Remove Department of Justice Virus
Removal instructions

Department of Justice Virus is also known as Ukash virus | Type: Ransomware | Tags: Ukash
Severity scale:  

Department of Justice Virus is one of the latest threats from Ukash virus group that try to attack people living in the United States of America. This threat belongs to the category of ransomware, so it is designed to get inside the system secretly and then try to rip users off. Just like FBI virus, FBI Moneypak or FBI Green Dot Moneypak virus, it creates lots of troubles for its victims by locking the system down. This results is complete system's take over - user becomes incapable to get on the Internet, launch legitimate anti-malware programs or do other things on his PC. He only sees a forged Department of Justice Virus alert, which states that user is caught doing illegal activities on his computer. Before you fall for this alert, you must note that such organizations as Department of Justice do NOT collect their fines in such way. You must remove Department of Justice Virus immediately!

HOW CAN I GET INFECTED WITH Department of Justice Virus?

This scam is designed to use the same ways intrussion as all previous Ukash viruses: it uses spam emails, freeware, shareware and other sources to come inside undetected. Once there, it locks the system down and shows its only message, claiming that Windows system has been blocked because you have been using copyrighted content, visiting pornographic websites or even spreading malware. For that, now you have to make a payment of $200 using the Moneypak prepayment system. Here's how this message looks like:

Your computer has been locked!
This operating system is locked due to the violation of the federal laws of the United States of America (Article: 1, Section 8, Clause 8; Article 202; Article 2012 of the criminal code of the U.S.A. Provides for the deprivation of liberty for four to twelve years.)
Following violations detected:
Your IP address was used to visit websites containing pornopraphy, child pornography, zoophillia and child abuse. Your computer also contains video files with pornographic content, elements of violence and child pornography!
You have 72 hours to pay the fine, otherwise you will be arrested.

No matter how trustworthy it seems, you must ignore this alert because it has nothing to do with Department of Justice. If you pay this $100 or $300 fine, you won't have your computer unlocked and you will lose your money as well. In order to avid that, you should remove Department of Justice Virus as soon as possible.

HOW CAN I REMOVE Department of Justice Virus?

In order to remove Department of Justice virus, you should try following this information. It includes different methids that MAY work in this virus removal. Remember that manual removal methid can be used only if you have enough nowledge about computer's system and its architecture:

* Users infected with Department of Justice virus are allowed to access other accounts on their Windows systems. If one of such accounts has administrator rights, you should be capable to launch anti-malware program.

* Try to deny the Flash to make your ransomware stop function as intended. In order to disable the Flash, go to Macromedia support and select 'Deny': After doing that, run a full system scan with anti-malware program.

* Flash drive method: 

  1. Take another machine and use it to download STOPzilla, SpyHunter or other reputable anti-malware program.
  2. Update the program and put into the USB drive or simple CD.
  3. In the meanwhile, reboot your infected machine to Safe Mode with command prompt and stick USB drive in it.
  4. Reboot computer infected with Department of Justice virus once more and run a full system scan with updated anti-malware program.

* Manual Department of Justice removal (special skills needed!):

  1. Open Windows Start Menu, enter %appdata% into the search field, click Enter.
  2. Go to: Microsoft\Windows\Start Menu\Programs\Startup.
  3. Remove ctfmon (don't mix it with ctfmon.exe!).
  4. Open Windows Start Menu, enter %userprofile% into the search field, click Enter.
  5. Go to Appdata\Local\Temp and remove rool0_pk.exeDelete [random characters].mof file
  6. Delete V.class
  7. Run a full system scan with updated SpyHunter to remove remaining Department of Justice virus files. You can also use STOPzilla or Malwarebytes Anti Malware.

UPDATE: There is a new Ukash virus, which uses the logo of the Department of Justice. This threat now says 'Your computer has been blocked! The work of your computer has been suspended on the grounds of the violation of the law of the United States of America". Similarly to the previous version of the Department of Justice virus, this ransomware shows a list of laws, that have been violated, and asks to pay the fine of $300 using MoneyPak prepayment system. Besides, it speaks to the victim!

