I’m not sure how it happened. One second I was happily surfing the Internet, wasting time… er, that is to say, conducting research and seeking information… and the next, I was looking at an INTIMIDATING screen purportedly from ICE (the U.S. Department of Immigration and Customs Enforcement) telling me my computer was blocked, my controls frozen, my information was being reported to the police, and I was guilty of viewing kiddy porn. Or of being a terrorist. Or committing fraud. Something. But I was definitely guilty of it. Whatever it was.
My response was immediate. Rude. And unprintable.
I knew what this was, fortunately. The ICE Cyber Crime Center Screen is an infamous and constantly changing computer virus that causes lots of problems for people whose systems it manages to infect; and the routes of infection are many. An attachment on an e-mail, opening an infected site, downloading a bad program, any of these can result in you staring at the ICE screen.
I didn’t think I’d done any of these; but a pop-up screen, supposedly from Norton Anti-virus – which I subscribe to – had appeared shortly before the ICE screen had taken over my computer. The pop-up asked me if I wanted to know what Norton planned to do regarding Windows XP, now that Microsoft was no longer providing support: And if I did, I just had to click the indicated button.
It might have been from Norton. Or it might have been a very sneaky attack from someone who had made a virus variant specifically aimed at Norton / Windows XP users. Anyway, I clicked; and shortly thereafter, I came face to screen with the virus.
It was obvious this was a scam. The screen said that since this was a first time offense the ICE would unlock my system if I just paid them a fine of $300 sometime within the next 48 hours; and until that was done the lock would stay in place. And if I didn’t pay, jail time. To which I replied, “Oh yeah, pull the other one.”
The U.S. government does NOT tell you you are under investigation, it just arrests you when they’ve got a case. It doesn’t block a computer, it comes to your house and confiscates it. And it NEVER, EVER gives you the chance to avoid criminal prosecution by paying a fine. Unless you’re rich or a major corporation, of course. This was a criminal attempt in itself to extort money via a false threat and an induced computer problem. That was clear.
Unfortunately, while I knew what it was, I didn’t know what to do about it. At one time, when a TRS-80 was cutting edge technology, I understood computers. But now? It is rather like car engines. Back in the day my father, brother, and I could work on car engines and know what everything was and what to do with it. But opening a modern car hood now reveals something that looks like it came out of an alien space ship, with attachments and configurations that stupefy.
In a similar way computer programs, even viruses, have become so complex they are beyond my grasp. I feared my computer was going to have to go into the shop for debugging.
But being one of those people who like to see if they can fix things on their own, I started fooling around. Even though the ICE screen warned that any attempt to break the lock put on my computer would result in wholesale deleting of all my stuff.
I identified that as a bluff, figuratively blew a raspberry at the screen, wished I had the guy who had devised this virus in front of me so I and my baseball bat could express our feelings on the matter, and got to work.
Rebooting my computer didn’t improve things, the screen showed up again almost immediately as part of the start up process. The mouse did nothing. And most of my keyboard keys, including the F keys and combinations like ESC-ALT-SHIFT, produced no change. It was quite irritating.
Then I discovered that pushing the CTRL and ESC buttons at the same time still worked to activate my computer’s Start Menu, and gave me access to all my regular programs. Including my Internet browser.
From then on, the virus was living on borrowed time. Because while *I* might not have known how to handle this, through the Internet I could find out what thousands of more informed people knew. Including how to get rid of this thing.
First, though, with access to it now restored, I had my Norton Anti-virus program run a scan to find and eliminate the virus. After all, I’m paying Norton a subscription fee to have this program on my computer, it had failed to protect me from this virus infection, it was time for it to get to work.
Unfortunately it proved as ineffectual at finding the virus as it had at blocking it. Apparently whoever had devised this variant was prepared for Norton. A pox on his house. Getting a live update from Norton DID eliminate the screen, though, and I thought I was home free.
Until I rebooted my computer to make sure, and the screen came back. As ugly as ever.
I skipped the small stuff and wished hemorrhoids, shingles, yaws, chilblains, erectile dysfunction, and a host of other aliments on the virus maker and his get for 1000 generations. Although with the E.D. it was possible he wouldn’t have any get or future generations…
So although I could make the screen go away temporarily by using Norton Update I couldn’t apparently permanently kill it, and there was no telling what damage the virus itself might be doing in the meantime. It didn’t LOOK like it was scanning or messing with any of my files or material, but how could I be sure?
It was time to get serious.
Googling “ICE Cyber Screen virus” brought up several solutions and I started going through them. First was to restart my computer in ‘Safe’ mode, a limited function operating system that the virus wouldn’t be able to interfere with, hopefully, and from which I could access various programs that might help.
I didn’t really need that for the ICE virus, as I could work around the screen block by using the Start Menu. But I tried it anyway, pushing the F8 button repeatedly as I restarted my system.
Only to find that, although I could activate ‘Safe’ mode, when I tried to do anything the system would reset to normal operation, which would bring up the ICE screen again. Either I was doing something wrong or the virus had me blocked.
The next suggested step was Restore. Modern computers take periodic ‘snapshots’ of how their internal systems are at certain times; by activating Restore you can return the computer to the state it was in at a certain date, BEFORE your computer became infected with a virus. Or before you downloaded a program that really messed things up.
I tried this, but this ALSO didn’t eliminate the screen. Restore doesn’t remove any pictures or files you may have downloaded or created since the ‘snapshot’ was taken, only programs. And apparently the ICE virus was disguising itself as an innocuous file, not a program, so Restore had no effect on it.
This was becoming rather stressful. I had spent two hours on this problem by this point and still had not gotten rid of this irritant. I could probably have taken my computer to the repair shop and gotten it done, if not faster, at least without such effort on my part. But then there’s thrifty; there’s frugal; and there’s cheap.
I’m cheap. And the idea of paying someone to do what I might be able to do myself, grates. Besides which, this was getting personal.
And being cheap, the next option appealed to me. There are lots of free programs available, put out by people and companies, that specifically address the ICE virus and put the kibosh on it. I did a bit of research and chose Malwarebytes, a program that came recommended as safe and effective. And free. I downloaded it – the virus couldn’t stop me from doing THAT – and told it “Seek and destroy”.
Two hours later it finished an in-depth scan of my computer and announced it had found 15 items. Most of these were the ICE virus and its various folders and files, although two were remnants of adware that were hanging around my system for some unknown reason. I ordered the program to quarantine all of them (unfortunately there wasn’t the option to do the same to the programmer who made the virus); then at its direction rebooted my system one more time… and the ICE screen was gone. My normal wallpaper was visible again, and the problems were over.
Mainly. I think Malwarebytes and Norton Antivirus are slugging it out in the depths of my computer as to which is the alpha virus protection. I changed the passwords on my most vital websites just in case the virus had had a bit of spyware in it. And there’s a notice that appears when I start up my computer now, a notice that tells me that an attempt to activate a specific file failed because the file wasn’t there anymore. That was obviously the ICE screen.
I could probably eliminate the start up instruction that makes my computer try to run that program. But the notice serves as a reminder. To be careful. To keep my virus protections up to date and active. And to remind me to hope the ICE virus programmer gets an in-person visit from the REAL Immigration and Customs people, who want to talk to him about felony impersonation, and spending the next 50 years in prison…