Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Department of Justice Ransomware has taken my PC hostage!!


  • Please log in to reply
16 replies to this topic

#1 Plz_Hlp

Plz_Hlp

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 08 June 2014 - 10:01 AM

Hello everyone,

I am desperate and have nowhere else to turn to for help. I seek your wisdom and experience to free my PC from this dreadful ransomware.

Situation:
I was on my computer last week watching video clips on YouTube and my computer suddenly becomes locked with the Department of Justice Virus. For those who are familiar with this ransomware, you know that it disables you from doing anything in Safe mode, Safe Mode with Networking and Safe Mode with Command Prompt so the usual methods do not work.

With the help of a Geeksquad Agent, I was instructed to create a Hitman Pro flash drive. Upon doing so, I connected it to my infected computer and booted from a USB drive. All standard procedure up to this point. The program ran it's scan and all threats, malware and remnants were quarantined or deleted. I restarted the computer confident that this had done the job, however my computer remains locked.

I have Norton Antivirus Protection on my computer so I'm confused as to how the ransomware snuck through in the first place,
But that aside; I then proceeded to insert my Norton disk and boot from CD to utilize the Norton Bootable Recovery Tool. I ran Norton Power Eraser and the Full Scan, but no threats were detected.

I restarted the computer and the virus still remains. As a Hail Mary, I sought the help of the public by posting my situation on yahoo and the most credible advisor talked me through using Kaspersky Rescue Disk to eliminate the virus. I burned the program onto a CD and ran it on my infected computer. After it finished its scan and I restarted the computer the problem still persists, only now the screen turns white and simply stays locked as a white screen, no longer displaying the Department of Justice seal or instructions on how to pay.

Everyone gave up and told me that the only remaining option is to subscribe to a free forum with professionals that constantly deal with these types of issues. So here I am!! Desperate and in need of your expertise. I brought my laptop into best buy and the Geeksquad said that they charge $300 to fix it with no guarantee that it will in fact be fixed, simply for diagnostics and tech support. $300 is not only the same amount as the ransom, which I absolutely hate; but is enough to simply buy a new laptop.

Please help me!!! Anything that you can suggest would be greatly appreciated. I use my roommates computer to create any anti-virus disks or flash drives needed so I have regular access to a non-infected PC handy.

Thank you and I hope to hear from someone soon.


Edited by hamluis, 08 June 2014 - 10:08 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 wpgwpg

wpgwpg

  • Members
  • 1,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US of A
  • Local time:08:34 PM

Posted 08 June 2014 - 10:22 AM

 What is you computer's make and model?  What version of Windows?  

 

 When you've gotten your system back like you want it, I urge you to get yourself an external hard drive and a good 3rd party backup program. You can set it up to do everything automagically at the time and frequency of your choice. 1 TB external hard drives are about $60 these days and a really good FREE backup program is the Easeus Todo Backup Free.  That can save you a lot of time and frustration the next time something like this happens. Sooner or later it happens to all computers for one reason or another.
 
 Good luck.

Edited by wpgwpg, 08 June 2014 - 10:24 AM.

Everyone with a computer should back his system up to an external hard drive regularly.  :thumbsup:

#3 Plz_Hlp

Plz_Hlp
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 08 June 2014 - 10:29 AM

Thank you for reaching out to me!!
I am using a Toshiba Satellite A105-S4021 System Unit. Model No. PSAA8U-06200J
It is running on Windows XP Home Edition.

#4 wpgwpg

wpgwpg

  • Members
  • 1,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US of A
  • Local time:08:34 PM

Posted 08 June 2014 - 11:02 AM

 I think I'd get hold of a live disc like Linux Ubuntu or Mint, boot from it, and save any data I didn't want to lose.  Then I'd either upgrade to Windows 7 or 8.1 or Linux.  Ubuntu and Mint have user interfaces similar to Windows, they're free, they boot and are ready to get on the Internet in about 3 minutes, and they're supported.  I run Windows 7 and 8.1 mostly, but I keep DVDs and flash drives with Linux handy too.  A lot of folks running XP are switching to Linux.  Your choice, but I definitely wouldn't stay with XP since MS has dropped the last of support for it as of 4/8/14.

 

Good luck.


Everyone with a computer should back his system up to an external hard drive regularly.  :thumbsup:

#5 ukbobboy

ukbobboy

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:34 AM

Posted 08 June 2014 - 01:30 PM

Dear Infected User

 

I am sorry I will not be able to help you but I hope you can clear up this mystery that has me confused.

 

You see, I understand that you can only catch "Ransomware" by either opening an infected attachment, downloading booby-trapped applications or utilities or following a URL-link to a dodgy website.

 

However, you said you caught this virus from watching YouTube, I always thought that YouTube was iron clad unless one of the videos you were watching was indeed booby-trapped.

 

Therefore, can you say "beyond a reasonable doubt" that you picked up this nasty PC killing virus from YouTube?

