I’ve gotten a call earlier today from a friend because his computer has been locked by “The United States Department of Justice”. In addition to that “The United States Department of Justice” demands computer owner to pay $300 to unlock the computer “avoid other legal consequences”.
First and foremost, The United States Department of Justice does not run such operation.
This is a ransomware. It replaces Windows 7 shell with its own executable file. Booting the computer to plain “Safe Mode” or” Safe Mode with Networking” will load the malicious executable. Instead, boot to “Safe Mode with Command Prompt” and manually remove the malicious software.
I’ll describe what I did in the next post.
90403