The warning popup posing as the United States Department of Justice is a typical Windows locker that tries to intimidate and blackmail users to pay to remove or neutralize the ransom Trojan. The scam hijacks the infected computer with the scary announcement, blocks access to desktop and any other program and asks for a fine of $300 to be paid within the stipulated time of 72 or 48 hours by indicating the GreenDot MoneyPak voucher (PIN) codes in the respective section of the lockout page. It also states that the time to unblock the computer will expire and you will be involved with criminal case if the penalty is not effected in time. Here is what the Dept of Justice notification reads:
The cyber fraudster gives several law infringement examples that you may supposedly commit such as copyrighted and pornography content. Besides it highlights that ”The work of your computer has been suspended on the grounds of the violation of the law of the United States of America.” In order to make it more persuasive and authentic, it displays a dirty picture and the video that shows what’s happening around. More are more users are now able to realize the trick around the first time, despite the march of deception. Nevertheless the majority of the victims are having a difficult time to unblock the computer from fake Department of Justice virus since the computer becomes unusable with this nonstop ransom window.
Here Is the List to Record What US Department of Justice Virus Does
- Distributes via phishing or drive-by tactics on infected webpage.
- Exploits security breaches to complete the unauthorized installation.
- Displays a ransom window at each restart to entirely block the system.
- Pops up the fake police warning message to swindle users to collect money.
- Creates a new user account without user knowledge with dirty names.
- Disables security services, network, web browser or other program.
- Using sophisticated hiding tactics to bypass detection and deletion.
- Affects safe mode, causes restart problems, while screen, black screen and others.
Removal Comments from Our Research Lab
The ransom Trojan may result in destructive effect, basic mechanism is simple though. Once installed, the code inserts a registry entry to make sure that the Trojan executes and the scam page will spawn every time Windows loads up with which users can do nothing on the computer since they cannot stop the Department of Justice page. To make things worse, it’s also found to tend to disable or terminate the process of detecting tools. As for the Trojan itself, it creates a new thread in running processes and renames its harmless files after random combination of letters and digits or legit program. That is why we Tee Support tech support team highly recommend users take manual means to remove Department of Justice virus with expertize guidance.
Details to Get Rid of ”Your Computer Has Been Blocked” Popup From Windows 7 /XP/Vista
Step 1: Restart the computer into safe mode with networking by pressing and holding F8 before Windows launches and selecting the needed modes with error keys.
Step 3: Search for and delete its related files in Local Disk C:
%AppData%\NPSWF32.dll %AppData%\Protector-[rnd].exe %AppData%\result.db
Step 4: Navigate to remove the registry entries associated as below in Registry Editor:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run “.exe” HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run “” HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “CertificateRevocation” = ’0′ HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’
Tips: If you have any questions or difficulties deleting this scam or are confused with above steps, please click her to contact an online expert for more details or try any other available means to get in touch with us.
Tee Support is an award-winning online tech service 24/7. Tee Support experts provide sophisticated manual solutions:
- terminate latest, stubborn virus/spyware that an antivirus program can not!
- specific solution for your specific system: Safe, Effective, Complete.
- many more services covering various PC problems to meet your requirements.
A good spyware remover can safeguard your computer at real-time automatically. So, pick up one of your favorite to protect your system easily.
However, professional online technical support is highly recommended if you want a more specific, accurate and effective solution toward your specific issue in your specific computer system.
Malwarebytes is one of the most popular and widely used anti-virus and malware-removal software applications for both home and corporate computer users alike.
Award-winning Spyware Doctor with AntiVirus software protects your PC against privacy and tracking threats. Spyware Doctor with AntiVirus detects, removes and secures your PC from potential spyware, viruses, worms and tracking threats.