Small.CA virus (Removal Guide) - updated Nov 2017

Small.CA virus Removal Guide

What is Small.CA virus?

Small.CA aims to infect computers with Windows OS

Small.CA virus is categorized as a trojan

Small.CA virus belongs to the category of trojans that are designed to work as backdoors to infiltrate malware, and monitor user's browsing behavior or steal valuable data from the computer. Usually, this type of malicious program detects system vulnerabilities and exploits them to help hackers distribute high-risk PC infections.

According to the reports, Small.CA spreads via rogue ads promoted on suspicious websites, bundled with free applications or malvertising campaigns. After successful infiltration, it alters Windows Registry[1] by assigning the command to automatically launch itself every time the user turns on the computer. As a result, victims might have no clue that the malicious program is operating on their systems for months or even years.

Experts warn that you can unconsciously infect your system with the trojan if you:

  • Visit suspicious websites and click on ads that it displays;
  • Do not use anti-malware programs or forget to update them regularly;
  • Download video, audio, and other files illegally;
  • Open spam e-mail attachments that are sent by unknown senders.

You should always use a sturdy security software to avoid trojans. However, if you have already been infected, remove Small.CA virus with the help of FortectIntego or Malwarebytes. It will identify the executable files and quickly eliminate them. Even if you think that you are virus-free, you should keep in mind that IT security experts, like the ones working for,[2] warn users that trojans are able to sneak into systems without users' knowledge by imitating regular OS processes.

If you delay Win32/Small.CA removal, the consequences might be harmful not only to your computer but to yourself as well. It might deteriorate your browsing experience by generating annoying and malicious ads that pop-up every time you open your browser. There is a high possibility that they may cause redirects to less than reliable sites that are used to distribute spyware, ransomware, etc.

Besides, criminals created Small.CA to make illegal profits from inexperienced computer users. They set the trojan to collect files with specific file extensions that might possibly contain valuable data and send it to the hackers. Later, the stolen files may be sold in the underground market or misused in another way.

Also, there is a risk to lose your social media accounts or online banking passwords since the trojan hijacks your browser and infiltrates tracking cookies or extensions to monitor your browsing behavior. In other terms, developers of Small.CA are able to view anything you submit while surfing the internet.

Small.CA trojan might infiltrate via file-bundlesSmall.CA virus can collect valuable information from victim's computer and send it to hackers. Trojan works as a 5-stage malware

Small.CA trojan horse is a perfect tool for cybercriminals and programmed to do its job following five steps:

  1. Successfully infiltrate on the targeted computer;
  2. Use Command Prompt to register itself as a legitimate process;
  3. Modify Windows Registry settings to enable an autostart;
  4. Wait for a remote command from the hacker;
  5. Infiltrate specific malware and/or collect credentials, other vital data.

You should follow safe browsing rules to avoid the infiltration of the malware

Typically, Small.CA virus spreads on the malicious websites as deceptive advertisements. Be aware that they appear in any form, such as banners, pop-ups, in-texts, etc. Developers make considerable investments to make their ads look genuine and attract as many gullible people as possible to click on them. Thus, to avoid Win32/Small.CA, you should stay away from any types of advertisements despite their legitimate appearance.

Moreover, do not open questionable e-mails sent by people or companies that you don't know. Hackers use malspam campaigns[3] to distribute the trojan. Usually, it might appear as a fake invoice or another document from an authorized institution and contains a malicious link or attachment. You shouldn't open it under any circumstances if you want to protect your computer from Small.CA.

Employ a powerful security software to eliminate Win32/Small.CA

If you suspect that your PC might be infected, download a reliable security software right away. It is extremely important to do it as soon as possible since trojan might infiltrate numerous other viruses and damage your computer permanently.

After a successful installation of an anti-malware program, let it scan your system and remove Win32/Small.CA virus immediately. Be aware that eliminating might require specific IT knowledge. Thus do not try to get rid of it by yourself.

Instead, you can perform a manual Small.CA removal by following the guide provided below. Make sure to carefully monitor the procedure and avoid skipping steps since it may harm your PC.

do it now!
Fortect Happiness
Intego Happiness
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Getting rid of Small.CA virus. Follow these steps

Manual removal using Safe Mode

If you want to get rid of Small.CA trojan, reboot your computer to Safe Mode with Networking. If you don't know how to do that, the guidelines provided below will help you:

Important! →
Manual removal guide might be too complicated for regular computer users. It requires advanced IT knowledge to be performed correctly (if vital system files are removed or damaged, it might result in full Windows compromise), and it also might take hours to complete. Therefore, we highly advise using the automatic method provided above instead.

