Uremtoo Trojan
It can be difficult to keep track of all of the different Police Ransomware Trojans that are active today. This is because this has quickly become one of the most widespread online scams. It does not help that most Police Ransomware families share large portions of their code, only differing in slight cosmetic aspects. Some characteristics that are particular of a Uremtoo Trojan infection are the fact that the ransom message will say 'System Failure' and that these Police Ransomware tend to impersonate national police organizations like the FBI or Interpol rather than smaller police agencies or copyright protection societies such as some other Police Ransomware. However, it is important to point out that the actual Uremtoo Trojan scam presents no difference from the numerous other families of Police Ransomware active in the wild.
The Uremtoo Trojan installs a Police Ransomware infection on the victim's computer. This scam consists in a malware infection that prevents the victim from accessing their Desktop and files. The Uremtoo Trojan displays a full screen threatening message that claims that the infected computer was used in illegal activities, such as viewing underage pornography or trafficking with cracked software. The Uremtoo Trojan threatens the victim with jail time and fines of thousands of dollars unless a ransom is paid through the Ukash PaySafeCard money transfer services. Because of this, Uremtoo Trojan variants are often lumped with malware from other Police Ransomware families and referred to as the 'Ukash Virus'.
A victim of a Uremtoo Trojan infection will not be able to access their software and operating system because of the full screen ransom message. Unfortunately, the Uremtoo Trojan also blocks Windows components that would normally be used to bypass these kinds of intrusive windows, such as the Windows Task Manager or the Start Menu. To bypass this lock, ESG security researchers advise computer users to use an alternate boot method to gain access to Windows. For example, using an external memory device to boot Windows or starting up Windows in Safe Mode with command prompt. Once the Uremtoo Trojan ransom message has been bypassed, ESG security researchers note that it is possible to remove a Uremtoo Trojan infection with an anti-malware application that is fully up to date.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.