Hello All,
This is turning out to be a common virus attack in my workplace, so thought of creating a post to help people solve this error. If your computer is locked whenever you login and you are seeing a “Your computer has been blocked” by Department of Homeland Security’s ICE Cyber Crime Center, then your computer is infected with a piece of Malware known as Trojan Reveton.
At the very sight of it, it will seem to be very authentic by tracking your location and IP address (though it is quite simple) It has so many details that might give you a shock! This Malware is clever and has access to even your webcam (if you have one though)
What is Malware?
As Wikipedia states "Malware, short for Malicious software, is software used or programmed by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems
Why my computer?
Computers are vulnerable to Malware and virus. You can get Malware on your computer just by clicking ads, downloading toolbars, etc. In order to protect yourself from Malware, you can download a free version of Malwarebytes.
Malwarebytes
Malwarebytes is an anti-malware software that detects and destroys malware from your computer. The free version is available for download from the following legit links:
Link1
Link2
Once the download finishes, you have to install the program on your computer (Note you might require administrative privileges!). After installation you may enable a free trail of the PRO version of Malwarebytes too.
![[Image: Malwarebytes Anti-Malware final installation screen]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tKgKFU0MkDqueJph6TvxwJtohrJcFb1fDubfyqtvCedBn3Ge-Gg3jfRJ6YUJMcG-ZKSFGWgneMtO9bjLzHJ-q43gtJvwG4jUb7Vl3dVWz2nIiMDfW1T67a34OSG4RU7ENsYT4Q_6Bk21QVZ5JLwmh3oEU3VIQBIug=s0-d)
Note: After downloading and if you're using it say after 2 or 3 weeks, it may show a notification like this:
And all you need to do is, Click yes and update! Remember Malwarebytes is a free software and you can work with it as long as the database is updated.
So once the main window opens, you have three options: Quick Scan, Full Scan and Memory Scan as shown below:
![[Image: Malwarebytes Anti-Malware Quick Scan]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vhnJxN4STkGUpm_7zUfpNWh-XKxBo_wnzSJ6V_4rTh8Na4g3PXdccAFmi8UlcBWVYNXy2UahVWi_ChboWubMgS2nz_39GLjDalYBCUf4N6Pyz2lU_1A8xRXIVNLalxfgHFiWwiqrrzUkS43zPVVF0xRYv2FGZ_=s0-d)
Quick Scan is good enough to detect Malware on your main folders on the drive. It generally takes 7 - 20 minutes to complete scanning (depending on the RAM and hard disk size). If your scanning for the first time, I would recommend a quick scan before doing a full scan.
Full scan scans all the files and folder in all your drives and this may take a minimum of 20 minutes to a maximum of 1 hour (or even more in some computers). The bottom line is YOU HAVE TO BE PATIENT.
Flash scan is a feature that is available for PRO users and is similar to running memory diagnostics.
Once you select either a Quick/Full scan, and select scan, the scanning will start.
Sometime while your scanning, the computer may become slow and you should expect a performance degradation and it might also go to the "Not Responding" mode. Don't Panic.
The number of Malware objects detected will be highlighted in Red. Once the scan completes, a message will be displayed.
Once you click OK and then click Show Results, a window will open with the all the objects. Selected everything and click on Remove Selected.
![[Image: Malwarebytes Anti-Malwar removing ICE Cyber Crime Center virus]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sGFvhgVn50ZsRq-2vzPYfKhE2qqbgE7i8U5AJiQCyL_JBnuIYjIpwNjrXZGwMz-sq3YNS6345BhP3d2sOT5Bj3ndiCpLqbn-NPJhln7OlrQVyZoLVffC2hC8emLL3TMkQ1sE96_elMfjzV6HShLeGyqdkfx5XYA_JS=s0-d)
Please Note: Once you press remove selected all the objects will be permanently deleted from your computer. After it removes, you will get a notification similar to this.
Please save all your work and click Yes. The computer will restart.