Automatic Department of Justice Virus removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Department of Justice Virus you agree with our Privacy Policy and Agreement of Use.
remover for Department of Justice Virus
Compatible with OS X
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall Department of Justice Virus. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Do it now!
remover for Department of Justice Virus Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Department of Justice Virus. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Department of Justice Virus using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

We are testing STOPzilla's efficiency at removing Department of Justice Virus (2012-09-25 06:38:27)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Department of Justice Virus (2012-09-25 06:38:27)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Department of Justice Virus (2012-09-25 06:38:27)
Zemana Antimalware
Virus Removal Phone Support
Help Line to remove Department of Justice Virus

Department of Justice Virus screenshot

Geolocation of Department of Justice Virus

Map reveals the prevalence of Department of Justice Virus. Countries and regions that have been affected the most are: United States.

Removal guides in other languages

Information added: 10/16/14 01:57; information updated: 10/16/14 01:57

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Comments on Department of Justice Virus

Billy D
Unable to open in safe mode. Been watching this screen for two days. Ready to throw the fucking computer in the street and drive over it.
FBI virus has taken over my verizon wireless tablet what can I do????? I tried a hard reset nothing ..... I cant get off the FBI screen to try any of the methods listed here.
I removed the virus by rebooting my computer back about 3-4 weeks (a couple updates previous) but now i cannot connect to the internet whatsoever. My computer keeps telling me that the troubleshooter for the internet connection is not working. Then when i attempt to find a wireless connection (Which is what my router is) it shows that there is nothing that can be found. My iPad and phones are connected to my wireless internet, but now my HP is not.. HELP!?
It most likely deleted your NIC/Ethernet settings. You can usually reset these to default or browse for your particular Ethernet card in TCP/IP configuration.
This is on my Samsung tab 3 and am freaking out what am I supposed to do.
I downloaded defender on another computer and booted the infected one from the usb. It allowed the boot and quick scan, which found nothing. I then ran the full scan with the same results. It must still be there somewhere? any suggestions?
I just repeatedly clicked the "Leave Page" button and it worked and I got away.
Nothing is working!! safe mode, back up cd, 64 bit windows defender cd, different users, nothing, not an effin thing!! Im out of options. what do I do!?!?!?!?
Post Script-

I was initially doing great but Defender is not removing the whole virus!
It is not sufficiently aggressive to do so.

I have done 6 scans now of all three levels within Defender and now it comes up with nothing found but I still cannot get to safe mode.
The virus is still in there some where

The FBI screen keeps coming up albeit much slower now.

Any additional hints here would be gratefully appreciated.

If anyone knows how to make a boot disk out of a USB drive for XP Pro I would like to know.
It apparently is the only way I can clean the system
1) As soon as the image appears immediately physically disconnect from the internet
2) you will not be able to get to anything - safe mode, safe mode w/o internet, etc.
3) Get a good and clean USB stick. I used a SanDisk.
4) Go to
Let it format the USB and add the files
5)Boot PC and let this run. Do a complete scan. Might take 2 +/- hours.
When done clean the bad files per defender procedure
6) connect to internet and uipdate the defender files. disconnect from internet
7) run again, and then connect again and update files
8) keep doing until clean
9)Clean boot system and then run your chosen anti-virus programs

All info here has been invaluable.
Thankis to all the wizards
This worked like a charm! I initially became concerned after the Malwarebytes full scan hung up after 42 minutes, scanning 234k objects. I cold started the system; started in Safe Mode again and did a quick scan this time which went quickly. It found 4 items and removed them without a problem. Im trying to figure out how this virus got past Bitdefender which Im running (which is coming up for renewal). Im inclined to give Malwarebytes paid version a hard look. Thanks Aubrey!
Any advice for windows xp users that cant do anything in safe mode/with or without ntworking or commsnd prompt? Thanks.
I disagree sir. Mac OS X 10.9 is the most advanced OS out right now. The power management and the stability is amazing and nothing compares. As far as support it comes with 1 year and you buy the applecare you just bring it in to an apple store which there is one just about everywhere and they fix it. I have had my mac since 2011 and it runs just as strong if not better than the day I got it. Best purchase ever. There is nothing my mac can not do. I Even have windows running on it. Vmware for mac is awesome. Windows 8 is better than a mac? lmafo Do more research man..
For Win 7, reboot computer-press f8 - select repair computer (enter)- enter name/password- then select system restore
do i have to be connected to the internet? because im trying stopzilla and spyhunter and both didnt work when i put my computer in safe mode command prompt
I have a Mac and I got this virus, how do I get it off and is yoocare site legit

Post a comment

Attention: Use this form only if you have additional information about Department of Justice Virus parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Recent Malware
Read on mobile
Ask us
Press Mentions
I failed to remove Department of Justice Virus using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!