Remove Department of Justice Virus
Removal instructions

Severity scale:  
Department of Justice Virus is also known as Ukash virus | Type: Ransomware | Tags: Ukash

Department of Justice Virus is one of the latest threats from Ukash virus group that try to attack people living in the United States of America. This threat belongs to the category of ransomware, so it is designed to get inside the system secretly and then try to rip users off. Just like FBI virus, FBI Moneypak or FBI Green Dot Moneypak virus, it creates lots of troubles for its victims by locking the system down. This results is complete system's take over - user becomes incapable to get on the Internet, launch legitimate anti-malware programs or do other things on his PC. He only sees a forged Department of Justice Virus alert, which states that user is caught doing illegal activities on his computer. Before you fall for this alert, you must note that such organizations as Department of Justice do NOT collect their fines in such way. You must remove Department of Justice Virus immediately!

HOW CAN I GET INFECTED WITH Department of Justice Virus?

This scam is designed to use the same ways intrussion as all previous Ukash viruses: it uses spam emails, freeware, shareware and other sources to come inside undetected. Once there, it locks the system down and shows its only message, claiming that Windows system has been blocked because you have been using copyrighted content, visiting pornographic websites or even spreading malware. For that, now you have to make a payment of $200 using the Moneypak prepayment system. Here's how this message looks like:

Your computer has been locked!
This operating system is locked due to the violation of the federal laws of the United States of America (Article: 1, Section 8, Clause 8; Article 202; Article 2012 of the criminal code of the U.S.A. Provides for the deprivation of liberty for four to twelve years.)
Following violations detected:
Your IP address was used to visit websites containing pornopraphy, child pornography, zoophillia and child abuse. Your computer also contains video files with pornographic content, elements of violence and child pornography!
You have 72 hours to pay the fine, otherwise you will be arrested.

No matter how trustworthy it seems, you must ignore this alert because it has nothing to do with Department of Justice. If you pay this $100 or $300 fine, you won't have your computer unlocked and you will lose your money as well. In order to avid that, you should remove Department of Justice Virus as soon as possible.

HOW CAN I REMOVE Department of Justice Virus?

In order to remove Department of Justice virus, you should try following this information. It includes different methids that MAY work in this virus removal. Remember that manual removal methid can be used only if you have enough nowledge about computer's system and its architecture:

* Users infected with Department of Justice virus are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': After doing that, run a full system scan with anti-malware program.

* Flash drive method: 

  1. Take another machine and use it to download STOPzilla, SpyHunter or other reputable anti-malware program.
  2. Update the program and put into the USB drive or simple CD.
  3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
  4. Reboot computer infected with Department of Justice virus once more and run a full system scan with updated anti-malware program.

* Manual Department of Justice removal (special skills needed!):

  1. Open Windows Start Menu, enter %appdata% into the search field, click Enter.
  2. Go to: Microsoft\Windows\Start Menu\Programs\Startup.
  3. Remove ctfmon (don't mix it with ctfmon.exe!).
  4. Open Windows Start Menu, enter %userprofile% into the search field, click Enter.
  5. Go to Appdata\Local\Temp and remove rool0_pk.exeDelete [random characters].mof file
  6. Delete V.class
  7. Run a full system scan with updated SpyHunter to remove remaining Department of Justice virus files. You can also use STOPzilla or Malwarebytes Anti Malware.

UPDATE: There is a new Ukash virus, which uses the logo of the Department of Justice. This threat now says 'Your computer has been blocked! The work of your computer has been suspended on the grounds of the violation of the law of the United States of America". Similarly to the previous version of the Department of Justice virus, this ransomware shows a list of laws, that have been violated, and asks to pay the fine of $300 using MoneyPak prepayment system. Besides, it speaks to the victim!

Automatic Department of Justice Virus removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Department of Justice Virus you agree with our Privacy Policy and Agreement of Use.
Do it now!
remover for Department of Justice Virus Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Department of Justice Virus. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Department of Justice Virus using SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

We are testing STOPzilla's efficiency at removing Department of Justice Virus (2012-09-25 06:38:27)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Department of Justice Virus (2012-09-25 06:38:27)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Department of Justice Virus (2012-09-25 06:38:27)
Defender Pro Ultimate
We are testing Defender Pro Ultimate's efficiency at removing Department of Justice Virus (2012-09-25 06:38:27)
Virus Removal Phone Support
Help Line to remove Department of Justice Virus

Department of Justice Virus screenshot

Geolocation of Department of Justice Virus

This map reveals the prevalence of Department of Justice Virus. Countries and regions that have been affected the most are: United States.

QR code for Department of Justice Virus removal instructions

Department of Justice Virus qrcode QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the website is that parasites like Department of Justice Virus are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Department of Justice Virus right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.

