Grab the free removal tool and put your machine back on track in no time
When it comes to innovation, cyber-criminals have no borders, or that’s what we believe after analyzing this piece of multi-language malware detected as Trojan.Ransom.IcePol.The ransomware adds itself to the Startup Registry key in order to ensure persistence after every reboot. As soon as the computer starts, the screen gets locked and displays a message in the user’s language, if the user is located in a country that speaks one of 25 languages. The message states that the computer got locked as suspicious activity (download of copyrighted material or of “illegal pornography”) was detected. Of course, the system can be unlocked by paying a ransom, euphemistically described as “fine”.
In order to block access to the system, the Trojan Adds itself to the Winlogon\Shell registry key in the Current User branch and denies access to Windows Explorer for the current user. This way, the user is locked on the outside, with no chance to run an antivirus solution or a removal tool.
If you have become infected with this ransomware Trojan, use a working computer to download the Bitdefender removal tool.
Removal tool courtesy of the Bitdefender malware cleanup team
UPDATE: New article details spread of infection, here.
tags
June 08, 2023
May 02, 2023
January 11, 2023
January 05, 2023