Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: win32/Small.CA virus


11 Feb 2013   #21

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Sorry to jump in, I know you've run AdwCleaner and RogueKiller. Each application has it's strengths.
Consider running the following malware scanners.

Run one at a time, reporting any findings and the resolution (quarantine, delete, ignore, unable), then run the next one, even if the previous one said it fixed it.

Good luck. I'll step out of the way and let Cottonball direct further actions.

Kaspersky: Anti-rootkit utility TDSSKiller
ESET: Online Scanner
Malwarebytes: Malwarebytes (Mbam)
Note   Note
When installing Malwarebytes, do NOT elect the free trial of the full version; you only want the free version.

If the on demand scanners report clean, consider running an offline scanner

Microsoft Defender (WDO)
.

My System SpecsSystem Spec
.

11 Feb 2013   #22

Windows 7 Home Premium 64 bit SP1
 
 
win32/Small.CA virus

JRT Log report

Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Home Premium x64
Ran by xxxxxx on 11/02/2013 at 20:12:27.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page

~~~ Registry Keys

~~~ Files

~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\speedmaxpc"
Successfully deleted: [Folder] "C:\Users\xxxxxx\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\xxxxxx\AppData\Roaming\speedmaxpc"
Successfully deleted: [Folder] "C:\Users\xxxxxx\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\xxxxxx\appdata\locallow\searchresultstb"

~~~ Event Viewer Logs were cleared


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/02/2013 at 20:20:42.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Cottonball: Ran TFC file and removed 396 files

HALLELUJAH - that nemesis seems to be (dare I say) gone!! The action center doesn't say remove win32/Small.CA virus.

At this point can I confidently feel that my PC is infection free?

To deal with Google Chrome & win. firewall questions, guess I should post to a different category.
Thank you so very much for all your help - it was much appreciated. Will send you more kudos!
My System SpecsSystem Spec
11 Feb 2013   #23

Windows 7 Home Premium
 
 

As suggested by Slartybart , let's run the ESET Online Scanner

First, temporarily disable your Anti-Virus.
Info: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - BleepingComputer.com

If possible, use Internet Explorer for this scan.

Right-click on the IE icon in the Start Menu and select: Run as Administrator

Go here to run the Scan:
ESET Online Scanner

Accept the Terms of Use, then click on: Start
When prompted, allow the Add-On/Active X to install.

Under Scan Settings, make sure that the option Remove found threats is NOT checked, and the option Scan Archives is checked.

Click on Advanced Settings and select the following:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Now, click on: Start
The virus signature database begins to download. (This make take some time.)

Next, the Online Scan begins automatically.
Please do not touch the Mouse or keyboard during the scan, otherwise it may stall.

When the scan completes, click: List Threats
Please copy and provide the informationpresented in your reply. (If no malware is found, a list is not presented.)
Click the Back button, and then click the Finish button.

Note: Make sure you re-enable your Anti-Virus!
My System SpecsSystem Spec
.


11 Feb 2013   #24

Windows 7 Home Premium
 
 

Please report whether ESET took care of the Action Center issue. If not...

Another option, offline (outside of the Windows Operating System):
Windows Defender Offline
My System SpecsSystem Spec
11 Feb 2013   #25

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Cotton, you can run ESET & Mbam with real time protection active.

WDO boots from CD, so it doesn't come into play.

Just thought I'd make note of that, otherwise... very informative post
My System SpecsSystem Spec
11 Feb 2013   #26

Windows 7 Home Premium
 
 

Slartybart,

Quote:
...you can run ESET & Mbam with real time protection active
Seen it done both ways, and every now and then there is a glitch. Rather be safe than sorry...
Also, it may go faster.
My System SpecsSystem Spec
11 Feb 2013   #27

Windows 7 Home Premium 64 bit SP1
 
 
win32/Small.CA virus

Cottonball: After finishing my last post, I never realized that you had another post below.
Being as how after posting that JRT Removal Tool log, and then finding that Action Center was cleared of the removal of win32/small.ca virus entry, guess there is no need to do the Eset scan you recommended now, right? Thanks.

Slartybart: Thank you for offering to help and suggestions to try.
Incidentally for your information, your links to Anti-rootkit utility TDSSKILLER and Malwarebytes (MBAM) also Defender (WDO) - when clicked came up as "Address is Invalid".
Thanks.
My System SpecsSystem Spec
12 Feb 2013   #28

Windows 7 Home Premium
 
 

veegee,

If I understand you correctly, the win32/small.ca Action Center reminder was gone after you ran JRT?
If so, there must have been some remnant hanging on, and JRT got rid of it. Good job!

On ESET, it would be a good idea to run it, and then let us know what its results are in: List Threats

It is best to get another confirmation that there is nothing in the system to be concerned about. Scanners have different definitions they look for, so, what one does not pick up, another one may...
My System SpecsSystem Spec
12 Feb 2013   #29

Windows 7 Home Premium
 
 

@Slartybart,

A little editing will do the trick.

The links are like this:
Quote:
[URL="http://[url]http://support.kaspersky.com/viruses/solutions?qid=208280684"]
My System SpecsSystem Spec
12 Feb 2013   #30

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

veegee, great news, thanks for posting back

if you're satisfied that this issue is fixed, please mark the thread as solved. You might wait a day or two

Kudos!

Fixed the links in my post, sorry folks.
- that's what ya get when you try something new (post templates, then edit)
My System SpecsSystem Spec
Reply

 win32/Small.CA virus




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:16 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33