the Department of Justice Malware - How to remove?

 

The Department of Justice (DOJ) is a virus that blocks a screen of an infected computer by displaying a special warning message. It is supposed to be from official federal authorities – Department of Justice – that is responsible for enforcing the law and defending the interests of the United States, according to the law. The blocking screen uses department‘s logo to seem more legitimate. Alas it is only a scam which aim is to swindle people‘s money away. Cyber criminals use sophisticated methods for deceiving their victims.

To scare an infected computer user, Department of Justice message accuses him of such crimes as illegal usage and distribution of copyrighted content, sending spam e-mails or even committing child pornography crimes. For the effect to be even stronger a virus is programmed to use computer‘s webcam for showing a person using PC. The text explains that any video or photo material will be sent to a remote server and later used for a criminal‘s identification. It is a smart step that completely confuses the user however it shouldn’t be taken seriously. As if this was not enough, you will see a countdown timer, a bogus case number and FBI agent name. You must have already realized that none of the above is true. All the psychological tricks are made up to force a victim to pay the money which is not that small. A fine is as big as 300USD. This is an example of the message you might see:

YOUR COMPUTER HAS BEEN BLOCKED
The work of your computer has been suspended on the grounds of the violation of the law of the United States of America.
Article 274 – Copyright
A fine or imprisonment for the term of up to 4 years. (The use or sharing of copyrighted files-movies, software)
…..
Amount of the fine is $300. Payment must be made within 24 hours after the discovery of the violation. If the fine has not been paid, you will become the subject of criminal prosecution.

To pay a fine one is asked to use a prepaid payment system – MoneyPak. It is not likely at all that official justice institutions would use such methods. It is just one more proof that the program is not related to police in any sense. If you have already paid the ransom contact your credit card bank and dispute the charges. Please note that after paying the money your bank card information might have been recorded by cyber criminals therefore you should take all the precaution methods in order to protect your savings. For the future remember that none of governmental authorities collect any payments including fines using prepaid payment systems. They will always inform you about any cases contacting you personally instead of sending some unclear message. If you are offered such an option you can be sure the issue is related to scam.

The Department of Justice virus can be distributed in various ways but one of the most common methods is infiltrating infection into web pages. Your computer might get infected after you press on malicious advertisements. It does not necessary has to be a site of fishy origin. Web pages that you visit every day, such as job search pages, might get corrupted and spread infection. In this case inform a website owner/administrator about the issue.

To remove the Department of Justice virus follow this guide:

DOJ REMOVAL INSTRUCTIONS USING SAFE MODE WITH NETWORKING

1. Reboot your computer, press F8 during rebooting;
2. Select safe mode with networking;
3. Launch MSConfig;
4. Disable startup items rundll32 turning on any application from Application Data;
5. Reboot system one more time.
7. Scan with http://www.2-viruses.com/downloads/spyhunter-i.exe  it will find the Department of Justice virus and remove it. Watch a step by step video instructions:

FIXING PC WHEN DEPARTMENT OF JUSTICE MALWARE BLOCKS SAFE MODE

In some cases it is not possible to use Safe Mode because of a special virus version. If you have this problem, try rebooting into safe mode with command prompt:

  1. Reboot into safe mode with command prompt. The Department of Justice virus should not be launched this time. If you cannot chose safe mode with command prompt and cannot access other user account for running Anti-Malware program scan, use Bootable antivirus CD/USB disk and scan with it or call +1-888-334-2444 (USA / CA ) for help.
  2. Run regedit. Look for Winlogon.
  3. There will be a key named by Shell under Winlogon. It should refer to Explorer.exe or be blank. If there is something else referring an executable in one of users’ folders, replace it with explorer.exe.
  4. Save changes and reboot to safe mode with networking.
  5. Run msconfig and disable all unnecessary startup entries. You should be able to reboot normally.
  6. Install and run http://www.2-viruses.com/downloads/spyhunter-i.exe. Scan with it the PC and the Department of Justice virus executables it finds.

For a better understanding follow this video guide:

If you have any questions or comments feel free to post them below this article. Our support team will answer as soon as possible.

 

Automatic the Department of Justice Malware removal tools

 
  Download Spyhunter for Department of Justice Malware detectionNote: Spyhunter trial provides detection of parasite like Department of Justice Malware and assists in its removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.
 

Manual the Department of Justice Malware removal

 

Important Note: Although it is possible to manually remove Department of Justice Malware, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyhunter or other tools found on 2-viruses.com.

