The warning popup posing as the United States Department of Justice is a typical Windows locker that tries to intimidate and blackmail users to pay to remove or neutralize the ransom Trojan. The scam hijacks the infected computer with the scary announcement, blocks access to desktop and any other program and asks for a fine of $300 to be paid within the stipulated time of 72 or 48 hours by indicating the GreenDot MoneyPak voucher (PIN) codes in the respective section of the lockout page. It also states that the time to unblock the computer will expire and you will be involved with criminal case if the penalty is not effected in time. Here is what the Dept of Justice notification reads:
The cyber fraudster gives several law infringement examples that you may supposedly commit such as copyrighted and pornography content. Besides it highlights that ”The work of your computer has been suspended on the grounds of the violation of the law of the United States of America.” In order to make it more persuasive and authentic, it displays a dirty picture and the video that shows what’s happening around. More are more users are now able to realize the trick around the first time, despite the march of deception. Nevertheless the majority of the victims are having a difficult time to unblock the computer from fake Department of Justice virus since the computer becomes unusable with this nonstop ransom window.
Here Is the List to Record What US Department of Justice Virus Does
- Distributes via phishing or drive-by tactics on infected webpage.
- Exploits security breaches to complete the unauthorized installation.
- Displays a ransom window at each restart to entirely block the system.
- Pops up the fake police warning message to swindle users to collect money.
- Creates a new user account without user knowledge with dirty names.
- Disables security services, network, web browser or other program.
- Using sophisticated hiding tactics to bypass detection and deletion.
- Affects safe mode, causes restart problems, while screen, black screen and others.
Removal Comments from Our Research Lab
The ransom Trojan may result in destructive effect, basic mechanism is simple though. Once installed, the code inserts a registry entry to make sure that the Trojan executes and the scam page will spawn every time Windows loads up with which users can do nothing on the computer since they cannot stop the Department of Justice page. To make things worse, it’s also found to tend to disable or terminate the process of detecting tools. As for the Trojan itself, it creates a new thread in running processes and renames its harmless files after random combination of letters and digits or legit program. That is why we Tee Support tech support team highly recommend users take manual means to remove Department of Justice virus with expertize guidance.
Details to Get Rid of ”Your Computer Has Been Blocked” Popup From Windows 7 /XP/Vista
Step 1: Restart the computer into safe mode with networking by pressing and holding F8 before Windows launches and selecting the needed modes with error keys.
Step 3: Search for and delete its related files in Local Disk C:
%AppData%\NPSWF32.dll %AppData%\Protector-[rnd].exe %AppData%\result.db
Step 4: Navigate to remove the registry entries associated as below in Registry Editor:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run “.exe” HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run “” HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “CertificateRevocation” = ’0′ HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’
Remove ”Your Computer Has Been Blocked” Popup automatically (with SpyHunter)
Step A. Download removal tool SpyHunter
1) Click here or the icon below to download SpyHunter automatically.
2) Follow the instructions to install SpyHunter
Step B. Run SpyHunter to remove this infection.
Run SpyHunter and click “Malware Scan” button to scan your computer, after detect this unwanted program, clean up relevant files and entries completely.
Tips: If you have any questions or difficulties deleting this scam or are confused with above steps, We suggest you to download ”Your Computer Has Been Blocked” Popup removal tool to remove it quickly and safely.)
More Removal Guides
Get a Safer, Cleaner & Faster PC!
A good spyware remover can safeguard your computer at real-time automatically.
- Terminate latest, stubborn virus/spyware
- Safe, effective and complete
- Fix various PC problems
So, pick one of your favorite to protect your system easily.
Malwarebytes is one of the most popular and widely used anti-virus and malware-removal software applications for both home and corporate computer users alike.