Though Quick scan will detect all Malware it is advised to do a Full Scan too in order to completely get rid of all Malware.
Okay that's great and worked perfectly but how am I supposed to do this when I am not able to go beyond the ICE cyber screen. Now that's a good question!
These are the steps:
METHOD 1
Just download Malwarebytes from a different computer and store it in a flash drive.
Insert the flash drive on the computer that has a ICE Virus.
Do a hard reboot. (Switch off the CPU and switch it On again!)
Press F12 (If it's a DELL computer) and access the boot menu. Sometimes you might have to press F12 key repeatedly. The boot menu should look something similar to this:
Please select the USB Storage Device and press enter. The Malwarebytes program will load from the USB. You can then perform the same steps mentioned above. Then do a reboot again to restore working condition of your computer.
METHOD 2
Another way to get rid of your ICE cyber crime virus is to do a Computer restore. The system generally makes a checkpoint of the last good configuration it had. You can restore the computer to a date before you actually got the virus. But this does not come in handy every time. Sometimes it doesn't work.
Do a hard reboot on you ICE screen. Then you can Press F8 (Dell computers) and it will show a window with Advance boot options similar to this:
Scroll down using the arrow keys and select the Last Known Good Configuration (advanced) and press Enter.
This will open a command prompt. In the command prompt enter type rstrui.exe and then press Enter.
In case you're using XP/Vista then type - C:\windows\system32\restore\rstrui.exe.
In case you're using Windows 7/8/8.1 then type - C:\windows\system32\rstrui.exe.
This will start the System Restore which will show you good checkpoints where you had good configurations as shown below:
![[Image: Restore settings to remove ransomware]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vC9bPzj-RK_Fg5OiNpjs3Lo5ZYgMWJp6gdfRaGLnOpXCrKDF8pEH5I_nSM6_DjeH5ddthz-gpK4NWWLFd9YiOjsbz_beaf7HngOXHc2alJOhVcvfLWw-iRQbEvPFStJlMQvaiQ9GvIouE1KkJw=s0-d)
Select a checkpoint which you think was good and that was before the ICE cyber crime virus. You have options to scan for affected programs on that check point. Sometimes the selected checkpoint cannot be restored, in which case you may have to select a different checkpoint. Once you select a checkpoint, Click next and the computer should be restored. Once that's done restart your system and login to windows. Then it is advisable to do a scan with Malwarebytes.
METHOD 3:
The third method would be login in Safe mode. The safe mode options can be accessed in the Advanced Boot Options Menu as described above. It will look like this:
Be sure to select Safe mode with Networking. This will enable internet. Once all the files load and login is successful, either load Malwarebytes from the Flash drive or download from browser and run it. Once the scan is done, you can restart and login normally.
These are the ways you can handle the ICE virus. There are other programs like Malwarebytes such as Hitman Pro and Kaspersky's TDSS killer but Malwarebytes is my personal recommendation.
References: Google Images, Wikipedia, Malwarebytes.
This is turning out to be a common virus attack in my workplace, so thought of creating a post to help people solve this error. If your computer is locked whenever you login and you are seeing a “Your computer has been blocked” by Department of Homeland Security’s ICE Cyber Crime Center, then your computer is infected with a piece of Malware known as Trojan Reveton.
At the very sight of it, it will seem to be very authentic by tracking your location and IP address (though it is quite simple) It has so many details that might give you a shock! This Malware is clever and has access to even your webcam (if you have one though)
What is Malware?
As Wikipedia states "Malware, short for Malicious software, is software used or programmed by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems
Why my computer?
Computers are vulnerable to Malware and virus. You can get Malware on your computer just by clicking ads, downloading toolbars, etc. In order to protect yourself from Malware, you can download a free version of Malwarebytes.
Malwarebytes
Malwarebytes is an anti-malware software that detects and destroys malware from your computer. The free version is available for download from the following legit links:
Link1
Link2
Once the download finishes, you have to install the program on your computer (Note you might require administrative privileges!). After installation you may enable a free trail of the PRO version of Malwarebytes too.
