Win32/Small.CA virus detected


  1. Posts : 3
    Victoria
       #1

    Win32/Small.CA virus detected


    Ive just received an action centre message stating Win32/Small.CA virus detected

    Part 1

    Code:
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 
    Internet Explorer: 9.0.8112.16506  BrowserJavaVersion: 10.25.2
    Run by matthew.gee at 14:54:17 on 2013-09-19
    Microsoft Windows 7 Enterprise   6.1.7601.1.1252.61.1033.18.8166.4829 [GMT 10:00]
    .
    AV: Sophos Anti-Virus *Enabled/Updated* {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Sophos Anti-Virus *Enabled/Updated* {DE9A3984-B0E2-7A61-FD5D-409005EB0337}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Windows\SysWOW64\svchost.exe -k Akamai
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Entrada Management\SFTSRC45305678451237\AgentMon.exe
    C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
    C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtlogger.exe
    C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtmon.exe
    C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
    C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
    C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
    C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
    C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
    C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe
    C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Users\matthew.g\AppData\Local\Akamai\netsession_win.exe
    C:\Users\matthew.g\AppData\Local\Akamai\netsession_win.exe
    C:\Users\matthew.g\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files (x86)\Samsung\Kies\Kies.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Windows\System32\StikyNot.exe
    C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Users\matthew.g\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files\Autodesk\Inventor 2010\bin\Inventor.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\msiexec.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtsport.exe
    C:\Program Files\Autodesk\Inventor 2010\bin\bin32\inventor32bithost.exe
    C:\Users\matthew.g\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\matthew.g\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\matthew.g\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com.au/
    uProxyServer = hxxp=127.0.0.1:18810
    uProxyOverride = <local>;*.local;127.0.0.1:9421;
    mWinlogon: Userinit = userinit.exe
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - 
    TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 
    uRun: [imcprnvw] C:\Users\matthew.g\AppData\Local\Temp\pagvivgth\yprseinsika.exe
    uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
    uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    uRun: [Akamai NetSession Interface] "C:\Users\matthew.g\AppData\Local\Akamai\netsession_win.exe"
    uRun: [Google Update] "C:\Users\matthew.g\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [feedreader.exe] "C:\Program Files (x86)\FeedReader30\feedreader.exe"
    uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
    uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
    mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\Users\matthew.g\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\matthew.g\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\START3~1.LNK - C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-Windows\System: AddAdminGroupToRUP = dword:1
    IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
    IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
    IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    LSP: C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll
    DPF: Deployer - hxxp://www.pcthreat.com/autoinstall/shsafeinstall.cab
    DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} - hxxp://www.partserver.de/partserver/viewer/cnsweb3d/cnsweb3d.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
    DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujifilmimagine.com/imagine/ax/ImageUploader5.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=724
    TCP: NameServer = 172.28.23.2 172.29.23.31 172.29.23.32 172.27.23.2
    TCP: Interfaces\{0F8F6C48-7A61-42DB-9FCF-0B0494F39E2E} : DHCPNameServer = 172.28.23.2 172.29.23.31 172.29.23.32 172.27.23.2
    TCP: Interfaces\{2C1A7E23-6C64-493E-BEF5-B25BE971D8E1} : DHCPNameServer = 172.28.23.2 172.29.23.31 172.29.23.32 172.27.23.2
    TCP: Interfaces\{37C22B58-61BF-4C5D-B087-172040607AAC} : DHCPNameServer = 192.168.47.10 192.168.57.31
    TCP: Interfaces\{806534FE-9EC4-461F-BFB8-B2313A9DE63C} : DHCPNameServer = 10.4.81.103 10.4.182.20
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    AppInit_DLLs= C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
    x64-Run: [IntelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
    x64-Run: [IntelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
    x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    Win32/Small.CA virus detected Attached Files
      My Computer


