Home > Action Center > Action Center Suggests I Have Win32/Small.CA Virus

Action Center Suggests I Have Win32/Small.CA Virus

It tells you to click and install it right away. My computer has blue screened several times over the last month although recovers very easily. I then ran - Malware Anti-Virus - SUPERAntispyware - Microsoft Safety Scanner... Help your visitors protect their computers! navigate here

Microsoft's Threat Encyclopedia doesn't tell what distinguishes this particular detection. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.Step 4Download Dr.Web CureIt to the desktop.The download is nearly 104.6 MB in sizeTurn OFF User = LL2 ... But as usual, none of them picked it up.Basically this virus began when i downloaded something, AVG told me to either move it to quarantine (which it wouldn't) or do nothing. his comment is here

BLEEPINGCOMPUTER NEEDS YOUR HELP! Maybe someone sense this as useful...:24489 Tigerlily 0 13 Jun 2013 4:37 PM I too have found this Windows "Virus" warning and wondered what if anything to do about it.We are Clients.Any Link from the Action Center is guided to Microsoft Sites or Microsoft Partner Sites where suggested Removal Tools from 3rd Party Vendors were reccommended.None of the Links in the Action All rights reserved.

Usually these virus programs are allowed a Quick Scan but I have problems with running a full scan. c:\programdata\SPL8D56.tmp c:\windows\wininit.ini . . ((((((((((((((((((((((((( Files Created from 2013-08-15 to 2013-09-15 ))))))))))))))))))))))))))))))) . . 2013-09-15 19:33 . 2013-09-15 19:34 -------- d-----w- c:\users\Meister\AppData\Local\temp 2013-09-15 19:33 . 2013-09-15 19:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-15 uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 LSP: c:\programdata\Sophos\Web Intelligence\swi_ifslsp.dll TCP: DhcpNameServer = FF - ProfilePath - c:\users\Meister\AppData\Roaming\Mozilla\Firefox\Profiles\46qr1tqn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ . Save the log.Do a Select ALL, Copy.

I enabled Windows Defender and its scan didn't find anything. It has done this 1 time(s). You've probably already checked - but the Step 3 is a clean install of Windows. https://answers.microsoft.com/en-us/windows/forum/windows_7-security/computer-says-i-have-win32smallca-virus-how-do-i/e93e6b2a-3dce-474b-9fa7-72ffaecc6664 Please try the request again.

I had to use rKill to stop it from going haywire.Please tell me what shall i do? Error: (10/22/2012 11:36:15 AM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) HKCU-Run-ABBYY Screenshot Reader Retail - (no file) AddRemove-Toolbar Cleaner - c:\program files\Toolbar Cleaner\uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Sophos Message Router] I am currently running - Comodo Internet Security Complete 2012 - used mainly for the firewall. - Bitdefender Total Security 2013 - used for Anti-Virus - Malwarebytes - used for scanning

Pre-Run: 221,672,828,928 bytes free Post-Run: 223,183,765,504 bytes free . - - End Of File - - B0C6040662530FF1D833B63A2824AC5E A36C5E4F47E84449FF07ED3517B43A31 Back to top #4 nasdaq nasdaq Malware Response Team 34,851 posts OFFLINE The time now is 15:37. Things seem to be running normally. Canada Local time:03:37 PM Posted 17 September 2013 - 12:29 PM Secure your system by updating 3rd party programs.Your version of Java is outdated and needs to be updated to take

JVance Community Answers 3515 11-13-12 2-spyware.com says: Hello, JVance, and welcome to 2spyware forum. check over here A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. So I forced it to move, causing my whole pc to crash.Now when I start windows up in normal mode the only thing i see is the mouse. When doing a full system scan, nothing is found.Best regardsMarco:22933 Cancel QC 0 19 Mar 2012 4:49 PM Hello Marco,Question is now, why does Sophos not detect this threat?Did the

Scanning your system regularly will make it harder for malware to reside on your system.A tutorial on using MBAM can be found here.Please Note: Only the paid for version has real The system returned: (22) Invalid argument The remote host or network may be down. I tried to click on a link on Microsoft's website to update definitions for Windows Defender and it tags the download as a threat. his comment is here However, we will try to help you.

Ping statistics for Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Pinging with 32 bytes of data: Reply from bytes=32 time<1ms TTL=128 Reply from RogueKiller did not work the first time I ran it. The second problem I had was shutting down Sophos.

angelberry66Nov 17, 2011, 10:47 PM This is gonna sound really frustrating.But I use a TV insted of a pc moniter (i know you're thining what has this got to do with

Zombies - Game of the Year (Version: PlayReady PC Runtime amd64 (Version: 1.3.0) Polar Bowler (Version: QuickTime (Version: Racket v5.1.3 (Version: 5.1.3) Realtek USB 2.0 Reader Driver (Version: But I'm guessing it's also possible that this specific malware might have originated as a .cn, from oh let's say China, circled the globe a few times, got changed along the I could not figure out how to do it, so you will see in the logs that it is still running. angelberry66Nov 18, 2011, 5:06 AM Okay, i'll be sure to give it a try when Avira has just finished this system scan, thankyou again everyone WR2Nov 18, 2011, 5:11 AM If

WR2Nov 18, 2011, 5:06 AM "Please be careful not to run the makeboot.bat file directly from hard drive of the computer!"You want to put that on the USB drive and run This is called W32/Small.CA.Question is now, why does Sophos not detect this threat ? WR2Nov 17, 2011, 1:32 AM AVG Rescue CD Video Tutorials A second opinion:How to Remove a Trojan or Rootkit angelberry66Nov 17, 2011, 5:52 PM Thankou so much for helping my identify weblink If there is a repeat of the AVG finding an infected system file I think the Repair disc will handle it.

It seems to have shut down my McAfee anti-virus so I can no longer access it. I scanned with MSE and it found virtool.win32/obfuscator.XZ but when I tried to 'clean' the system it seemed to fail. Can you open the CD/DVD drive before Windows loads, right after power on?Can you burn the CD on a different computer?If necessary, I think we can get you a non-infected OS Here is what it says: UNSUPPORTED OPERATING SYSTEM!

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] R2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\dleaserv.exe [2009-07-01 98984] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-05-09 161384] R2 swi_update;Sophos Web Intelligence Update;c:\programdata\Sophos\Web Intelligence\swi_update.exe [2012-11-12 1459264] R3 DMSKSSRh;DMSKSSRh;c:\users\Meister\AppData\Local\Temp\DMSKSSRh.sys [x] R3 Using the site is easy and fun. By then, the Action Center had automatically archived the message. virus removal is shoddy especially if you're dealing with a rootkit as WR2 is suggesting...

Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? angelberry66Nov 16, 2011, 9:48 PM Thankyou for the reply everyone. AR81Family Gigabit/Fast Ethernet Driver (Version: ATI Catalyst Install Manager (Version: 3.0.820.0) Bejeweled 3 (Version: BlueGriffon version 1.4 (Version: 1.4) Bricx Command Center Catalyst Control Center - Branding (Version: 1.00.0000) or read our Welcome Guide to learn how to use this site.

Eset Nod32 downloads but will not initialize. The .ca would indicate Canada. If we have ever helped you in the past, please consider helping us. We'd love to hear about it!

Sorry for the late reply. Adobe Reader 10.1.7 Adobe Reader out of Date!