Trojan:Win32/LockScreen.CI

Trojan:Win32/LockScreen.CI, also known as the International Police Association (I.P.A.) Ransomware, is a ransomware Trojan that has infected computers all over the European Union. Fortunately, unlike many more severe ransomware infections, Trojan:Win32/LockScreen.CI is not terribly sophisticated and can be removed with a reliable, fully updated anti-malware program without any lasting damage to the infected computer system. The Trojan:Win32/LockScreen.CI Trojan is very similar to the many variants of the so-called Ukash Virus. Although fairly widespread, Trojan:Win32/LockScreen.CI has not yet infected computers in North America or the United Kingdom. However, the code for this dangerous Trojan could be easily altered so that Trojan:Win32/LockScreen.CI attacks computers anywhere in the world. Like most similar Winlocker Trojans, Trojan:Win32/LockScreen.CI will display a fake message from the infected computer's country's police force. ESG malware analysts advise ignoring Trojan:Win32/LockScreen.CI's message and instead removing this threat with a fully updated anti-malware program.

How Criminals Use Trojan:Win32/LockScreen.CI to Scam Their Victims

The Trojan:Win32/LockScreen.CI Trojan is designed to block access to the OS and then displaying an alarming message supposedly sent by the International Police Association. Like many ransomware infections, the Trojan:Win32/LockScreen.CI's warning message will claim that the victim's computer was used to look at illegal content on the Internet and to download illegal files. While most ransomware infections are difficult to tell apart one from the other, Trojan:Win32/LockScreen.CI displays a highly realistic bogus message that can easily fool inexperienced computer users. The main goal of Trojan:Win32/LockScreen.CI is to convince the victims to pay a fine that can range from fifty to one-hundred Euros. The Trojan:Win32/LockScreen.CI message lists possible payment methods, including Ukash and PaySafeCard. These are both legitimate money transfer companies that, unfortunately, have been used by criminals for ransomware payments.

Unlike more nasty ransomware infections that can encrypt files or make advanced system settings modifications, the Trojan:Win32/LockScreen.CI Trojan is not too difficult to remove. However, the main difficulty to beaten is gaining access to the infected computer in the first place. This can be difficult since Trojan:Win32/LockScreen.CI's full-screen message prevents the PC user from accessing his/her desktop or files. ESG security analysts recommend starting up Windows using alternative boot methods. These include using a CD or a USB drive (external memory devices) or starting up in Safe Mode (by simply pressing F8 during start-up).

SpyHunter Detects & Remove Trojan:Win32/LockScreen.CI