Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Win32/Small.CA virus detected

19 Sep 2013   #1

Victoria
 
 
Win32/Small.CA virus detected

Ive just received an action centre message stating Win32/Small.CA virus detected

Part 1

Code:
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16506  BrowserJavaVersion: 10.25.2
Run by matthew.gee at 14:54:17 on 2013-09-19
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.61.1033.18.8166.4829 [GMT 10:00]
.
AV: Sophos Anti-Virus *Enabled/Updated* {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Sophos Anti-Virus *Enabled/Updated* {DE9A3984-B0E2-7A61-FD5D-409005EB0337}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Entrada Management\SFTSRC45305678451237\AgentMon.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtlogger.exe
C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtmon.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe
C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Users\matthew.g\AppData\Local\Akamai\netsession_win.exe
C:\Users\matthew.g\AppData\Local\Akamai\netsession_win.exe
C:\Users\matthew.g\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\matthew.g\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Autodesk\Inventor 2010\bin\Inventor.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtsport.exe
C:\Program Files\Autodesk\Inventor 2010\bin\bin32\inventor32bithost.exe
C:\Users\matthew.g\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\matthew.g\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\matthew.g\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.au/
uProxyServer = hxxp=127.0.0.1:18810
uProxyOverride = <local>;*.local;127.0.0.1:9421;
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - 
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 
uRun: [imcprnvw] C:\Users\matthew.g\AppData\Local\Temp\pagvivgth\yprseinsika.exe
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Akamai NetSession Interface] "C:\Users\matthew.g\AppData\Local\Akamai\netsession_win.exe"
uRun: [Google Update] "C:\Users\matthew.g\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [feedreader.exe] "C:\Program Files (x86)\FeedReader30\feedreader.exe"
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\matthew.g\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\matthew.g\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\START3~1.LNK - C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Windows\System: AddAdminGroupToRUP = dword:1
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll
DPF: Deployer - hxxp://www.pcthreat.com/autoinstall/shsafeinstall.cab
DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} - hxxp://www.partserver.de/partserver/viewer/cnsweb3d/cnsweb3d.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujifilmimagine.com/imagine/ax/ImageUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=724
TCP: NameServer = 172.28.23.2 172.29.23.31 172.29.23.32 172.27.23.2
TCP: Interfaces\{0F8F6C48-7A61-42DB-9FCF-0B0494F39E2E} : DHCPNameServer = 172.28.23.2 172.29.23.31 172.29.23.32 172.27.23.2
TCP: Interfaces\{2C1A7E23-6C64-493E-BEF5-B25BE971D8E1} : DHCPNameServer = 172.28.23.2 172.29.23.31 172.29.23.32 172.27.23.2
TCP: Interfaces\{37C22B58-61BF-4C5D-B087-172040607AAC} : DHCPNameServer = 192.168.47.10 192.168.57.31
TCP: Interfaces\{806534FE-9EC4-461F-BFB8-B2313A9DE63C} : DHCPNameServer = 10.4.81.103 10.4.182.20
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
x64-Run: [IntelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL




Attached Files
File Type: txt attach.txt (17.1 KB, 0 views)
My System SpecsSystem Spec
.

19 Sep 2013   #2

Victoria
 
 

