Bad Version of ICE Virus, Common Methods Not Working...

[ddrcan]

Hello, I'm running Windows 64 bit and have recently gotten what looks to be a bad version of the ICE Ransomware virus.

I am unable to login to my account normally due to the ransom screen popping up immediately and going to the BSOD after several moments.

None of the safe-mode options work. Even safe-mode with command prompt which is what I usually do in this kind of situation. I've always been able to use the rstrui.exe to solve this type of issue but not this time. When I enter my password and try to login in safe-mode it says "shutting down" and then "restarting" which it proceeds to do.

When I put in my Windows installation disc and boot from it I know it's supposed to go to a screen where you can either repair, format and reinstall or restore previous state. When I boot from CD/DVD it just goes to a BIOS screen where it says at the top "Windows failed to load" or something like that. It then lists the same options that I have already tried.

-Safe-mode
-Safe-mode with networking
-Safe mode with command prompt

I've also tried Hitman.Pro Kickstart and got the message MBR Failed to load. The only thing that worked with Kickstart was the boot normally option which ended up getting the ransomware screen again.

The only thing I haven't tried yet is Kaspersky 10 Repair disc which I will try tonight, but I'm not holding my breath.

Every forum I've seen on this issue seems to say if safe-mode doesnt work use your installation disc, repair disc or Kickstart. Otherwise if you don't have a disc or it's not working to use safe-mode with command promt. But nowhere could I find a forum about what to do if neither of these things are working.

If anyone could help me with this I would be extremely grateful. I am fully prepared to format and reinstall but i'm not even able to do THAT at his point. I haven't tried putting the drive in a different computer and trying to format but I don't see how that would really make a difference. Can a virus spread beyond the hard drive? I may just buy a new hard drive but i'm still holding out some hope that this can be fixed somehow. Iv'e never had a virus this bad before to where none of the common methods are not wotking.

Thank you for you help!

[kevinf80]

download Farbar Recovery Scan Tool from here:                                                                  

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

save it to a USB flash drive. Ensure to get the correct version for your system, 32 bit or 64 bit

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

 

Plug the flash drive into the infected PC.

 

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt Here: http://www.bleepingcomputer.com/tutorials/windows-8-recovery-environment-command-prompt/ to enter System Recovery Command prompt.

 

If you are using Vista or Windows 7 enter System Recovery Options.

 

Plug the flashdrive into the infected PC.

 

Enter System Recovery Options I give two methods, use whichever is convenient for you.

 

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
  
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  
• Use the arrow keys to select the Repair your computer menu item.
  
• Select Your Country as the keyboard language settings, and then click Next.
  
• Select the operating system you want to repair, and then click Next.
  
• Select your user account an click Next.
  

 

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
  
• Restart your computer.
  
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  
• Click Repair your computer.
  
• Select Your Country as the keyboard language settings, and then click Next.
  
• Select the operating system you want to repair, and then click Next.
  
• Select your user account and click Next.
  

 

On the System Recovery Options menu you will get the following options:

Startup Repair

System Restore

Windows Complete PC Restore

Windows Memory Diagnostic Tool

Command Prompt

 

• Select Command Prompt
  
• In the command window type in notepad and press Enter.
  
• The notepad opens. Under File menu select Open.
  
• Select "Computer" and find your flash drive letter and close the notepad.
  
• In the command window type  e:\frst64 or e:\frst depending on your version. Press Enter
  Note: Replace letter e with the drive letter of your flash drive.
  
• The tool will start to run.
  
• When the tool opens click Yes to disclaimer.
  
• Press Scan button.
  
• It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
  

 

Kevin

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!