Solved

Your Computer has been blocked - US Department of Justice

Posted on 2013-01-15
11
974 Views
Last Modified: 2013-11-22
I'm an IT guy and am baffled by this one...  I can't even get to the start menu or anything in Safe Mode.  Does anybody have any suggestions as to how I can remove this?
0
Comment
Question by:ITworks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 38780401
Have you tried following these steps:
http://malwaretips.com/blogs/department-of-justice-virus/


Hope this helps!

:o)

Bartender_1
0
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 38780412
If you can't get to safe mode, you could try this software to boot from and edit the affected registry settings:

http://www.raymond.cc/blog/how-to-edit-windows-registry-key-values-without-booting-in-windows/

Hope this helps!

:o)

Bartender_1
0
 
LVL 10

Expert Comment

by:bigbigpig
ID: 38780413
You can try booting to a rescue CD like Kaspersky's, or another if you have a preference.
http://support.kaspersky.com/4162
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Accepted Solution

by:
jimminy_ebay earned 500 total points
ID: 38780422
Avast has a tutorial on how to remove this infection.  I would also consider wiping an reinstalling or reimaging the OS on this computer if this doesn't work.  And get some AV software installed and updated on it before giving it back to the user.


https://forum.avast.com/index.php?topic=112757.0
0
 
LVL 3

Expert Comment

by:jimminy_ebay
ID: 38780429
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38780437
I like the Kapersky Rescue Disk myself.
0
 
LVL 29

Expert Comment

by:Thomas Zucker-Scharff
ID: 38780548
I use a SARDU created disk which everything on it.  It is worth making one of these for just such occassions:

http://www.experts-exchange.com/Storage/Misc/A_3038-Boot-Disks-UBCD-UBCD4Win-and-SARDU.html
0
 
LVL 44

Expert Comment

by:Darr247
ID: 38780550
It's called "ransomware" malware... whatever steps you take, do NOT give them any money, because that will NOT fix the problem.
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 38780987
I have seen it fixed with sophos antivirus boot disk and/or combofix from bleepingcomputer.com.
0
 
LVL 92

Expert Comment

by:nobus
ID: 38781633
0
 
LVL 4

Author Closing Comment

by:ITworks
ID: 38782998
I tried EVERYONE's solutions, but ended up having to reformat.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Curious about the latest ransomware attack? Check out our timeline of events surrounding the spread of this new virus along with tips on how to mitigate the damage.
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question