Solved

Your Computer has been blocked - US Department of Justice

Posted on 2013-01-15
11
964 Views
Last Modified: 2013-11-22
I'm an IT guy and am baffled by this one...  I can't even get to the start menu or anything in Safe Mode.  Does anybody have any suggestions as to how I can remove this?
0
Comment
Question by:ITworks
11 Comments
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 38780401
Have you tried following these steps:
http://malwaretips.com/blogs/department-of-justice-virus/


Hope this helps!

:o)

Bartender_1
0
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 38780412
If you can't get to safe mode, you could try this software to boot from and edit the affected registry settings:

http://www.raymond.cc/blog/how-to-edit-windows-registry-key-values-without-booting-in-windows/

Hope this helps!

:o)

Bartender_1
0
 
LVL 10

Expert Comment

by:bigbigpig
ID: 38780413
You can try booting to a rescue CD like Kaspersky's, or another if you have a preference.
http://support.kaspersky.com/4162
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 3

Accepted Solution

by:
jimminy_ebay earned 500 total points
ID: 38780422
Avast has a tutorial on how to remove this infection.  I would also consider wiping an reinstalling or reimaging the OS on this computer if this doesn't work.  And get some AV software installed and updated on it before giving it back to the user.


https://forum.avast.com/index.php?topic=112757.0
0
 
LVL 3

Expert Comment

by:jimminy_ebay
ID: 38780429
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38780437
I like the Kapersky Rescue Disk myself.
0
 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 38780548
I use a SARDU created disk which everything on it.  It is worth making one of these for just such occassions:

http://www.experts-exchange.com/Storage/Misc/A_3038-Boot-Disks-UBCD-UBCD4Win-and-SARDU.html
0
 
LVL 44

Expert Comment

by:Darr247
ID: 38780550
It's called "ransomware" malware... whatever steps you take, do NOT give them any money, because that will NOT fix the problem.
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 38780987
I have seen it fixed with sophos antivirus boot disk and/or combofix from bleepingcomputer.com.
0
 
LVL 92

Expert Comment

by:nobus
ID: 38781633
0
 
LVL 4

Author Closing Comment

by:ITworks
ID: 38782998
I tried EVERYONE's solutions, but ended up having to reformat.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question