Severity scale  

Department of Justice Virus. How to Remove? (Uninstall Guide)

removal by - -   Also known as Ukash virus | Type: Ransomware

Department of Justice Virus is one of the latest threats from Ukash virus group that try to attack people living in the United States of America. This threat belongs to the category of ransomware, so it is designed to get inside the system secretly and then try to rip users off. Just like FBI virus, FBI Moneypak or FBI Green Dot Moneypak virus, it creates lots of troubles for its victims by locking the system down. This results is complete system's take over - user becomes incapable to get on the Internet, launch legitimate anti-malware programs or do other things on his PC. He only sees a forged Department of Justice Virus alert, which states that user is caught doing illegal activities on his computer. Before you fall for this alert, you must note that such organizations as Department of Justice do NOT collect their fines in such way. You must remove Department of Justice Virus immediately!

HOW CAN I GET INFECTED WITH Department of Justice Virus?

This scam is designed to use the same ways intrussion as all previous Ukash viruses: it uses spam emails, freeware, shareware and other sources to come inside undetected. Once there, it locks the system down and shows its only message, claiming that Windows system has been blocked because you have been using copyrighted content, visiting pornographic websites or even spreading malware. For that, now you have to make a payment of $200 using the Moneypak prepayment system. Here's how this message looks like:

Your computer has been locked!
This operating system is locked due to the violation of the federal laws of the United States of America (Article: 1, Section 8, Clause 8; Article 202; Article 2012 of the criminal code of the U.S.A. Provides for the deprivation of liberty for four to twelve years.)
Following violations detected:
Your IP address was used to visit websites containing pornopraphy, child pornography, zoophillia and child abuse. Your computer also contains video files with pornographic content, elements of violence and child pornography!
You have 72 hours to pay the fine, otherwise you will be arrested.

No matter how trustworthy it seems, you must ignore this alert because it has nothing to do with Department of Justice. If you pay this $100 or $300 fine, you won't have your computer unlocked and you will lose your money as well. In order to avid that, you should remove Department of Justice Virus as soon as possible.

HOW CAN I REMOVE Department of Justice Virus?

In order to remove Department of Justice virus, you should try following this information. It includes different methids that MAY work in this virus removal. Remember that manual removal methid can be used only if you have enough nowledge about computer's system and its architecture:

* Users infected with Department of Justice virus are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': After doing that, run a full system scan with anti-malware program.

* Flash drive method:

  1. Take another machine and use it to download PlumbytesWebroot SecureAnywhere AntiVirus, Reimage or other reputable anti-malware program.
  2. Update the program and put into the USB drive or simple CD.
  3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
  4. Reboot computer infected with Department of Justice virus once more and run a full system scan with updated anti-malware program.

* Manual Department of Justice removal (special skills needed!):

  1. Open Windows Start Menu, enter %appdata% into the search field, click Enter.
  2. Go to: Microsoft\Windows\Start Menu\Programs\Startup.
  3. Remove ctfmon (don't mix it with ctfmon.exe!).
  4. Open Windows Start Menu, enter %userprofile% into the search field, click Enter.
  5. Go to Appdata\Local\Temp and remove rool0_pk.exeDelete [random characters].mof file
  6. Delete V.class
  7. Run a full system scan with updated Reimage to remove remaining Department of Justice virus files. You can also use PlumbytesWebroot SecureAnywhere AntiVirus or Malwarebytes Anti Malware.

UPDATE: There is a new Ukash virus, which uses the logo of the Department of Justice. This threat now says 'Your computer has been blocked! The work of your computer has been suspended on the grounds of the violation of the law of the United States of America". Similarly to the previous version of the Department of Justice virus, this ransomware shows a list of laws, that have been violated, and asks to pay the fine of $300 using MoneyPak prepayment system. Besides, it speaks to the victim!

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Reimage - remover Happiness
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Department of Justice Virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Department of Justice Virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
We are testing Plumbytes's efficiency (2014-10-16 01:57)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2014-10-16 01:57)
Hitman Pro
Webroot SecureAnywhere AntiVirus
Department of Justice Virus screenshot

Geolocation of Department of Justice Virus

Map reveals the prevalence of Department of Justice Virus. Countries and regions that have been affected the most are: United States.

Removal guides in other languages

Information updated:

Comments on Department of Justice Virus

Billy D
Unable to open in safe mode. Been watching this screen for two days. Ready to throw the fucking computer in the street and drive over it.
FBI virus has taken over my verizon wireless tablet what can I do????? I tried a hard reset nothing ..... I cant get off the FBI screen to try any of the methods listed here.
I removed the virus by rebooting my computer back about 3-4 weeks (a couple updates previous) but now i cannot connect to the internet whatsoever. My computer keeps telling me that the troubleshooter for the internet connection is not working. Then when i attempt to find a wireless connection (Which is what my router is) it shows that there is nothing that can be found. My iPad and phones are connected to my wireless internet, but now my HP is not.. HELP!?
It most likely deleted your NIC/Ethernet settings. You can usually reset these to default or browse for your particular Ethernet card in TCP/IP configuration.
This is on my Samsung tab 3 and am freaking out what am I supposed to do.
I downloaded defender on another computer and booted the infected one from the usb. It allowed the boot and quick scan, which found nothing. I then ran the full scan with the same results. It must still be there somewhere? any suggestions?
I just repeatedly clicked the "Leave Page" button and it worked and I got away.
Nothing is working!! safe mode, back up cd, 64 bit windows defender cd, different users, nothing, not an effin thing!! Im out of options. what do I do!?!?!?!?
Post Script-

I was initially doing great but Defender is not removing the whole virus!
It is not sufficiently aggressive to do so.

I have done 6 scans now of all three levels within Defender and now it comes up with nothing found but I still cannot get to safe mode.
The virus is still in there some where

The FBI screen keeps coming up albeit much slower now.

Any additional hints here would be gratefully appreciated.

If anyone knows how to make a boot disk out of a USB drive for XP Pro I would like to know.
It apparently is the only way I can clean the system
1) As soon as the image appears immediately physically disconnect from the internet
2) you will not be able to get to anything - safe mode, safe mode w/o internet, etc.
3) Get a good and clean USB stick. I used a SanDisk.
4) Go to
Let it format the USB and add the files
5)Boot PC and let this run. Do a complete scan. Might take 2 +/- hours.
When done clean the bad files per defender procedure
6) connect to internet and uipdate the defender files. disconnect from internet
7) run again, and then connect again and update files
8) keep doing until clean
9)Clean boot system and then run your chosen anti-virus programs

All info here has been invaluable.
Thankis to all the wizards
More comments »

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)