ICE Cybercrime Virus/ Moneypak/ Malware/ Ransomware Virus Removal
With some threats such as the ICE Cyber-Crime Center virus, you may not be able to get into safe mode. If you're experiencing this, the following video will show you a few alternatives of how to work around that Cybercrime virus removal issue.
Remove ICE Cyber Crime Center Virus: Free Virus Removal Using Safe Mode with Command Prompt
Start by shutting down your computer by holding the power button for ten seconds. Once you begin rebooting your computer, start taping the F8 key about twice every second. This should bring up the advanced boot options menu.
Use your down arrow on the keyboard to select the option, Safe Mode with Command Prompt and hit enter.
Safe Mode will load a basic version of windows without additional applications like this virus.
When the command window boots up, you'll see a screen that looks like this. Type in the command: "net user administrator /active:yes" and hit enter.
You should see a response that says the command completed successfully.
To prevent unauthorized access to this account, you'll want to either set up a password or disable this account later.
At this time hit CTRL+ALT+DELETE on your keyboard and use your mouse to navigate to the red icon in the bottom right corner and select restart.
Once you restart your computer start tapping F8 again.
In the advanced boot options, use your down arrow to select "Safe Mode with Networking."
When windows boots up to the regular user screen, select the choice for administrator.
The first thing we want to do is open your browser and go to http://Norton.com/npe
Click the button to download Norton Power Eraser. Once the download completes, double click the icon to launch the file.
Read through the end user license agreement and click 'accept'. As soon as Norton power eraser finishes initializing, choose the advanced option
Choose scan now under reputation scan and select scan a folder. At this point make sure you choose your local disc, which should be your C drive. Norton Power Eraser will ask if you want to proceed. Click 'yes'.
This scan may take a while depending on the size of your drive but you don't have to be sitting at the computer while it scans.
Once the scan completes, Norton power eraser will automatically select the files we know are malicious.
The files with an unknown reputation are going to require a little more research before making that determination.
The first thing we do is try and determine where the files is loading from. A file loading form a temporary directory, a randomly named folder, or somewhere other then a program file folder is more likely to be an unsafe file. Another sign that can clue us in can be the file name. A file with a random name or random characters in the name is a good indicator of a malicious file. You can search the Internet for the file name in question. The search results will often help make a determination about that file.
Remember, if you make a mistake in choosing which file to remove, NPE allows you to restore the file using the History option on the main screen.
Carefully select which files you want to remove. Be sure to only select the files you want to remove from this computer. You will be asked to confirm your selections. Choose yes and click fix in the bottom right corner. It will ask you to reboot one more time to compete this process. Click the restart button.
Once the computer reboots, you'll likely see a pop up error like this. Write down the name of the file you see in the error and then hit ok. We'll use this in our next step.
On your keyboard, hit the windows key and the r key to bring up the run menu. Type in "regedit". This will bring up the computers registry editor. Remember, any time you go into the registry, the first thing we want to do is create a backup before making changes. With computer selected at the top click on file and choose export. Here you want to just create a name for the file you're going to save and this will be your back up. You can save it to your desktop or anywhere it's easy to find.
Next we'll click on Edit and go down to Find. Here is where we'll type in the name of that file we wrote down form the error earlier.
When the search completes, it should show you the name of the file that you typed in over on the right side. Right click the highlighted file name and click delete. It'll ask for confirmation Click yes.
You should be all clean now, if you couldn't follow any of these steps or you're still locked out, follow the link at the end of this video to learn more about the Norton Bootable Recovery Tool for removing even the most persistent of threats.
Case History: This is a ransomware that fakes itself as a warning from U.S. Immigration and Customs Enforcement that you are involved in cyber-crime activity and demands that you pay a fine or end up in jail as a criminal.