2: Your computer will now boot into Safe Mode. You may see some funny file name scrolling as it boots up – this is normal! Select your user account to and login (Must be an Administrator account)
Step 3: You should now see your Desktop. If not, this guide may not work for you and you should contact one of our experts. Now we need to kill the virus from running. On your keyboard press Ctrl + Alt + Del at the same time to open your Task Manager. Look for a process called United States Department of Justice or something similar, and then click End Task.
Step 4: Now we’re going to remove the associated virus files. Open your Start Menu and click on My Computer. At the top you will see Organize and Folder and Search Options. Under the View tab, check Show Hidden Files and Folders and Uncheck Hide Protected Operating System Files (Recommended) and then click OK.
It should open a window that looks like this:
Step 5: Using the Expand (+) buttons, you should navigate to the following strings and Delete them:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell” = “[rnd].exe”
Step 6: Finally, you will need to manually navigate to the following folders to remove any virus related files. Keep in mind, these can look slightly different and may even be random strings of characters.
%AppData%\[rnd].exe (RND = Random characters of text)
%Documents and Settings%\[UserName]\Application Data\[rnd].exe (RND = Random characters of text)
%AllUsersProfile%\Application Data\.exe(rnd) (RND = Random characters of text)
Step 7: Reboot the computer, and boot up normally. That’s it! We recommend running a scan with MalwareBytes to ensure there are no remaining leftover files. If you experience any problems, feel free to contact one of our Experts. Hope this helps!
Please take the time to hit one of our share buttons below, or send us a quick thank you on Facebook to show your support. These articles are provided for free and are time consuming to write. We hope this helped!