  2. Posts : 3
    Victoria
    Thread Starter
       #2

    part 2
    Code:
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\matthew.g\AppData\Roaming\Mozilla\Firefox\Profiles\ugqvb17x.default\
    FF - prefs.js: network.proxy.ftp - 220.227.90.238
    FF - prefs.js: network.proxy.ftp_port - 8080
    FF - prefs.js: network.proxy.http - 220.227.90.238
    FF - prefs.js: network.proxy.http_port - 8080
    FF - prefs.js: network.proxy.socks - 220.227.90.238
    FF - prefs.js: network.proxy.socks_port - 8080
    FF - prefs.js: network.proxy.ssl - 220.227.90.238
    FF - prefs.js: network.proxy.ssl_port - 8080
    FF - prefs.js: network.proxy.type - 1
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Autodesk\Autodesk Design Review Browser Add-on v1.2\npADRdwf.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Users\matthew.g\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-3-26 155272]
    R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2013-3-26 1093256]
    R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-3-26 228488]
    R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2013-3-26 166024]
    R1 rbtnfd_srv;Steelhead Mobile Filter Driver;C:\Windows\System32\drivers\rbtnfd64.sys [2012-8-16 535040]
    R1 SAVOnAccess;SAVOnAccess;C:\Windows\System32\drivers\savonaccess.sys [2012-11-21 154952]
    R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-3-26 3696632]
    R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 27136]
    R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2011-3-18 146568]
    R2 KASFTSRC45305678451237;Entrada Management Agent;C:\Program Files (x86)\Entrada Management\SFTSRC45305678451237\AgentMon.exe [2011-3-25 847872]
    R2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
    R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-7-19 4908576]
    R2 RVBD_SH_Mobile_Logger;Riverbed Steelhead Mobile Logger Service;C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtlogger.exe [2012-3-30 1124864]
    R2 RVBD_SH_Mobile_Monitor;Riverbed Steelhead Mobile Monitor Service;C:\Program Files (x86)\Riverbed\Steelhead Mobile\rbtmon.exe [2012-3-30 6487040]
    R2 SAVAdminService;Sophos Anti-Virus status reporter;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2013-2-13 217592]
    R2 SAVService;Sophos Anti-Virus;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2012-11-21 159296]
    R2 Sophos Agent;Sophos Agent;C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [2012-9-17 289856]
    R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2013-2-13 237048]
    R2 Sophos Message Router;Sophos Message Router;C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [2012-9-17 818240]
    R2 Sophos Web Control Service;Sophos Web Control Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [2012-5-10 357400]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
    R2 swi_service;Sophos Web Intelligence Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2013-3-22 2890232]
    R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-8-18 7017888]
    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-12-15 450848]
    R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-3-26 367200]
    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-11-13 1030600]
    R3 KAPFA;KAPFA;C:\Windows\System32\drivers\KAPFA.sys [2011-4-12 30792]
    R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 NzbDrone;NzbDrone;C:\Users\matthew.g\Downloads\NzbDrone.master.latest\NzbDrone\NzbDrone.Console.exe [2013-9-10 23040]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
    S2 swi_update_64;Sophos Web Intelligence Update;C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2012-2-24 2010688]
    S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-3-12 37344]
    S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 1.1.10.2;C:\Windows\System32\drivers\libusb0.sys [2010-3-9 28672]
    S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-12-15 351392]
    S3 LVUVC64;Logitech HD Pro Webcam C920(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-12-15 4862368]
    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
    S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2012-10-18 19032]
    S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2012-10-18 12384]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-26 19456]
    S3 Rockusb;Driver for Rockusb Device;C:\Windows\System32\drivers\rockusb.sys [2013-3-22 65776]
    S3 sdcfilter;sdcfilter;C:\Windows\System32\drivers\sdcfilter.sys [2012-2-24 36640]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-26 57856]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
    S4 SophosBootDriver;SophosBootDriver;C:\Windows\System32\drivers\SophosBootDriver.sys [2010-3-1 25608]
    .
    =============== File Associations ===============
    .
    FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
    FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2013-09-17 10:35:47	9694160	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{734E6BFA-9ED1-4DF7-8CA2-3D4F9D44CB02}\mpengine.dll
    2013-09-12 03:11:04	2382848	----a-w-	C:\Windows\SysWow64\mshtml.tlb
    2013-09-12 03:06:22	16384	----a-w-	C:\Windows\System32\ntvdm64.dll
    2013-09-12 03:04:39	3155456	----a-w-	C:\Windows\System32\win32k.sys
    2013-09-10 03:51:01	19368	----a-w-	C:\Windows\System32\DWFPortMonitor.dll
    2013-09-10 03:51:00	--------	d-----w-	C:\Windows\System32\Temp
    2013-09-09 22:27:21	--------	d-----w-	C:\ProgramData\NzbDrone
    2013-09-09 05:46:24	--------	d-----w-	C:\Program Files (x86)\VideoLAN
    .
    ==================== Find3M  ====================
    .
    2013-09-15 22:15:42	71048	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-09-15 22:15:42	692616	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-08-08 01:03:39	737280	----a-w-	C:\Windows\iun6002.exe
    2013-08-06 18:22:02	278800	------w-	C:\Windows\System32\MpSigStub.exe
    2013-08-02 02:23:53	5550528	----a-w-	C:\Windows\System32\ntoskrnl.exe
    2013-08-02 02:15:44	1732032	----a-w-	C:\Windows\System32\ntdll.dll
    2013-08-02 02:15:03	362496	----a-w-	C:\Windows\System32\wow64win.dll
    2013-08-02 02:15:03	243712	----a-w-	C:\Windows\System32\wow64.dll
    2013-08-02 02:15:03	13312	----a-w-	C:\Windows\System32\wow64cpu.dll
    2013-08-02 02:14:57	215040	----a-w-	C:\Windows\System32\winsrv.dll
    2013-08-02 02:13:34	424448	----a-w-	C:\Windows\System32\KernelBase.dll
    2013-08-02 01:59:30	3968960	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
    2013-08-02 01:59:30	3913664	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
    2013-08-02 01:51:23	1292192	----a-w-	C:\Windows\SysWow64\ntdll.dll
    2013-08-02 01:50:42	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
    2013-08-02 01:50:42	274944	----a-w-	C:\Windows\SysWow64\KernelBase.dll
    2013-08-02 01:09:17	338432	----a-w-	C:\Windows\System32\conhost.exe
    2013-08-02 00:59:09	112640	----a-w-	C:\Windows\System32\smss.exe
    2013-08-02 00:45:37	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
    2013-08-02 00:45:36	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
    2013-08-02 00:45:35	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
    2013-08-02 00:45:34	2048	----a-w-	C:\Windows\SysWow64\user.exe
    2013-08-02 00:43:05	6144	---ha-w-	C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2013-08-02 00:43:05	4608	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2013-08-02 00:43:05	3584	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2013-08-02 00:43:05	3072	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2013-07-31 13:29:19	2312704	----a-w-	C:\Windows\System32\jscript9.dll
    2013-07-31 13:19:03	1392128	----a-w-	C:\Windows\System32\wininet.dll
    2013-07-31 13:18:24	1494528	----a-w-	C:\Windows\System32\inetcpl.cpl
    2013-07-31 13:14:29	173056	----a-w-	C:\Windows\System32\ieUnatt.exe
    2013-07-31 13:13:07	599040	----a-w-	C:\Windows\System32\vbscript.dll
    2013-07-31 13:08:44	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
    2013-07-31 10:00:20	1800704	----a-w-	C:\Windows\SysWow64\jscript9.dll
    2013-07-31 09:52:44	1129472	----a-w-	C:\Windows\SysWow64\wininet.dll
    2013-07-31 09:52:34	1427968	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
    2013-07-31 09:48:43	142848	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
    2013-07-31 09:48:09	420864	----a-w-	C:\Windows\SysWow64\vbscript.dll
    2013-07-25 09:25:54	1888768	----a-w-	C:\Windows\System32\WMVDECOD.DLL
    2013-07-25 08:57:27	1620992	----a-w-	C:\Windows\SysWow64\WMVDECOD.DLL
    2013-07-23 23:06:35	96168	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-07-23 23:06:35	867240	----a-w-	C:\Windows\SysWow64\npDeployJava1.dll
    2013-07-23 23:06:35	789416	----a-w-	C:\Windows\SysWow64\deployJava1.dll
    2013-07-09 05:52:52	224256	----a-w-	C:\Windows\System32\wintrust.dll
    2013-07-09 05:51:16	1217024	----a-w-	C:\Windows\System32\rpcrt4.dll
    2013-07-09 05:46:20	184320	----a-w-	C:\Windows\System32\cryptsvc.dll
    2013-07-09 05:46:20	1472512	----a-w-	C:\Windows\System32\crypt32.dll
    2013-07-09 05:46:20	139776	----a-w-	C:\Windows\System32\cryptnet.dll
    2013-07-09 04:52:33	663552	----a-w-	C:\Windows\SysWow64\rpcrt4.dll
    2013-07-09 04:52:10	175104	----a-w-	C:\Windows\SysWow64\wintrust.dll
    2013-07-09 04:46:31	140288	----a-w-	C:\Windows\SysWow64\cryptsvc.dll
    2013-07-09 04:46:31	1166848	----a-w-	C:\Windows\SysWow64\crypt32.dll
    2013-07-09 04:46:31	103936	----a-w-	C:\Windows\SysWow64\cryptnet.dll
    2013-07-06 06:03:53	1910208	----a-w-	C:\Windows\System32\drivers\tcpip.sys
    .
    ============= FINISH: 14:55:17.09 ===============
      My Computer


