Fileice Ransomware

Fileice Ransomware is an in-development ransomware that has yet to be unleashed on the Internet. However, we were able to obtain a work-in-progress sample and test it to find out what it is capable of. We were not surprised to see that it is a simply designed ransomware, but then again, most ransomware is. The good news is that this ransomware does cannot encrypt your files, so you can remove it without having to deal with the damage that ransomware usually do. This particular application is designed to lock your computer’s screen and prevent you from using it, there are ways to bypass this lock, and we will share one of them with you. To find out more about this infection, read this whole article.

Even though Fileice Ransomware has not been released, we want to go over the most likely distribution channels. In most cases, ransomware is disseminated through malicious emails that feature file attachments that drop or download a ransomware’s files on the infected computer. The emails tend to masquerade as tax returns, invoices and other types of messages that look like they have been sent from a person representing a legitimate real world company. The emails may contain malicious Word files and ask you to enable macros because ransomware uses the vulnerabilities of macros to infect a computer. Nevertheless, the emails can also contain JavaScipt files that run a malicious script when opened and download a ransomware’s files. In addition, infected websites are also popular among ransomware developers. Such websites contain exploit kits that interact with your browser’s Java and Flash plug-ins and install ransomware secretly. These are only a handful of possible distribution methods, but it is likely that Fileice Ransomware will be distributed using one or even several of them.

We obtained this ransomware’s sample file and tested it. Our analysis has revealed that when this ransomware is launched, it opens a window in fullscreen mode. You cannot move this window because it was purposefully made like this to deny you the means to use your PC. In a nutshell, this ransomware is set to lock your computer’s screen. The lock screen window features two tabs. The first one is “Select Your Survey” and it gives a list of surveys to choose from. In theory, you have to fill in a survey of your choice and this ransomware will unlock your computer’s screen. Our research has revealed that the surveys come from Fileice.net. Evidently, Fileice Ransomware’s developers make money off you when you complete filling the survey. However, since this ransomware does not fully work, we do not know how its finished version will act. It might do nothing after you fill out the survey. Nevertheless, there is a way to bypass the lock screen. Simultaneously pressing Alt+Tab will close it and then you will be able to remove it from your PC entirely.

As you can see, Fileice Ransomware is a low-grade ransomware that you can deal with rather easily. Nevertheless, its full release might have built-in safety features that may make it harder for you to close the window. However, for the time being, it is enough to press Alt+Tab to close it. Once you do that, you can go to %HOMEDRIVE%\Seo and delete its executable named Sdchost.exe. You should also delete the dropper file from your Downloads folder, provided that there was such a file because this ransomware’s distribution method dictates whether such a file will exist. If you have trouble with Fileice Ransomware, you can also use SpyHunter because it is more than capable of eradicating it.

Delete Fileice Ransomware manually

1. Press Windows+E keys.
2. In the File explorer’s address box, enter %HOMEDRIVE% and press Enter.
3. Find the folder named Seo that contains at the file named Sdchost.exe
4. Right-click it and click Delete.
5. Enter %USERPROFILE%\Downloads in the address box and hit Enter.
6. Delete this ransomwares’s dropper file.
7. Empty the Recycle Bin.