Police Ransomware Trojan Morphs, Spreads

The Trojan.Icepol e-threat (that we’ve covered here before) is still alive and very much kicking. In fact, according to Bitdefender antimalware researcher Razvan Benchea, its developers are kicking out version after version, at rapid pace, in a (somewhat misguided) attempt to stay ahead of antivirus solutions.

Bitdefender is keeping pace though, so (courtesy of the same Razvan Benchea), here’s a chart of the evolution of the number of detected instances of the various Trojan.Icepol variants found in the past two months or so: Icepol 0203to0404



Yep. It’s going up. If you’ve received a threatening e-mail purporting to come from the police in your country, it’s probably time to download the removal tool: Trojan.Ransom.Icepol (53614)

16 Responses to Police Ransomware Trojan Morphs, Spreads

  1. Marmota says:

    Icepol is codename for Silence Winlocker?

  2. Twannie says:

    Just removed it again for the 30th time on a ‘family’ computer, keeps on coming back

  3. jim says:

    I tried this one fix but no luck

  4. Karen says:

    I’ve gotten that too. I’ve NO idea how cops would get my e-mail addresses. It makes no sense. The e-mails USUALLY give me tornado warnings and things of that nature. I’ve got eyes and a TV and don’t need police interfering with my computer. Actually, I don’t need them at all. On Feb. 6th, 2010 local police beat and crippled me for ABSOLUTELY NO REASON in my own living room (actually, it stems from an ex who had/has ties to police and when we broke up he turned into a complete monster). In any event, I wondered for the longest time why they’d be sending me weather status, etc., in my e-mail accounts. I never could figure out how they even got my various e-mail account addresses or for that matter, WHY? Why would they assume I’m going to run to the computer to read my e-mail if a tornado is ready to blow my house over? No I know it’s B.S. Well, I don’t think I’m going to call them to report it as they’ve crippled me by smashing my right arm which I’ve gone through six surgeries over and have an arm full of titanium and steel. I think I’ll just preserve my left arm. I guess I’ll run the removal tool just in case my new BitDefender Total Security hasn’t gotten rid of it. I take NO chances since I was last compromised with a virus that literally ATE hardware components in three computers. BitDefender Total Security probably does kill all these things off BUT I want to make sure so I’m going to run the tool.

  5. Randy says:

    Karen, you better take your meds.

  6. Robert says:

    Tried to run the BitDefender tool, but no luck here! Strange thing is, I cannot start the system in Safe Mode. It just shuts down when I try that. Is that the virus at work, or me doing something wrong?

  7. Samuel says:

    I’ve removed many Police Ransomware trojans but they keep getting nastier and harder to remove from any system.

  8. eric says:

    It stil works 22/07/2013 Thanks!

  9. Etienne says:


    I have got the same issue Robert has, whenever I startup in Safe mode, the computer shuts down directly en reboots hence I’m not able to run the USB stick.

    Other options?

  10. Etienne says:

    Got it removed using the AVG rescue USB stick.

  11. Ray says:

    Only affects specifics users not all. If user A was infected then you have still access to your computer using user B for instance.

    I opened a case today let’s see how much time it takes to fix this problem. Tool does not work at all!!!!

  12. Fra says:

    In my pc I removed the virus with an usb stick with Bitdefender in five seconds just by following the instructions from Bitdefender.

  13. Shawn says:


  14. Mike Dawson says:

    Thanks for the entertaining reading Karen!
    (better take Randy’s suggestion though)