  3. Posts : 2,470
    Windows 7 Home Premium
       #3

    mattyg8,

    Can you use the Snipping Tool to obtain a capture of the Action Center notification:

    How to Use the Snipping Tool in Vista and Windows 7
    How to Use the Snipping Tool in Vista

    Can you click on 'problem details' in the warning, and also provide a capture?
      My Computer


  4. Posts : 3
    Victoria
    Thread Starter
       #4

    it seems to have gone away will see if it pops up again
      My Computer


  5. Posts : 2,470
    Windows 7 Home Premium
       #5

    If it happens again, click on problem details. You will get an information box that looks like the image that follows. Notice that under Description > Faulting application path, there is a path for a file listed. In the example, it is:
    C:\Windows\System32\services.exe

    Also, under Problem Signature, there is more information listed.

    All the information shown in the box will help in determining where the problem originated. It will help us determine what actions are necessary, if any.

    In your case, as an added precaution, please go to Control Panel and open Action Center
    Click on: View Archived Messages

    See if you can find Win32/Small.ca or something with a similar name in the list of messages.
    If found, see if its Status is one of the following:
    Solution Applied
    Automatically archived

    Please provide the status in your reply..
    Attached Thumbnails Attached Thumbnails Win32/Small.CA virus detected-capture-small.ca.png  
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:56.
Find Us