Home » Blog » Cybersecurity » Cybersecurity » How To Remove The Department Of Justice Virus – The United States Department Of Justice Virus Removal (Ransomware)
Department of Justice virus remove

How To Remove The Department Of Justice Virus – The United States Department Of Justice Virus Removal (Ransomware)

What is the U.S. Department of Justice virus?

The Department of Justice virus, also referred to as The United States Department of Justice virus, U.S. Department of Justice virus, and DOJ virus (D.O.J. virus), is a term for malware categorized as ransomware, alike the FBI virus we discovered last year, that restricts access to the infected computer system using a screen or window (template), and in this case states that the work of your computer has been suspended on the grounds of violation of the law of the United States of America, while falsely appearing as the United States Department of Justice, in order to persuade victims of the Department of Justice virus to pay a ransom of usually $300 by use of Moneypak cards, etc., within the allotted time of 48 hours. Please note, this is a common but very dangerous computer virus (cryptovirus) known as ransomware, that attempts to scare victims by demanding unnecessary fines, while attempting to pose as a legitimate source, in this case The United States Department of Justice. This is not the actual U.S.A. Department of Justice and paying the fine will not remove the virus. It may even initiate further complications and threats within the computer system. Citizens of the United States are entitled due process in court. The government will not block or lock your computer system and demand a fine for violating terms which include the distribution of illegal pornography, such as child porn, and the violation of various copyright laws, including illegally downloaded media.

Department of Justice virus remove

Similar to other popular forms of ransomware, the Department of Justice virus may state that the fake Department of Justice is video recording and audio recording you, and in some cases may display a screen that streams footage from an attached web camera. In reality, these criminals can capture and record footage from webcams and audio devices.

The Department of Justice virus lock-screen displays a full screen page or window that contains similar text below:

The United States Department of Justice
The work of your computer has been suspended on the grounds of the violation of the law of the United States of America.

Possible violations described below:

Article - 184 Pornography involving children (under 18 years)
Imprisonment for the term of up to 10-15 years
(The use or distribution of pornographic files)

Article - 171 Copyright
Imprisonment for the the term of up to 2-5 years
(The use or sharing of copyrighted files)

Article - 113 The use of unlicensed software
Imprisonment for the term of up to 2 years
(The use of unlicensed software)

Amount of fine is $300. Payment must be made within 48 hours after the computer blocking. If the fine has not been paid, you will become the subject of criminal prosecution without the right to pay the fine. The Department for the Fight against Cyberactivity will confiscate your computer (After 48 hours).



To unlock your computer and to avoid legal consequences, you are obligated to pay a release fee of $300. Botcrawl.com

To remove the Department of Justice virus (Department of Justice ransomware) and unsuspend your computer (lift fake suspension), please use the free Department of Justice removal instructions provided in this article, which contains free solutions to remove the Department of Justice virus and third-party malware.

What happens if Department of Justice virus is not removed?

If the Department of Justice virus and ransomware in general is not removed from the infected computer system, the computer user is at a very high risk of falling victim to severe forms of cyber crime involving credit theft, extortion, and identity theft. Furthermore the Department of Justice virus can cause a computer to lose complete functionality as the perpetrators may acquire complete control of the system.

Department of Justice ransomware: Dangers & symptoms

Aside from the normal process of this ransomware infection, the Department of Justice virus uses trojan horses to access and infect a computer system  as well as perform other tasks. This fake Department of Justice ransomware may also use trojan horses and key-loggers to collect sensitive information.

Green Arrow Bullet  How to remove Department of Justice virus

  1. Department of Justice removal software (Automatic removal) – Scan and remove Department of Justice ransomware
  • System Restore – Restore PC to date and time before Department of Justice malware infection

1. Department of Justice removal software

1. Install the free or paid version of Malwarebytes Anti-Malware software.

Border Ten

Malwarebytes Anti-Malware   Green Arrow Bullet Editor’s Choice

Malwarebytes Anti-Malware software

$24.95 USD (Lifetime) / FREE

Latest versions: Malwarebytes Anti-Malware PRO, Malwarebytes Anti-Malware Free
Release date: April 09, 2013  / 1.75

Purchase Malwarebytes PRO   Free Download

Border Ten

2. Once Malwarebytes is installed, open the Anti-Malware program. If you are using the free version of Malwarebytes you will be prompted to update the database, please do so.

3. On the first tab labeled “Scanner” select the Perform full scan option and click the Scan button to perform a full system scan (pictured below).

Malwarebytes Perform Full Scan

4.  Malwarebytes will automatically detect the Department of Justice virus. Once the scan is complete, Malwarebytes will prompt a message stating malicious objects were detected. Select (check) the malicious objects in the list and click the Remove Selected button to completely remove Department of Justice malware from your computer (Department of Justice virus remove/the image below shows a file that is NOT selected for removal – ‘Make sure the box is checked in’).

Malwarebytes Gadgetbox

2. System Restore

System Restore is an easy solution to restore an infected computer to a date and time before it became infected with malware. To learn more please select a link below.

Windows Recommended Restore And Choose A Restore Point

Department of Justice removal tips:

If removing the Department of Justice virus is difficult, there are several steps you can use to troubleshoot the removal process:

User accounts

Ransomware often infects 1 user account on Windows. Here are some tips to remove the Department of Justice virus using different user accounts.

  • Log into an account not affected by malware (with administrative rights) and perform a scan with reputable software to detect and remove malware.
  • You can also delete the infected account.
Deny flash

Some variants of ransomware use flash and symptoms of the infection can be suspended by denying flash via Macromedia’s real-time options. To learn more and deny flash please visit: http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html

Troubleshoot internet/network issues

Safe Mode With Networking can be used to access the Internet for updates, drivers, removal software, or other files if internet and network connectivity is compromised.

Manual removal information:

If you seek to manually remove the Department of Justice virus, please use the guidelines below.

Department of Justice Ransomware Files:

Remove associated files.

Department of Justice Ransomware Windows Registry Information:

Repair associated registry additions.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "MigAutoPlay" = %AppData%\MigAutoPlay.exe

Lead Editor

Sean is a tech author and engineer with over 20 years of experience in cybersecurity, privacy, malware, Google Analytics, online marketing, and other topics. He is featured in several publications.

More Reading

Post navigation


  • I got this Justice virus and it locked up my whole computer. I tried multi shut downs took out the battery. I paid $60 for AVG and got this anyway. And WHY do we pay for anit-virus? I always keep up on restore BUT when you can even get to that. I admit when this virus used my webcam to take my pic, it freaked me out.

    • u have to always have a safe administrator account …i deleted the flash player and then cut and copied the useful files into new user account… and then deleted the affected account…

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

What is .W0YR8 and how do I remove it and recover files?

What is Wiseman and how do I remove it?

How to Remove Ransomware and Recover Decrypted Files