part 2
Code:
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\matthew.g\AppData\Roaming\Mozilla\Firefox\Profiles\ugqvb17x.default\
FF - prefs.js: network.proxy.ftp - 220.227.90.238
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 220.227.90.238
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 220.227.90.238
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 220.227.90.238
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 1
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Autodesk\Autodesk Design Review Browser Add-on v1.2\npADRdwf.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\matthew.g\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-3-26 155272]
R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2013-3-26 1093256]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-3-26 228488]
R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2013-3-26 166024]
R1 rbtnfd_srv;Steelhead Mobile Filter Driver;C:\Windows\System32\drivers\rbtnfd64.sys [2012-8-16 535040]
R1 SAVOnAccess;SAVOnAccess;C:\Windows\System32\drivers\savonaccess.sys [2012-11-21 154952]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-3-26 3696632]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 27136]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2011-3-18 146568]
R2 KASFTSRC45305678451237;Entrada Management Agent;C:\Program Files (x86)\Entrada Management\SFTSRC45305678451237\AgentMon.exe [2011-3-25 847872]
R2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-7-19 4908576]
R2 RVBD_SH_Mobile_Logger;Riverbed Steelhead Mobile Logger Service;C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtlogger.exe [2012-3-30 1124864]
R2 RVBD_SH_Mobile_Monitor;Riverbed Steelhead Mobile Monitor Service;C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtmon.exe [2012-3-30 6487040]
R2 SAVAdminService;Sophos Anti-Virus status reporter;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2013-2-13 217592]
R2 SAVService;Sophos Anti-Virus;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2012-11-21 159296]
R2 Sophos Agent;Sophos Agent;C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [2012-9-17 289856]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2013-2-13 237048]
R2 Sophos Message Router;Sophos Message Router;C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [2012-9-17 818240]
R2 Sophos Web Control Service;Sophos Web Control Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [2012-5-10 357400]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 swi_service;Sophos Web Intelligence Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2013-3-22 2890232]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-8-18 7017888]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-12-15 450848]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-3-26 367200]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-11-13 1030600]
R3 KAPFA;KAPFA;C:\Windows\System32\drivers\KAPFA.sys [2011-4-12 30792]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 NzbDrone;NzbDrone;C:\Users\matthew.g\Downloads\NzbDrone.master.latest\NzbDrone\NzbDrone.Console.exe [2013-9-10 23040]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S2 swi_update_64;Sophos Web Intelligence Update;C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2012-2-24 2010688]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-3-12 37344]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 1.1.10.2;C:\Windows\System32\drivers\libusb0.sys [2010-3-9 28672]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-12-15 351392]
S3 LVUVC64;Logitech HD Pro Webcam C920(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-12-15 4862368]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2012-10-18 19032]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2012-10-18 12384]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-26 19456]
S3 Rockusb;Driver for Rockusb Device;C:\Windows\System32\drivers\rockusb.sys [2013-3-22 65776]
S3 sdcfilter;sdcfilter;C:\Windows\System32\drivers\sdcfilter.sys [2012-2-24 36640]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-26 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 SophosBootDriver;SophosBootDriver;C:\Windows\System32\drivers\SophosBootDriver.sys [2010-3-1 25608]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-09-17 10:35:47	9694160	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{734E6BFA-9ED1-4DF7-8CA2-3D4F9D44CB02}\mpengine.dll
2013-09-12 03:11:04	2382848	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2013-09-12 03:06:22	16384	----a-w-	C:\Windows\System32\ntvdm64.dll
2013-09-12 03:04:39	3155456	----a-w-	C:\Windows\System32\win32k.sys
2013-09-10 03:51:01	19368	----a-w-	C:\Windows\System32\DWFPortMonitor.dll
2013-09-10 03:51:00	--------	d-----w-	C:\Windows\System32\Temp
2013-09-09 22:27:21	--------	d-----w-	C:\ProgramData\NzbDrone
2013-09-09 05:46:24	--------	d-----w-	C:\Program Files (x86)\VideoLAN
.
==================== Find3M  ====================
.
2013-09-15 22:15:42	71048	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-15 22:15:42	692616	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-08 01:03:39	737280	----a-w-	C:\Windows\iun6002.exe
2013-08-06 18:22:02	278800	------w-	C:\Windows\System32\MpSigStub.exe
2013-08-02 02:23:53	5550528	----a-w-	C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44	1732032	----a-w-	C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03	362496	----a-w-	C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03	243712	----a-w-	C:\Windows\System32\wow64.dll
2013-08-02 02:15:03	13312	----a-w-	C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57	215040	----a-w-	C:\Windows\System32\winsrv.dll
2013-08-02 02:13:34	424448	----a-w-	C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30	3968960	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30	3913664	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23	1292192	----a-w-	C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42	274944	----a-w-	C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17	338432	----a-w-	C:\Windows\System32\conhost.exe
2013-08-02 00:59:09	112640	----a-w-	C:\Windows\System32\smss.exe
2013-08-02 00:45:37	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34	2048	----a-w-	C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05	6144	---ha-w-	C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05	4608	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05	3584	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05	3072	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-31 13:29:19	2312704	----a-w-	C:\Windows\System32\jscript9.dll
2013-07-31 13:19:03	1392128	----a-w-	C:\Windows\System32\wininet.dll
2013-07-31 13:18:24	1494528	----a-w-	C:\Windows\System32\inetcpl.cpl
2013-07-31 13:14:29	173056	----a-w-	C:\Windows\System32\ieUnatt.exe
2013-07-31 13:13:07	599040	----a-w-	C:\Windows\System32\vbscript.dll
2013-07-31 13:08:44	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
2013-07-31 10:00:20	1800704	----a-w-	C:\Windows\SysWow64\jscript9.dll
2013-07-31 09:52:44	1129472	----a-w-	C:\Windows\SysWow64\wininet.dll
2013-07-31 09:52:34	1427968	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2013-07-31 09:48:43	142848	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
2013-07-31 09:48:09	420864	----a-w-	C:\Windows\SysWow64\vbscript.dll
2013-07-25 09:25:54	1888768	----a-w-	C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27	1620992	----a-w-	C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-23 23:06:35	96168	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-23 23:06:35	867240	----a-w-	C:\Windows\SysWow64\npDeployJava1.dll
2013-07-23 23:06:35	789416	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2013-07-09 05:52:52	224256	----a-w-	C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16	1217024	----a-w-	C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20	184320	----a-w-	C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20	1472512	----a-w-	C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20	139776	----a-w-	C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33	663552	----a-w-	C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10	175104	----a-w-	C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31	140288	----a-w-	C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31	1166848	----a-w-	C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31	103936	----a-w-	C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53	1910208	----a-w-	C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 14:55:17.09 ===============
My System SpecsSystem Spec
19 Sep 2013   #3

