1 2 3 Previous Next 20 Replies Latest reply: Aug 24, 2013 8:06 PM by Ex_Brit RSS

    ICE Ransomware Virus Bypasses safe mode, safemode with networking and safe mode with command prompt Help


      I have a multi user total protection account active in my home network.  Yesterday my daughter came to me with a "US Courts" headed virus scam and we were able to boot to the desktop with safe mode and remove it with a full McAfee Security Scan.  Today she has a later version of the virus apparently, with an "ICE" heading and the same baloney about violations and paying $300 to unlock the computer. but it is far nastier and I cannot do anything to run a program to remove it.


      Each time I get the F8 list, I choose the safe mode, log in with the user account and the system shuts down and reboots without safe mode and we have the fixed screen.  I saw this described in the Mandiant USA Cyber Security Ransomware thread but dont know how I can resolve this without safe mode.


      Any help would be appreciated. 


      Like John_burgess, I also don't understand why there is no mention of these issues on the web site or why the software did not pick up either the one I removed yesterday or the one that has me stymied today.  It's the kind of thing I bought the software to avoid in the first place.  My daughter says she did not open an attachment so it must be carried with some kind of youtube or game download she did.


      Did not tag this to other discussions because they seem to be resolved with restoring from the command prompt, or renaming and then deleting the virus executable.  I can't get that far to search for the file or invoke an earlier restore point.

        1 2 3 Previous Next