Questions?
Toll Free: (866) 240-9755
12 Dec

United States Department of Justice Virus Removal

Posted by Dan Steiner on Dec 12, 2012

united-states-department-of-justice-virus

Has your computer been locked by a window claiming to be the Department of Justice? Does it claim that you’ve committed illegal activities and you must pay a fine? Do you see a message that says “Your Computer has been blocked” with a United Stated Department of Justice logo? Am I really in trouble? Is this a scam? Is the United Stated Department of Justice window real? The answer is NO – it’s a scam. 

What is the United States Department of Justice Virus?

The United Stated Department of Justice Virus is a new fake ransomware virus that blocks access to your computer desktop. The virus claims that you’ve committed a number of crimes and illegal activities on your computer, and that you must pay a fine via MoneyPak (or another payment method). This is a new technique that scam artists and hackers are using to steal money from you. The United States Department of Justice or any other government branch will never demand money online. Normally, this virus can be removed without any serious issues. The virus can be removed and your computer can return to normal functionality.

Identifying the United States Department of Justice Virus

“Your computer has been blocked by The Department of Justice Virus”

The work of your computer has been suspended on the grounds of the violation of the law of the United States of America. 

Your Computer has been blocked by the United States Department of Justice

Your IP Address, web cam and voice recorder are used to scare you.

Your web cam is automatically turned on and you will see your own user icon on the locking page.

 

How to Remove the United States Department of Justice Virus

Update (December 20, 2012) - There is a new strand of this virus floating around. If the below removal guide does not work, please see the updated guide here that will walk you through removing the new version of The United States Department of Justice Virus.

 

Use this guide at your own risk. We take no responsibility for data loss or damage to your computer. We offer expert virus removal services if needed that can help you avoid the hassle.

[expertbutton]

Step 1: Reboot your Computer into Safe Mode with Networking.  This can be accomplished by turning your computer all the way off, and then tapping your F8 key until you reach the advanced startup options menu. Using your arrow keys to move up and down and the enter key to select it.

Step 2: Your computer will now boot into Safe Mode. You may see some funny file name scrolling as it boots up – this is normal! Select your user account to and login (Must be an Administrator account)

Step 3: You should now see your Desktop. If not, this guide may not work for you and you should contact one of our experts. Now we need to kill the virus from running. On your keyboard press Ctrl + Alt + Del at the same time to open your Task Manager. Look for a process called United States Department of Justice or something similar, and then click End Task.

Step 4: Now we’re going to remove the associated virus files. Open your Start Menu and click on My Computer. At the top you will see Organize and Folder and Search Options. Under the View tab, check Show Hidden Files and Folders and Uncheck Hide Protected Operating System Files (Recommended) and then click OK.

Step 5: On your keyboard, Press the Windows and R key together to open the Run window, and then type in regedit to open your Registry Editor.

It should open a window that looks like this:

 

Step 5: Using the Expand (+) buttons, you should navigate to the following strings and Delete them:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[rnd].exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[rnd].exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell” = “[rnd].exe”

Step 6: Finally, you will need to manually navigate to the following folders to remove any virus related files. Keep in mind, these can look slightly different and may even be random strings of characters.

%userprofile%\appdata\local\temp
%AppData%\[rnd].exe (RND = Random characters of text)
%Documents and Settings%\[UserName]\Application Data\[rnd].exe (RND = Random characters of text)
%AllUsersProfile%\Application Data\.dll
%AllUsersProfile%\Application Data\.exe(rnd) (RND = Random characters of text)

 Step 7: Reboot the computer, and boot up normally. That’s it! We recommend running a scan with MalwareBytes to ensure there are no remaining leftover files. If you experience any problems, feel free to contact one of our Experts. Hope this helps!

Please take the time to hit one of our share buttons below, or send us a quick thank you on Facebook to show your support. These articles are provided for free and are time consuming to write. We hope this helped!

 

!
Thank the Author!

Dan Steiner is an IT from San Luis Obispo, California. He has helped thousands of people with virus removal and other computer related issues.

Posted 12.12.2012

Send the Author a Coffee

Thanks for supporting our work!

Was This Guide Helpful
United States Department of Justice Virus Removal
2 votes, 5.00 avg. rating (98% score)

Comments

9 comments

I wanted to take the time to say thank you for posting this. My brother put the virus on my computer last night and I run a dual OS so I really do not want to reformat. Hopefully I can remove this nasty little thing. Once again thank you.

Thank you, Thank you, Thank you. As one other response said, the procedure was quite easy to follow and it works!! I had my doubts but was relieved when all the infected files were removed in about 45 minutes. Again, thank you very much. I appreciate the help and glad there are people like you out there.
Roger

I just wanted to say Thanks! You easy to follow steps made this easy to do. I did have to use the Live Chat and Dan S. was very helpful and patient with me. Great customer service. I highly recommend this product. Support Operator was very informative. And above all, it worked…my computer is now virus free. THANKS AGAIN!

haven’t tried removing it yet, but dang it is a relief to know it was a scam – to hell w/ facing prosecution, it just makes you feel like dirt thinking the dept of justice can just throw that on you when you didn’t do it and not have to say anything or justify their accusation. good to know my paranoia is as yet unfounde:)d- thanks!

I don’t know to thank you for your help im glad to see folks still care an don’t mindhelping thank you from the bottom of my heart you were great for helping me

thank you so much for your helpyou were great its good to fined folks that still care I couldn’t have done it with out you thank you again

Thanks. I found this page while researching the scam after i got the virus. I had already fixed it by restoring a previous version of windows from a few days ago. Still, I wanted to know what I was dealing with.

Thanks a whole lot for the information you provide. This virus sounds extremely scary, with all the “United States crap and the visual and audio recording.” Good to know their is still good people out there sharing information and providing others with help and data to troubleshoot and fix this ugly viruses. This are some nasty-scary links, popups and viruses going around, hope this people get what the deserve. Again thanks a bunch, god bless.

Workaround: I did Control-Alt-Delete, then hit Logoff……once computer started logging off I quickly started hitting ESC over and over again and the logoff process stopped and voila, computer was working…..I left my computer on for like a week, then logged off and back on and my virus protection on my computer must have deleted it!!!! Let me know if this works for anyone else!!!!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>