Removal guides in other languages

Information added: 2014-10-16 01:57
Information updated: 2014-10-16 01:57

Ask us discussions

Modern viruses are really hard to remove. They have random file names, random registry entries, they can immitale legal products and files. Removal instructions sometimes can't Help to remove infection manually. Please take a look at our discussion where users like you share they experience in fighting the parasite:

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Users comments about Department of Justice Virus:

I removed the virus by rebooting my computer back about 3-4 weeks (a couple updates previous) but now i cannot connect to the internet whatsoever. My computer keeps telling me that the troubleshooter for the internet connection is not working. Then when i attempt to find a wireless connection (Which is what my router is) it shows that there is nothing that can be found. My iPad and phones are connected to my wireless internet, but now my HP is not.. HELP!?
This is on my Samsung tab 3 and am freaking out what am I supposed to do.
I downloaded defender on another computer and booted the infected one from the usb. It allowed the boot and quick scan, which found nothing. I then ran the full scan with the same results. It must still be there somewhere? any suggestions?
I just repeatedly clicked the "Leave Page" button and it worked and I got away.
Nothing is working!! safe mode, back up cd, 64 bit windows defender cd, different users, nothing, not an effin thing!! Im out of options. what do I do!?!?!?!?
Post Script-

I was initially doing great but Defender is not removing the whole virus!
It is not sufficiently aggressive to do so.

I have done 6 scans now of all three levels within Defender and now it comes up with nothing found but I still cannot get to safe mode.
The virus is still in there some where

The FBI screen keeps coming up albeit much slower now.

Any additional hints here would be gratefully appreciated.

If anyone knows how to make a boot disk out of a USB drive for XP Pro I would like to know.
It apparently is the only way I can clean the system
1) As soon as the image appears immediately physically disconnect from the internet
2) you will not be able to get to anything - safe mode, safe mode w/o internet, etc.
3) Get a good and clean USB stick. I used a SanDisk.
4) Go to
Let it format the USB and add the files
5)Boot PC and let this run. Do a complete scan. Might take 2 +/- hours.
When done clean the bad files per defender procedure
6) connect to internet and uipdate the defender files. disconnect from internet
7) run again, and then connect again and update files
8) keep doing until clean
9)Clean boot system and then run your chosen anti-virus programs

All info here has been invaluable.
Thankis to all the wizards
This worked like a charm! I initially became concerned after the Malwarebytes full scan hung up after 42 minutes, scanning 234k objects. I cold started the system; started in Safe Mode again and did a quick scan this time which went quickly. It found 4 items and removed them without a problem. Im trying to figure out how this virus got past Bitdefender which Im running (which is coming up for renewal). Im inclined to give Malwarebytes paid version a hard look. Thanks Aubrey!
Any advice for windows xp users that cant do anything in safe mode/with or without ntworking or commsnd prompt? Thanks.
I disagree sir. Mac OS X 10.9 is the most advanced OS out right now. The power management and the stability is amazing and nothing compares. As far as support it comes with 1 year and you buy the applecare you just bring it in to an apple store which there is one just about everywhere and they fix it. I have had my mac since 2011 and it runs just as strong if not better than the day I got it. Best purchase ever. There is nothing my mac can not do. I Even have windows running on it. Vmware for mac is awesome. Windows 8 is better than a mac? lmafo Do more research man..
For Win 7, reboot computer-press f8 - select repair computer (enter)- enter name/password- then select system restore
do i have to be connected to the internet? because im trying stopzilla and spyhunter and both didnt work when i put my computer in safe mode command prompt
I have a Mac and I got this virus, how do I get it off and is yoocare site legit
A friend of mine brought me his computer and it had this virus on it. I usually wouldve went into Safe mode with networking not allowing the virus to boot itself but in this instance it did not allow the computer to boot in safe mode so i downloaded windows defender onto a USB from another computer, booted the infected the computer through the USB drive and presto, the scan began and found it. I ran the quick and full scan and found something each time. Be sure to run both scans to make sure it gets everything before you let it boot and install itself again if it has a rootkit attached to it.
I shut my computer down, pressed esc then Restored my laptop to the day before & now my laptop is working perfect. No more virus.
I am trying to reboot and then it goes to safe mode and then gets back to normal mode and the screen cants display nayhting, any help please
This forum was really helpful. what did was, I had another user on computer, I could log on to that, it was not virus affected. Then downloaded malware byte and ran full scan. Full scan found more than 100 files infected. Removed those and immediately restarted computer.

After restarting logged on same user which I had used for running malware byte. Then logged off from that user and logged onto user which was infected and it worked fine.

Thank you all guys. you are awesome
I can still get to the administrator account on my laptop. If I delete the infected account will it get rid of the virus? Would it delete the infected files from the laptop? There is nothing really important on the account.
i got this virus the other day and it said that I was downloading child porn,man was I pissed. You can get a reboot disk Its called Fix it utilities once I ran that and then installed maleware it was gone.i hope they find these people that are behind this,becuse its really giving our DEPT of Justice a really bad name. Can you imagin how many people have already paid for this bullshit scam?
Worked when this was selected, full scan about 40 minutes.
More comments...

Post Comment

Attention: Use this form only if you have additional information about Department of Justice Virus parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Ask us
What's your antispyware?
I failed to remove Department of Justice Virus using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!