Trojan:Win32/LockScreen.CI
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 90 % (High) |
Infected Computers: | 2 |
First Seen: | July 23, 2012 |
Last Seen: | January 14, 2020 |
OS(es) Affected: | Windows |
Trojan:Win32/LockScreen.CI, also known as the International Police Association (I.P.A.) Ransomware, is a ransomware Trojan that has infected computers all over the European Union. Fortunately, unlike many more severe ransomware infections, Trojan:Win32/LockScreen.CI is not terribly sophisticated and can be removed with a reliable, fully updated anti-malware program without any lasting damage to the infected computer system. The Trojan:Win32/LockScreen.CI Trojan is very similar to the many variants of the so-called Ukash Virus. Although fairly widespread, Trojan:Win32/LockScreen.CI has not yet infected computers in North America or the United Kingdom. However, the code for this dangerous Trojan could be easily altered so that Trojan:Win32/LockScreen.CI attacks computers anywhere in the world. Like most similar Winlocker Trojans, Trojan:Win32/LockScreen.CI will display a fake message from the infected computer's country's police force. ESG malware analysts advise ignoring Trojan:Win32/LockScreen.CI's message and instead removing this threat with a fully updated anti-malware program.
Table of Contents
How Criminals Use Trojan:Win32/LockScreen.CI to Scam Their Victims
The Trojan:Win32/LockScreen.CI Trojan is designed to block access to the OS and then displaying an alarming message supposedly sent by the International Police Association. Like many ransomware infections, the Trojan:Win32/LockScreen.CI's warning message will claim that the victim's computer was used to look at illegal content on the Internet and to download illegal files. While most ransomware infections are difficult to tell apart one from the other, Trojan:Win32/LockScreen.CI displays a highly realistic bogus message that can easily fool inexperienced computer users. The main goal of Trojan:Win32/LockScreen.CI is to convince the victims to pay a fine that can range from fifty to one-hundred Euros. The Trojan:Win32/LockScreen.CI message lists possible payment methods, including Ukash and PaySafeCard. These are both legitimate money transfer companies that, unfortunately, have been used by criminals for ransomware payments.
Unlike more nasty ransomware infections that can encrypt files or make advanced system settings modifications, the Trojan:Win32/LockScreen.CI Trojan is not too difficult to remove. However, the main difficulty to beaten is gaining access to the infected computer in the first place. This can be difficult since Trojan:Win32/LockScreen.CI's full-screen message prevents the PC user from accessing his/her desktop or files. ESG security analysts recommend starting up Windows using alternative boot methods. These include using a CD or a USB drive (external memory devices) or starting up in Safe Mode (by simply pressing F8 during start-up).
SpyHunter Detects & Remove Trojan:Win32/LockScreen.CI
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | rool0_pk.exe | 16dfb6ef2bb89305d45c3aa30e56c4ef | 1 |
2. | file.exe | 5a5dd88f41710d893ab335cade2b7768 | 0 |
3. | MaxTube_movie_id63909.exe | d66ecc1f7d476376934a40a4a67ca91c | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.