Note: After downloading and if you're using it say after 2 or 3 weeks, it may show a notification like this:
And all you need to do is, Click yes and update! Remember Malwarebytes is a free software and you can work with it as long as the database is updated.
So once the main window opens, you have three options: Quick Scan, Full Scan and Memory Scan as shown below:
Quick Scan is good enough to detect Malware on your main folders on the drive. It generally takes 7 - 20 minutes to complete scanning (depending on the RAM and hard disk size). If your scanning for the first time, I would recommend a quick scan before doing a full scan.
Full scan scans all the files and folder in all your drives and this may take a minimum of 20 minutes to a maximum of 1 hour (or even more in some computers). The bottom line is YOU HAVE TO BE PATIENT.
Flash scan is a feature that is available for PRO users and is similar to running memory diagnostics.
Once you select either a Quick/Full scan, and select scan, the scanning will start.
Sometime while your scanning, the computer may become slow and you should expect a performance degradation and it might also go to the "Not Responding" mode. Don't Panic.
The number of Malware objects detected will be highlighted in Red. Once the scan completes, a message will be displayed.
Once you click OK and then click Show Results, a window will open with the all the objects. Selected everything and click on Remove Selected.
Please Note: Once you press remove selected all the objects will be permanently deleted from your computer. After it removes, you will get a notification similar to this.
Please save all your work and click Yes. The computer will restart.
Though Quick scan will detect all Malware it is advised to do a Full Scan too in order to completely get rid of all Malware.
Okay that's great and worked perfectly but how am I supposed to do this when I am not able to go beyond the ICE cyber screen. Now that's a good question!
These are the steps:
METHOD 1
Just download Malwarebytes from a different computer and store it in a flash drive.
Insert the flash drive on the computer that has a ICE Virus.
Do a hard reboot. (Switch off the CPU and switch it On again!)
Press F12 (If it's a DELL computer) and access the boot menu. Sometimes you might have to press F12 key repeatedly. The boot menu should look something similar to this:
Please select the USB Storage Device and press enter. The Malwarebytes program will load from the USB. You can then perform the same steps mentioned above. Then do a reboot again to restore working condition of your computer.
METHOD 2
Another way to get rid of your ICE cyber crime virus is to do a Computer restore. The system generally makes a checkpoint of the last good configuration it had. You can restore the computer to a date before you actually got the virus. But this does not come in handy every time. Sometimes it doesn't work.
Do a hard reboot on you ICE screen. Then you can Press F8 (Dell computers) and it will show a window with Advance boot options similar to this:
Scroll down using the arrow keys and select the Last Known Good Configuration (advanced) and press Enter.
This will open a command prompt. In the command prompt enter type rstrui.exe and then press Enter.
In case you're using XP/Vista then type - C:\windows\system32\restore\rstrui.exe.
In case you're using Windows 7/8/8.1 then type - C:\windows\system32\rstrui.exe.
This will start the System Restore which will show you good checkpoints where you had good configurations as shown below:
Select a checkpoint which you think was good and that was before the ICE cyber crime virus. You have options to scan for affected programs on that check point. Sometimes the selected checkpoint cannot be restored, in which case you may have to select a different checkpoint. Once you select a checkpoint, Click next and the computer should be restored. Once that's done restart your system and login to windows. Then it is advisable to do a scan with Malwarebytes.
METHOD 3:
The third method would be login in Safe mode. The safe mode options can be accessed in the Advanced Boot Options Menu as described above. It will look like this:
Be sure to select Safe mode with Networking. This will enable internet. Once all the files load and login is successful, either load Malwarebytes from the Flash drive or download from browser and run it. Once the scan is done, you can restart and login normally.
These are the ways you can handle the ICE virus. There are other programs like Malwarebytes such as Hitman Pro and Kaspersky's TDSS killer but Malwarebytes is my personal recommendation.
References: Google Images, Wikipedia, Malwarebytes.
