Association Canadienne des Policiers virus Removal Guide

Threat Level:
9/10
Rate this Article:
Comments (0)
Article Views: 3564
Category: Malware

If you think that the Canadian Police have no business investigating your online activity, you will be shocked to find a truly intimidating notification sent by the Association Canadienne des Policiers virus. All information presented to you through this alert is bogus; however, the professionally developed interface and intimidating credentials attached to the warning have already helped schemers fool thousands of Windows users. You should not allow cyber crooks fool you too, and if you apply Association Canadienne des Policiers virus removal tips presented in the report, soon enough you will be able to run your PC ordinarily.

The virus that misleadingly uses the CPA ACP logo has been discovered to travel through the security backdoors exposed by ransom Trojans, and it can be spread into Windows systems using drive-by download protocols. Once Association Canadienne des Policiers virus is activated within your computer, you will notice extremely irritating system functionality disturbances. In the worst case scenario, your system will be locked and all of your administrative privileges will be removed. This is caused to make you desperate for a quick fix. If you pay attention to the seemingly intimidating alert, you might start thinking that you will restore your system only after you pay a 100 dollar fine. Here is what you will be forced to believe in:

Your computer is locked! […]
1. Your computer has been used to view banned Web sites
2. Your computer has been used to view Web sites containing child pornography.
3. Your computer has been used to illegal information, software.
4. Your computer has been used for storing / viewing pirated content. […]
According to “Information Security and Control Act 2012”, you are required to pay a fine of 100 Canadian dollars.

The presented Information Security and Control Act 2012 does not enable governmental agencies and Police departments to lock down systems and demand fine payments made through Ukash or Paysafecard. These systems are completely legitimate but do not require identification, which is why they would never be linked to any law enforcement departments. What is more, these money transfer systems have been used by schemers who have developed the infamous Cuerpo Nacional de Policía virus, Polizei österreich Virus, Dutch Police Virus and a number of other so-called Ukash viruses.

It is clear that you need to delete Association Canadienne des Policiers virus; however, if you think you will be able to succeed with manual removal, we remind you that the infection could be running alongside other PC infections. Do not risk the integrity of your operating Windows system and implement automatic removal tools to delete the virus. Here is how you can do it:

  1. Restart the PC.
  2. After the BIOS screen (information about Windows) goes way, immediately start tapping F8 for Boot Options menu to appear.
  3. Using arrow keys select Safe Mode with Networking.
  4. Launch a browser and type http://www.411-spyware.com/download-sph into the address box at the top of the home page.
  5. Follow the given instructions to download and install SpyHunter which will remove Association Canadienne des Policiers virus right away.

Instructions for Windows XP users:

  1. Restart the PC and wait for the BIOS screen to disappear.
  2. Promptly start hitting the F8 button on the keyboard.
  3. Using arrow keys on the keyboard select Safe Mode with Networking. Hit Enter.
  4. When “Desktop” alert shows up, click Yes and Windows Advanced Options Menu will be presented on your screen.
  5. Click on the Start menu.
  6. Launch RUN and enter “msconfig”.
  7. Click OK.
  8. When System Configuration Utility appears, click on the Startup tab.
  9. Hit the Disable All button and click Apply.
  10. Download SpyHunter.
  11. Restart the computer.
  12. Install the automatic virus removal and system protection application.
Download Remover for Association Canadienne des Policiers virus *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter.

Association Canadienne des Policiers virus technical info for manual removal:

Files Modified/Created on the system:

# File Name File Size (Bytes) File Hash
1%LOCALAPPDATA%\lollipop
2ssntvs.exe103415 bytesMD5: 863c2d694dc3cf82711420aa089e16e4
3xaZYOVJW.exe133632 bytesMD5: 4382872727fc8c0996fa315c599ecdf0
4pYunY8m4VL3qLc.exe286822 bytesMD5: 3415bcb9153afa1e0c1400b2f7fa1335
5bvhylsviw.exe98560 bytesMD5: 4b1c6c2aabc0314f7558151834b63717
6wpbt0.dll225280 bytesMD5: 3dfd93b751a0f9168739a7e668d14023
7%APPDATA%\system
8taskhost.exe.exe15872 bytesMD5: 8cdc3a6a50af07cbdc4a1193e45f8721
9skype.dat65024 bytesMD5: 13985f6b7ca5c771b28dbf42aef80984
10Task Scheduler.exe122368 bytesMD5: b923b9094635464cb81a245716d2d932
11NTServiceManager.exe666624 bytesMD5: 8e931cb28a92d7ee1a7f146b7f6c4664
12cf6640a77ed4926a4c6be661ab93def9d13408753dd07e8d02836996a2f247b6.exe462336 bytesMD5: 0e3308e36ca702faf42e929a9d0b5c47
13UpgradeHelper.exe289792 bytesMD5: 70f2dfab3a93558fec4dbc2d4b9d8a31
14csrsss.exe83928 bytesMD5: c41898f24d84a4ada9fe9b71e94ccd64
15ctfmon.exe9216 bytesMD5: d6d5126353edcb1f91aa210c3742de01
16p1.exe95244 bytesMD5: 5494478b81b9617fe10bbe5d12adb22d
17wahneaqa.exe102912 bytesMD5: dfd58427f8741b480eae4d9535a1e5f3
18Nbt.exe643072 bytesMD5: 90f72d0a2cc6956c07c46b47f6a3d40e
19crack.exe306176 bytesMD5: ab5af9b01941bff73068abf9c7def3bd
20dqnbdq7.dss175616 bytesMD5: 6514a485b26fcca011121f42f188d3b2
21acuvzomo.exe61440 bytesMD5: 64d6b4385310293e6ca81631c1652d59
22%APPDATA%\updates
23WINDED6.exe126464 bytesMD5: 77c854a9e5b39829d2ffc15767106ad9
24%APPDATA%\Task Scheduler
25ieudator.dll55808 bytesMD5: bfe953f0f96438290914369a7797cf84
26mplayer2.exe403456 bytesMD5: a01f673216f9a83cb352028319809f2f
27%CommonProgramFiles%
28%ALLUSERSPROFILE%\Application Data
29ifgxpers.exe331648 bytesMD5: 4765da2ba43a0ce9206d29c4c7aa76b6
30securitywindrv.exe34816 bytesMD5: 0da8705f12382804c87d20ee58a4674c
31UpdatePriv.exe65536 bytesMD5: a29c0d8665033ec58739bebd1693727e
32xmlfilter.exe115200 bytesMD5: 0ecf7e220a38e4fd86a5d67e8ce7c88a
33msavfit.exe158208 bytesMD5: 9f5e6c75851b2ee4b10e3e3b783d10b7
34secproc_isv.exe108544 bytesMD5: 25595c5104cafc7c667c73d1e2c74447
35Other.res70656 bytesMD5: 2122654109b372638bca24f780ea1921
36TimeDateMUICallback.exe87552 bytesMD5: 2d108d8f3d914658f74768a8eb120dde
37bf8h8d02hf.exe315904 bytesMD5: 1cbe49c0ebbeefbbe9f1c1fda9eebbe6
382084473.dll92672 bytesMD5: 4b53eef2de438858d7cc1360feb3c6c2