Processes:
Files:

It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other Department of Justice Malware infected files and get help in Department of Justice Malware removal by using Spyhunter scanner. 

 

the Department of Justice Malware screenshots

 
united-states-department-of-justice-virus
 
 
 
 
 
 
 
 
 
 
 

17 thoughts on “the Department of Justice Malware

  1. R. WRIGHT
     

    WHOEVER MAKES SPYHUNTER YOU ARE DOING MANY NOVICE COMPUTER USERS A GREAT SERVICE. YOU HAVE JUST MADE YOURSELF A NEW FRIEND AND LOYAL LIFETIME CUSTOMER , THANKS !

     
  2. Dwayne Simon
     

    Thanks for all the information. There is a problem that I am having. I tried to “start with command prompt” but I don’t see the option of “shell” under Winlogon. What do you think I can do? Thanks.

     
  3. Dwayne Simon
     

    Do you know off any free programs that can remove this virus?

     
    1. Dwayne : Most of Alternate os scanners are free. Some anti-malware removal programs are free, but you will still need to find a way to boot system to run these.

       
  4. Tatiana
     

    Try Malwarebytes Anti-Malware it worked for me

     
  5. SIFusion
     

    @Dwayne Simon

    I have the same problem of no “shell” under winlogon. If you find the answer, please post! Thanks

     
  6. NICK
     

    Guys, you don’t have to buy any Antivirus, you just restore your computer to a point you are certain it had no virus, then it is all good.

     
    1. Nick : many of ransomware versions disable system restore.

       
  7. oklakoda
     

    I am having the same problem of no “shell” under winlogon. Please advise. thank you.

     
    1. You should search for other instance of Winlogon.

       
  8. kev
     

    To everyone who CANNOT find Shell: After you hit find, you will probably not find shell. In this instance simply click Find Next in the Find box. You will have to go through numerous windows before you finally hit the page that has Shell.

     
  9. nate
     

    I think i may have an evolved version of this thing, even in safe mode it pops up to block anything else from working. Does anyone know disable this thing so I can run a virus scan?…the only way it doesn’t activate is in safe mode with command prompts, can I get a scan going from there?
    In the past, I’ve been able to do a restore point in safe mode and then scan with malware bytes to remove it…but this little gremlin is really persistant.

     
    1. Nate: You will have to edit your registry with regedit and disable it from launching. System restore might work from safe mode with command prompt as well. Watch videos.

       
  10. mark
     

    is this virus just the beginnig of walking dead for the internet?

     
  11. ejestrada
     

    I recently fell victim to the Dept. of Justice Virus and freaked out when I first read it. I just upgraded my system to Windows 8 and with the assistance of a Technician, we were able to remove the virus with the hassle of trying to hold my SHIFT key and F-8 or from the Desktop, hit the windows key + R and enter “msconfig” without the quotations which didn’t work for me at all.
    WARNING: Back up your files on a frequent basis. I had backed up all my files to an external hard drive, but found that after the process, I didn’t have to restore any of my files but I did have to go back and reinstall my Antivirus and MS Office software so please make sure that you have your product keys available.

    Windows 8 Users only:
    From the START menu:
    1. Move your mouse to the far right of the screen where you can have access to Settings (1 of the 5 options) and click on SETTINGS.

    2. Select Change PC Settings

    From the SETTINGS Menu:
    1. Scroll down to GENERAL and click.

    2. Move your mouse to the right side and scroll down to “Refresh your PC without Affecting your Files” and click on Get Started.

    3. Read the prompts then click NEXT.

    The process took me less than 15 minutes and when the process was complete, all of my files and folders were in tact. My desktop, however, was black and I only had 3 icons, one of them which was a file named Removed Apps. I was able to reinstall my important icons but the most important thing was that my computer was no longer locked. It certainly helps to install an anti-malware software. Good luck to everyone and I hope that this can help someone else like it helped me. Pay it forward!

     
  12. Amanda
     

    THANK YOU!!!! I just got a new laptop for Christmas and was devastated when I realized this DOJ crap was a virus. Thank you, really.

     
  13. Thomas
     

    So I got a version of this malware and it does a few unique things overall, first off it will not allow me to boot into any safe mode like people are describing, 2nd it disabled my other 2 drives, and third I was able to slow it down enough for find the .bmp and .jpg files after creating a whole new login. I think I got all of the parts of this malware removed including out of the registry but still having a hard to getting access back from my other drives. It keeps promoting me to format the drives any ideas what I might be able to try besides reformating the drives themselves?

     

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>