 

 

UK Bob



#6 JohnC_21

JohnC_21

  • Members
  • 24,301 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:34 PM

Posted 08 June 2014 - 02:06 PM

Hello PlzHlp and Welcome,

 

If Hitman Pro Kickstart did not work for you, try Kaspersky Rescue Disk using the command WindowsUnlocker.

 

Please read and then follow the steps here.

http://www.youtube.com/watch?v=C5hvSlrOUlE


#7 Al1000

Al1000

  • Global Moderator
  • 7,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:34 AM

Posted 08 June 2014 - 04:36 PM

 I think I'd get hold of a live disc like Linux Ubuntu or Mint, boot from it, and save any data I didn't want to lose.  Then I'd either upgrade to Windows 7 or 8.1 or Linux.  Ubuntu and Mint have user interfaces similar to Windows, they're free, they boot and are ready to get on the Internet in about 3 minutes, and they're supported.  I run Windows 7 and 8.1 mostly, but I keep DVDs and flash drives with Linux handy too.  A lot of folks running XP are switching to Linux.  Your choice, but I definitely wouldn't stay with XP since MS has dropped the last of support for it as of 4/8/14.

 

Good luck.

 

I absolutely agree. Even if the OP insists on sticking with XP for the meantime, I would still do as you have advised; use a live disc to save files I wanted to keep to an external storage device, then format the hard drive and re-install XP. While XP may be vunerable to anything developed to exploit it after the above date, all of the existing updates should be available for some time to come.

 

EDIT: Having said that, here is a guide on how to remove it.

 

http://www.bleepingcomputer.com/virus-removal/remove-department-of-justice-ransomware


Edited by Al1000, 08 June 2014 - 04:41 PM.


#8 imichaelw1

imichaelw1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 09 June 2014 - 06:52 AM

Help!

I have been following this topic because I too was just highjacked!

My screen has been taken over by a phony "FBI" warning which won't go away even when restarting in safe mode. Cannot restore to earlier point because screen goes back to highjacked warning. I'm sure this is common for you experts out there but is there a fix that won't make me install an entirely new operating system? Geez, not sure I can handle that complex procedure.

 

I'm not so much worried about lost data since it's an older second computer, and it's Windows XP. Help!



#9 JohnC_21

JohnC_21

  • Members
  • 24,301 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:34 PM

Posted 09 June 2014 - 09:10 AM

Hello imichaelw1 and Welcome First, you should have started a new thread instead of posting to this one as multiple people that needs help on the same problem can cause confusion. Please see this guide. You will need to download Hitman Pro on a clean computer and create a bootable USB key called Kickstarter. http://www.bleepingcomputer.com/virus-removal/remove-fbi-cybercrime-division-ransomware

#10 imichaelw1

imichaelw1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 09 June 2014 - 09:51 AM

JohnC,

 

Sorry for my posting in the wrong place, new to this. Thanks for the link to the procedure to try to fix this issue but I have an immediate problem; I can't install Hitman to my thumb drive because the computer needing help is 32 bit but the computer I'm using to download the Hitman is 64 bit. So, it won't allow me to open the Hitman program at 32 bit which is what I need for the infected computer! Suggestions?



#11 JohnC_21

JohnC_21

  • Members
  • 24,301 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:34 PM

Posted 09 June 2014 - 11:53 AM

This was brought up before in another thread. Download the Hitman Pro 64bit. Create the USB flash drive. It should run fine on the 32bit computer. You should have an active internet connection. I would connect a Ethernet cable directly to your modem or router from the computer.


Edited by JohnC_21, 09 June 2014 - 11:56 AM.


#12 imichaelw1

imichaelw1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 09 June 2014 - 11:56 AM

You mean the 64 bit will run on my 32 bit computer?

Well, no luck. Screen won't generate the Hitman Pro screen menu. I suspect that you cannot run the 64 bit version in a 32 bit computer,


Edited by imichaelw1, 09 June 2014 - 12:17 PM.


#13 JohnC_21

JohnC_21

  • Members
  • 24,301 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:34 PM

Posted 09 June 2014 - 12:04 PM

According to my link the Poster who is a member of the Malware Removal Group states that the USB flash drive created by Hitman Pro 64bit will run on a 32bit computer.


Edited by JohnC_21, 09 June 2014 - 12:05 PM.


#14 imichaelw1

imichaelw1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 09 June 2014 - 02:26 PM

Let me ask something; do I need internet service just to have the Hitman Pro menu to appear on the monitor or for full function of the Hitman software? I ask because I have a blank screen when I call on the Hitman from the USB port, and of course I have no internet on the infected machine. I just need to know which tree to bark up in solving my problem. Thanks.



#15 JohnC_21

JohnC_21

  • Members
  • 24,301 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:34 PM

Posted 09 June 2014 - 02:46 PM

If you can't get Kickstarter to boot, try Kaspersky Rescue Disk as I linked to in my post#6

 

You can also look at the youtube video I linked to.

 

Hitman Pro uses the Cloud so I assume you would need an internet connection. Kaspersky does not. But you have to run WindowsUnlocker first as shown in the video and the steps shown in the link I provided.


Edited by JohnC_21, 09 June 2014 - 02:47 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users