39rool0_pk.exe134144 bytesMD5: a363c25160f5bb09bdaee0e03d85278c
4000b5d693.exe282112 bytesMD5: 4dd835b5b72613c8f7fa71aed486b6c7
4150E1.exe340992 bytesMD5: 0e337ac9e0242482503a3c31559ed661
42bzsbkotiu.exe233472 bytesMD5: 35180a38939fe1b4368d804ae25e5a57
4387b2cb3916261d5c807bf44262755cb0.exe349184 bytesMD5: f8717683a44fcfef00aed80e8332547b
443511172082012Build.exe297984 bytesMD5: 835c431d44e546ac46f899466acff0e1
45svchost.exe417792 bytesMD5: 805c3831ce41e9f7123398409d6b5c40
46Piranha.exe449161 bytesMD5: eb0f419c0a98b065271effae67c4920f
47OmaSG21e.exe107520 bytesMD5: 27baf21f123fe80b8e0bf2a3d0a9c91e
48msshell.exe18432 bytesMD5: 0e9e0b2092e1c643f103d93f4a04b82a
49ACEIEAddOn.dll204800 bytesMD5: f42778c8d316a0e2f45844f8051242ff
50iner.exe674816 bytesMD5: 6b485eb86c32deca15b26e47e66a94e7
51xlqbteeb.exe64512 bytesMD5: 5f2861537c90cd2d3ec9620e67b91de7
52yaiiwockc.dll483328 bytesMD5: 9460de1c3485d5f3cc9f5fa1d4a09708
53puozlkmyj.dll356352 bytesMD5: a36b0b1c2a6c4ad06418ab137b62ee6c
54brenasa.exe45056 bytesMD5: a626c9a877af7d078e67be021a5baf28
55ubvhynpxh.exe223744 bytesMD5: 3679444e7921794b3754ffb8ca80916b
56hwj3ba6j.dss176640 bytesMD5: 54f1a99f7cb18ed47756bb22e1681766
57m2PythonLoader.exe135680 bytesMD5: d8dab211e0db20f00118f25ad64be90c
58dtkmujvo.exe87040 bytesMD5: b8d2f2fb25bc89994c96079e6079a3ec
59%WINDIR%\system32
60obvwo.exe129024 bytesMD5: e5893ac27c4ee6817f380e3607a3664c
61ex3b.dll1792000 bytesMD5: 992d5e68d52b908e744f0ea1db1deb89
62pmstcdjwz.exe97344 bytesMD5: dc30b025294d0ed58a16141e64942ff7
63VaultSysUi.exe62464 bytesMD5: e6922b3d1e2a74fa8620c4e004224a71
64najeoxtt.exe105984 bytesMD5: d0761e37cdef392ee249e24c84f0a66c
65%SystemDrive%\????????????
66n.46592 bytesMD5: 61a29236fee6568908a9bc629b8ada22
67setex.exe38759 bytesMD5: 01da942199a8e606a09889a23f7d27b5
68wlsidten.dll155648 bytesMD5: 26ca88d3fc9175797365a8553eb6948d
69xctqakcqbeo.dll256000 bytesMD5: bc5906995084024aeab23bdccd0d689f
70SyncHostps.exe94208 bytesMD5: 286f4c7e06c1c467e58426b916985567
71systemcpl.exe100352 bytesMD5: de7c781205d31f58a04d5acd13ff977d
72zqmkrehUkpoKfsafsaZg.exe33012 bytesMD5: 461caa595d898e273656853c337d81c4
73wjthvwjb.dss221184 bytesMD5: 9f2da2fd4fe9713d74acf0eb8fad8dc3
74oygqyunapnp.exe78336 bytesMD5: acdd61209ba5a132915c565f669b0d81
75%AppData%
76%WINDIR%\Temp
