Is your computer locked by Centre for Critical Infrastructure Protection virus that asks you to pay 100 New Zealand dollars through Ukash? Don’t know whether it is real or not? Is this warning really from New Zealand Police? How to unlock the computer from CCIP scam?
Centre for Critical Infrastructure Protection virus (also called New Zealand E-Crime Lab Virus or CCIP Virus) is another Ransomware program designed by cyber criminals to attack PC users in New Zealand and get money from them. It utilizes the name of New Zealand Police Institution to confuse innocent users and threaten them by locking their computers and warning that the targeted computer is locked because they have been visiting porno websites, using and distributing adult content files. Actually this virus has nothing to do with any organization in New Zealand such as Centre for Critical Infrastructure Protection(CCIP) or New Zealand E-Crime Lab. This is just a virus using scare tactic by blocking infected computer and displaying fake message in order to persuade you into paying the fine. You should never do that because paying the fine won’t help to get your PC unlocked.
Centre for Critical Infrastructure Protection virus has been spreading around these days. To be specific, this virus can be attached to email attachments, programs you have downloaded, or even from your computer’s operating system vulnerabilities. As soon as it is installed, it locks the compromised computer every time when Windows is launched. It accuses users of doing illegal activity on the computer related to using and distributing pornographic or copyrighted content. Then it requests users to pay a fine of NZD $100 via Ukash vouchers within 48 hours. Don’t believe in this deceitful and misleading information. No fine has to be paid to unlock the machine. The only thing that has to be done is to remove Centre for Critical Infrastructure Protection virus immediately.
New Zealand E-Crime Lab
New Zealand Police
Centre for Infrastructure Protection (CCIP)
Your computer has been blocked for safety reasons listed below.
You are accused of viewing/storage and/or dissemination of banned pornography (child pornography/zoophilia/rape etc). You have violated World Declaration on non-proliferation of child pornography. You are accused of committing the crime envisaged by Article 161 of New Zealand criminal law.
Article 161 of New Zealand criminal law provides for the punishment of deprivation of liberty for terms from 5 to 11 years.
Also, you are suspected of violation of “Copyright and Related rights Law” (downloading of pirated music, video, warez) and of use use and/or dissemination of copyrighted content. Thus, you are suspected of violation of Article 148 of New Zealand Criminal Law.
Article 148 of New Zealand criminal law provides for the punishment of deprivation of liberty for terms from 3 to 7 years or 150 to 550 basic amounts fine.
It was from your computer, that unauthorized access had been stolen to information of State importance and to data closed for public Internet access.
The notification just wants to make the user believe that the activities of the infected computer are monitored and the only way to unlock the system is to pay a fine. According to the message, it says if you pay for $100 NZD through Ukash, your computer will be unblocked soon. Or you will be arrested and sent to jail. However, that is not true and paying will not guarantee that you will be able to use your computer normally again. The only thing it will happen is that you lose you money and get nothing back.
It will take control of your computer rapidly once it is downloaded.
It will pretend itself as a legit warning and then ask for a ransom.
It can disable your task manager and even pop up in safe mode.
It can connect to a remote IRC server and forward the data to cybercriminals without a computer user’s awareness.
It can’t be simply uninstalled or removed in control panel.
Since Centre for Critical Infrastructure Protection virus has completely locked up your computer making you difficult to gain access, you will need to manually remove it instead of using antivirus programs to do so. Also, antivirus programs cannot completely catch this virus. Otherwise, it would have caught it at the beginning when this CCIP malware tries to sneak inside. Below are some basic steps on how to get rid of this virus manually. However, due to the changeable characters of this virus, you may not find the exact same files or entries to delete. That’s also why the manual removal requires expertise to do it. You will need to go through files and entries under different locations to define and delete. Any mistake could lead to unpredictable problems during the process. Thus, a backup of important files and programs is suggested before Centre for Critical Infrastructure Protection(CCIP) virus removal. A flash drive or external hard drive will be needed.
1. Since you cannot gain access to the infected computer under regular mode because of this CCIP lock screen, please restart the computer and put it in Safe mode with Networking first. Here’s the guide: Restart the computer upon the locking screen and start hitting F8 key repeatedly when PC is booting up again; if successfully, Safe mode options will show up on the screen for you to select. Please use arrow keys to highlight Safe mode with Networking option and hit enter key. System will be loading files into this mode afterward.
Attention: If virus stays in your computer for a long time, it may work in the background and block you from accessing safe mode with networking, thus, you’ll see virus page still or the virus forces you to log off and restart your computer automatically. In that case, please choose: Safe mode with command prompt and try if it helps. If none of them helps, please contact YooCare expert for instant help.
2. Open Control Panel from Start menu and search for Folder Options. Go to Folder Options window, under View tab, tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) and then click OK.
3. Under Safe mode with Networking, please hit Ctrl+Shift+Esc (Ctrl+Alt+Delete) keys together to pull up Windows Task Manager; go to Processes tab on top and scroll down the list to find processes associated with Internet Police Department scam and click End process.
4. Open Registry Editor by pressing Windows+R keys and pull up Run box and searching for regedit.
5. Find out and delete files and registry entries associating with FBI Department of Defense virus as below:
6. Restart computer back to Regular mode and check out if the warning page still shows up again.
Centre for Critical Infrastructure Protection Virus is a ransomware that attacks computers based in New Zealand. It usually comes from your computer through compromised email attachments, fake codec packs and malicious software. Once the infection is infiltrated into your computer, it roots deep into the system and locks your computer immediately. This virus is just used to make users scared and fool them into pay the ransom. Actually it is not related to any law institutions. Now there are plenty of other similar Ransomware based on the same methods, infecting computers all over the world such as FBI Department of Defense Virus, National Crime Prevention Unit Ransomware etc. They share the same method by locking one’s computer and then demanding payment for unlocking. Many users feel frustrated and hopeless at the time they found computer was blocked. However, paying for the fine is not the only way to get your PC unlocked. Instead, once you make a payment, the money will go straight to the bank accounts of computer hackers who create such nasty virus. These awful hackers work in secret and ask users to pay the fine via a prepaid card so that victims have no way to trace their money when they realize Centre for Critical Infrastructure Protection Virus is a hoax. It is suggested users should ignore all the CCIP virus claims and remove this virus quickly before it causes further damage on your computer.
Note: Manual removal is a skillful and risky job, if any mistakes are made in the process, you may damage your computer immediately. If you are not sure how to do, please contact YooCare PC experts 24/7 online for help right now.
Published by & last updated on July 27, 2013 10:29 am