Windows 7 Home Premium
 
 

mattyg8,

Can you use the Snipping Tool to obtain a capture of the Action Center notification:

How to Use the Snipping Tool in Vista and Windows 7
How to Use the Snipping Tool in Vista

Can you click on 'problem details' in the warning, and also provide a capture?
My System SpecsSystem Spec
.


19 Sep 2013   #4

Victoria
 
 

it seems to have gone away will see if it pops up again
My System SpecsSystem Spec
19 Sep 2013   #5

Windows 7 Home Premium
 
 

If it happens again, click on problem details. You will get an information box that looks like the image that follows. Notice that under Description > Faulting application path, there is a path for a file listed. In the example, it is:
C:\Windows\System32\services.exe

Also, under Problem Signature, there is more information listed.

All the information shown in the box will help in determining where the problem originated. It will help us determine what actions are necessary, if any.

In your case, as an added precaution, please go to Control Panel and open Action Center
Click on: View Archived Messages

See if you can find Win32/Small.ca or something with a similar name in the list of messages.
If found, see if its Status is one of the following:
Solution Applied
Automatically archived

Please provide the status in your reply..


Attached Images
 
My System SpecsSystem Spec
Reply

 Win32/Small.CA virus detected




Thread Tools



Similar help and support threads for2: Win32/Small.CA virus detected
Thread Forum
Yet another with Win32/Small.CA virus detected System Security
Win32/Small.CA virus removal System Security
win32/Small.CA virus System Security
How can I be sure if I am still infected with "Win32/Small.CA" virus". System Security
Win 7 Action Center reports pc is infected with win32/Small.ca trogan System Security
Win32:Small-CHC[Trj] System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:07 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33