77魔法桌面第三方主题破解补丁V1.1.exe188416 bytesMD5: 5252ca014813b18c517ff44951628329
78msn.exe675840 bytesMD5: a403f9d53ad6a07073c9236842dd865e
79wlsidten.exe111616 bytesMD5: 1f2052c6529cd8a76a20ce858f080e68
8096dddda4.dll3303936 bytesMD5: 522cb91f694f6866568b91b7a11f5802
81questscan.dll1019904 bytesMD5: 0965f3611e919838ad794fcf11db43cf
82sqlncli.exe75264 bytesMD5: 1b8b3b51d8b52bed7a7bc0b05bdafbcb
83MWSBAR.DLL376901 bytesMD5: 8d23a39be47954dc43fcbb0114ce2a55
84administration.exe5242880 bytesMD5: f3e4e59a27b1ed11ebf0330b02b408f7
85rvcbcyks.exe103424 bytesMD5: e63bdd7e5eb894ca59900f155ad62158
86idiokbbrv.exe98448 bytesMD5: 3cd07724cf408fc515a711042d4a0524
87MusicCollector.exe6901936 bytesMD5: 42d5f1c904eae88de63cabeaa6a4bf50
88%UserProfile%
89C87C.exe79360 bytesMD5: efe25f747cdc17ebebc22604c4cdd209
90%TEMP%
91DLL321.dll191712 bytesMD5: bd6c2627b0f2e007d371f71edc0762a4
92{097444e7-2d87-ba3c-2efe-9f54812d824a}.exe293424 bytesMD5: bd5b67eac856f4fafa612067b6a8ccfd
93dyjdl.exe194560 bytesMD5: 5b94a572fd15f5416c4a88d02f406189
94jsdhlexdqkllnbcxgai.bfg143360 bytesMD5: 180f37b1ff8268ac2b95beee6989aba2
95%LOCALAPPDATA%\Temp
96gcrwcoak.exe108544 bytesMD5: 095507587859038b638fe1c0d6c0c74c
97msdtmsrd.exe224256 bytesMD5: acf3959bb985b616f9b221ae15d252eb
98aPr0hY9.exe45558 bytesMD5: 100b8f04f2bff5c49052173dc231eea1
99msnmsgrr.exe1427968 bytesMD5: 49300637db06b13f0bc0ee3b742e6399
100DA0B.exe61440 bytesMD5: 15279561b4232d0600f4cede0d7de174
101videotwisterSA.exe746496 bytesMD5: a72b74832ff54293504f3c1b441db398
102wgsdgsdgdsgsd.exe144896 bytesMD5: 3a8e4b69add412fd66d11c7ace416421
103JfCqQ5JC.exe270336 bytesMD5: 023829e50c93205ac81dd27009762620
10400qbipeq.exe108032 bytesMD5: b46bec93ed0cbf470b7a4e5421c30655
105WinSyncMetastore.exe83456 bytesMD5: b7614742cc2adf0264a038267d35a78a
106%ALLUSERSPROFILE%
107b34btbztdb0vavaw.exe149504 bytesMD5: 6d5b32abb27fc4bc837a77c21a66813b
108Firewallservice.exe423424 bytesMD5: 8f4305c63693259f648f33c59370978c
109uenovfiu.exe100864 bytesMD5: 47ebbd7f529d71b8eac53b7ca0f7eeaa
110Updating.exe1517520 bytesMD5: e5d532e96f42229d89993da562fbb5b4
111scvhost.exe231936 bytesMD5: 2dc8b92985e96aabc9ab0937f1018ff7
112install_0_msi.exe118272 bytesMD5: 68f337adbfbdaad81faa7ea3ec22da0b
113comeo.exe3581440 bytesMD5: 17b063d029da62b8afc715880c0ae047
114Q3d38543.exe33280 bytesMD5: 67f05820f38cf6ce319d92b55bae0956

