Your computer has been locked due to the violation of the federal laws of Department of Justice of America and a ransom of $ 300 is required to pay via Greendot Moneypak within 48 hours? Wonder this alert is fake or not? Read this post to figure it out and a detailed removal guide to get rid of this Department of Justice ransomware virus and help you out is here to stay.
Department of Justice virus is categorized as ransomware, an updated version of the previous notorious FBI moneypak virus infections in the cyber space. This virus infects computers with potential vulnerabilities and it is spread mainly in United States of America, and thus it is also called the United States Department of Justice virus. Once infiltrate with the help of Trojans, this ransomware will take over the entire victim operation system and display a warming in name of Federal Department of Justice to entice the victim user to pay a ransom, the sum of which is randomly ranging from $100 to $300 to be paid via Greendot Moneypak, within a due time, ranging from 48 hours to 72 hours, in order to escape from the falsely claimed lawsuit and unlock the taken OS. Till now, hundreds of thousands of victim users have been trapped in this, some of them believed this and follow the instructions to pay the ransomware but they just get nothing and even the taken OS is still taken. Therefore, everyone should be aware of such nasty ransomware and take appropriate precaution.
Some other similar ransomware infections found threatening Americans are:
FBI moneypak virus, Citadel Reventon Malware, United States Cyber Security virus, FBI Ultimate Game Card virus, All Activity on This Computer Has Been Recorded-Fake FBI Warning infection, FBI Online Agent virus, Internet Crime Compliant Center Virus, etc.
other ransomware infections: PCeU virus (aka Metropolitan Police Ukash virus), Malex ransomware, Your computer is locked for violating the Law of Great Britain virus, DOJ virus, File Encryption Virus, SGAE virus, An Garda Síochána. Ireland’s National Police Service virus, ISCA 2012 virus, Automated Information Control System virus, ACCDFISA Protection Program ransomware, Celas ransomware, Votre ordinateur est bloque! Gendarmerie Ukash virus, Canadian Police Association Virus, Urausy virus/ransomware, Office Central de Lutte contre la Criminalité Virus, Bundesamt fur Polizei Virus, Canadian Police Cybercrime Investigation Department Virus, GEMA: Your computer has been locked virus, Den Syenska Polisen IT-Sakerhet Ransomware, Bundes Polizei Ukash virus,Australian Federal Police Ukash Virus, etc.
Symptoms of Department Justice virus infections
Once infected, every time the victim computer is started, it will be totally blocked and taken over by a a full screen bogus alert in name of Department of Justice as shown below appears to scam on people. In most cases, even the Safe Mode start will fail due to the infection.
The displayed warning reads:
Your computer has been locked!
This operating system is locked due to the violation of the federal laws of the United States of America (Article: 1, Section 8, Clause 8; Article 202; Article 2012 of the criminal code of the U.S.A. Provides for the deprivation of liberty for four to twelve years.)
Following violations detected:
Your IP address was used to visit websites containing pornopraphy, child pornography, zoophillia and child abuse. Your computer also contains video files with pornographic content, elements of violence and child pornography!
You have 72 hours to pay the fine, otherwise you will be arrested.
The sum of ransom and the payment term may vary randomly, ranging from $100 t0 $300 and from 72 hours to 48 hours. No matter what it says, they are totally bogus and merely for scams. If you come across such alert, you are supposed to ignore it and immediately find a solution to get rid of such nasty computer infection. Below is a complete removal guide in details to help you out.
Web cam control
Once infected, there would be a little more than usual that this ransomware virus would even attempt to trick the user into thinking they are under surveillance by webcam, as it always shows a fake screen in “recording” status. Actually this even makes no difference on the infected computer with no web cam at all. Apparently, the truth is ready to jump out at your call.
Most ransomware exploits Java or Flash vulnerabilities to load the malicious code. In some cases denying or disabling flash on your system may suspend the Federal Department of Justice ransomware viurs and enable the user to navigate through the infected system. If this not a necessity for removal, skip to the removal options below these steps.
To disable (deny) flash
2. Select the “Deny” radio option
3. Proceed to a removal option (detailed below).
How to Remove Department of Justice Virus (Ransomware Removal Options-Step-by-step Removal Guide)
As stated above, the Department of Justice virus blocks the entire computer even from starting in safe mode in most cases. And thus the removal and troubleshooting would be hard to proceed. In such a scenario, we Anvisoft team has developed a convenient tool-Anvi Rescue Disk for practical help. You can freely use it to recover the taken OS and repair the computer to normal. Please note this way may take time and efforts to complete. If you can still restart your computer to Safe Mode with Command Prompt or Safe Mode, we suggest move to removal option 2 to do system restore or manual removal to get rid of this ransomware infection. Good luck and be safe online. If any question in the removal process, please feel free to get in touch and Anvisoft Team is at your service.
Remove Department of Justice Ransomware Infection Using Anvi Rescue Disk
If the computer is blocked by Department of Justice virus infections even from the safe mode running, you are highly encouraged to follow below removal steps using Anvi Rescue Disk all the way to get out.
For more details on Anvi Rescue Disk, you may refer to: http://www.anvisoft.com/product/rescuedisk.html
For the step by step removal guide using Anvi Rescue Disk in details, please visit this post: How to Remove Ransomware Using Anvi Rescue Disk
Remove Department of Justice Ransomware Infection-Safe Mode with Command Prompt Restore Method
Note: make sure you login your computer with administrative privileges. (login as admin)
Win XP: C:\windows\system32\restore\rstrui.exe and press Enter
Win Vista/Seven: C:\windows\system32\rstrui.exe and press Enter
Please note, even the safe mode with command prompt system restore may fail to fix the Department of Justice issue in some cases. If so, below is a manual removal guide for some help. You may check it out in the alternative removal option part in this article.
Recommended: After the infection removal, you may need a computer system cleaner/optimizer like Cloud System Booster to clean up the computer operation system and boost the computer performance because in most cases, the computer infection may mess up the entire system files and even leave some hidden leftovers to be potential danger in future. So it is highly recommended that you use the Cloud System Booster to clear junk files, fix registry errors and optimize computer services by downloading it here. The direct download link is:www.anvisoft.com/software/csb/ . This tool can also fit as the daily system maintenance tool to help you maintain the OS on daily basis.
Alternative –Manual way to remove the Department of Justice virus in Safe Mode Running
Chances are the infected computer can be booted into safe mode, but the safe mode with command prompt system restore method fails to fix the issue. Then, you may choose below manual removal option to remove the Department of Justice ransomware virus infection. Here we go.
Please note, this manual removal may require certain computer skills to complete. Before you go for below removal steps, see to backup your computer files and data as possible as you can.
In windows XP, you may click Start -> Run, and type the above file in Run box and click OK to search for it and remove it.
This file is the added malicious file of Department of Justice virus. Find it to remove it.
The modified registry entries:
The revised correct registry entries should be:
Search for this file in your computer system. Find it and remove it.
Computer Protection Tips-How to Prevent Department of Justice Ransomware Infections and Other Similar Attacks
You may keep the Anvi Smart Defender onto your computer for an extra layer of online safety. The Anvi Smart Defender Pro is focused on malware detecting, removing and preventing and its attached database is automatically updated on daily basis to ensure our user are protected from the emerging malware threats of all kinds, let alone the smart engine for light smart defending strategies. Get it now.