Step 1. Access Safe Mode with Networking

Manual malware removal should be best performed in the Safe Mode environment. 

Windows 7 / Vista / XP
  1. Click Start > Shutdown > Restart > OK.
  2. When your computer becomes active, start pressing F8 button (if that does not work, try F2, F12, Del, etc. – it all depends on your motherboard model) multiple times until you see the Advanced Boot Options window.
  3. Select Safe Mode with Networking from the list. Windows 7/XP
Windows 10 / Windows 8
  1. Right-click on Start button and select Settings.
  2. Scroll down to pick Update & Security.
    Update and security
  3. On the left side of the window, pick Recovery.
  4. Now scroll down to find Advanced Startup section.
  5. Click Restart now.
  6. Select Troubleshoot. Choose an option
  7. Go to Advanced options. Advanced options
  8. Select Startup Settings. Startup settings
  9. Press Restart.
  10. Now press 5 or click 5) Enable Safe Mode with Networking. Enable safe mode

Step 2. Shut down suspicious processes

Windows Task Manager is a useful tool that shows all the processes running in the background. If malware is running a process, you need to shut it down:

  1. Press Ctrl + Shift + Esc on your keyboard to open Windows Task Manager.
  2. Click on More details.
    Open task manager
  3. Scroll down to Background processes section, and look for anything suspicious.
  4. Right-click and select Open file location.
    Open file location
  5. Go back to the process, right-click and pick End Task.
    End task
  6. Delete the contents of the malicious folder.

Step 3. Check program Startup

  1. Press Ctrl + Shift + Esc on your keyboard to open Windows Task Manager.
  2. Go to Startup tab.
  3. Right-click on the suspicious program and pick Disable.

Step 4. Delete virus files

Malware-related files can be found in various places within your computer. Here are instructions that could help you find them:

  1. Type in Disk Cleanup in Windows search and press Enter.
    Disk cleanup
  2. Select the drive you want to clean (C: is your main drive by default and is likely to be the one that has malicious files in).
  3. Scroll through the Files to delete list and select the following:

    Temporary Internet Files
    Recycle Bin
    Temporary files

  4. Pick Clean up system files.
    Delete temp files
  5. You can also look for other malicious files hidden in the following folders (type these entries in Windows Search and press Enter):


After you are finished, reboot the PC in normal mode.

Remove Small.CA using System Restore

Malware removal might get complicated since it may block the installation of a security software. If the first method failed and you still cannot remove Small.CA try to boot your PC into Safe Mode with Command Prompt.

  • Step 1: Reboot your computer to Safe Mode with Command Prompt
    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of Small.CA. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with FortectIntego and make sure that Small.CA removal is performed successfully.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from Small.CA and other ransomwares, use a reputable anti-spyware, such as FortectIntego, SpyHunter 5Combo Cleaner or Malwarebytes

How to prevent from getting trojans

Choose a proper web browser and improve your safety with a VPN tool

Online spying has got momentum in recent years and people are getting more and more interested in how to protect their privacy online. One of the basic means to add a layer of security – choose the most private and secure web browser. Although web browsers can't grant full privacy protection and security, some of them are much better at sandboxing, HTTPS upgrading, active content blocking, tracking blocking, phishing protection, and similar privacy-oriented features. However, if you want true anonymity, we suggest you employ a powerful Private Internet Access VPN – it can encrypt all the traffic that comes and goes out of your computer, preventing tracking completely.


Lost your files? Use data recovery software

While some files located on any computer are replaceable or useless, others can be extremely valuable. Family photos, work documents, school projects – these are types of files that we don't want to lose. Unfortunately, there are many ways how unexpected data loss can occur: power cuts, Blue Screen of Death errors, hardware failures, crypto-malware attack, or even accidental deletion.

To ensure that all the files remain intact, you should prepare regular data backups. You can choose cloud-based or physical copies you could restore from later in case of a disaster. If your backups were lost as well or you never bothered to prepare any, Data Recovery Pro can be your only hope to retrieve your invaluable files.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Ugnius Kiguolis
About the company Esolutions

Removal guides in other languages