Files in the following directories were modified:

  • %LOCALAPPDATA%
  • %APPDATA%
  • %ALLUSERSPROFILE%
  • %WINDIR%
  • %SystemDrive%

Memory Processes Created:

# Process Name Process Filename Main module size
1ssntvs.exessntvs.exe103415 bytes
2xaZYOVJW.exexaZYOVJW.exe133632 bytes
3pYunY8m4VL3qLc.exepYunY8m4VL3qLc.exe286822 bytes
4bvhylsviw.exebvhylsviw.exe98560 bytes
5taskhost.exe.exetaskhost.exe.exe15872 bytes
6Task Scheduler.exeTask Scheduler.exe122368 bytes
7NTServiceManager.exeNTServiceManager.exe666624 bytes
8cf6640a77ed4926a4c6be661ab93def9d13408753dd07e8d02836996a2f247b6.execf6640a77ed4926a4c6be661ab93def9d13408753dd07e8d02836996a2f247b6.exe462336 bytes
9UpgradeHelper.exeUpgradeHelper.exe289792 bytes
10csrsss.execsrsss.exe83928 bytes
11ctfmon.exectfmon.exe9216 bytes
12p1.exep1.exe95244 bytes
13wahneaqa.exewahneaqa.exe102912 bytes
14Nbt.exeNbt.exe643072 bytes
15crack.execrack.exe306176 bytes
16acuvzomo.exeacuvzomo.exe61440 bytes
17WINDED6.exeWINDED6.exe126464 bytes
18mplayer2.exemplayer2.exe403456 bytes
19ifgxpers.exeifgxpers.exe331648 bytes
20securitywindrv.exesecuritywindrv.exe34816 bytes
21UpdatePriv.exeUpdatePriv.exe65536 bytes
22xmlfilter.exexmlfilter.exe115200 bytes
23msavfit.exemsavfit.exe158208 bytes
24secproc_isv.exesecproc_isv.exe108544 bytes
25TimeDateMUICallback.exeTimeDateMUICallback.exe87552 bytes
26bf8h8d02hf.exebf8h8d02hf.exe315904 bytes
27rool0_pk.exerool0_pk.exe134144 bytes
2800b5d693.exe00b5d693.exe282112 bytes
2950E1.exe50E1.exe340992 bytes
30bzsbkotiu.exebzsbkotiu.exe233472 bytes
3187b2cb3916261d5c807bf44262755cb0.exe87b2cb3916261d5c807bf44262755cb0.exe349184 bytes
323511172082012Build.exe3511172082012Build.exe297984 bytes
33svchost.exesvchost.exe417792 bytes
34Piranha.exePiranha.exe449161 bytes
35OmaSG21e.exeOmaSG21e.exe107520 bytes
36msshell.exemsshell.exe18432 bytes
37iner.exeiner.exe674816 bytes
38xlqbteeb.exexlqbteeb.exe64512 bytes
39brenasa.exebrenasa.exe45056 bytes
40ubvhynpxh.exeubvhynpxh.exe223744 bytes
41m2PythonLoader.exem2PythonLoader.exe135680 bytes
42dtkmujvo.exedtkmujvo.exe87040 bytes
43obvwo.exeobvwo.exe129024 bytes
44pmstcdjwz.exepmstcdjwz.exe97344 bytes
45VaultSysUi.exeVaultSysUi.exe62464 bytes
46najeoxtt.exenajeoxtt.exe105984 bytes
47setex.exesetex.exe38759 bytes
48SyncHostps.exeSyncHostps.exe94208 bytes
49systemcpl.exesystemcpl.exe100352 bytes
50zqmkrehUkpoKfsafsaZg.exezqmkrehUkpoKfsafsaZg.exe33012 bytes
51oygqyunapnp.exeoygqyunapnp.exe78336 bytes
52魔法桌面第三方主题破解补丁V1.1.exe魔法桌面第三方主题破解补丁V1.1.exe188416 bytes
53msn.exemsn.exe675840 bytes
54wlsidten.exewlsidten.exe111616 bytes
55sqlncli.exesqlncli.exe75264 bytes
56administration.exeadministration.exe5242880 bytes
57rvcbcyks.exervcbcyks.exe103424 bytes
58idiokbbrv.exeidiokbbrv.exe98448 bytes
59MusicCollector.exeMusicCollector.exe6901936 bytes
60C87C.exeC87C.exe79360 bytes
61{097444e7-2d87-ba3c-2efe-9f54812d824a}.exe{097444e7-2d87-ba3c-2efe-9f54812d824a}.exe293424 bytes
62dyjdl.exedyjdl.exe194560 bytes
63gcrwcoak.exegcrwcoak.exe108544 bytes
64msdtmsrd.exemsdtmsrd.exe224256 bytes
65aPr0hY9.exeaPr0hY9.exe45558 bytes
66msnmsgrr.exemsnmsgrr.exe1427968 bytes
67DA0B.exeDA0B.exe61440 bytes
68videotwisterSA.exevideotwisterSA.exe746496 bytes
69wgsdgsdgdsgsd.exewgsdgsdgdsgsd.exe144896 bytes
70JfCqQ5JC.exeJfCqQ5JC.exe270336 bytes
7100qbipeq.exe00qbipeq.exe108032 bytes
72WinSyncMetastore.exeWinSyncMetastore.exe83456 bytes
73b34btbztdb0vavaw.exeb34btbztdb0vavaw.exe149504 bytes
74Firewallservice.exeFirewallservice.exe423424 bytes
75uenovfiu.exeuenovfiu.exe100864 bytes
76Updating.exeUpdating.exe1517520 bytes
77scvhost.exescvhost.exe231936 bytes
78install_0_msi.exeinstall_0_msi.exe118272 bytes
79comeo.execomeo.exe3581440 bytes
80Q3d38543.exeQ3d38543.exe33280 bytes

Reply

Your email address will not be published.

Name
Website
Comment

Enter the numbers in the box to the right *