Removing Department of Justice Virus - How to remove and delete this virus.

Community Help: Remove Department of Justice Virus - Steps and Instructions

Share your own experience     View front page

This virus is a nuissance which will prevent you from accessing your computer and will attempt to keep you locked out from accessing anything on your computer. This goes by many names but Department of Justice ransomware is one of the common names. This begins running at startup on your computer, and I'll show you a few simple steps on how to stop this from running so you can access your computer again. It will ask you to pay money, NEVER EVER pay money to ransomware viruses like this! Even if you pay they will just try to keep you paying so you are playing a losing game. Follow these steps below to get control of your computer back from this virus.

1) First off, reboot your computer in safe mode. When your computer boots up it will be running with basic windows files only. Your screen may look like poor quality, thats fine.

2) Go to your startup folder on your programs menu, and look for anything with an unusual or random name and remove it from your startup folder. This should be obvious once you look at it.

3) Open system restore. Later versions of windows can just type system restore in the box when you click the start button. It will come up automatically then.

4) In the system restore window, choose the option that says "choose a different restore point". Select a date where you are SURE you didn't have the department of justice virus. Dont go back to far, no need to, just go back a week or two where you know the virus was not on your computer yet.

Thats it, now go through with rebooting and everything will be back to running normal again.

Your virus files are being placed in the appdata folder or the temp folder, and restoring back simply fixes your registry so it cannot run them. Then they are just dormant files that no longer run. Note also that if you are rebooting in safe mode with command prompt, then the program you run for system restore is named rstrui.exe and is either in your system32\restore folder or your system32 folder.