the Department of Justice Malware - How to remove?
The Department of Justice (DOJ) is a virus that blocks a screen of an infected computer by displaying a special warning message. It is supposed to be from official federal authorities – Department of Justice – that is responsible for enforcing the law and defending the interests of the United States, according to the law. The blocking screen uses department‘s logo to seem more legitimate. Alas it is only a scam which aim is to swindle people‘s money away. Cyber criminals use sophisticated methods for deceiving their victims.
To scare an infected computer user, Department of Justice message accuses him of such crimes as illegal usage and distribution of copyrighted content, sending spam e-mails or even committing child pornography crimes. For the effect to be even stronger a virus is programmed to use computer‘s webcam for showing a person using PC. The text explains that any video or photo material will be sent to a remote server and later used for a criminal‘s identification. It is a smart step that completely confuses the user however it shouldn’t be taken seriously. As if this was not enough, you will see a countdown timer, a bogus case number and FBI agent name. You must have already realized that none of the above is true. All the psychological tricks are made up to force a victim to pay the money which is not that small. A fine is as big as 300USD. This is an example of the message you might see:
YOUR COMPUTER HAS BEEN BLOCKED
The work of your computer has been suspended on the grounds of the violation of the law of the United States of America.
Article 274 – Copyright
A fine or imprisonment for the term of up to 4 years. (The use or sharing of copyrighted files-movies, software)
Amount of the fine is $300. Payment must be made within 24 hours after the discovery of the violation. If the fine has not been paid, you will become the subject of criminal prosecution.
To pay a fine one is asked to use a prepaid payment system – MoneyPak. It is not likely at all that official justice institutions would use such methods. It is just one more proof that the program is not related to police in any sense. If you have already paid the ransom contact your credit card bank and dispute the charges. Please note that after paying the money your bank card information might have been recorded by cyber criminals therefore you should take all the precaution methods in order to protect your savings. For the future remember that none of governmental authorities collect any payments including fines using prepaid payment systems. They will always inform you about any cases contacting you personally instead of sending some unclear message. If you are offered such an option you can be sure the issue is related to scam.
The Department of Justice virus can be distributed in various ways but one of the most common methods is infiltrating infection into web pages. Your computer might get infected after you press on malicious advertisements. It does not necessary has to be a site of fishy origin. Web pages that you visit every day, such as job search pages, might get corrupted and spread infection. In this case inform a website owner/administrator about the issue.
To remove the Department of Justice virus follow this guide:
DOJ REMOVAL INSTRUCTIONS USING SAFE MODE WITH NETWORKING
1. Reboot your computer, press F8 during rebooting;
2. Select safe mode with networking;
3. Launch MSConfig;
4. Disable startup items rundll32 turning on any application from Application Data;
5. Reboot system one more time.
7. Scan with http://www.2-viruses.com/downloads/spyhunter-i.exe it will find the Department of Justice virus and remove it. Watch a step by step video instructions:
FIXING PC WHEN DEPARTMENT OF JUSTICE MALWARE BLOCKS SAFE MODE
In some cases it is not possible to use Safe Mode because of a special virus version. If you have this problem, try rebooting into safe mode with command prompt:
- Reboot into safe mode with command prompt. The Department of Justice virus should not be launched this time. If you cannot chose safe mode with command prompt and cannot access other user account for running Anti-Malware program scan, use Bootable antivirus CD/USB disk and scan with it or call +1-888-334-2444 (USA / CA ) for help.
- Run regedit. Look for Winlogon.
- There will be a key named by Shell under Winlogon. It should refer to Explorer.exe or be blank. If there is something else referring an executable in one of users’ folders, replace it with explorer.exe.
- Save changes and reboot to safe mode with networking.
- Run msconfig and disable all unnecessary startup entries. You should be able to reboot normally.
- Install and run http://www.2-viruses.com/downloads/spyhunter-i.exe. Scan with it the PC and the Department of Justice virus executables it finds.
For a better understanding follow this video guide:
If you have any questions or comments feel free to post them below this article. Our support team will answer as soon as possible.