FacebookTwitterLinkedIn

The ICE Cyber Crime Center Virus

Also Known As: ICE Virus
Damage level: Severe

What is The ICE Cyber Crime Center?

The ICE Cyber Crime Center message locks computer users' screens demanding payment of a $400 fine for alleged law violations. This is a scam.

The message has no connection with U.S. Immigration and Customs Enforcement and was created by cyber criminals in the hope that unsuspecting PC users believe the false accusations made (watching pornography, using copyrighted files, use of unlicensed software) and pay the bogus fine.

In fact, no authorities (including The ICE Cyber Crime Center) use screen-blocking messages to collect fines for any law violations. This fake message is called ransomware and this particular infection originates from a family called Reveton.

The ICE Cyber Crime Center Virus

Ransomware infections are especially rogue since they are localized. Computer users from different countries observe variants of the fake message, which exploits the graphics and names of local authorities.

This particular ransomware predominantly targets computer users from the USA, however, users from Australia with machines infected by this virus, observe the same message as if sent from the Australian Federal Police (AFP).

Do not trust any messages supposedly sent from local authorities and ordering payment of fines to unblock your PC - this is a scam. Paying the fine when ordered by these messages is equivalent to sending your money to cyber criminals.

A variant of this ransomware virus:

ICE virus

The ICE Cyber Crime Center virus is distributed using Trojans and drive-by downloads. Computer users should express caution when using P2P networks, social networks, and when downloading software updates from unverified sources.

To prevent ransomware infiltrations, keep your operating system and installed software (Flash, Java, etc.) up-to-date. Furthermore, use legitimate antivirus and anti-spyware software. If you observe a message from "The ICE Cyber Crime Center" requesting payment of $400 using MoneyPak, ignore it and proceed with the removal steps provided.

A fake message displayed by The ICE Cyber Crime Center virus:

The ICE Cyber Crime Center.

Your computer has been blocked.

 

To unlock your computer and avoid other legal consequences, you are obligated to pay a release fee of 300 USD (green dot MoneyPak).

 

Possible violations are described below:

Article - 174. Copyright
Imprisonment for the term of up to 2-5 years (The use or sharing of copyrighted files). A fine from 18,000 up to 23,000 USD.

Article 183. Pornography
Imprisonment for the term of up to 2-3 years. (The use or distribution of pornographic files). A fine from 180,000 up to 25,000 USD.

Article 184. Pornography involving children (under 18 years)
Imprisonment for the term of up to 10-15 years. (The use or distribution of pornographic files). A fine from 20,000 up to 40,000 USD.

Article - 104. Promoting Terrorism
Imprisonment for the term of up to 25 years without appeal (Visiting the websites of terrorist groups). A fine from 35,000 up to 45,000 USD with property confiscation.

Article - 68. The distribution of virus programs
Imprisonment for the term of up to 2 years (The development or distribution of virus programs, which have caused harm to other computers). A fine from 15,000 up to 28,000 USD.

Article - 113. The use of unlicensed software
Imprisonment of the term of up to 2 years (The use of unlicensed software). A fine from 10,000 up to 22,000 USD.

Article - 99. Cheating with payment cards, carding
Imprisonment for the term of up to 5 years (The operation with the use of payment card or it's details which was not initiated or not confirmed by the holder). A fine from 30,000 up to 75,000 USD with property confiscation.

Article - 156. Spamming pornographic content
Imprisonment for the term of up to 2 years. (Spamming pornographic content by means of the e-mail or social Networks). A fine from 16,000 up to 36,000 USD.

An attempt to unlock the computer by yourself will lead to the full formatting of the operating system. All the files, videos, photos, documents on your computer will be deleted.
In connection with the decision of the Government as of June 7, 2013, all of the violations described above could be considered as criminal. If the fine has not been paid, you will become the subject of criminal prosecution. The fine is applicable only in the case of a primary violation. In case of a second violation you will appear before the Supreme Court.
Amount of the fine is 300 USD. Payment must be made within 48 hours after the computer blocking. If the fine has not been paid, you will become the subject of criminal prosecution without the right to pay the fine.

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

The ICE Cyber Crime Center virus removal:

Step 1

Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer starting process press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Video showing how to start Windows 8 in "Safe Mode with Networking":

Step 2

Log in to the account infected with The ICE Cyber Crime Center virus. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all entries detected.

Cannot boot in Safe Mode with Networking? (The ICE Cyber Crime Center virus is blocking Safe Mode with Networking)

If you have more than one user account within your operating system, log-in to the clean account and download the recommended malware removal software, install it and run a full system scan.

Remove all security infections detected. If, however, you have only one user account, please follow this guide (this describes how to create a new user account using Safe Mode with Command Prompt - using this newly-created user account, you will be able to remove The ICE Cyber Crimes Center ransomware).

If The ICE Cyber Crimes Center scam also blocks your operating system's Safe Mode with Networking, follow these removal instructions:

1. During your computer starting process, press the F8 key on your keyboard multiple times until the Windows Advanced Options menu appears, and then select Safe Mode with Command Prompt from the list and press ENTER.

Boot your computer in Safe Mode with Command Prompt

2. When Command Prompt Mode loads, enter the following line: net user removevirus /add and press ENTER.

alt

3. Next, enter this line: net localgroup administrators removevirus /add and press ENTER.

creating new user using command prompt

4. Finally, enter this line: shutdown -r and press ENTER.

adding a new user in command prompt

5. Wait for your computer to restart, and then boot your PC in Normal Mode and login to the newly-created user account ('removevirus'). This account will be unaffected by the ransomware infection and you will be able to download and install recommended malware removal software to eliminate this virus from your computer.

new user account created

6. Download and install recommended malware removal software to eliminate this ransomware infection from your computer:

If the newly-created user account is also affected by the ransomware infection, try performing a System Restore:

Video showing how to remove ransomware virus using "Safe Mode with Command Prompt" and "System Restore":

1. During your computer starting process, press the F8 key on your keyboard multiple times until the Windows Advanced Options menu appears, and then select Safe Mode with Command Prompt from the list and press ENTER.

Boot your computer in Safe Mode with Command Prompt

2. When Command Prompt Mode loads, enter the following line: cd restore and press ENTER.

system restore using command prompt type cd restore

3. Next, type this line: rstrui.exe and press ENTER.

system restore using command prompt rstrui.exe

4. In the opened window click "Next".

restore system files and settings

5. Select one of the available Restore Points and click "Next" (this will restore your computer system to an earlier time and date, prior to the ransomware infiltrating your PC).

select a restore point

6. In the opened window click "Yes".

run system restore

7. After restoring your computer to a previous date, download and scan your PC with recommended malware removal software to eliminate any remnants of The ICE Cyber Crime Center virus.

Other methods used to eliminate this ransomware infection from your PC:

Remove The ICE Cyber Crime Center virus using a Rescue Disk.

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Removal Instructions in other languages
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
ICE Virus QR code
Scan this QR code to have an easy access removal guide of ICE Virus on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.